aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorbmeeks8 <bmeeks8@bellsouth.net>2014-04-02 15:19:39 -0400
committerErmal <ermal.luci@gmail.com>2014-04-08 08:47:26 +0000
commit1139cfef3a327fb1160300f05e8515fd7b7a4574 (patch)
treebd862bdcb105be97c68c517a805c2a24567d93f7
parent88fb21ea3a3400acccde81630d9790e561b3a8de (diff)
downloadpfsense-packages-1139cfef3a327fb1160300f05e8515fd7b7a4574.tar.gz
pfsense-packages-1139cfef3a327fb1160300f05e8515fd7b7a4574.tar.bz2
pfsense-packages-1139cfef3a327fb1160300f05e8515fd7b7a4574.zip
Improve GUI tab for rule package updates and match up with Suricata.
-rwxr-xr-xconfig/snort/snort_check_for_rule_updates.php161
-rwxr-xr-xconfig/snort/snort_download_updates.php314
2 files changed, 294 insertions, 181 deletions
diff --git a/config/snort/snort_check_for_rule_updates.php b/config/snort/snort_check_for_rule_updates.php
index e13c3bef..f16e3310 100755
--- a/config/snort/snort_check_for_rule_updates.php
+++ b/config/snort/snort_check_for_rule_updates.php
@@ -5,7 +5,7 @@
* Copyright (C) 2006 Scott Ullrich
* Copyright (C) 2009 Robert Zelaya
* Copyright (C) 2011-2012 Ermal Luci
- * Copyright (C) 2013 Bill Meeks
+ * Copyright (C) 2013-2014 Bill Meeks
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -62,6 +62,8 @@ if (!defined("ET_OPEN_FILE_PREFIX"))
define("ET_OPEN_FILE_PREFIX", "emerging-");
if (!defined("ET_PRO_FILE_PREFIX"))
define("ET_PRO_FILE_PREFIX", "etpro-");
+if (!defined("IPREP_PATH"))
+ define("IPREP_PATH", "/var/db/snort/iprep/");
$snortdir = SNORTDIR;
$snortlibdir = SNORTLIBDIR;
@@ -95,7 +97,7 @@ exec("/usr/local/bin/snort -V 2>&1 |/usr/bin/grep Version | /usr/bin/cut -c20-26
// Save the version with decimal delimiters for use in extracting the rules
$snort_version = $snortver[0];
if (empty($snort_version))
- $snort_version = "2.9.5.6";
+ $snort_version = "2.9.6.0";
// Create a collapsed version string for use in the tarball filename
$snortver[0] = str_replace(".", "", $snortver[0]);
@@ -150,22 +152,54 @@ function snort_download_file_url($url, $file_out) {
global $g, $config, $pkg_interface, $last_curl_error, $fout, $ch, $file_size, $downloaded, $first_progress_update;
+ $rfc2616 = array(
+ 100 => "100 Continue",
+ 101 => "101 Switching Protocols",
+ 200 => "200 OK",
+ 201 => "201 Created",
+ 202 => "202 Accepted",
+ 203 => "203 Non-Authoritative Information",
+ 204 => "204 No Content",
+ 205 => "205 Reset Content",
+ 206 => "206 Partial Content",
+ 300 => "300 Multiple Choices",
+ 301 => "301 Moved Permanently",
+ 302 => "302 Found",
+ 303 => "303 See Other",
+ 304 => "304 Not Modified",
+ 305 => "305 Use Proxy",
+ 306 => "306 (Unused)",
+ 307 => "307 Temporary Redirect",
+ 400 => "400 Bad Request",
+ 401 => "401 Unauthorized",
+ 402 => "402 Payment Required",
+ 403 => "403 Forbidden",
+ 404 => "404 Not Found",
+ 405 => "405 Method Not Allowed",
+ 406 => "406 Not Acceptable",
+ 407 => "407 Proxy Authentication Required",
+ 408 => "408 Request Timeout",
+ 409 => "409 Conflict",
+ 410 => "410 Gone",
+ 411 => "411 Length Required",
+ 412 => "412 Precondition Failed",
+ 413 => "413 Request Entity Too Large",
+ 414 => "414 Request-URI Too Long",
+ 415 => "415 Unsupported Media Type",
+ 416 => "416 Requested Range Not Satisfiable",
+ 417 => "417 Expectation Failed",
+ 500 => "500 Internal Server Error",
+ 501 => "501 Not Implemented",
+ 502 => "502 Bad Gateway",
+ 503 => "503 Service Unavailable",
+ 504 => "504 Gateway Timeout",
+ 505 => "505 HTTP Version Not Supported"
+ );
+
// Initialize required variables for the pfSense "read_body()" function
$file_size = 1;
$downloaded = 1;
$first_progress_update = TRUE;
-
-
- // Array of message strings for HTTP Response Codes
- $http_resp_msg = array( 200 => "OK", 202 => "Accepted", 204 => "No Content", 205 => "Reset Content",
- 206 => "Partial Content", 301 => "Moved Permanently", 302 => "Found",
- 305 => "Use Proxy", 307 => "Temporary Redirect", 400 => "Bad Request",
- 401 => "Unauthorized", 402 => "Payment Required", 403 => "Forbidden",
- 404 => "Not Found", 405 => "Method Not Allowed", 407 => "Proxy Authentication Required",
- 408 => "Request Timeout", 410 => "Gone", 500 => "Internal Server Error",
- 501 => "Not Implemented", 502 => "Bad Gateway", 503 => "Service Unavailable",
