aboutsummaryrefslogtreecommitdiffstats
path: root/config/snort-dev
diff options
context:
space:
mode:
authorrobiscool <robrob2626@yahoo.com>2011-06-16 13:10:29 -0700
committerrobiscool <robrob2626@yahoo.com>2011-06-16 13:10:29 -0700
commitb09f9b80567607884f88c28f694cdefe744ded1e (patch)
tree479d734a5b9f7b2b37dee5170c0b636454946f76 /config/snort-dev
parent3a16379bd0e3afc1a0845c0ea57a669923a57a4d (diff)
downloadpfsense-packages-b09f9b80567607884f88c28f694cdefe744ded1e.tar.gz
pfsense-packages-b09f9b80567607884f88c28f694cdefe744ded1e.tar.bz2
pfsense-packages-b09f9b80567607884f88c28f694cdefe744ded1e.zip
snort-dev, redo the way users interact with the rules, update database names
Diffstat (limited to 'config/snort-dev')
-rw-r--r--config/snort-dev/snortDBbin16384 -> 20480 bytes
-rw-r--r--config/snort-dev/snortDBrulesbin17408 -> 17408 bytes
-rw-r--r--config/snort-dev/snortDBtempbin7168 -> 9216 bytes
-rw-r--r--config/snort-dev/snort_alerts.php3
-rw-r--r--config/snort-dev/snort_barnyard.php8
-rw-r--r--config/snort-dev/snort_blocked.php1
-rw-r--r--config/snort-dev/snort_define_servers.php8
-rw-r--r--config/snort-dev/snort_download_rules.inc2
-rw-r--r--config/snort-dev/snort_download_updates.php2
-rw-r--r--config/snort-dev/snort_headbase.inc8
-rw-r--r--config/snort-dev/snort_interfaces.php4
-rw-r--r--config/snort-dev/snort_interfaces_edit.php74
-rw-r--r--config/snort-dev/snort_interfaces_global.php1
-rw-r--r--config/snort-dev/snort_interfaces_rules.php180
-rw-r--r--config/snort-dev/snort_interfaces_rules_edit.php204
-rw-r--r--config/snort-dev/snort_interfaces_whitelist_edit.php3
-rw-r--r--config/snort-dev/snort_json_get.php20
-rw-r--r--config/snort-dev/snort_json_post.php161
-rw-r--r--config/snort-dev/snort_new.inc228
-rw-r--r--config/snort-dev/snort_preprocessors.php8
-rw-r--r--config/snort-dev/snort_rules.php114
-rw-r--r--config/snort-dev/snort_rulesets.php107
22 files changed, 820 insertions, 316 deletions
diff --git a/config/snort-dev/snortDB b/config/snort-dev/snortDB
index bb2f5c7b..beacf5d4 100644
--- a/config/snort-dev/snortDB
+++ b/config/snort-dev/snortDB
Binary files differ
diff --git a/config/snort-dev/snortDBrules b/config/snort-dev/snortDBrules
index 306d6774..07b899e3 100644
--- a/config/snort-dev/snortDBrules
+++ b/config/snort-dev/snortDBrules
Binary files differ
diff --git a/config/snort-dev/snortDBtemp b/config/snort-dev/snortDBtemp
index cbb6e2ef..46375e2f 100644
--- a/config/snort-dev/snortDBtemp
+++ b/config/snort-dev/snortDBtemp
Binary files differ
diff --git a/config/snort-dev/snort_alerts.php b/config/snort-dev/snort_alerts.php
index dc385e6d..0b7d7d06 100644
--- a/config/snort-dev/snort_alerts.php
+++ b/config/snort-dev/snort_alerts.php
@@ -76,8 +76,7 @@ $arefresh_on = ($generalSettings['arefresh'] == 'on' ? 'checked' : '');
<li><a href="/snort/snort_blocked.php"><span>Blocked</span></a></li>
<li><a href="/snort/snort_interfaces_whitelist.php"><span>Whitelists</span></a></li>
<li><a href="/snort/snort_interfaces_suppress.php"><span>Suppress</span></a></li>
- <li><a href="/snort/snort_help_info.php"><span>Help</span></a></li>
- </li>
+ <li><a href="/snort/snort_help_info.php"><span>Help</span></a></li>
</ul>
</div>
diff --git a/config/snort-dev/snort_barnyard.php b/config/snort-dev/snort_barnyard.php
index aea0d93d..8dde1cd3 100644
--- a/config/snort-dev/snort_barnyard.php
+++ b/config/snort-dev/snort_barnyard.php
@@ -46,7 +46,7 @@ if ($uuid == '') {
}
-$a_list = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'uuid', $uuid);
+$a_list = snortSql_fetchAllSettings('snortDB', 'SnortIfaces', 'uuid', $uuid);
if (!is_array($a_list))
{
@@ -169,9 +169,10 @@ jQuery(document).ready(function() {
<form id="iform" >
<input type="hidden" name="snortSaveSettings" value="1" /> <!-- what to do, save -->
- <input type="hidden" name="dbName" value="snortDBrules" /> <!-- what db-->
- <input type="hidden" name="dbTable" value="Snortrules" /> <!-- what db table-->
+ <input type="hidden" name="dbName" value="snortDB" /> <!-- what db-->
+ <input type="hidden" name="dbTable" value="SnortIfaces" /> <!-- what db table-->
<input type="hidden" name="ifaceTab" value="snort_barnyard" /> <!-- what interface tab -->
+ <input name="uuid" type="hidden" value="<?=$uuid; ?>">
<tr>
@@ -224,7 +225,6 @@ jQuery(document).ready(function() {
<td width="78%">
<input name="Submit" type="submit" class="formbtn" value="Save">
<input type="button" class="formbtn" value="Cancel" >
- <input name="uuid" type="hidden" value="<?=$uuid; ?>">
</td>
</tr>
<tr>
diff --git a/config/snort-dev/snort_blocked.php b/config/snort-dev/snort_blocked.php
index 5e835c80..4f81bc6c 100644
--- a/config/snort-dev/snort_blocked.php
+++ b/config/snort-dev/snort_blocked.php
@@ -78,7 +78,6 @@ $brefresh_on = ($generalSettings['brefresh'] == 'on' ? 'checked' : '');
<li><a href="/snort/snort_interfaces_whitelist.php"><span>Whitelists</span></a></li>
<li><a href="/snort/snort_interfaces_suppress.php"><span>Suppress</span></a></li>
<li><a href="/snort/snort_help_info.php"><span>Help</span></a></li>
- </li>
</ul>
</div>
diff --git a/config/snort-dev/snort_define_servers.php b/config/snort-dev/snort_define_servers.php
index b6b83b56..abb9bcdd 100644
--- a/config/snort-dev/snort_define_servers.php
+++ b/config/snort-dev/snort_define_servers.php
@@ -46,7 +46,7 @@ if ($uuid == '') {
}
-$a_list = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'uuid', $uuid);
+$a_list = snortSql_fetchAllSettings('snortDB', 'SnortIfaces', 'uuid', $uuid);
$pgtitle = "Snort: Interface Define Servers:";
@@ -99,9 +99,10 @@ $a_list = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'uuid', $uuid)
<form id="iform" >
<input type="hidden" name="snortSaveSettings" value="1" /> <!-- what to do, save -->
- <input type="hidden" name="dbName" value="snortDBrules" /> <!-- what db-->
- <input type="hidden" name="dbTable" value="Snortrules" /> <!-- what db table-->
+ <input type="hidden" name="dbName" value="snortDB" /> <!-- what db-->
+ <input type="hidden" name="dbTable" value="SnortIfaces" /> <!-- what db table-->
<input type="hidden" name="ifaceTab" value="snort_define_servers" /> <!-- what interface tab -->
+ <input name="uuid" type="hidden" value="<?=$uuid; ?>">
<tr>
<td width="22%" valign="top">&nbsp;</td>
@@ -382,7 +383,6 @@ $a_list = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'uuid', $uuid)
<td width="78%">
<input name="Submit" type="submit" class="formbtn" value="Save">
<input id="cancel" type="button" class="formbtn" value="Cancel">
- <input name="uuid" type="hidden" value="<?=$uuid; ?>">
</td>
</tr>
<tr>
diff --git a/config/snort-dev/snort_download_rules.inc b/config/snort-dev/snort_download_rules.inc
index cf40ad89..b8d18397 100644
--- a/config/snort-dev/snort_download_rules.inc
+++ b/config/snort-dev/snort_download_rules.inc
@@ -6,8 +6,6 @@
*
*/
-//require_once("/usr/local/pkg/snort/snort_new.inc");
-
// fetch db Settings NONE Json
function snortSql_fetchAllSettings($dbname, $table, $type, $id_uuid)
{
diff --git a/config/snort-dev/snort_download_updates.php b/config/snort-dev/snort_download_updates.php
index 4f99cda8..6e1a0b0d 100644
--- a/config/snort-dev/snort_download_updates.php
+++ b/config/snort-dev/snort_download_updates.php
@@ -125,7 +125,6 @@ header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
<li><a href="/snort/snort_interfaces_whitelist.php"><span>Whitelists</span></a></li>
<li><a href="/snort/snort_interfaces_suppress.php"><span>Suppress</span></a></li>
<li><a href="/snort/snort_help_info.php"><span>Help</span></a></li>
- </li>
</ul>
</div>
@@ -140,7 +139,6 @@ header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
<li><a href="#"><span>Upload Custom Rules</span></a></li>
<li><a href="#"><span>Gui Update</span></a></li>
</ul>
-
</div>
</td>
diff --git a/config/snort-dev/snort_headbase.inc b/config/snort-dev/snort_headbase.inc
index 6a2492ad..d21fedc7 100644
--- a/config/snort-dev/snort_headbase.inc
+++ b/config/snort-dev/snort_headbase.inc
@@ -5,10 +5,10 @@
<link rel="stylesheet" type="text/css" href="./css/style_snort2.css" media="all" />
<!-- <link rel="stylesheet" type="text/css" href="./css/jquery.bubblepopup.v2.3.1.css" media="all" /> -->
