diff options
| author | robiscool <robrob2626@yahoo.com> | 2009-12-30 00:51:05 -0800 |
|---|---|---|
| committer | robiscool <robrob2626@yahoo.com> | 2009-12-30 00:51:38 -0800 |
| commit | d0f804ddd88b5687ae471a20da7b2726390ae97f (patch) | |
| tree | b1914e4ecd4dd54ab2f52026494ab4d370e63ebb /config/snort-dev/snort_blocked.php | |
| parent | b942041662c8cdc0cc6b676b9f4402e2861e00ca (diff) | |
| download | pfsense-packages-d0f804ddd88b5687ae471a20da7b2726390ae97f.tar.gz pfsense-packages-d0f804ddd88b5687ae471a20da7b2726390ae97f.tar.bz2 pfsense-packages-d0f804ddd88b5687ae471a20da7b2726390ae97f.zip | |
snort-dev, add filtering for corrupted alerts file
Diffstat (limited to 'config/snort-dev/snort_blocked.php')
| -rw-r--r-- | config/snort-dev/snort_blocked.php | 44 |
1 files changed, 39 insertions, 5 deletions
diff --git a/config/snort-dev/snort_blocked.php b/config/snort-dev/snort_blocked.php index 06d03bd0..d4b4c2b9 100644 --- a/config/snort-dev/snort_blocked.php +++ b/config/snort-dev/snort_blocked.php @@ -323,7 +323,7 @@ $blocked_ips_array = str_replace(' ', '', array_filter(explode("\n", file_get_ $logent = $bnentries; -if ($blocked_ips_array[0] != '') +if ($blocked_ips_array[0] != '' && $alerts_array[0] != '') { /* build the list and compare blocks to alerts */ @@ -335,10 +335,21 @@ if ($blocked_ips_array[0] != '') $alert_ip_src = get_snort_alert_ip_src($fileline); $alert_ip_disc = get_snort_alert_disc($fileline); + $alert_ip_src_array[] = get_snort_alert_ip_src($fileline); - if (in_array("$alert_ip_src", $blocked_ips_array)) - $input[] = "[$alert_ip_src] " . "[$alert_ip_disc]\n"; + if (in_array("$alert_ip_src", $blocked_ips_array)) + { + $input[] = "[$alert_ip_src] " . "[$alert_ip_disc]\n"; + } + } + foreach($blocked_ips_array as $alert_block_ip) + { + + if (!in_array($alert_block_ip, $alert_ip_src_array)) + { + $input[] = "[$alert_block_ip] " . "[N\A]\n"; + } } /* reduce double occurrences */ @@ -374,7 +385,6 @@ if ($blocked_ips_array[0] != '') $alert_block_disc = 'empty'; } - /* use one echo to do the magic*/ echo "<tr> <td align=\"center\" valign=\"top\"'><a href='snort_blocked.php?todelete=" . trim(urlencode($alert_block_ip)) . "'> @@ -385,13 +395,37 @@ if ($blocked_ips_array[0] != '') </tr>\n"; } + +}else{ + + /* if alerts file is empty and blocked table is not empty */ + $counter2 = 0; + + foreach($blocked_ips_array as $alert_block_ip) + { + if($logent <= $counter2) + continue; + + $counter2++; + + $alert_block_disc = 'N/A'; + + /* use one echo to do the magic*/ + echo "<tr> + <td align=\"center\" valign=\"top\"'><a href='snort_blocked.php?todelete=" . trim(urlencode($alert_block_ip)) . "'> + <img title=\"Delete\" border=\"0\" name='todelete' id='todelete' alt=\"Delete\" src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\"></a></td> + <td> {$counter2}</td> + <td> {$alert_block_ip}</td> + <td> {$alert_block_disc}</td> + </tr>\n"; + } } if ($blocked_ips_array[0] == '') { echo "\n<tr><td colspan='3' align=\"center\" valign=\"top\"><br><strong>There are currently no items being blocked by snort.</strong></td></tr>"; }else{ - echo "\n<tr><td colspan='3' align=\"center\" valign=\"top\">{$counter} items listed.</td></tr>"; + echo "\n<tr><td colspan='3' align=\"center\" valign=\"top\">{$counter2} items listed.</td></tr>"; } ?> |