- 504 => "Gateway Timeout", 505 => "HTTP Version Not Supported" );
-
$last_curl_error = "";
$fout = fopen($file_out, "wb");
@@ -215,8 +249,8 @@ function snort_download_file_url($url, $file_out) {
if ($rc === false)
$last_curl_error = curl_error($ch);
$http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
- if (isset($http_resp_msg[$http_code]))
- $last_curl_error = $http_resp_msg[$http_code];
+ if (isset($rfc2616[$http_code]))
+ $last_curl_error = $rfc2616[$http_code];
curl_close($ch);
fclose($fout);
@@ -250,7 +284,7 @@ function snort_check_rule_md5($file_url, $file_dst, $desc = "") {
/* error occurred. */
/**********************************************************/
- global $pkg_interface, $snort_rules_upd_log, $last_curl_error;
+ global $pkg_interface, $snort_rules_upd_log, $last_curl_error, $update_errors;
$snortdir = SNORTDIR;
$filename_md5 = basename($file_dst);
@@ -292,9 +326,9 @@ function snort_check_rule_md5($file_url, $file_dst, $desc = "") {
log_error(gettext("[Snort] {$desc} md5 download failed..."));
log_error(gettext("[Snort] Server returned error code {$rc}..."));
error_log(gettext("\t{$snort_err_msg}\n"), 3, $snort_rules_upd_log);
- if ($pkg_interface == "console")
- error_log(gettext("\tServer error message was: {$last_curl_error}\n"), 3, $snort_rules_upd_log);
+ error_log(gettext("\tServer error message was: {$last_curl_error}\n"), 3, $snort_rules_upd_log);
error_log(gettext("\t{$desc} will not be updated.\n"), 3, $snort_rules_upd_log);
+ $update_errors = true;
return false;
}
}
@@ -318,7 +352,7 @@ function snort_fetch_new_rules($file_url, $file_dst, $file_md5, $desc = "") {
/* FALSE if download was not successful. */
/**********************************************************/
- global $pkg_interface, $snort_rules_upd_log, $last_curl_error;
+ global $pkg_interface, $snort_rules_upd_log, $last_curl_error, $update_errors;
$snortdir = SNORTDIR;
$filename = basename($file_dst);
@@ -348,6 +382,7 @@ function snort_fetch_new_rules($file_url, $file_dst, $file_md5, $desc = "") {
error_log(gettext("\tDownloaded {$desc} file MD5: " . md5_file($file_dst) . "\n"), 3, $snort_rules_upd_log);
error_log(gettext("\tExpected {$desc} file MD5: {$file_md5}\n"), 3, $snort_rules_upd_log);
error_log(gettext("\t{$desc} file download failed. {$desc} will not be updated.\n"), 3, $snort_rules_upd_log);
+ $update_errors = true;
return false;
}
return true;
@@ -357,9 +392,9 @@ function snort_fetch_new_rules($file_url, $file_dst, $file_md5, $desc = "") {
update_output_window(gettext("{$desc} file download failed..."));
log_error(gettext("[Snort] {$desc} file download failed... server returned error '{$rc}'..."));
error_log(gettext("\t{$desc} file download failed. Server returned error {$rc}.\n"), 3, $snort_rules_upd_log);
- if ($pkg_interface == "console")
- error_log(gettext("\tThe error text was: {$last_curl_error}\n"), 3, $snort_rules_upd_log);
+ error_log(gettext("\tThe error text was: {$last_curl_error}\n"), 3, $snort_rules_upd_log);
error_log(gettext("\t{$desc} will not be updated.\n"), 3, $snort_rules_upd_log);
+ $update_errors = true;
return false;
}
@@ -371,25 +406,27 @@ function snort_fetch_new_rules($file_url, $file_dst, $file_md5, $desc = "") {
/* remove any old $tmpfname files */
if (is_dir("{$tmpfname}"))
- exec("/bin/rm -r {$tmpfname}");
+ exec("/bin/rm -rf {$tmpfname}");
/* Make sure required snortdirs exsist */
-exec("/bin/mkdir -p {$snortdir}/rules");
-exec("/bin/mkdir -p {$snortdir}/signatures");
-exec("/bin/mkdir -p {$snortdir}/preproc_rules");
-exec("/bin/mkdir -p {$tmpfname}");
-exec("/bin/mkdir -p {$snortlibdir}/dynamicrules");
-exec("/bin/mkdir -p {$snortlogdir}");
+safe_mkdir("{$snortdir}/rules");
+safe_mkdir("{$snortdir}/signatures");
+safe_mkdir("{$snortdir}/preproc_rules");
+safe_mkdir("{$tmpfname}");
+safe_mkdir("{$snortlibdir}/dynamicrules");
+safe_mkdir("{$snortlogdir}");
+safe_mkdir(IPREP_PATH);
/* See if we need to automatically clear the Update Log based on 1024K size limit */
if (file_exists($snort_rules_upd_log)) {
if (1048576 < filesize($snort_rules_upd_log))
- exec("/bin/rm -r {$snort_rules_upd_log}");
+ @unlink("{$snort_rules_upd_log}");
}
/* Log start time for this rules update */
