diff options
author | robiscool <robrob2626@yahoo.com> | 2009-12-13 22:32:04 -0800 |
---|---|---|
committer | robiscool <robrob2626@yahoo.com> | 2009-12-13 22:32:04 -0800 |
commit | af41e1500afce97a0ac1e1348eaeafa31cfb792e (patch) | |
tree | c9f161d757420ba2015e58ca87ba726acb02edaa | |
parent | 1b105aedad724692d68e2f60062981452df662f5 (diff) | |
download | pfsense-packages-af41e1500afce97a0ac1e1348eaeafa31cfb792e.tar.gz pfsense-packages-af41e1500afce97a0ac1e1348eaeafa31cfb792e.tar.bz2 pfsense-packages-af41e1500afce97a0ac1e1348eaeafa31cfb792e.zip |
snort-dev, add options blocked host.php, and alerts php
-rw-r--r-- | config/snort-dev/snort_alerts.php | 3 | ||||
-rw-r--r-- | config/snort-dev/snort_blocked.php | 88 |
2 files changed, 56 insertions, 35 deletions
diff --git a/config/snort-dev/snort_alerts.php b/config/snort-dev/snort_alerts.php index 882ef3d6..d260aee9 100644 --- a/config/snort-dev/snort_alerts.php +++ b/config/snort-dev/snort_alerts.php @@ -47,9 +47,6 @@ if ($_POST['clear']) { conf_mount_ro(); system_syslogd_start(); exec("/usr/bin/killall -HUP snort"); - exec("/usr/bin/killall snort2c"); - if ($config['installedpackages']['snort']['config'][0]['blockoffenders'] == 'on') - exec("/usr/local/bin/snort2c -w /var/db/whitelist -a /var/log/snort/alert"); } $pgtitle = "Services: Snort: Snort Alerts"; diff --git a/config/snort-dev/snort_blocked.php b/config/snort-dev/snort_blocked.php index 694f76c5..b7e92395 100644 --- a/config/snort-dev/snort_blocked.php +++ b/config/snort-dev/snort_blocked.php @@ -3,6 +3,7 @@ /* snort_blocked.php Copyright (C) 2006 Scott Ullrich + Copyright (C) 2009 Robert Zelaya All rights reserved. Redistribution and use in source and binary forms, with or without @@ -38,16 +39,52 @@ if($_POST['todelete'] or $_GET['todelete']) { exec("/sbin/pfctl -t snort2c -T delete {$ip}"); } -$pgtitle = "Snort: Services: Snort Blocked"; +if ($_POST['remove']) { + +exec("/sbin/pfctl -t snort2c -T flush"); +sleep(1); +header("Location: /snort/snort_blocked.php"); + +} + + +$pgtitle = "Snort: Services: Snort Blocked Hosts"; include("head.inc"); +/* tell the user what settings they have */ +$blockedtab_msg_chk = $config['installedpackages']['snortglobal']['rm_blocked']; + if ($blockedtab_msg_chk == "1h_b") { + $blocked_msg = "hour"; + } + if ($blockedtab_msg_chk == "3h_b") { + $blocked_msg = "3 hours"; + } + if ($blockedtab_msg_chk == "6h_b") { + $blocked_msg = "6 hours"; + } + if ($blockedtab_msg_chk == "12h_b") { + $blocked_msg = "12 hours"; + } + if ($blockedtab_msg_chk == "1d_b") { + $blocked_msg = "day"; + } + if ($blockedtab_msg_chk == "4d_b") { + $blocked_msg = "4 days"; + } + if ($blockedtab_msg_chk == "7d_b") { + $blocked_msg = "7 days"; + } + if ($blockedtab_msg_chk == "28d_b") { + $blocked_msg = "28 days"; + } + ?> <body link="#000000" vlink="#000000" alink="#000000"> <?php include("fbegin.inc"); ?> <p class="pgtitle"><?=$pgtitle?></p> -<form action="snort_rulesets.php" method="post" name="iform" id="iform"> +<form action="snort_blocked.php" method="post" name="iform" id="iform"> <script src="/row_toggle.js" type="text/javascript"></script> <script src="/javascript/sorttable.js" type="text/javascript"></script> <?php if ($savemsg) print_info_box($savemsg); ?> @@ -71,8 +108,17 @@ include("head.inc"); <td> <div id="mainarea"> <table id="maintable" class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0"> - <tr> + <tr> <td> + <?php + if ($blockedtab_msg_chk != "never_b") + { + echo "<span class=\"red\"><strong>Note:</strong></span><br>This page lists hosts that have been blocked by Snort. Hosts are automatically deleted every <strong>$blocked_msg</strong>.<br><br>"; + }else{ + echo "<span class=\"red\"><strong>Note:</strong></span><br>This page lists hosts that have been blocked by Snort. Snort package settings are set to never <strong>remove</strong> hosts.<br><br>"; + } + ?> + <input name="remove" type="submit" class="formbtn" value="Remove"> all blocked hosts.<br><br> <table id="sortabletable1" class="sortable" width="100%" border="0" cellpadding="0" cellspacing="0"> <tr id="frheader"> <td width="5%" class="listhdrr">Remove</td> @@ -85,7 +131,7 @@ include("head.inc"); // $ips = `/sbin/pfctl -t snort2c -T show`; /* this improves loading of ips by a factor of 10 */ exec('/sbin/pfctl -t snort2c -T show > /tmp/snort_block.cache'); - sleep(3); + sleep(1); $ips_array = file('/tmp/snort_block.cache'); // $ips_array = split("\n", $ips); $counter = 0; @@ -128,34 +174,12 @@ include("head.inc"); <?php -/* tell the user what settings they have */ -$blockedtab_msg_chk = $config['installedpackages']['snortglobal']['rm_blocked7']; - if ($blockedtab_msg_chk == "1h_b") { - $blocked_msg = "hour"; - } - if ($blockedtab_msg_chk == "3h_b") { - $blocked_msg = "3 hours"; - } - if ($blockedtab_msg_chk == "6h_b") { - $blocked_msg = "6 hours"; - } - if ($blockedtab_msg_chk == "12h_b") { - $blocked_msg = "12 hours"; - } - if ($blockedtab_msg_chk == "1d_b") { - $blocked_msg = "day"; - } - if ($blockedtab_msg_chk == "4d_b") { - $blocked_msg = "4 days"; - } - if ($blockedtab_msg_chk == "7d_b") { - $blocked_msg = "7 days"; - } - if ($blockedtab_msg_chk == "28d_b") { - $blocked_msg = "28 days"; - } - -echo "This page lists hosts that have been blocked by Snort. Hosts are automatically deleted every $blocked_msg."; +if ($blockedtab_msg_chk != "never_b") +{ +echo "This page lists hosts that have been blocked by Snort. Hosts are automatically deleted every <strong>$blocked_msg</strong>."; +}else{ +echo "This page lists hosts that have been blocked by Snort. Snort package settings are set to never <strong>remove</strong> hosts."; +} ?> |