-<script type="text/javascript" src="./javascript/jquery-1.6.min.js"></script>
-<script type="text/javascript" src="./javascript/snort_globalsend.js"></script>
-<script type="text/javascript" src="./javascript/jquery.form.js"></script>
-<script type="text/javascript" src="./javascript/jquery.progressbar.min.js"></script>
+<script type="text/javascript" src="/snort/javascript/jquery-1.6.1.min.js"></script>
+<script type="text/javascript" src="/snort/javascript/snort_globalsend.js"></script>
+<script type="text/javascript" src="/snort/javascript/jquery.form.js"></script>
+<script type="text/javascript" src="/snort/javascript/jquery.progressbar.min.js"></script>
<!-- <script type="text/javascript" src="./javascript/jquery.bubblepopup.v2.3.1.min.js"></script> -->
<!-- STOP of Snort Package css and javascript -->
diff --git a/config/snort-dev/snort_interfaces.php b/config/snort-dev/snort_interfaces.php
index f8f4c859..59ff381d 100644
--- a/config/snort-dev/snort_interfaces.php
+++ b/config/snort-dev/snort_interfaces.php
@@ -38,7 +38,7 @@ require_once("/usr/local/pkg/snort/snort_gui.inc");
$new_ruleUUID = genAlphaNumMixFast(7, 8);
-$a_interfaces = snortSql_fetchAllInterfaceRules('Snortrules', 'snortDBrules');
+$a_interfaces = snortSql_fetchAllInterfaceRules('SnortIfaces', 'snortDB');
$pgtitle = "Services: Snort 2.9.0.5 pkg v. 2.0";
@@ -166,7 +166,7 @@ $a_interfaces = snortSql_fetchAllInterfaceRules('Snortrules', 'snortDBrules');
echo "
- <div id=\"maintable_{$list['uuid']}\" data-options='{\"pagetable\":\"Snortrules\", \"pagedb\":\"snortDBrules\", \"DoPOST\":\"true\"}'>
+ <div id=\"maintable_{$list['uuid']}\" data-options='{\"pagetable\":\"SnortIfaces\", \"pagedb\":\"snortDB\", \"DoPOST\":\"true\"}'>
";
echo '
<table width="100%" border="0" cellpadding="0" cellspacing="0">
diff --git a/config/snort-dev/snort_interfaces_edit.php b/config/snort-dev/snort_interfaces_edit.php
index 2eca2b80..169b0dba 100644
--- a/config/snort-dev/snort_interfaces_edit.php
+++ b/config/snort-dev/snort_interfaces_edit.php
@@ -47,24 +47,23 @@ if ($uuid == '') {
-$a_list = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'uuid', $uuid);
+$a_list = snortSql_fetchAllSettings('snortDB', 'SnortIfaces', 'uuid', $uuid);
- if (!is_array($a_list))
- {
- $a_list = array();
- }
+$a_rules = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'All', '');
+
+if (!is_array($a_list)) {
+ $a_list = array();
+}
$a_whitelist = snortSql_fetchAllWhitelistTypes('SnortWhitelist', 'SnortWhitelistips');
- if (!is_array($a_whitelist))
- {
- $a_whitelist = array();
- }
+if (!is_array($a_whitelist)) {
+ $a_whitelist = array();
+}
$a_suppresslist = snortSql_fetchAllWhitelistTypes('SnortSuppress', '');
-if (!is_array($a_suppresslist))
-{
+if (!is_array($a_suppresslist)) {
$a_suppresslist = array();
}
@@ -97,16 +96,14 @@ jQuery(document).ready(function() {
);
<?php
- if ($a_list['interface'] != '')
- {
+ if ($a_list['interface'] != '') {
echo '
jQuery(\'[name=interface]\').attr(\'disabled\', \'true\');
';
}
// disable tabs if nothing in database
- if ($a_list['uuid'] == '')
- {
+ if ($a_list['uuid'] == '') {
echo '
jQuery(\'.hide_newtabmenu\').hide();
';
@@ -114,8 +111,7 @@ jQuery(document).ready(function() {
?>
- if (endis)
- {
+ if (endis) {
for (var i = 0; i < disableInputs.length; i++)
{
jQuery('[name=' + disableInputs[i] + ']').attr('disabled', 'true');
@@ -126,8 +122,7 @@ jQuery(document).ready(function() {
endis = !(jQuery('input[name=enable]:checked').val());
- if (endis)
- {
+ if (endis) {
for (var i = 0; i < disableInputs.length; i++)
{
jQuery('[name=' + disableInputs[i] + ']').attr('disabled', 'true');
@@ -192,9 +187,10 @@ jQuery(document).ready(function() {
<form id="iform" name="iform" >
<input type="hidden" name="snortSaveSettings" value="1" /> <!-- what to do, save -->
- <input type="hidden" name="dbName" value="snortDBrules" /> <!-- what db-->
- <input type="hidden" name="dbTable" value="Snortrules" /> <!-- what db table-->
+ <input type="hidden" name="dbName" value="snortDB" /> <!-- what db-->
+ <input type="hidden" name="dbTable" value="SnortIfaces" /> <!-- what db table-->
<input type="hidden" name="ifaceTab" value="snort_interfaces_edit" /> <!-- what interface tab -->
+ <input name="uuid" type="hidden" value="<?=$uuid; ?>" >
<table width="100%" border="0" cellpadding="6" cellspacing="0">
<tr>
@@ -280,6 +276,41 @@ jQuery(document).ready(function() {
</td>
</tr>
<tr>
+ <td colspan="2" valign="top" class="listtopic">Choose the rule DB snort should use.</td>
+ </tr>
+
+ <tr>
+ <td width="22%" valign="top" class="vncell2">Rule DB</td>
+ <td width="78%" class="vtable">
+ <select name="ruledbname" class="formfld" id="ruledbname">
+
+ <?php
+ // find ruleDB names and value by uuid
+ $selected = '';
+ if ($a_list['ruledbname'] == 'default') {
+ $selected = 'selected';
+ }
+ echo "\n" . '<option value="default" ' . $selected . ' >default</option>' . "\r";
+ foreach ($a_rules as $value)
+ {
+ $selected = '';
+ if ($value['uuid'] == $a_list['ruledbname'] && $value['enable'] !== 'off') {
+ $selected = 'selected';
+ }
+
+ echo "\n" . '<option value="' . $value['uuid'] . '" ' . $selected . ' >' . $value['ruledbname'] . '</option>' . "\r";
+ }
+ ?>
+
+ </select>
+ <br>
+ <span class="vexpl">Choose the home net you will like this rule to use. &nbsp;<span class="red">Note:</span>&nbsp;Default homenet adds only local networks.
+ <br>
+ <span class="red">Hint:</span>&nbsp;Most users add a list offriendly ips that the firewall cant see.</span>
+ </td>
+ </tr>
+
+ <tr>
<td colspan="2" valign="top" class="listtopic">Choose the networks snort should inspect and whitelist.</td>
</tr>
<tr>
@@ -420,7 +451,6 @@ jQuery(document).ready(function() {
<input name="Submit" type="submit" class="formbtn" value="Save">
<input name="Submit2" type="submit" class="formbtn" value="Start">
<input id="cancel" type="button" class="formbtn" value="Cancel">
- <input name="uuid" type="hidden" value="<?=$uuid; ?>" >
</td>
</tr>
<tr>
diff --git a/config/snort-dev/snort_interfaces_global.php b/config/snort-dev/snort_interfaces_global.php
index c391f10c..64f81643 100644
--- a/config/snort-dev/snort_interfaces_global.php
+++ b/config/snort-dev/snort_interfaces_global.php
@@ -167,7 +167,6 @@ jQuery(document).ready(function(){
<li><a href="/snort/snort_interfaces_whitelist.php"><span>Whitelists</span></a></li>
<li><a href="/snort/snort_interfaces_suppress.php"><span>Suppress</span></a></li>
<li><a href="/snort/snort_help_info.php"><span>Help</span></a></li>
- </li>
</ul>
</div>
diff --git a/config/snort-dev/snort_interfaces_rules.php b/config/snort-dev/snort_interfaces_rules.php
new file mode 100644
index 00000000..8f1631a2
--- /dev/null
+++ b/config/snort-dev/snort_interfaces_rules.php
@@ -0,0 +1,180 @@
+<?php
+/* $Id$ */
+/*
+ snort_interfaces.php
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ Modified for the Snaort Package By
+ Copyright (C) 2008-2011 Robert Zelaya.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+ */
+
+require_once("guiconfig.inc");
+require_once("/usr/local/pkg/snort/snort_new.inc");
+require_once("/usr/local/pkg/snort/snort_gui.inc");
+
+$a_rules = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'All', '');
+
+ if (!is_array($a_rules)) {
+ $a_rules = array();
+ }
+
+ if ($a_rules == 'Error') {
+ echo 'Error';
+ exit(0);
+ }
+
+ $pgtitle = "Services: Snort: Rules";
+ include("/usr/local/pkg/snort/snort_head.inc");
+
+?>
+
+
+<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
+
+<div id="loadingWaiting">
+ <p class="loadingWaitingMessage"><img src="./images/loading.gif" /> <br>Please Wait...</p>
+</div>
+
+<?php include("fbegin.inc"); ?>
+<!-- hack to fix the hardcoed fbegin link in header -->
+<div id="header-left2">
+<a href="../index.php" id="status-link2">
+<img src="./images/transparent.gif" border="0"></img>
+</a>
+</div>
+
+<div class="body2"><!-- hack to fix the hardcoed fbegin link in header -->
+<div id="header-left2"><a href="../index.php" id="status-link2"><img src="./images/transparent.gif" border="0"></img></a></div>
+
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr>
+ <td>
+
+ <div class="newtabmenu" style="margin: 1px 0px; width: 775px;"><!-- Tabbed bar code-->
