aboutsummaryrefslogtreecommitdiffstats
path: root/config/snort-dev
diff options
context:
space:
mode:
authorrobiscool <robrob2626@yahoo.com>2011-07-30 21:19:37 -0700
committerrobiscool <robrob2626@yahoo.com>2011-07-30 21:19:37 -0700
commit4402b0beeea5e15b479664fb4410293bf1b885be (patch)
tree2ee3339dc9efa7ff7b74f333d1b411724d06baef /config/snort-dev
parent42ca7a370212d1173809fb164019e1d27efa8f4f (diff)
downloadpfsense-packages-4402b0beeea5e15b479664fb4410293bf1b885be.tar.gz
pfsense-packages-4402b0beeea5e15b479664fb4410293bf1b885be.tar.bz2
pfsense-packages-4402b0beeea5e15b479664fb4410293bf1b885be.zip
snort-dev, add more clean up db code, add new tables to ips db
Diffstat (limited to 'config/snort-dev')
-rw-r--r--config/snort-dev/snortDBrulesbin8192 -> 18432 bytes
-rw-r--r--config/snort-dev/snort_json_post.php10
-rw-r--r--config/snort-dev/snort_new.inc78
-rw-r--r--config/snort-dev/snort_rules_ips.php17
-rw-r--r--config/snort-dev/snort_rulesets_ips.php20
5 files changed, 110 insertions, 15 deletions
diff --git a/config/snort-dev/snortDBrules b/config/snort-dev/snortDBrules
index 9d4e33a3..9723d664 100644
--- a/config/snort-dev/snortDBrules
+++ b/config/snort-dev/snortDBrules
Binary files differ
diff --git a/config/snort-dev/snort_json_post.php b/config/snort-dev/snort_json_post.php
index 11b055c1..1b10ba3b 100644
--- a/config/snort-dev/snort_json_post.php
+++ b/config/snort-dev/snort_json_post.php
@@ -68,19 +68,19 @@ if ($_POST['snortSamSaveSettings'] == 1) {
unset($_POST['snortSamSaveSettings']);
if ($_POST['ifaceTab'] === 'snort_rulesets_ips') {
- function snortSamSaveFunc()
+ function snortSamRulesetSaveFunc()
{
print_r($_POST);
}
- snortSamSaveFunc();
+ snortSamRulesetSaveFunc();
}
if ($_POST['ifaceTab'] === 'snort_rules_ips') {
- function snortSamSaveFunc()
+ function snortSamRulesSaveFunc()
{
- print_r($_POST);
+ snortSql_updateRulesSigsIps();
}
- snortSamSaveFunc();
+ snortSamRulesSaveFunc();
}
}
diff --git a/config/snort-dev/snort_new.inc b/config/snort-dev/snort_new.inc
index 510185b4..ed58d42e 100644
--- a/config/snort-dev/snort_new.inc
+++ b/config/snort-dev/snort_new.inc
@@ -396,6 +396,74 @@ function snortSql_updateRuleSigList()
} // END Save ruleSets settings
+
+// Save rulessigs settings for snort_rules_ips
+function snortSql_updateRulesSigsIps()
+{
+
+ // get default settings
+ $listGenRules = array();
+ $listGenRules = snortSql_fetchAllSettings('snortDBrules', 'SnortruleGenIps', 'rdbuuid', $_POST['rdbuuid']);
+
+
+ $addDate = date(U);
+
+ // dont let user pick the DB path
+ $db = sqlite_open("/usr/local/pkg/snort/{$_POST['dbName']}");
+
+ // checkbox off catch
+ $listGenRulesEnable = $listGenRules[0]['enable'];
+ if ( empty($listGenRules[0]['enable']) || $listGenRules[0]['enable'] === 'off' ) {
+
+ $listGenRulesEnable = 'off';
+ }
+
+ foreach ($_POST['snortsam']['db'] as $singleSig)
+ {
+
+ $resultid = sqlite_query($db,
+ "SELECT id FROM {$_POST['dbTable']} WHERE signatureid = '{$singleSig['sig']}' and rdbuuid = '{$_POST['rdbuuid']}';
+ ");
+
+ $chktable = sqlite_fetch_all($resultid, SQLITE_ASSOC);
+
+ // checkbox off catch
+ $singleSigEnable = $singleSig['enable'];
+ if ( empty($singleSig['enable']) ) {
+
+ $singleSigEnable = 'off';
+ }
+
+ // only do this if something change from defauts settings
+ $somthingChanged = FALSE;
+ if ( $singleSigEnable !== $listGenRulesEnable || $singleSig['who'] !== $listGenRules[0]['who'] || $singleSig['timeamount'] !== $listGenRules[0]['timeamount'] || $singleSig['timetype'] !== $listGenRules[0]['timetype'] ) {
+ $somthingChanged = TRUE;
+ }
+
+ if ( empty($chktable) && $somthingChanged ) {
+
+ $rulesetUuid = genAlphaNumMixFast(11, 14);
+
+ $query_ck = sqlite_query($db, // @ supress warnings usonly in production