error_log(gettext("Starting rules update... Time: " . date("Y-m-d H:i:s") . "\n"), 3, $snort_rules_upd_log);
$last_curl_error = "";
+$update_errors = false;
/* Check for and download any new Snort VRT sigs */
if ($snortdownload == 'on') {
@@ -430,15 +467,17 @@ if ($emergingthreats == 'on') {
/* Untar Snort rules file to tmp and install the rules */
if ($snortdownload == 'on') {
if (file_exists("{$tmpfname}/{$snort_filename}")) {
- /* Currently, only FreeBSD-8-1 and FreeBSD-9-0 precompiled SO rules exist from Snort.org */
- /* Default to FreeBSD 8.1, and then test for FreeBSD 9.x */
+ /* Currently, only FreeBSD-8-1, FreeBSD-9-0 and FreeBSD-10-0 precompiled SO rules exist from Snort.org */
+ /* Default to FreeBSD 8.1, and then test for FreeBSD 9.x or FreeBSD 10.x */
$freebsd_version_so = 'FreeBSD-8-1';
if (substr(php_uname("r"), 0, 1) == '9')
$freebsd_version_so = 'FreeBSD-9-0';
+ elseif (substr(php_uname("r"), 0, 2) == '10')
+ $freebsd_version_so = 'FreeBSD-10-0';
/* Remove the old Snort rules files */
$vrt_prefix = VRT_FILE_PREFIX;
- array_map('unlink', glob("{$snortdir}/rules/{$vrt_prefix}*.rules"));
+ unlink_if_exists("{$snortdir}/rules/{$vrt_prefix}*.rules");
if ($pkg_interface <> "console") {
update_status(gettext("Extracting Snort VRT rules..."));
@@ -487,7 +526,7 @@ if ($snortdownload == 'on') {
exec("/bin/cp {$tmpfname}/so_rules/precompiled/{$freebsd_version_so}/x86-64/{$snort_version}/*.so {$snortlibdir}/dynamicrules/");
} else
$nosorules = true;
- exec("rm -r {$tmpfname}/so_rules");
+ exec("rm -rf {$tmpfname}/so_rules");
if ($nosorules == false) {
/* extract Shared Object stub rules, rename and copy to the rules folder. */
if ($pkg_interface <> "console")
@@ -498,7 +537,7 @@ if ($snortdownload == 'on') {
$newfile = basename($file, ".rules");
@copy($file, "{$snortdir}/rules/" . VRT_FILE_PREFIX . "{$newfile}.so.rules");
}
- exec("rm -r {$tmpfname}/so_rules");
+ exec("rm -rf {$tmpfname}/so_rules");
}
/* extract base etc files */
if ($pkg_interface <> "console") {
@@ -556,7 +595,7 @@ if ($snortcommunityrules == 'on') {
update_output_window(gettext("Installation of Snort GPLv2 Community Rules file completed..."));
}
error_log(gettext("\tInstallation of Snort GPLv2 Community Rules completed.\n"), 3, $snort_rules_upd_log);
- exec("rm -r {$tmpfname}/community");
+ exec("rm -rf {$tmpfname}/community");
}
}
@@ -574,10 +613,10 @@ if ($emergingthreats == 'on') {
/* Remove the old Emerging Threats rules files */
$eto_prefix = ET_OPEN_FILE_PREFIX;
$etpro_prefix = ET_PRO_FILE_PREFIX;
- array_map('unlink', glob("{$snortdir}/rules/{$eto_prefix}*.rules"));
- array_map('unlink', glob("{$snortdir}/rules/{$etpro_prefix}*.rules"));
- array_map('unlink', glob("{$snortdir}/rules/{$eto_prefix}*ips.txt"));
- array_map('unlink', glob("{$snortdir}/rules/{$etpro_prefix}*ips.txt"));
+ unlink_if_exists("{$snortdir}/rules/{$eto_prefix}*.rules");
+ unlink_if_exists("{$snortdir}/rules/{$etpro_prefix}*.rules");
+ unlink_if_exists("{$snortdir}/rules/{$eto_prefix}*ips.txt");
+ unlink_if_exists("{$snortdir}/rules/{$etpro_prefix}*ips.txt");
$files = glob("{$tmpfname}/emerging/rules/*.rules");
foreach ($files as $file) {
@@ -591,10 +630,14 @@ if ($emergingthreats == 'on') {
$files = glob("{$tmpfname}/emerging/rules/*ips.txt");
foreach ($files as $file) {
$newfile = basename($file);
- if ($etpro == "on")
+ if ($etpro == "on") {
+ @copy($file, IPREP_PATH . ET_PRO_FILE_PREFIX . "{$newfile}");
@copy($file, "{$snortdir}/rules/" . ET_PRO_FILE_PREFIX . "{$newfile}");
- else
+ }
+ else {
+ @copy($file, IPREP_PATH . ET_OPEN_FILE_PREFIX . "{$newfile}");
@copy($file, "{$snortdir}/rules/" . ET_OPEN_FILE_PREFIX . "{$newfile}");
+ }
}
/* base etc files for Emerging Threats rules */
foreach (array("classification.config", "reference.config", "gen-msg.map", "unicode.map") as $file) {
@@ -613,13 +656,13 @@ if ($emergingthreats == 'on') {
update_output_window(gettext("Installation of {$et_name} rules completed..."));
}
error_log(gettext("\tInstallation of {$et_name} rules completed.\n"), 3, $snort_rules_upd_log);
- exec("rm -r {$tmpfname}/emerging");
+ exec("rm -rf {$tmpfname}/emerging");
}
}
function snort_apply_customizations($snortcfg, $if_real) {
- global $vrt_enabled;