+ <ul class="newtabmenu">
+ <li><a href="/snort/snort_interfaces.php"><span>Snort Interfaces</span></a></li>
+ <li><a href="/snort/snort_interfaces_global.php"><span>Global Settings</span></a></li>
+ <li><a href="/snort/snort_download_updates.php"><span>Updates</span></a></li>
+ <li class="newtabmenu_active"><a href="/snort/snort_interfaces_rules.php"><span>RulesDB</span></a></li>
+ <li><a href="/snort/snort_alerts.php"><span>Alerts</span></a></li>
+ <li><a href="/snort/snort_blocked.php"><span>Blocked</span></a></li>
+ <li><a href="/snort/snort_interfaces_whitelist.php"><span>Whitelists</span></a></li>
+ <li><a href="/snort/snort_interfaces_suppress.php"><span>Suppress</span></a></li>
+ <li><a href="/snort/snort_help_info.php"><span>Help</span></a></li>
+ </ul>
+ </div>
+
+ </td>
+ </tr>
+ <tr>
+ <td id="tdbggrey">
+ <table width="100%" border="0" cellpadding="10px" cellspacing="0">
+ <tr>
+ <td class="tabnavtbl">
+ <table width="100%" border="0" cellpadding="6" cellspacing="0">
+ <!-- START MAIN AREA -->
+
+ <tr> <!-- db to lookup -->
+ <td width="30%" class="listhdrr">File Name</td>
+ <td width="70%" class="listhdr">Description</td>
+ <td width="10%" class="list"></td>
+ </tr>
+ <?php foreach ($a_rules as $list): ?>
+ <tr id="maintable_<?=$list['uuid']?>" data-options='{"pagetable":"Snortrules", "pagedb":"snortDBrules", "DoPOST":"true"}' >
+ <td class="listlr" ondblclick="document.location='snort_interfaces_suppress_edit.php?uuid=<?=$list['uuid'];?>'"><?=$list['ruledbname'];?></td>
+ <td class="listbg" ondblclick="document.location='snort_interfaces_suppress_edit.php?uuid=<?=$list['uuid'];?>'">
+ <font color="#FFFFFF"> <?=htmlspecialchars($list['description']);?>&nbsp;</font>
+ </td>
+ <td></td>
+ <td valign="middle" nowrap class="list">
+ <table border="0" cellspacing="0" cellpadding="1">
+ <tr>
+ <td valign="middle">
+ <a href="snort_interfaces_rules_edit.php?rdbuuid=<?=$list['uuid'];?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif"width="17" height="17" border="0" title="edit suppress list"></a>
+ </td>
+ <td>
+ <img id="icon_x_<?=$list['uuid'];?>" class="icon_click icon_x" src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="delete list" >
+ </a>
+ </td>
+ </tr>
+ </table>
+ </td>
+ </tr>
+ <?php $i++; endforeach; ?>
+ <tr>
+ <td class="list" colspan="3"></td>
+ <td class="list">
+ <table border="0" cellspacing="0" cellpadding="1">
+ <tr>
+ <td valign="middle" width="17">&nbsp;</td>
+ <td valign="middle"><a href="snort_interfaces_rules_edit.php?rdbuuid=<?=genAlphaNumMixFast(11, 12);?> "><img src="/themes/nervecenter/images/icons/icon_plus.gif" width="17" height="17" border="0" title="add a new list"></a></td>
+ </tr>
+ </table>
+ </td>
+ </tr>
+ </table>
+ </td>
+ </tr>
+
+ <!-- STOP MAIN AREA -->
+ </table>
+ </td>
+ </tr>
+
+ </table>
+ </td>
+ </tr>
+</table>
+
+<!-- 2nd box note -->
+<br>
+<div id=mainarea4>
+<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
+ <td width="100%">
+ <span class="vexpl">
+ <span class="red"><strong>Note:</strong></span>
+ <p><span class="vexpl">
+ Here you can create event filtering and suppression for your snort package rules.<br>
+ Please note that you must restart a running rule so that changes can take effect.<br>
+ </span></p>
+ </td>
+</table>
+</div>
+
+</div>
+
+
+<!-- footer do not touch below -->
+<?php
+include("fend.inc");
+echo $snort_custom_rnd_box;
+?>
+
+
+</body>
+</html>
diff --git a/config/snort-dev/snort_interfaces_rules_edit.php b/config/snort-dev/snort_interfaces_rules_edit.php
new file mode 100644
index 00000000..7db725af
--- /dev/null
+++ b/config/snort-dev/snort_interfaces_rules_edit.php
@@ -0,0 +1,204 @@
+<?php
+/* $Id$ */
+/*
+ snort_interfaces.php
+ part of m0n0wall (http://m0n0.ch/wall)
+
+ Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
+ Copyright (C) 2008-2009 Robert Zelaya.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+ */
+
+require_once("guiconfig.inc");
+require_once("/usr/local/pkg/snort/snort_new.inc");
+require_once("/usr/local/pkg/snort/snort_gui.inc");
+
+// set page vars
+if (isset($_GET['uuid'])) {
+ $uuid = $_GET['uuid'];
+}
+
+if (isset($_GET['rdbuuid'])) {
+ $rdbuuid = $_GET['rdbuuid'];
+}else{
+ $ruledbname_pre1 = snortSql_fetchAllSettings('snortDB', 'SnortIfaces', 'uuid', $uuid);
+ $rdbuuid = $ruledbname_pre1['ruledbname'];
+}
+
+$a_list = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'uuid', $rdbuuid);
+
+
+// $a_list returns empty use defaults
+if ($a_list == '')
+{
+
+ $a_list = array(
+ 'id' => '',
+ 'date' => date(U),
+ 'uuid' => $rdbuuid,
+ 'ruledbnamename' => '',
+ 'description' => ''
+
+ );
+
+}
+
+
+
+
+ $pgtitle = 'Services: Snort: Rules: Edit: ' . $rdbuuid;
+ include('/usr/local/pkg/snort/snort_head.inc');
+
+?>
+
+
+<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
+
+<div id="loadingWaiting">
+ <p class="loadingWaitingMessage"><img src="./images/loading.gif" /> <br>Please Wait...</p>
+</div>
+
+<?php include("fbegin.inc"); ?>
+<!-- hack to fix the hardcoed fbegin link in header -->
+<div id="header-left2">
+<a href="../index.php" id="status-link2">
+<img src="./images/transparent.gif" border="0"></img>
+</a>
+</div>
+
+<div class="body2"><!-- hack to fix the hardcoed fbegin link in header -->
+<div id="header-left2"><a href="../index.php" id="status-link2"><img src="./images/transparent.gif" border="0"></img></a></div>
+
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr>
+ <td>
+ <div class="newtabmenu" style="margin: 1px 0px; width: 775px;"><!-- Tabbed bar code-->
+ <ul class="newtabmenu">
+ <li><a href="/snort/snort_interfaces.php"><span>Snort Interfaces</span></a></li>
+ <li><a href="/snort/snort_interfaces_global.php"><span>Global Settings</span></a></li>
+ <li><a href="/snort/snort_download_updates.php"><span>Updates</span></a></li>
+ <li class="newtabmenu_active"><a href="/snort/snort_interfaces_rules.php"><span>RulesDB</span></a></li>
+ <li><a href="/snort/snort_alerts.php"><span>Alerts</span></a></li>
+ <li><a href="/snort/snort_blocked.php"><span>Blocked</span></a></li>
+ <li><a href="/snort/snort_interfaces_whitelist.php"><span>Whitelists</span></a></li>
+ <li><a href="/snort/snort_interfaces_suppress.php"><span>Suppress</span></a></li>
+ <li><a href="/snort/snort_help_info.php"><span>Help</span></a></li>
+ </ul>
+ </div>
+ </td>
+ </tr>
+ <tr>
+ <td>
+ <div class="newtabmenu" style="margin: 1px 0px; width: 775px;"><!-- Tabbed bar code-->
+ <ul class="newtabmenu">
+ <li class="hide_newtabmenu newtabmenu_active"><a href="/snort/snort_interfaces_rules.php?rdbuuid=<?=$rdbuuid;?>"><span>Rules DB Edit</span></a></li>
+ <li class="hide_newtabmenu"><a href="/snort/snort_rulesets.php?rdbuuid=<?=$rdbuuid;?>"><span>Categories</span></a></li>
+ <li class="hide_newtabmenu"><a href="/snort/snort_rules.php?rdbuuid=<?=$rdbuuid;?>"><span>Rules</span></a></li>
+ </ul>
+ </div>
+ </td>
+ </tr>
+
+ <tr>
+ <td id="tdbggrey">
+ <table width="100%" border="0" cellpadding="10px" cellspacing="0">
+ <tr>
+ <td class="tabnavtbl">
+ <table width="100%" border="0" cellpadding="6" cellspacing="0">
+ <!-- START MAIN AREA -->
+
+ <!-- table point -->
+ <form id="iform">
+ <input name="snortSaveSettings" type="hidden" value="1" />
+ <input name="ifaceTab" type="hidden" value="snort_interfaces_rules_edit" />
+ <input type="hidden" name="dbName" value="snortDBrules" /> <!-- what db -->
+ <input type="hidden" name="dbTable" value="Snortrules" /> <!-- what db table -->
+ <input name="date" type="hidden" value="<?=$a_list['date'];?>" />
+ <input name="uuid" type="hidden" value="<?=$a_list['uuid'];?>" />
+
+ <table width="100%" border="0" cellpadding="6" cellspacing="0">
+ <tr>
+ <td colspan="2" valign="top" class="listtopic">Add the name and description of the rule DB</td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncellreq2">RuleDB</td>
+ <td width="22%" valign="top" class="vtable">
+ &nbsp;
+ <input name="enable" type="checkbox" value="on" <?=$ifaceEnabled = $a_list['enable'] == 'on' || $a_list['enable'] == '' ? 'checked' : '';?> ">
+ &nbsp;&nbsp;<span class="vexpl">Enable or Disable</span>
+ </td>
+ </tr>
+ <tr>
+ <td valign="top" class="vncellreq2">Name</td>
+ <td class="vtable">