+ "INSERT INTO {$_POST['dbTable']} (date, uuid, rdbuuid, enable, who, timeamount, timetype) VALUES ('{$addDate}', '{$rulesetUuid}', '{$_POST['rdbuuid']}', '{$singleSigEnable}', '{$singleSig['who']}', '{$singleSig['timeamount']}', '{$singleSig['timetype']}');
+ ");
+
+ }
+
+ if ( !empty($chktable) && $somthingChanged ) {
+
+ echo $singleSig['sig'];
+
+ }
+
+ } // END foreach
+
+ sqlite_close($db);
+
+}
+
+
+
// Save ruleSets settings
function snortSql_updateRuleSetList()
{
@@ -481,6 +549,12 @@ function snortSql_updateRuleSetList()
$table = 'SnortruleGenIps';
$rulesetUuid = genAlphaNumMixFast(11, 14);
$addDate = date(U);
+
+ // if enable is empty then set to off
+ if (empty($_POST['snortsam']['db']['gensettings']['enable'])) {
+
+ $_POST['snortsam']['db']['gensettings']['enable'] = 'off';
+ }
// dont let user pick the DB path
$db = sqlite_open("/usr/local/pkg/snort/{$_POST['dbName']}");
@@ -494,13 +568,13 @@ function snortSql_updateRuleSetList()
if (!empty($chktable)) {
$query_ck = sqlite_query($db, // @ supress warnings usonly in production
- "UPDATE {$table} SET who = '{$_POST['snortsam']['db']['gensettings']['who']}', timeamount = '{$_POST['snortsam']['db']['gensettings']['timeamount']}', timetype = '{$_POST['snortsam']['db']['gensettings']['timetype']}' WHERE rdbuuid = '{$_POST['rdbuuid']}';
+ "UPDATE {$table} SET enable = '{$_POST['snortsam']['db']['gensettings']['enable']}', who = '{$_POST['snortsam']['db']['gensettings']['who']}', timeamount = '{$_POST['snortsam']['db']['gensettings']['timeamount']}', timetype = '{$_POST['snortsam']['db']['gensettings']['timetype']}' WHERE rdbuuid = '{$_POST['rdbuuid']}';
");
}else{
$query_ck = sqlite_query($db, // @ supress warnings usonly in production
- "INSERT INTO {$table} (date, uuid, rdbuuid, who, timeamount, timetype) VALUES ('{$addDate}', '{$rulesetUuid}', '{$_POST['rdbuuid']}', '{$_POST['snortsam']['db']['gensettings']['who']}', '{$_POST['snortsam']['db']['gensettings']['timeamount']}', '{$_POST['snortsam']['db']['gensettings']['timetype']}');
+ "INSERT INTO {$table} (date, uuid, rdbuuid, enable, who, timeamount, timetype) VALUES ('{$addDate}', '{$rulesetUuid}', '{$_POST['rdbuuid']}', '{$_POST['snortsam']['db']['gensettings']['enable']}', '{$_POST['snortsam']['db']['gensettings']['who']}', '{$_POST['snortsam']['db']['gensettings']['timeamount']}', '{$_POST['snortsam']['db']['gensettings']['timetype']}');
");
}
diff --git a/config/snort-dev/snort_rules_ips.php b/config/snort-dev/snort_rules_ips.php
index ce14bf30..3e39501d 100644
--- a/config/snort-dev/snort_rules_ips.php
+++ b/config/snort-dev/snort_rules_ips.php
@@ -156,7 +156,9 @@ if (isset($_GET['rulefilename'])) {
<input type="hidden" name="snortSamSaveSettings" value="1" /> <!-- what to do, save -->
<input type="hidden" name="dbName" value="snortDBrules" /> <!-- what db-->
<input type="hidden" name="dbTable" value="SnortruleSigsIps" /> <!-- what db table-->
- <input type="hidden" name="ifaceTab" value="snort_ruleset_ips" /> <!-- what interface tab -->
+ <input type="hidden" name="ifaceTab" value="snort_rules_ips" /> <!-- what interface tab -->
+ <input type="hidden" name="rdbuuid" value="<?=$rdbuuid;?>" /> <!-- what interface to save for -->
+ <input type="hidden" name="uuid" value="<?=$uuid;?>" /> <!-- create snort.conf -->
<tr id="frheader" >
<td width="1%" class="listhdrr2">&nbsp;&nbsp;&nbsp;On</td>
@@ -292,7 +294,7 @@ function createDropdownOptionList(list, opselected) {
selectedOptionON = 'selected="selected"';
}
- strOut = strOut + '<option value="' + list[key] + '" ' + selectedOptionON + '>' + list[key] + '</option>' + "\n";
+ strOut = strOut + '<option value="' + list[key].toLowerCase() + '" ' + selectedOptionON + '>' + list[key] + '</option>' + "\n";
selectedOptionON = '';
}
return strOut;
@@ -328,24 +330,25 @@ function makeLargeSidTables(snortObjlist) {