+ global $vrt_enabled, $rebuild_rules;
$snortdir = SNORTDIR;
/* Update the Preprocessor rules from the master configuration for the interface if Snort */
@@ -632,7 +675,8 @@ function snort_apply_customizations($snortcfg, $if_real) {
}
}
- snort_prepare_rule_files($snortcfg, "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}");
+ if ($rebuild_rules == true)
+ snort_prepare_rule_files($snortcfg, "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}");
/* Copy the master config and map files to the interface directory */
@copy("{$snortdir}/classification.config", "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/classification.config");
@@ -688,11 +732,11 @@ if ($snortdownload == 'on' || $emergingthreats == 'on' || $snortcommunityrules =
/* Create configuration for each active Snort interface */
foreach ($config['installedpackages']['snortglobal']['rule'] as $id => $value) {
- $if_real = snort_get_real_interface($value['interface']);
- $tmp = "Updating rules configuration for: " . snort_get_friendly_interface($value['interface']) . " ...";
+ $if_real = get_real_interface($value['interface']);
+ $tmp = "Updating rules configuration for: " . convert_friendly_interface_to_friendly_descr($value['interface']) . " ...";
if ($pkg_interface <> "console"){
update_status(gettext($tmp));
- update_output_window(gettext("Please wait while Snort interface files are being updated..."));
+ update_output_window(gettext("Please wait while Snort interface files are updated..."));
}
// Make sure the interface subdirectory and required sub-directories exists.
@@ -713,7 +757,7 @@ if ($snortdownload == 'on' || $emergingthreats == 'on' || $snortcommunityrules =
$tmp = "\t" . $tmp . "\n";
if ($value['protect_preproc_rules'] == 'on') {
$tmp .= gettext("\tPreprocessor text rules flagged as protected and not updated for ");
- $tmp .= snort_get_friendly_interface($value['interface']) . "...\n";
+ $tmp .= convert_friendly_interface_to_friendly_descr($value['interface']) . "...\n";
}
error_log($tmp, 3, $snort_rules_upd_log);
}
@@ -729,13 +773,6 @@ if ($snortdownload == 'on' || $emergingthreats == 'on' || $snortcommunityrules =
/* Clear the rebuild rules flag. */
$rebuild_rules = false;
- /* remove old $tmpfname files */
- if (is_dir("{$tmpfname}")) {
- if ($pkg_interface <> "console")
- update_status(gettext("Cleaning up after rules extraction..."));
- exec("/bin/rm -r {$tmpfname}");
- }
-
/* Restart snort if already running and we are not rebooting to pick up the new rules. */
if (is_process_running("snort") && !$g['booting']) {
if ($pkg_interface <> "console") {
@@ -755,6 +792,11 @@ if ($snortdownload == 'on' || $emergingthreats == 'on' || $snortcommunityrules =
}
}
+/* remove $tmpfname files */
+if (is_dir("{$tmpfname}")) {
+ exec("/bin/rm -rf {$tmpfname}");
+}
+
if ($pkg_interface <> "console")
update_status(gettext("The Rules update has finished..."));
log_error(gettext("[Snort] The Rules update has finished."));
@@ -764,4 +806,11 @@ conf_mount_ro();
/* Restore the state of $pkg_interface */
$pkg_interface = $pkg_interface_orig;
+/* Save this update status to the configuration file */
+if ($update_errors)
+ $config['installedpackages']['snortglobal']['last_rule_upd_status'] = gettext("failed");
+else
+ $config['installedpackages']['snortglobal']['last_rule_upd_status'] = gettext("success");
+$config['installedpackages']['snortglobal']['last_rule_upd_time'] = time();
+write_config();
?>
diff --git a/config/snort/snort_download_updates.php b/config/snort/snort_download_updates.php
index 5c9b8210..ecc1e5b5 100755
--- a/config/snort/snort_download_updates.php
+++ b/config/snort/snort_download_updates.php
@@ -39,7 +39,6 @@ require_once("/usr/local/pkg/snort/snort.inc");
/* Define some locally required variables from Snort constants */
$snortdir = SNORTDIR;
$snort_rules_upd_log = RULES_UPD_LOGFILE;
-$log = $snort_rules_upd_log;
/* Grab the Snort binary version programmatically and */
/* use it to construct the proper Snort VRT rules */
@@ -52,38 +51,71 @@ if (empty($snortver[0]))
$snortver[0] = str_replace(".", "", $snortver[0]);
$snort_rules_file = "snortrules-snapshot-{$snortver[0]}.tar.gz";
-//$snort_rules_file = VRT_DNLD_FILENAME;