+ <input class="formfld2" name="ruledbname" type="text" id="ruledbname" size="40" value="<?=$a_list['ruledbname'] ?>" /> <br />
+ <span class="vexpl"> The list name may only consist of the characters a-z, A-Z and 0-9. <span class="red">Note: </span> No Spaces. </span>
+ </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell2">Description</td>
+ <td width="78%" class="vtable">
+ <input class="formfld2" name="description" type="text" id="description" size="40" value="<?=$a_list['description'] ?>" /> <br />
+ <span class="vexpl"> You may enter a description here for your reference (not parsed). </span>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="2" valign="top" class="listtopic">
+ Examples:
+ </td>
+ </tr>
+ <tr>
+ <td colspan="2" valign="top" class="vncell2">
+ <span class="red"><b>NOTE: </b></span>Rule DB will not be active until snort sensor restart. <br>
+ </td>
+ </tr>
+ </table>
+ <tr>
+ <td style="padding-left: 10px;">
+ <input name="Submit" type="submit" class="formbtn" value="Save">
+ <input id="cancel" type="button" class="formbtn" value="Cancel">
+ </td>
+ </tr>
+</form>
+
+ <!-- STOP MAIN AREA -->
+ </table>
+ </td>
+ </tr>
+ </table>
+ </td>
+ </tr>
+</table>
+</div>
+
+
+<!-- footer do not touch below -->
+<?php
+include("fend.inc");
+echo $snort_custom_rnd_box;
+?>
+
+
+</body>
+</html>
diff --git a/config/snort-dev/snort_interfaces_whitelist_edit.php b/config/snort-dev/snort_interfaces_whitelist_edit.php
index 0e426159..689fb719 100644
--- a/config/snort-dev/snort_interfaces_whitelist_edit.php
+++ b/config/snort-dev/snort_interfaces_whitelist_edit.php
@@ -127,8 +127,7 @@ $vpnips_on = ($vpnips_chk == 'on' ? 'checked' : '');
<li><a href="/snort/snort_blocked.php"><span>Blocked</span></a></li>
<li class="newtabmenu_active"><a href="/snort/snort_interfaces_whitelist.php"><span>Whitelists</span></a></li>
<li><a href="/snort/snort_interfaces_suppress.php"><span>Suppress</span></a></li>
- <li><a href="/snort/snort_help_info.php"><span>Help</span></a></li>
- </li>
+ <li><a href="/snort/snort_help_info.php"><span>Help</span></a></li>
</ul>
</div>
diff --git a/config/snort-dev/snort_json_get.php b/config/snort-dev/snort_json_get.php
index 1fdcc1e7..ecab3a13 100644
--- a/config/snort-dev/snort_json_get.php
+++ b/config/snort-dev/snort_json_get.php
@@ -2,13 +2,11 @@
require_once("guiconfig.inc");
require_once("/usr/local/pkg/snort/snort_new.inc");
-require_once("/usr/local/pkg/snort/snort_download_rules.inc");
session_start(); // alwaya at the very top of a php page or "Cannot send session cache limiter - headers already sent"
// upload created log tar to user
-if ($_GET['snortGetUpdate'] == 1)
-{
+if ($_GET['snortGetUpdate'] == 1) {
$tmpfname = "/usr/local/etc/snort/snort_download";
$snort_filename = "snortrules-snapshot-2905.tar.gz";
@@ -16,11 +14,9 @@ if ($_GET['snortGetUpdate'] == 1)
$snortSessionPath = $_SESSION['tmp']['snort']['snort_download_updates'];
- if (!file_exists("{$tmpfname}/{$snort_filename}"))
- {
+ if (!file_exists("{$tmpfname}/{$snort_filename}")) {
- if ($snortSessionPath['download']['working'] != '1')
- {
+ if ($snortSessionPath['download']['working'] != '1') {
unset($_SESSION['tmp']);
$snortSessionPath['download']['working'] = '1';
sendUpdateSnortLogDownload();
@@ -29,7 +25,9 @@ if ($_GET['snortGetUpdate'] == 1)
}
$time = time();
- while((time() - $time) < 30) {
+ while((time() - $time) < 30)
+ {
+
// query memcache, database, etc. for new data
$data = $datasource->getLatest();
@@ -49,8 +47,7 @@ if ($_GET['snortGetUpdate'] == 1)
// upload created log tar to user
-if ($_GET['snortlogdownload'] == 1)
-{
+if ($_GET['snortlogdownload'] == 1) {
sendFileSnortLogDownload();
@@ -58,8 +55,7 @@ if ($_GET['snortlogdownload'] == 1)
// send Json sid string
-if ($_GET['snortGetSidString'] == 1)
-{
+if ($_GET['snortGetSidString'] == 1) {
// unset
unset($_GET['snortGetSidString']);
diff --git a/config/snort-dev/snort_json_post.php b/config/snort-dev/snort_json_post.php
index 8e09964e..37950f91 100644
--- a/config/snort-dev/snort_json_post.php
+++ b/config/snort-dev/snort_json_post.php
@@ -5,16 +5,14 @@ require_once("guiconfig.inc");
require_once("/usr/local/pkg/snort/snort_new.inc");
// unset crsf checks
-if(isset($_POST['__csrf_magic']))
-{
+if(isset($_POST['__csrf_magic'])) {
unset($_POST['__csrf_magic']);
}
function snortJsonReturnCode($returnStatus)
{
- if ($returnStatus == true)
- {
+ if ($returnStatus == true) {
echo '{"snortgeneralsettings":"success","snortUnhideTabs":"true"}';
}else{
echo '{"snortgeneralsettings":"fail"}';
@@ -22,8 +20,7 @@ function snortJsonReturnCode($returnStatus)
}
// row from db by uuid
-if ($_POST['snortSidRuleEdit'] == 1)
-{
+if ($_POST['snortSidRuleEdit'] == 1) {
unset($_POST['snortSidRuleEdit']);
@@ -33,11 +30,9 @@ if ($_POST['snortSidRuleEdit'] == 1)
// row from db by uuid
-if ($_POST['snortSaveRuleSets'] == 1)
-{
+if ($_POST['snortSaveRuleSets'] == 1) {
- if ($_POST['ifaceTab'] == 'snort_rulesets')
- {
+ if ($_POST['ifaceTab'] == 'snort_rulesets') {
// unset POSTs that are markers not in db
unset($_POST['snortSaveRuleSets']);
unset($_POST['ifaceTab']);
@@ -47,8 +42,7 @@ if ($_POST['snortSaveRuleSets'] == 1)
}
- if ($_POST['ifaceTab'] == 'snort_rules')
- {
+ if ($_POST['ifaceTab'] == 'snort_rules') {
// unset POSTs that are markers not in db
unset($_POST['snortSaveRuleSets']);
unset($_POST['ifaceTab']);
@@ -60,70 +54,90 @@ if ($_POST['snortSaveRuleSets'] == 1)
} // END of rulesSets
// row from db by uuid
-if ($_POST['RMlistDelRow'] == 1)
-{
+if ($_POST['RMlistDelRow'] == 1) {
- if ($_POST['RMlistTable'] == 'Snortrules' || $_POST['RMlistTable'] == 'SnortSuppress')
- {
+ $rm_row_list = snortSql_fetchAllSettings($_POST['RMlistDB'], $_POST['RMlistTable'], 'uuid', $_POST['RMlistUuid']);
- // list rules in the default dir
- $a_list = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'uuid', $_POST['RMlistUuid']);
- $snortRuleDir = '/usr/local/etc/snort/sn_' . $_POST['RMlistUuid'] . '_' . $a_list['interface'];
+ // list rules in the default dir
+ if ($_POST['RMlistTable'] == 'SnortIfaces') {
+
+ $snortRuleDir = '/usr/local/etc/snort/sn_' . $_POST['RMlistUuid'] . '_' . $rm_row_list['interface'];
exec('/bin/rm -r ' . $snortRuleDir);
-
- snortSql_updatelistDelete('SnortruleSets', 'ifaceuuid', $_POST['RMlistUuid']);
- snortSql_updatelistDelete('SnortruleSigs', 'ifaceuuid', $_POST['RMlistUuid']);
- snortSql_updatelistDelete('Snortrules', 'uuid', $_POST['RMlistUuid']);
-
- snortJsonReturnCode(true);
-
}
- if ($_POST['RMlistTable'] == 'SnortSuppress')
- {
- snortJsonReturnCode(snortSql_updatelistDelete($_POST['RMlistTable'], 'uuid', $_POST['RMlistUuid']));
+ // rm ruledb and files
+ if ($_POST['RMlistTable'] == 'Snortrules') {
+
+ $snortRuleDir = "/usr/local/etc/snort/snortDBrules/DB/{$_POST['RMlistUuid']}";
+
+ exec('/bin/rm -r ' . $snortRuleDir);
}
-
-
-
- if ($_POST['RMlistTable'] == 'SnortWhitelist')
- {
- $fetchExtraWhitelistEntries = snortSql_fetchAllSettings($_POST['RMlistDB'], $_POST['RMlistTable'], 'uuid', $_POST['RMlistUuid']);
- snortJsonReturnCode(snortSql_updatelistDelete('SnortWhitelistips', 'filename', $fetchExtraWhitelistEntries['filename']));
- snortJsonReturnCode(snortSql_updatelistDelete($_POST['RMlistTable'], 'uuid', $_POST['RMlistUuid']));
-
- }
+ if ($_POST['RMlistTable'] == 'SnortWhitelist') {
+ snortSql_updatelistDelete($_POST['RMlistDB'], 'SnortWhitelistips', 'filename', $rm_row_list['filename']);
+ }
+
+ snortJsonReturnCode(snortSql_updatelistDelete($_POST['RMlistDB'], $_POST['RMlistTable'], 'uuid', $_POST['RMlistUuid']));
}
// general settings save
-if ($_POST['snortSaveSettings'] == 1)
-{
+if ($_POST['snortSaveSettings'] == 1) {
+
+
+ // Save ruleDB settings
+ if ($_POST['dbTable'] == 'Snortrules') {
+
+ unset($_POST['snortSaveSettings']);
+ unset($_POST['ifaceTab']);
+
+ if (!is_dir("/usr/local/etc/snort/snortDBrules/DB/{$_POST['uuid']}/rules")) {
+
+ // creat iface dir and ifcae rules dir
+ exec("/bin/mkdir -p /usr/local/etc/snort/snortDBrules/DB/{$_POST['uuid']}/rules");
+
+
+ // NOTE: code only works on php5
+ $listSnortRulesDir = snortScanDirFilter('/usr/local/etc/snort/snortDBrules/snort_rules/rules', '\.rules');