jQuery('.rulesetloopblock').append(
"\n" + '<tr class="hidemetr" id="ipstable_' + snortObjlist[i].sid + '" valign="top">' + "\n" +
'<td class="' + rowIsEvenOdd + '">' + "\n" +
- '<input class="domecheck" id="checkbox_' + snortObjlist[i].sid + '" name="snortsam[db][' + snortObjlist[i].sid + '][enable]" value="' + snortObjlist[i].enable + '" checked="' + rulesetChecked + '" type="checkbox">' + "\n" +
+ '<input class="domecheck" id="checkbox_' + snortObjlist[i].sid + '" name="snortsam[db][' + i + '][enable]" value="' + snortObjlist[i].enable + '" checked="' + rulesetChecked + '" type="checkbox">' + "\n" +
'</td>' + "\n" +
'<td class="' + rowIsEvenOdd + '" id="sid_' + snortObjlist[i].sid + '" >' + snortObjlist[i].sid + '</td>' + "\n" +
'<td class="' + rowIsEvenOdd + '">' + "\n" +
- '<select class="formfld2" id="who_' + snortObjlist[i].sid + '" name="snortsam[db][' + snortObjlist[i].sid + '][who]">' + "\n" +
+ '<select class="formfld2" id="who_' + snortObjlist[i].sid + '" name="snortsam[db][' + i + '][who]">' + "\n" +
createDropdownOptionList(timeValuePerfList, snortObjlist[i].who) +
'</select>' + "\n" +
'</td>' + "\n" +
'<td class="' + rowIsEvenOdd + '">' + "\n" +
- '<input class="formfld2" id="timeamount_' + snortObjlist[i].sid + '" name="snortsam[db][' + snortObjlist[i].sid + '][timeamount]" type="text" size="7" value="' + snortObjlist[i].timeamount + '">' + "\n" +
+ '<input class="formfld2" id="timeamount_' + snortObjlist[i].sid + '" name="snortsam[db][' + i + '][timeamount]" type="text" size="7" value="' + snortObjlist[i].timeamount + '">' + "\n" +
'</td>' + "\n" +
'<td class="' + rowIsEvenOdd + '">' + "\n" +
- '<select class="formfld2" id="timetype_' + snortObjlist[i].sid + '" name="snortsam[db][' + snortObjlist[i].sid + '][timetype]" >' + "\n" +
+ '<select class="formfld2" id="timetype_' + snortObjlist[i].sid + '" name="snortsam[db][' + i + '][timetype]" >' + "\n" +
createDropdownOptionList(timeTypePerfList, snortObjlist[i].timetype) +
'</select>' + "\n" +
'</td>' + "\n" +
'<td class="listbg" id="msg_' + snortObjlist[i].sid + '"><font color="white">' + snortObjlist[i].msg + '</font></td>' + "\n" +
- '</tr>' + "\n"
+ '</tr>' + "\n" +
+ '<input type="hidden" name="snortsam[db][' + i + '][sig]" value="' + snortObjlist[i].sid + '" />' + "\n"
);
},
diff --git a/config/snort-dev/snort_rulesets_ips.php b/config/snort-dev/snort_rulesets_ips.php
index b5c18523..459f2868 100644
--- a/config/snort-dev/snort_rulesets_ips.php
+++ b/config/snort-dev/snort_rulesets_ips.php
@@ -295,9 +295,27 @@ jQuery(document).ready(function() {
<tr>
<td>
<table width="100%" border="0" cellpadding="0" cellspacing="0" >
- <tr class="hidemetr" id="ipstable_gensettings" valign="top">
+
+ <tr class="hidemetr" id="ipstitle_gensettings" valign="top">
+ <td class="listhdrr2" width="20%"></td>
+ <td class="listhdrr2" width="1%">&nbsp;&nbsp;&nbsp;On</td>
+ <td class="listhdrr2" width="1%">&nbsp;&nbsp;&nbsp;Source</td>
+ <td class="listhdrr2" width="1%">&nbsp;&nbsp;&nbsp;Amount</td>
+ <td class="listhdrr2" width="1%">&nbsp;&nbsp;&nbsp;Duration</td>
+ </tr>
+
+ <tr class="hidemetr" id="ipstable_gensettings" valign="top">
<td class="vncell2" id="infotext_ips"><font color="#000000">Default settings for all block rules</font></td>
<td class="odd_ruleset2">
+ <?php
+ $enableGenRuleSidChkBox = '';
+ if ( $listGenRules[0]['enable'] === 'on' || empty($listGenRules[0]['enable'])) {
+ $enableGenRuleSidChkBox = 'checked="checked"';
+ }
+ ?>
+ <input class="domecheck" id="checkbox_253" name="snortsam[db][gensettings][enable]" value="on" <?=$enableGenRuleSidChkBox; ?> type="checkbox">
+ </td>
+ <td class="odd_ruleset2">
<select class="formfld2" id="who_gensettings" name="snortsam[db][gensettings][who]">
<?php
$whoList = array('src' => 'SRC', 'dst' => 'DST', 'both' => 'BOTH');