$snort_community_rules_filename = GPLV2_DNLD_FILENAME;
-/* load only javascript that is needed */
-$snort_load_jquery = 'yes';
-$snort_load_jquery_colorbox = 'yes';
$snortdownload = $config['installedpackages']['snortglobal']['snortdownload'];
$emergingthreats = $config['installedpackages']['snortglobal']['emergingthreats'];
$etpro = $config['installedpackages']['snortglobal']['emergingthreats_pro'];
$snortcommunityrules = $config['installedpackages']['snortglobal']['snortcommunityrules'];
+/* Get last update information if available */
+if (!empty($config['installedpackages']['snortglobal']['last_rule_upd_time']))
+ $last_rule_upd_time = date('M-d Y H:i', $config['installedpackages']['snortglobal']['last_rule_upd_time']);
+else
+ $last_rule_upd_time = gettext("Unknown");
+if (!empty($config['installedpackages']['snortglobal']['last_rule_upd_status']))
+ $last_rule_upd_status = htmlspecialchars($config['installedpackages']['snortglobal']['last_rule_upd_status']);
+else
+ $last_rule_upd_status = gettext("Unknown");
+
if ($etpro == "on") {
$emergingthreats_filename = ETPRO_DNLD_FILENAME;
- $et_name = "EMERGING THREATS PRO RULES";
+ $et_name = "Emerging Threats Pro Rules";
}
else {
$emergingthreats_filename = ET_DNLD_FILENAME;
- $et_name = "EMERGING THREATS RULES";
+ $et_name = "Emerging Threats Open Rules";
}
-/* quick md5s chk */
-$snort_org_sig_chk_local = 'N/A';
-if (file_exists("{$snortdir}/{$snort_rules_file}.md5"))
+/* quick md5 chk of downloaded rules */
+if ($snortdownload == 'on') {
+ $snort_org_sig_chk_local = 'Not Downloaded';
+ $snort_org_sig_date = 'Not Downloaded';
+}
+else {
+ $snort_org_sig_chk_local = 'Not Enabled';
+ $snort_org_sig_date = 'Not Enabled';
+}
+if (file_exists("{$snortdir}/{$snort_rules_file}.md5") && $snortdownload == 'on') {
$snort_org_sig_chk_local = file_get_contents("{$snortdir}/{$snort_rules_file}.md5");
+ $snort_org_sig_date = date(DATE_RFC850, filemtime("{$snortdir}/{$snort_rules_file}.md5"));
+}
-$emergingt_net_sig_chk_local = 'N/A';
-if (file_exists("{$snortdir}/{$emergingthreats_filename}.md5"))
+if ($etpro == "on" || $emergingthreats == "on") {
+ $emergingt_net_sig_chk_local = 'Not Downloaded';
+ $emergingt_net_sig_date = 'Not Downloaded';
+}
+else {
+ $emergingt_net_sig_chk_local = 'Not Enabled';
+ $emergingt_net_sig_date = 'Not Enabled';
+}
+if (file_exists("{$snortdir}/{$emergingthreats_filename}.md5") && ($etpro == "on" || $emergingthreats == "on")) {
$emergingt_net_sig_chk_local = file_get_contents("{$snortdir}/{$emergingthreats_filename}.md5");
+ $emergingt_net_sig_date = date(DATE_RFC850, filemtime("{$snortdir}/{$emergingthreats_filename}.md5"));
+}
-$snort_community_sig_chk_local = 'N/A';
-if (file_exists("{$snortdir}/{$snort_community_rules_filename}.md5"))
+if ($snortcommunityrules == 'on') {
+ $snort_community_sig_chk_local = 'Not Downloaded';
+ $snort_community_sig_sig_date = 'Not Downloaded';
+}
+else {
+ $snort_community_sig_chk_local = 'Not Enabled';
+ $snort_community_sig_sig_date = 'Not Enabled';
+}
+if (file_exists("{$snortdir}/{$snort_community_rules_filename}.md5") && $snortcommunityrules == 'on') {
$snort_community_sig_chk_local = file_get_contents("{$snortdir}/{$snort_community_rules_filename}.md5");
+ $snort_community_sig_sig_date = date(DATE_RFC850, filemtime("{$snortdir}/{$snort_community_rules_filename}.md5"));
+}
/* Check for postback to see if we should clear the update log file. */
if (isset($_POST['clear'])) {
@@ -91,7 +123,27 @@ if (isset($_POST['clear'])) {
mwexec("/bin/rm -f {$snort_rules_upd_log}");
}
-if (isset($_POST['update'])) {
+if (isset($_POST['check'])) {
+ header("Location: /snort/snort_download_rules.php");
+ exit;
+}
+
+if ($_POST['force']) {
+ // Mount file system R/W since we need to remove files
+ conf_mount_rw();
+
+ // Remove the existing MD5 signature files to force a download
+ if (file_exists("{$snortdir}/{$emergingthreats_filename}.md5"))
+ @unlink("{$snortdir}/{$emergingthreats_filename}.md5");
+ if (file_exists("{$snortdir}/{$snort_community_rules_filename}.md5"))
+ @unlink("{$snortdir}/{$snort_community_rules_filename}.md5");
+ if (file_exists("{$snortdir}/{$snort_rules_file}.md5"))
+ @unlink("{$snortdir}/{$snort_rules_file}.md5");
+
+ // Revert file system to R/O.