+ $listEmergingRulesDir = snortScanDirFilter('/usr/local/etc/snort/snortDBrules/emerging_rules/rules', '\.rules');
+ $listPfsenseRulesDir = snortScanDirFilter('/usr/local/etc/snort/snortDBrules/pfsense_rules/rules', '\.rules');
+
+ if (!empty($listSnortRulesDir)) {
+ exec("/bin/cp -R /usr/local/etc/snort/snortDBrules/snort_rules/rules/* /usr/local/etc/snort/snortDBrules/DB/{$_POST['uuid']}/rules");
+ }
+ if (!empty($listEmergingRulesDir)) {
+ exec("/bin/cp -R /usr/local/etc/snort/snortDBrules/emerging_rules/rules/* /usr/local/etc/snort/snortDBrules/DB/{$_POST['uuid']}/rules");
+ }
+ if (!empty($listPfsenseRulesDir)) {
+ exec("/bin/cp -R /usr/local/etc/snort/snortDBrules/pfsense_rules/rules/* /usr/local/etc/snort/snortDBrules/DB/{$_POST['uuid']}/rules");
+ }
+
+
+ } //end of mkdir
+
+ snortJsonReturnCode(snortSql_updateSettings('uuid', $_POST['uuid']));
+
+ }
// Save general settings
- if ($_POST['dbTable'] == 'SnortSettings')
- {
+ if ($_POST['dbTable'] == 'SnortSettings') {
- if ($_POST['ifaceTab'] == 'snort_interfaces_global')
- {
+ if ($_POST['ifaceTab'] == 'snort_interfaces_global') {
// checkboxes when set to off never get included in POST thus this code
$_POST['forcekeepsettings'] = ($_POST['forcekeepsettings'] == '' ? off : $_POST['forcekeepsettings']);
}
- if ($_POST['ifaceTab'] == 'snort_alerts')
- {
+ if ($_POST['ifaceTab'] == 'snort_alerts') {
if (!isset($_POST['arefresh']))
$_POST['arefresh'] = ($_POST['arefresh'] == '' ? off : $_POST['arefresh']);
}
- if ($_POST['ifaceTab'] == 'snort_blocked')
- {
+ if ($_POST['ifaceTab'] == 'snort_blocked') {
if (!isset($_POST['brefresh']))
$_POST['brefresh'] = ($_POST['brefresh'] == '' ? off : $_POST['brefresh']);
@@ -140,12 +154,10 @@ if ($_POST['snortSaveSettings'] == 1)
} // end of dbTable SnortSettings
// Save rule settings on the interface edit tab
- if ($_POST['dbTable'] == 'Snortrules')
- {
+ if ($_POST['dbTable'] == 'SnortIfaces') {
// snort interface edit
- if ($_POST['ifaceTab'] == 'snort_interfaces_edit')
- {
+ if ($_POST['ifaceTab'] == 'snort_interfaces_edit') {
if (!isset($_POST['enable']))
$_POST['enable'] = ($_POST['enable'] == '' ? off : $_POST['enable']);
@@ -175,8 +187,9 @@ if ($_POST['snortSaveSettings'] == 1)
if (!is_dir("/usr/local/etc/snort/{$newSnortDir}")) {
// creat iface dir and ifcae rules dir
- exec("/bin/mkdir -p /usr/local/etc/snort/{$newSnortDir}/rules");
+ exec("/bin/mkdir -p /usr/local/etc/snort/{$newSnortDir}");
+ /*
// NOTE: code only works on php5
$listSnortRulesDir = snortScanDirFilter('/usr/local/etc/snort/snort_rules/rules', '\.rules');
$listEmergingRulesDir = snortScanDirFilter('/usr/local/etc/snort/emerging_rules/rules', '\.rules');
@@ -191,6 +204,7 @@ if ($_POST['snortSaveSettings'] == 1)
if (!empty($listPfsenseRulesDir)) {
exec("/bin/cp -R /usr/local/etc/snort/pfsense_rules/rules/* /usr/local/etc/snort/{$newSnortDir}/rules");
}
+ */
} //end of mkdir
@@ -198,8 +212,7 @@ if ($_POST['snortSaveSettings'] == 1)
} // end of snort_interfaces_edit
// snort preprocessor edit
- if ($_POST['ifaceTab'] == 'snort_preprocessors')
- {
+ if ($_POST['ifaceTab'] == 'snort_preprocessors') {
if (!isset($_POST['dce_rpc_2']))
$_POST['dce_rpc_2'] = ($_POST['dce_rpc_2'] == '' ? off : $_POST['dce_rpc_2']);
@@ -228,8 +241,7 @@ if ($_POST['snortSaveSettings'] == 1)
}
// snort barnyard edit
- if ($_POST['ifaceTab'] == 'snort_barnyard')
- {
+ if ($_POST['ifaceTab'] == 'snort_barnyard') {
// make shure iface is lower case
$_POST['interface'] = strtolower($_POST['interface']);
@@ -250,16 +262,13 @@ if ($_POST['snortSaveSettings'] == 1)
} // STOP General Settings Save
// Suppress settings save
-if ($_POST['snortSaveSuppresslist'] == 1)
-{
+if ($_POST['snortSaveSuppresslist'] == 1) {
// post for supress_edit
- if ($_POST['ifaceTab'] == 'snort_interfaces_suppress_edit')
- {
+ if ($_POST['ifaceTab'] == 'snort_interfaces_suppress_edit') {
// make sure filename is valid
- if (!is_validFileName($_POST['filename']))
- {
+ if (!is_validFileName($_POST['filename'])) {
echo 'Error: FileName';
return false;
}
@@ -279,13 +288,11 @@ if ($_POST['snortSaveSuppresslist'] == 1)
}
// Whitelist settings save
-if ($_POST['snortSaveWhitelist'] == 1)
-{
+if ($_POST['snortSaveWhitelist'] == 1) {
if ($_POST['ifaceTab'] == 'snort_interfaces_whitelist_edit') {
- if (!is_validFileName($_POST['filename']))
- {
+ if (!is_validFileName($_POST['filename'])) {
echo 'Error: FileName';
return false;
}
@@ -307,8 +314,7 @@ if ($_POST['snortSaveWhitelist'] == 1)
unset($_POST['list']);
- if (snortSql_updateSettings('uuid', $_POST['uuid']) && snortSql_updateWhitelistIps($whitelistIPs))
- {
+ if (snortSql_updateSettings('uuid', $_POST['uuid']) && snortSql_updateWhitelistIps($whitelistIPs)) {
snortJsonReturnCode(true);
}else{
snortJsonReturnCode(false);
@@ -318,8 +324,7 @@ if ($_POST['snortSaveWhitelist'] == 1)
}
// download code for alerts page
-if ($_POST['snortlogsdownload'] == 1)
-{
+if ($_POST['snortlogsdownload'] == 1) {
conf_mount_rw();
snort_downloadAllLogs();
conf_mount_ro();
@@ -327,8 +332,7 @@ if ($_POST['snortlogsdownload'] == 1)
}
// download code for alerts page
-if ($_POST['snortblockedlogsdownload'] == 1)
-{
+if ($_POST['snortblockedlogsdownload'] == 1) {
conf_mount_rw();
snort_downloadBlockedIPs();
conf_mount_ro();
@@ -337,8 +341,7 @@ if ($_POST['snortblockedlogsdownload'] == 1)
// code neeed to be worked on when finnished rules code
-if ($_POST['snortlogsdelete'] == 1)
-{
+if ($_POST['snortlogsdelete'] == 1) {
conf_mount_rw();
snortDeleteLogs();
@@ -346,8 +349,7 @@ if ($_POST['snortlogsdelete'] == 1)
}
// flushes snort2c table
-if ($_POST['snortflushpftable'] == 1)
-{
+if ($_POST['snortflushpftable'] == 1) {
conf_mount_rw();
snortRemoveBlockedIPs();
@@ -355,8 +357,7 @@ if ($_POST['snortflushpftable'] == 1)
}
// reset db reset_snortgeneralsettings
-if ($_POST['reset_snortgeneralsettings'] == 1)
-{
+if ($_POST['reset_snortgeneralsettings'] == 1) {
conf_mount_rw();
reset_snortgeneralsettings();
diff --git a/config/snort-dev/snort_new.inc b/config/snort-dev/snort_new.inc
index efd546d8..1f2c807b 100644
--- a/config/snort-dev/snort_new.inc
+++ b/config/snort-dev/snort_new.inc
@@ -1,8 +1,7 @@
<?php
// unset crsf checks
-if(isset($_POST['__csrf_magic']))
-{
+if(isset($_POST['__csrf_magic'])) {
unset($_POST['__csrf_magic']);
}
@@ -14,8 +13,7 @@ function snortSidStringRuleEditGUI()
$splitcontents = split_rule_file($workingFile);
- if (!empty($splitcontents))
- {
+ if (!empty($splitcontents)) {
$sidLinePosPre = exec('/usr/bin/sed -n /sid:' . $_POST['snortSidNum'] . '\;/= ' . $workingFile);
$sidLinePos = $sidLinePosPre - 1;
@@ -86,43 +84,46 @@ function newFilterRuleSig($baseruleArray)
$newSigArray[] = array();
foreach ( $baseruleArray as $value )
{
+ if (preg_match('/^# alert/', $value) || preg_match('/^alert/', $value)) {
- // add sid
- $newSigArray[$i]['sid'] = get_middle($value, 'sid:', ';', 0);
+ // add sid
+ $newSigArray[$i]['sid'] = get_middle($value, 'sid:', ';', 0);
+
+ // remove whitespaces
+ $rmWhitespaces = preg_replace('/\s\s+/', ' ', $value);
+ // remove whitespace betwin # aerrt
+ $rmAlertWhitespace = preg_replace('/^# alert/', '#alert', $rmWhitespaces);
+ $splitcontents = explode(' ', $rmAlertWhitespace);
+
+ // enable or disable
+ if ($splitcontents[0] === '#alert') {
+ $newSigArray[$i]['enable'] = 'off';
+ }else{
+ $newSigArray[$i]['enable'] = 'on';
+ }
+
+ // proto
+ $newSigArray[$i]['proto'] = $splitcontents[1];
+
+ // source
+ $newSigArray[$i]['src'] = trimLength($splitcontents[2]);
+
+ // source port
+ $newSigArray[$i]['srcport'] = trimLength($splitcontents[3]);
+
+ // Destination
+ $newSigArray[$i]['dst'] = trimLength($splitcontents[5]);
+
+ // Destination port
+ $newSigArray[$i]['dstport'] = trimLength($splitcontents[6]);
+
+ // sig message
+ $newSigArray[$i]['msg'] = get_middle($value, 'msg:"', '";', 0);
- // remove whitespaces
- $rmWhitespaces = preg_replace('/\s\s+/', ' ', $value);
- // remove whitespace betwin # aerrt
- $rmAlertWhitespace = preg_replace('/^# alert/', '#alert', $rmWhitespaces);
- $splitcontents = explode(' ', $rmAlertWhitespace);
-
- // enable or disable
- if ($splitcontents[0] === '#alert')
- {
- $newSigArray[$i]['enable'] = 'off';
- }else{
- $newSigArray[$i]['enable'] = 'on';
}
-
- // proto
- $newSigArray[$i]['proto'] = $splitcontents[1];
-
- // source
- $newSigArray[$i]['src'] = trimLength($splitcontents[2]);
-
- // source port
- $newSigArray[$i]['srcport'] = trimLength($splitcontents[3]);
-
- // Destination
- $newSigArray[$i]['dst'] = trimLength($splitcontents[5]);
-
- // Destination port
- $newSigArray[$i]['dstport'] = trimLength($splitcontents[6]);
-
- // sig message
- $newSigArray[$i]['msg'] = get_middle($value, 'msg:"', '";', 0);
- $i++;
+ $i++;
+
}
return $newSigArray;
@@ -168,11 +169,9 @@ function write_rule_file($content_changed, $received_file)
// Save ruleSets settings
function snortSql_updateRuleSigList()
{
-
- $snortDir = '/usr/local/etc/snort/sn_' . $_SESSION['snort']['tmp']['snort_rules']['ifaceuuid'] . '_' . $_SESSION['snort']['tmp']['snort_rules']['ifaceselected'];
// selected snort rule file
- $workingFile = $snortDir . '/rules/' . $_SESSION['snort']['tmp']['snort_rules']['rulefile'];
+ $workingFile = "/usr/local/etc/snort/snortDBrules/DB/{$_SESSION['snort']['tmp']['snort_rules']['rdbuuid']}/rules/{$_SESSION['snort']['tmp']['snort_rules']['rulefile']}";
$splitcontents = split_rule_file($workingFile);
@@ -187,23 +186,19 @@ function snortSql_updateRuleSigList()
$sidLine = preg_replace($replaceChars, '', $matches[0]);
- if ($sidLine == '')
- {
+ if ($sidLine == '') {
$tempstring[] = $sigLine;
}else{
- if (in_array($sidLine, $enableSigsArray))
- {
+ if (in_array($sidLine, $enableSigsArray)) {
$tempstring[] = str_replace("# alert", "alert", $sigLine);
}
- if (in_array($sidLine, $disableSigsArray))
- {
+ if (in_array($sidLine, $disableSigsArray)) {
$tempstring[] = str_replace("alert", "# alert", $sigLine);
}
- if (!in_array($sidLine, $enableSigsArray) && !in_array($sidLine, $disableSigsArray))
- {
+ if (!in_array($sidLine, $enableSigsArray) && !in_array($sidLine, $disableSigsArray)) {
$tempstring[] = $sigLine;
}
}
@@ -216,8 +211,7 @@ function snortSql_updateRuleSigList()
$enableSigsArray = array();
$disableSigsArray = array();
- if (!isset($_POST['filenamcheckbox2']))
- {
+ if (!isset($_POST['filenamcheckbox2'])) {
$_POST['filenamcheckbox2'] = array();
}
@@ -226,24 +220,70 @@ function snortSql_updateRuleSigList()
foreach ($newFilterRuleSigArray as $sigArray)
{
// enable sig
- if(in_array($sigArray['sid'], $_POST['filenamcheckbox2']) && $sigArray['enable'] == 'off')
- {
+ if(in_array($sigArray['sid'], $_POST['filenamcheckbox2']) && $sigArray['enable'] == 'off') {
$enableSigsArray[] = $sigArray['sid'];
}
// disable sig
- if(!in_array($sigArray['sid'], $_POST['filenamcheckbox2']) && $sigArray['enable'] == 'on')
- {
+ if(!in_array($sigArray['sid'], $_POST['filenamcheckbox2']) && $sigArray['enable'] == 'on') {
$disableSigsArray[] = $sigArray['sid'];
}
}
// read rule file change disable/enable then write to file if arrays are not empty
- if (!empty($enableSigsArray) || !empty($disableSigsArray))
- {
+ if (!empty($enableSigsArray) || !empty($disableSigsArray)) {
write_rule_file(read_rule_file($splitcontents, $enableSigsArray, $disableSigsArray), $workingFile);
}
+ // Insert into the DB for oinkmaster
+
+ function sql_EnableDisabeSid($SigArray, $OnOff)
+ {
+
+ $dbname = $_SESSION['snort']['tmp']['snort_rules']['dbName'];
+ $table = $_SESSION['snort']['tmp']['snort_rules']['dbTable'];
+ $rdbuuid = $_SESSION['snort']['tmp']['snort_rules']['rdbuuid'];
+ $addDate = date(U);
+
+ // dont let user pick the DB path
+ $db = sqlite_open("/usr/local/pkg/snort/{$dbname}");
+
+ foreach ($SigArray as $mDEanbled)
+ {
+
+ $resultid = sqlite_query($db,
+ "SELECT id FROM {$table} WHERE signatureid = '{$mDEanbled}';
+ ");
+
+ $chktable = sqlite_fetch_all($resultid, SQLITE_ASSOC);
+
+ if (empty($chktable)) {
+
+ $query_ck = sqlite_query($db, // @ supress warnings usonly in production
+ "INSERT INTO {$table} (date, rdbuuid, signatureid, enable) VALUES ('{$addDate}', '{$rdbuuid}', '{$mDEanbled}', '{$OnOff}');
+ ");
+
+ }else{
+ if ($chktable[0]['enable'] != $OnOff) {
+ $query_ck = sqlite_query($db, // @ supress warnings usonly in production
+ "UPDATE {$table} SET date = {$addDate}, enable = '{$OnOff}' WHERE signatureid = '{$mDEanbled}';
+ ");
+ }
+
+
+ }
+
+
+ }
+
+ sqlite_close($db);
+
+ } // snd of function
+
+ sql_EnableDisabeSid($enableSigsArray, 'on');
+ sql_EnableDisabeSid($disableSigsArray, 'off');
+
+
return true;
@@ -256,44 +296,38 @@ function snortSql_updateRuleSetList()
$dbname = $_POST['dbName'];
$table = $_POST['dbTable'];
$ruleSetfilenames = $_POST['filenamcheckbox'];
- $ifaceuuid = $_POST['ifaceuuid'];
- $iface = $_POST['iface'];
-
+ $rdbuuid = $_POST['rdbuuid'];
$addDate = date(U);
- // do let user pick the DB path
+ // dont let user pick the DB path
$db = sqlite_open("/usr/local/pkg/snort/{$dbname}");
- if (empty($ruleSetfilenames))
- {
+ if (empty($ruleSetfilenames)) {
$ruleSetfilenames = array();
}
// foreach selected rulesets do this
- if (!empty($ruleSetfilenames))
- {
+ if (!empty($ruleSetfilenames)) {
foreach ($ruleSetfilenames as $ruleSetfilename)
{
$resultid = sqlite_query($db,
- "SELECT id, enable FROM {$table} WHERE rulesetname = '{$ruleSetfilename}' and ifaceuuid = '{$ifaceuuid}';
+ "SELECT id, enable FROM {$table} WHERE rulesetname = '{$ruleSetfilename}' and rdbuuid = '{$rdbuuid}';
");
$chktable = sqlite_fetch_all($resultid, SQLITE_ASSOC);
- if (empty($chktable))
- {
+ if (empty($chktable)) {
$rulesetUuid = genAlphaNumMixFast(11, 14);
$query_ck = sqlite_query($db, // @ supress warnings usonly in production
- "INSERT INTO {$table} (date, uuid, ifaceuuid, rulesetname, enable) VALUES ('{$addDate}', '{$rulesetUuid}', '{$ifaceuuid}', '{$ruleSetfilename}', 'on');
+ "INSERT INTO {$table} (date, uuid, rdbuuid, rulesetname, enable) VALUES ('{$addDate}', '{$rulesetUuid}', '{$rdbuuid}', '{$ruleSetfilename}', 'on');
");
}else{
- if ($chktable[0]['enable'] == 'off')
- {
+ if ($chktable[0]['enable'] == 'off') {
$query_ck = sqlite_query($db, // @ supress warnings usonly in production
"UPDATE {$table} SET enable = 'on' WHERE id = '{$chktable[0]['id']}';
");
@@ -304,10 +338,10 @@ function snortSql_updateRuleSetList()
// clean database of old names and turn rulesets off
- $listDir = snortScanDirFilter("/usr/local/etc/snort/sn_{$ifaceuuid}_{$iface}/rules/", '.rules');
+ $listDir = snortScanDirFilter("/usr/local/etc/snort/snortDBrules/DB/{$rdbuuid}/rules/", '\.rules');
$resultAllRulesetname = sqlite_query($db,
- "SELECT rulesetname FROM {$table} WHERE ifaceuuid = '{$ifaceuuid}';
+ "SELECT rulesetname FROM {$table} WHERE rdbuuid = '{$rdbuuid}';
");
$chktable2 = sqlite_fetch_all($resultAllRulesetname, SQLITE_ASSOC);
@@ -321,14 +355,14 @@ function snortSql_updateRuleSetList()
if(!in_array($value['rulesetname'], $listDir))
{
$deleteMissingRuleset = sqlite_query($db, // @ supress warnings use only in production
- "DELETE FROM {$table} WHERE rulesetname = '{$value['rulesetname']}' and ifaceuuid = '{$ifaceuuid}';
+ "DELETE FROM {$table} WHERE rulesetname = '{$value['rulesetname']}' and rdbuuid = '{$rdbuuid}';
");
}
if(!in_array($value['rulesetname'], $ruleSetfilenames))
{
$ruleSetisOff = sqlite_query($db, // @ supress warnings usonly in production
- "UPDATE {$table} SET enable = 'off' WHERE rulesetname = '{$value['rulesetname']}' and ifaceuuid = '{$ifaceuuid}';
+ "UPDATE {$table} SET enable = 'off' WHERE rulesetname = '{$value['rulesetname']}' and rdbuuid = '{$rdbuuid}';
");
}
}
@@ -363,48 +397,31 @@ function snortSql_fetchAllInterfaceRules($table, $dbname)
function snortSql_fetchAllSettings($dbname, $table, $type, $id_uuid)
{
- if ($dbname == '' || $table == '' || $type == '')
- {
+ if ($dbname == '' || $table == '' || $type == '') {
return false;
}
$db = sqlite_open("/usr/local/pkg/snort/$dbname");
- if ($type == 'All')
- {
+ if ($type == 'All') {
+
$result = sqlite_query($db,
"SELECT * FROM {$table} WHERE id > 0;
");
- }
-
- if ($type == 'id')
- {
- $result = sqlite_query($db,
- "SELECT * FROM {$table} where id = '{$id_uuid}';
- ");
- }
-
- if ($type == 'uuid')
- {
- $result = sqlite_query($db,
- "SELECT * FROM {$table} where uuid = '{$id_uuid}';
- ");
- }
-
- if ($type == 'ifaceuuid')
- {
+
+ }else{
+
$result = sqlite_query($db,
- "SELECT * FROM {$table} where ifaceuuid = '{$id_uuid}';