+ conf_mount_ro();
+
+ // Go download the updates
header("Location: /snort/snort_download_rules.php");
exit;
}
@@ -101,6 +153,15 @@ $snort_rules_upd_logfile_chk = 'no';
if (file_exists("{$snort_rules_upd_log}"))
$snort_rules_upd_logfile_chk = 'yes';
+if ($_POST['view']&& $snort_rules_upd_logfile_chk == 'yes') {
+ $contents = @file_get_contents($snort_rules_upd_log);
+ if (empty($contents))
+ $input_errors[] = gettext("Unable to read log file: {$snort_rules_upd_log}");
+}
+
+if ($_POST['hide'])
+ $contents = "";
+
$pgtitle = gettext("Snort: Updates");
include_once("head.inc");
?>
@@ -108,25 +169,6 @@ include_once("head.inc");
<body link="#000000" vlink="#000000" alink="#000000">
<?php include("fbegin.inc"); ?>
-<?if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}?>
-
-<script language="javascript" type="text/javascript">
-function wopen(url, name, w, h)
-{
-// Fudge factors for window decoration space.
-// In my tests these work well on all platforms & browsers.
-w += 32;
-h += 96;
- var win = window.open(url,
- name,
- 'width=' + w + ', height=' + h + ', ' +
- 'location=no, menubar=no, ' +
- 'status=no, toolbar=no, scrollbars=yes, resizable=yes');
- win.resizeTo(w, h);
- win.focus();
-}
-
-</script>
<form action="snort_download_updates.php" method="post" name="iform" id="iform">
@@ -139,111 +181,134 @@ h += 96;
$tab_array[2] = array(gettext("Updates"), true, "/snort/snort_download_updates.php");
$tab_array[3] = array(gettext("Alerts"), false, "/snort/snort_alerts.php");
$tab_array[4] = array(gettext("Blocked"), false, "/snort/snort_blocked.php");
- $tab_array[5] = array(gettext("Whitelists"), false, "/snort/snort_interfaces_whitelist.php");
+ $tab_array[5] = array(gettext("Pass Lists"), false, "/snort/snort_passlist.php");
$tab_array[6] = array(gettext("Suppress"), false, "/snort/snort_interfaces_suppress.php");
- $tab_array[7] = array(gettext("Sync"), false, "/pkg_edit.php?xml=snort/snort_sync.xml");
- display_top_tabs($tab_array);
+ $tab_array[7] = array(gettext("IP Lists"), false, "/snort/snort_ip_list_mgmt.php");
+ $tab_array[8] = array(gettext("Sync"), false, "/pkg_edit.php?xml=snort/snort_sync.xml");
+ display_top_tabs($tab_array, true);
?>
</td></tr>
<tr>
<td>
<div id="mainarea">
<table id="maintable4" class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
- <tr align="center">
- <td>
- <br/>
- <table id="download_rules" height="32px" width="725px" border="0" cellpadding="5px" cellspacing="0">
+ <tr>
+ <td valign="top" class="listtopic" align="center"><?php echo gettext("INSTALLED RULE SET MD5 SIGNATURE");?></td>
+ </tr>
+ <tr>
+ <td align="center"><br/>
+ <table width="95%" border="0" cellpadding="2" cellspacing="2">
+ <thead>
+ <tr>
+ <th class="listhdrr"><?=gettext("Rule Set Name/Publisher");?></th>
+ <th class="listhdrr"><?=gettext("MD5 Signature Hash");?></th>
+ <th class="listhdrr"><?=gettext("MD5 Signature Date");?></th>
+ </tr>
+ </thead>
<tr>
- <td id="download_rules_td" style="background-color: #eeeeee">
- <div height="32" width="725px" style="background-color: #eeeeee">
- <p style="text-align: left; margin-left: 225px;">
- <font color="#777777" size="2.5px">
- <b><?php echo gettext("INSTALLED RULESET SIGNATURES"); ?></b></font><br/><br/>
- <font color="#FF850A" size="1px"><b>SNORT VRT RULES&nbsp;&nbsp;--></b></font>
- <font size="1px" color="#000000">&nbsp;&nbsp;<? echo $snort_org_sig_chk_local; ?></font><br/>
- <font color="#FF850A" size="1px"><b><?=$et_name;?>&nbsp;&nbsp;--></b></font>
- <font size="1px" color="#000000">&nbsp;&nbsp;<? echo $emergingt_net_sig_chk_local; ?></font><br/>
- <font color="#FF850A" size="1px"><b>SNORT GPLv2 COMMUNITY RULES&nbsp;&nbsp;--></b></font>
- <font size="1px" color="#000000">&nbsp;&nbsp;<? echo $snort_community_sig_chk_local; ?></font><br/>
- </p>
- </div>
- </td>
+ <td align="center" class="vncell vexpl"><b>Snort VRT Rules</b></td>
+ <td align="center" class="vncell vexpl"><? echo trim($snort_org_sig_chk_local);?></td>
+ <td align="center" class="vncell vexpl"><?php echo gettext($snort_org_sig_date);?></td>