+ "SELECT * FROM {$table} where {$type} = '{$id_uuid}';
");
- }
+
+ }
- if ($type == 'id' || $type == 'uuid')
- {
+ if ($type == 'id' || $type == 'uuid') {
$chktable = sqlite_fetch_array($result, SQLITE_ASSOC);
}
- if ($type == 'All' || $type == 'ifaceuuid')
- {
+ if ($type == 'All' || $type == 'ifaceuuid' || $type == 'ruledbname' || $type == 'rdbuuid') {
$chktable = sqlite_fetch_all($result, SQLITE_ASSOC);
}
@@ -733,12 +750,11 @@ function snortSql_updateWhitelistIps($newPostListips)
} // end of func
// RMlist Delete
-function snortSql_updatelistDelete($table, $type, $uuid_filename)
+function snortSql_updatelistDelete($databse, $table, $type, $uuid_filename)
{
-
- $usrDB = $_POST['RMlistDB'];
- $db = "/usr/local/pkg/snort/$usrDB";
+ $db = "/usr/local/pkg/snort/{$databse}";
+
$mydb = sqlite_open("$db");
if ($type == 'uuid')
diff --git a/config/snort-dev/snort_preprocessors.php b/config/snort-dev/snort_preprocessors.php
index bca52a65..e0c334ba 100644
--- a/config/snort-dev/snort_preprocessors.php
+++ b/config/snort-dev/snort_preprocessors.php
@@ -46,7 +46,7 @@ if ($uuid == '') {
}
-$a_list = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'uuid', $uuid);
+$a_list = snortSql_fetchAllSettings('snortDB', 'SnortIfaces', 'uuid', $uuid);
$pgtitle = "Snort: Interface Preprocessors and Flow";
include("/usr/local/pkg/snort/snort_head.inc");
@@ -98,9 +98,10 @@ $a_list = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'uuid', $uuid)
<form id="iform" >
<input type="hidden" name="snortSaveSettings" value="1" /> <!-- what to do, save -->
- <input type="hidden" name="dbName" value="snortDBrules" /> <!-- what db-->
- <input type="hidden" name="dbTable" value="Snortrules" /> <!-- what db table-->
+ <input type="hidden" name="dbName" value="snortDB" /> <!-- what db-->
+ <input type="hidden" name="dbTable" value="SnortIfaces" /> <!-- what db table-->
<input type="hidden" name="ifaceTab" value="snort_preprocessors" /> <!-- what interface tab -->
+ <input name="uuid" type="hidden" value="<?=$a_list['uuid']; ?>">
@@ -272,7 +273,6 @@ $a_list = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'uuid', $uuid)
<td width="78%">
<input name="Submit" type="submit" class="formbtn" value="Save">
<input id="cancel" type="button" class="formbtn" value="Cancel" >
- <input name="uuid" type="hidden" value="<?=$a_list['uuid']; ?>">
</td>
</tr>
diff --git a/config/snort-dev/snort_rules.php b/config/snort-dev/snort_rules.php
index 5eb70549..1edc31e2 100644
--- a/config/snort-dev/snort_rules.php
+++ b/config/snort-dev/snort_rules.php
@@ -36,24 +36,30 @@ require_once("guiconfig.inc");
require_once("/usr/local/pkg/snort/snort_new.inc");
require_once("/usr/local/pkg/snort/snort_gui.inc");
-// set page vars
+if (isset($_GET['uuid']) && isset($_GET['rdbuuid'])) {
+ echo 'Error: more than one uuid';
+ exit(0);
+}
-$uuid = $_GET['uuid'];
-if (isset($_POST['uuid']))
-$uuid = $_POST['uuid'];
+// set page vars
+if (isset($_GET['uuid'])) {
+ $uuid = $_GET['uuid'];
+}
-if ($uuid == '') {
- echo 'error: no uuid';
- exit(0);
+if (isset($_GET['rdbuuid'])) {
+ $rdbuuid = $_GET['rdbuuid'];
+}else{
+ $ruledbname_pre1 = snortSql_fetchAllSettings('snortDB', 'SnortIfaces', 'uuid', $uuid);
+ $rdbuuid = $ruledbname_pre1['ruledbname'];
}
// unset Session tmp on page load
unset($_SESSION['snort']['tmp']);
// list rules in the default dir
-$a_list = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'uuid', $uuid);
+$a_list = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'uuid', $rdbuuid);
-$snortRuleDir = '/usr/local/etc/snort/sn_' . $uuid . '_' . $a_list['interface'];
+$snortRuleDir = '/usr/local/etc/snort/snortDBrules/DB/' . $rdbuuid;
// list rules in the default dir
$filterDirList = array();
@@ -117,11 +123,12 @@ function load_rule_file($incoming_file, $splitcontents)
/*
* SET GLOBAL ARRAY $_SESSION['snort']
+ * Use SESSION instead POST for security because were writing to files.
*/
+
$_SESSION['snort']['tmp']['snort_rules']['dbName'] = 'snortDBrules';
$_SESSION['snort']['tmp']['snort_rules']['dbTable'] = 'SnortruleSigs';
- $_SESSION['snort']['tmp']['snort_rules']['ifaceuuid'] = $uuid;
- $_SESSION['snort']['tmp']['snort_rules']['ifaceselected'] = $a_list['interface'];
+ $_SESSION['snort']['tmp']['snort_rules']['rdbuuid'] = $rdbuuid;
$_SESSION['snort']['tmp']['snort_rules']['rulefile'] = $rulefile;
@@ -141,12 +148,13 @@ function load_rule_file($incoming_file, $splitcontents)
<p class="loadingWaitingMessage"><img src="./images/loading.gif" /> <br>Please Wait...</p>
</div>
+<!-- hidden div -->
<div id="loadingRuleEditGUI">
<div class="loadingRuleEditGUIDiv">
<form id="iform2" action="">
<input type="hidden" name="snortSidRuleEdit" value="1" />
- <input type="hidden" name="snortSidRuleIface" value="<?=$uuid . '_' . $a_list['interface']; ?>" /> <!-- what to do, save -->
+ <input type="hidden" name="snortSidRuleDBuuid" value="<?=$rdbuuid;?>" /> <!-- what to do, save -->
<input type="hidden" name="snortSidRuleFile" value="<?=$rulefile; ?>" /> <!-- what to do, save -->
<input type="hidden" name="snortSidNum" value="" /> <!-- what to do, save -->
<table width="100%" cellpadding="9" cellspacing="9" bgcolor="#eeeeee">
@@ -200,23 +208,58 @@ function load_rule_file($incoming_file, $splitcontents)
<div id="header-left2"><a href="../index.php" id="status-link2"><img src="./images/transparent.gif" border="0"></img></a></div>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
- <tr>
- <td>
-
- <div class="newtabmenu" style="margin: 1px 0px; width: 790px;"><!-- Tabbed bar code-->
- <ul class="newtabmenu">
- <li><a href="/snort/snort_interfaces.php"><span>Snort Interfaces</span></a></li>
- <li><a href="/snort/snort_interfaces_edit.php?uuid=<?=$uuid;?>"><span>If Settings</span></a></li>
- <li><a href="/snort/snort_rulesets.php?uuid=<?=$uuid;?>"><span>Categories</span></a></li>
- <li class="newtabmenu_active"><a href="/snort/snort_rules.php?uuid=<?=$uuid;?>"><span>Rules</span></a></li>
- <li><a href="/snort/snort_define_servers.php?uuid=<?=$uuid;?>"><span>Servers</span></a></li>
- <li><a href="/snort/snort_preprocessors.php?uuid=<?=$uuid;?>"><span>Preprocessors</span></a></li>
- <li><a href="/snort/snort_barnyard.php?uuid=<?=$uuid;?>"><span>Barnyard2</span></a></li>
- </ul>
- </div>
-
- </td>
- </tr>
+ <?php
+ if (!empty($uuid)) {
+ echo '
+ <tr>
+ <td>
+ <div class="newtabmenu" style="margin: 1px 0px; width: 775px;"><!-- Tabbed bar code-->
+ <ul class="newtabmenu">
+ <li><a href="/snort/snort_interfaces.php"><span>Snort Interfaces</span></a></li>
+ <li><a href="/snort/snort_interfaces_edit.php?uuid=' . $uuid . '"><span>If Settings</span></a></li>
+ <li><a href="/snort/snort_rulesets.php?uuid=' . $uuid . '"><span>Categories</span></a></li>
+ <li class="newtabmenu_active"><a href="/snort/snort_rules.php?uuid=' . $uuid . '"><span>Rules</span></a></li>
+ <li><a href="/snort/snort_define_servers.php?uuid=' . $uuid . '"><span>Servers</span></a></li>
+ <li><a href="/snort/snort_preprocessors.php?uuid=' . $uuid . '"><span>Preprocessors</span></a></li>
+ <li><a href="/snort/snort_barnyard.php?uuid=' . $uuid . '"><span>Barnyard2</span></a></li>
+ </ul>
+ </div>
+ </td>
+ </tr>
+ ';
+ }else{
+ echo '
+ <tr>
+ <td>
+ <div class="newtabmenu" style="margin: 1px 0px; width: 775px;"><!-- Tabbed bar code-->
+ <ul class="newtabmenu">
+ <li><a href="/snort/snort_interfaces.php"><span>Snort Interfaces</span></a></li>
+ <li><a href="/snort/snort_interfaces_global.php"><span>Global Settings</span></a></li>
+ <li><a href="/snort/snort_download_updates.php"><span>Updates</span></a></li>
+ <li class="newtabmenu_active"><a href="/snort/snort_interfaces_rules.php"><span>RulesDB</span></a></li>
+ <li><a href="/snort/snort_alerts.php"><span>Alerts</span></a></li>
+ <li><a href="/snort/snort_blocked.php"><span>Blocked</span></a></li>
+ <li><a href="/snort/snort_interfaces_whitelist.php"><span>Whitelists</span></a></li>
+ <li><a href="/snort/snort_interfaces_suppress.php"><span>Suppress</span></a></li>
+ <li><a href="/snort/snort_help_info.php"><span>Help</span></a></li>
+ </ul>
+ </div>
+ </td>
+ </tr>
+ <tr>
+ <td>
+ <div class="newtabmenu" style="margin: 1px 0px; width: 775px;"><!-- Tabbed bar code-->
+ <ul class="newtabmenu">