</tr>
- </table>
- <br/>
- <table id="download_rules" height="32px" width="725px" border="0" cellpadding="5px" cellspacing="0">
<tr>
- <td id="download_rules_td" style='background-color: #eeeeee'>
- <div height="32" width="725px" style='background-color: #eeeeee'>
- <p style="text-align: left; margin-left: 225px;">
- <font color='#777777' size='2.5px'><b><?php echo gettext("UPDATE YOUR RULESET"); ?></b></font><br/>
- <br/>
-
- <?php
-
- if ($snortdownload != 'on' && $emergingthreats != 'on' && $etpro != 'on') {
- echo '
- <button disabled="disabled"><span class="download">' . gettext("Update Rules") . '</span></button><br/>
- <p style="text-align:left; margin-left:150px;">
- <font color="#fc3608" size="2px"><b>' . gettext("WARNING:") . '</b></font><font size="1px" color="#000000">&nbsp;&nbsp;' . gettext('No rule types have been selected for download. ') .
- gettext('Visit the ') . '<a href="snort_interfaces_global.php">Global Settings Tab</a>' . gettext(' to select rule types.') . '</font><br/>';
-
- echo '</p>' . "\n";
- } else {
-
- echo '
- <input type="submit" value="' . gettext("Update Rules") . '" name="update" id="Submit" class="formbtn" /><br/>' . "\n";
-
- }
-
- ?> <br/>
- </p>
- </div>
- </td>
+ <td align="center" class="vncell vexpl"><b>Snort GPLv2 Community Rules</b></td>
+ <td align="center" class="vncell vexpl"><? echo trim($snort_community_sig_chk_local);?></td>
+ <td align="center" class="vncell vexpl"><?php echo gettext($snort_community_sig_sig_date);?></td>
</tr>
- </table>
- <br/>
- <table id="download_rules" height="32px" width="725px" border="0" cellpadding="5px" cellspacing="0">
<tr>
- <td id="download_rules_td" style='background-color: #eeeeee'>
- <div height="32" width="725px" style='background-color: #eeeeee'>
- <p style="text-align: left; margin-left: 225px;">
- <font color='#777777' size='2.5px'><b><?php echo gettext("VIEW UPDATE LOG"); ?></b></font><br/>
- <br>
- <?php
-
- if ($snort_rules_upd_logfile_chk == 'yes') {
- echo "
- <button class=\"formbtn\" onclick=\"wopen('snort_log_view.php?logfile={$log}', 'LogViewer', 800, 600)\"><span class='pwhitetxt'>" . gettext("View Log") . "</span></button>";
- echo "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=\"submit\" value=\"Clear Log\" name=\"clear\" id=\"Submit\" class=\"formbtn\" />\n";
- }else{
- echo "
- <button disabled='disabled'><span class='pwhitetxt'>" . gettext("View Log") . "</span></button>&nbsp;&nbsp;&nbsp;" . gettext("Log is empty.") . "\n";
- }
- echo '<br><br>' . gettext("The log file is limited to 1024K in size and automatically clears when the limit is exceeded.");
- ?>
- <br/>
- </p>
- </div>
- </td>
+ <td align="center" class="vncell vexpl"><b><?=$et_name;?></b></td>
+ <td align="center" class="vncell vexpl"><? echo trim($emergingt_net_sig_chk_local);?></td>
+ <td align="center" class="vncell vexpl"><?php echo gettext($emergingt_net_sig_date);?></td>
</tr>
- </table>
-
- <br/>
+ </table><br/>
+ </td>
+ </tr>
+ <tr>
+ <td valign="top" class="listtopic" align="center"><?php echo gettext("UPDATE YOUR RULE SET");?></td>
+ </tr>
+ <tr>
+ <td align="center">
+ <table width="45%" border="0" cellpadding="0" cellspacing="0">
+ <tbody>
+ <tr>
+ <td class="list" align="right"><strong><?php echo gettext("Last Update:");?></strong></td>
+ <td class="list" align="left"><?php echo $last_rule_upd_time;?></td>
+ </tr>
+ <tr>
+ <td class="list" align="right"><strong><?php echo gettext("Result:");?></strong></td>
+ <td class="list" align="left"><?php echo $last_rule_upd_status;?></td>
+ </tr>
+ </tbody>
+ </table>
+ </td>
+ </tr>
+ <tr>
+ <td align="center">
+ <?php if ($snortdownload != 'on' && $emergingthreats != 'on' && $etpro != 'on'): ?>
+ <br/><button disabled="disabled"><?=gettext("Check");?></button>&nbsp;&nbsp;&nbsp;&nbsp;
+ <button disabled="disabled"><?=gettext("Force");?></button>
+ <br/>
+ <p style="text-align:center;" class="vexpl">
+ <font class="red"><b><?php echo gettext("WARNING:");?></b></font>&nbsp;
+ <?php echo gettext('No rule types have been selected for download. ') .
+ gettext('Visit the ') . '<a href="/snort/snort_global.php">Global Settings Tab</a>' . gettext(' to select rule types.'); ?>
+ <br/></p>
+ <?php else: ?>
+ <br/>
+ <input type="submit" value="<?=gettext("Check");?>" name="check" id="check" class="formbtn"
+ title="<?php echo gettext("Check for new updates to enabled rule sets"); ?>"/>&nbsp;&nbsp;&nbsp;&nbsp;
+ <input type="submit" value="<?=gettext("Force");?>" name="force" id="force" class="formbtn"
+ title="<?=gettext("Force an update of all enabled rule sets");?>"
+ onclick="return confirm('<?=gettext("This will zero-out the MD5 hashes to force a fresh download of enabled rule sets. Click OK to continue or CANCEL to quit");?>');"/>
+ <br/><br/>
+ <?php endif; ?>
+ </td>
+ </tr>
- <table id="download_rules" height="32px" width="725px" border="0" cellpadding="5px" cellspacing="0">
- <tr>
- <td id="download_rules_td" style='background-color: #eeeeee'>
- <div height="32" width="725px" style='background-color: #eeeeee'><span class="vexpl">
- <span class="red"><b><?php echo gettext("NOTE:"); ?></b></span>
- &nbsp;&nbsp;<a href="http://www.snort.org/" target="_blank"><?php echo gettext("Snort.org") . "</a>" .
- gettext(" and ") . "<a href=\"http://www.emergingthreats.net/\" target=\"_blank\">" . gettext("EmergingThreats.net") . "</a>" .
- gettext(" will go down from time to time. Please be patient."); ?></span>
+ <tr>
+ <td valign="top" class="listtopic" align="center"><?php echo gettext("MANAGE RULE SET LOG");?></td>
+ </tr>
+ <tr>
+ <td align="center" valign="middle" class="vexpl">
+ <?php if ($snort_rules_upd_logfile_chk == 'yes'): ?>
+ <br/>
+ <?php if (!empty($contents)): ?>
+ <input type="submit" value="<?php echo gettext("Hide"); ?>" name="hide" id="hide" class="formbtn"
+ title="<?php echo gettext("Hide rules update log"); ?>"/>
+ <?php else: ?>
+ <input type="submit" value="<?php echo gettext("View"); ?>" name="view" id="view" class="formbtn"
+ title="<?php echo gettext("View rules update log"); ?>"/>
+ <?php endif; ?>
+ &nbsp;&nbsp;&nbsp;&nbsp;
+ <input type="submit" value="<?php echo gettext("Clear"); ?>" name="clear" id="clear" class="formbtn"
+ title="<?php echo gettext("Clear rules update log"); ?>" onClick="return confirm('Are you sure you want to delete the log contents?\nOK to confirm, or CANCEL to quit');"/>
+ <br/>
+ <?php else: ?>
+ <br/>
+ <button disabled='disabled'><?php echo gettext("View Log"); ?></button><br/><?php echo gettext("Log is empty."); ?><br/>
+ <?php endif; ?>
+ <br/><?php echo gettext("The log file is limited to 1024K in size and automatically clears when the limit is exceeded."); ?><br/><br/>
+ </td>
+ </tr>
+ <?php if (!empty($contents)): ?>
+ <tr>
+ <td valign="top" class="listtopic" align="center"><?php echo gettext("RULE SET UPDATE LOG");?></td>
+ </tr>
+ <tr>
+ <td align="center">
+ <div style="background: #eeeeee; width:100%; height:100%;" id="textareaitem"><!-- NOTE: The opening *and* the closing textarea tag must be on the same line. -->
+ <textarea style="width:100%; height:100%;" readonly wrap="off" rows="24" cols="80" name="logtext"><?=$contents;?></textarea>
</div>
- </td>
- </tr>
- </table>
-
+ </td>
+ </tr>
+ <?php endif; ?>
+ <tr>
+ <td align="center">
+ <span class="vexpl"><br/>
+ <span class="red"><b><?php echo gettext("NOTE:"); ?></b></span>
+ &nbsp;<a href="http://www.snort.org/" target="_blank"><?php echo gettext("Snort.org") . "</a>" .
+ gettext(" and ") . "<a href=\"http://www.emergingthreats.net/\" target=\"_blank\">" . gettext("EmergingThreats.net") . "</a>" .
+ gettext(" will go down from time to time. Please be patient."); ?></span><br/>
</td>
</tr>
</table>
@@ -252,7 +317,6 @@ h += 96;
</td>
</tr>
</table>
-<!-- end of final table -->
</form>
<?php include("fend.inc"); ?>
</body>