+ <li class="hide_newtabmenu"><a href="/snort/snort_interfaces_rules_edit.php?rdbuuid=' . $rdbuuid . '"><span>Rules DB Edit</span></a></li>
+ <li class="hide_newtabmenu"><a href="/snort/snort_rulesets.php?rdbuuid=' . $rdbuuid . '"><span>Categories</span></a></li>
+ <li class="hide_newtabmenu newtabmenu_active"><a href="/snort/snort_rules.php?rdbuuid=' . $rdbuuid . '"><span>Rules</span></a></li>
+ </ul>
+ </div>
+ </td>
+ </tr>
+ ';
+ }
+ ?>
<tr>
<td id="tdbggrey">
<div style="width:780px; margin-left: auto ; margin-right: auto ; padding-top: 10px; padding-bottom: 10px;">
@@ -230,16 +273,23 @@ function load_rule_file($incoming_file, $splitcontents)
Category:
<select name="selectbox" class="formfld" >
<?php
+ if(isset($_GET['uuid'])) {
+ $urlUuid = "&uuid=$uuid";
+ }
+
+ if(isset($_GET['rdbuuid'])) {
+ $urlUuid = "&rdbuuid=$rdbuuid";
+ }
+
$i=0;
foreach ($filterDirList as $value)
{
$selectedruleset = '';
- if ($value === $rulefile)
- {
+ if ($value === $rulefile) {
$selectedruleset = 'selected';
}
- echo "\n" . '<option value="?uuid=' . $uuid . '&openruleset=' . $ruledir . $value . '" ' . $selectedruleset . ' >' . $value . '</option>' . "\r";
+ echo "\n" . '<option value="?&openruleset=' . $ruledir . $value . $urlUuid . '" ' . $selectedruleset . ' >' . $value . '</option>' . "\r";
$i++;
diff --git a/config/snort-dev/snort_rulesets.php b/config/snort-dev/snort_rulesets.php
index 09d81f4c..051a8398 100644
--- a/config/snort-dev/snort_rulesets.php
+++ b/config/snort-dev/snort_rulesets.php
@@ -34,33 +34,37 @@ require_once("guiconfig.inc");
require_once("/usr/local/pkg/snort/snort_new.inc");
require_once("/usr/local/pkg/snort/snort_gui.inc");
-// set page vars
+if (isset($_GET['uuid']) && isset($_GET['rdbuuid'])) {
+ echo 'Error: more than one uuid';
+ exit(0);
+}
-$uuid = $_GET['uuid'];
-if (isset($_POST['uuid']))
-$uuid = $_POST['uuid'];
+// set page vars
+if (isset($_GET['uuid'])) {
+ $uuid = $_GET['uuid'];
+}
-if ($uuid == '') {
- echo 'error: no uuid';
- exit(0);
+if (isset($_GET['rdbuuid'])) {
+ $rdbuuid = $_GET['rdbuuid'];
+}else{
+ $ruledbname_pre1 = snortSql_fetchAllSettings('snortDB', 'SnortIfaces', 'uuid', $uuid);
+ $rdbuuid = $ruledbname_pre1['ruledbname'];
}
-$a_list = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'uuid', $uuid);
+//$a_list = snortSql_fetchAllSettings('snortDBrules', 'SnortIfaces', 'uuid', $uuid);
// list rules in the default dir
$filterDirList = array();
- $filterDirList = snortScanDirFilter('/usr/local/etc/snort/sn_' . $uuid . '_' . $a_list['interface'] . '/rules', '\.rules');
+ $filterDirList = snortScanDirFilter('/usr/local/etc/snort/snortDBrules/DB/' . $rdbuuid . '/rules', '\.rules');
// list rules in db that are on in a array
$listOnRules = array();
- $listOnRules = snortSql_fetchAllSettings('snortDBrules', 'SnortRuleSets', 'ifaceuuid', $uuid);
+ $listOnRules = snortSql_fetchAllSettings('snortDBrules', 'SnortRuleSets', 'rdbuuid', $rdbuuid);
- if (!empty($listOnRules))
- {
+ if (!empty($listOnRules)) {
foreach ( $listOnRules as $val2 )
{
- if ($val2['enable'] == 'on')
- {
+ if ($val2['enable'] == 'on') {
$rulesetOn[] = $val2['rulesetname'];
}
}
@@ -151,7 +155,7 @@ jQuery(document).ready(function() {
' <input class="domecheck" name="filenamcheckbox[]" value="' + snortObjlist.ruleSets[i].rule + '" type="checkbox" ' + rulesetChecked + ' >' + "\n" +
'</td>' + "\n" +
'<td class="' + rowIsEvenOdd + '">' + "\n" +
- ' <a href="/snort/snort_rules.php?uuid=<?=$uuid?>' + '&openruleset=' + snortObjlist.ruleSets[i].rule + '">' + snortObjlist.ruleSets[i].rule + '</a>' + "\n" +
+ ' <a href="/snort/snort_rules.php?openruleset=' + snortObjlist.ruleSets[i].rule + '<?php if(isset($uuid)){echo "&uuid=$uuid";}else{echo "&rdbuuid=$rdbuuid";}?>' + '">' + snortObjlist.ruleSets[i].rule + '</a>' + "\n" +
'</td>' + "\n" +
'</tr>' + "\n\n"
);
@@ -163,9 +167,6 @@ jQuery(document).ready(function() {
</script>
-
-
-
<div id="loadingWaiting">
<p class="loadingWaitingMessage"><img src="./images/loading.gif" /> <br>Please Wait...</p>
</div>
@@ -176,23 +177,58 @@ jQuery(document).ready(function() {
<div id="header-left2"><a href="../index.php" id="status-link2"><img src="./images/transparent.gif" border="0" alt="transgif" ></img></a></div>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
- <tr>
- <td>
-
- <div class="newtabmenu" style="margin: 1px 0px; width: 775px;"><!-- Tabbed bar code-->
- <ul class="newtabmenu">
+ <?php
+ if (!empty($uuid)) {
+ echo '
+ <tr>
+ <td>
+ <div class="newtabmenu" style="margin: 1px 0px; width: 775px;"><!-- Tabbed bar code-->
+ <ul class="newtabmenu">
+ <li><a href="/snort/snort_interfaces.php"><span>Snort Interfaces</span></a></li>
+ <li><a href="/snort/snort_interfaces_edit.php?uuid=' . $uuid . '"><span>If Settings</span></a></li>
+ <li class="newtabmenu_active"><a href="/snort/snort_rulesets.php?uuid=' . $uuid . '"><span>Categories</span></a></li>
+ <li><a href="/snort/snort_rules.php?uuid=' . $uuid . '"><span>Rules</span></a></li>
+ <li><a href="/snort/snort_define_servers.php?uuid=' . $uuid . '"><span>Servers</span></a></li>
+ <li><a href="/snort/snort_preprocessors.php?uuid=' . $uuid . '"><span>Preprocessors</span></a></li>
+ <li><a href="/snort/snort_barnyard.php?uuid=' . $uuid . '"><span>Barnyard2</span></a></li>
+ </ul>
+ </div>
+ </td>
+ </tr>
+ ';
+ }else{
+ echo '
+ <tr>
+ <td>
+ <div class="newtabmenu" style="margin: 1px 0px; width: 775px;"><!-- Tabbed bar code-->
+ <ul class="newtabmenu">
<li><a href="/snort/snort_interfaces.php"><span>Snort Interfaces</span></a></li>
- <li><a href="/snort/snort_interfaces_edit.php?uuid=<?=$uuid;?>"><span>If Settings</span></a></li>
- <li class="newtabmenu_active"><a href="/snort/snort_rulesets.php?uuid=<?=$uuid;?>"><span>Categories</span></a></li>
- <li><a href="/snort/snort_rules.php?uuid=<?=$uuid;?>"><span>Rules</span></a></li>
- <li><a href="/snort/snort_define_servers.php?uuid=<?=$uuid;?>"><span>Servers</span></a></li>
- <li><a href="/snort/snort_preprocessors.php?uuid=<?=$uuid;?>"><span>Preprocessors</span></a></li>
- <li><a href="/snort/snort_barnyard.php?uuid=<?=$uuid;?>"><span>Barnyard2</span></a></li>
- </ul>
- </div>
-
- </td>
- </tr>
+ <li><a href="/snort/snort_interfaces_global.php"><span>Global Settings</span></a></li>
+ <li><a href="/snort/snort_download_updates.php"><span>Updates</span></a></li>
+ <li class="newtabmenu_active"><a href="/snort/snort_interfaces_rules.php"><span>RulesDB</span></a></li>
+ <li><a href="/snort/snort_alerts.php"><span>Alerts</span></a></li>
+ <li><a href="/snort/snort_blocked.php"><span>Blocked</span></a></li>
+ <li><a href="/snort/snort_interfaces_whitelist.php"><span>Whitelists</span></a></li>
+ <li><a href="/snort/snort_interfaces_suppress.php"><span>Suppress</span></a></li>
+ <li><a href="/snort/snort_help_info.php"><span>Help</span></a></li>
+ </ul>
+ </div>
+ </td>
+ </tr>
+ <tr>
+ <td>
+ <div class="newtabmenu" style="margin: 1px 0px; width: 775px;"><!-- Tabbed bar code-->
+ <ul class="newtabmenu">
+ <li class="hide_newtabmenu"><a href="/snort/snort_interfaces_rules_edit.php?rdbuuid=' . $rdbuuid . '"><span>Rules DB Edit</span></a></li>
+ <li class="hide_newtabmenu newtabmenu_active"><a href="/snort/snort_rulesets.php?rdbuuid=' . $rdbuuid . '"><span>Categories</span></a></li>
+ <li class="hide_newtabmenu"><a href="/snort/snort_rules.php?rdbuuid=' . $rdbuuid . '"><span>Rules</span></a></li>
+ </ul>
+ </div>
+ </td>
+ </tr>
+ ';
+ }
+ ?>
<tr>
<td id="tdbggrey">
<table width="100%" border="0" cellpadding="10px" cellspacing="0">
@@ -220,8 +256,7 @@ jQuery(document).ready(function() {
<input type="hidden" name="dbName" value="snortDBrules" /> <!-- what db-->
<input type="hidden" name="dbTable" value="SnortruleSets" /> <!-- what db table-->
<input type="hidden" name="ifaceTab" value="snort_rulesets" /> <!-- what interface tab -->
- <input type="hidden" name="ifaceuuid" value="<?=$uuid;?>" /> <!-- what interface to save for -->
- <input type="hidden" name="iface" value="<?=$a_list['interface'];?>" /> <!-- what interface to save for -->
+ <input type="hidden" name="rdbuuid" value="<?=$rdbuuid;?>" /> <!-- what interface to save for -->
<table width="100%" border="0" cellpadding="0" cellspacing="0">