aboutsummaryrefslogtreecommitdiffstats
path: root/config/snort/snort_alerts.php
diff options
context:
space:
mode:
authordigdug3 <digdug3@zonnet.nl>2012-07-25 09:42:36 +0300
committerdigdug3 <digdug3@zonnet.nl>2012-07-25 09:42:36 +0300
commit47d67bc88a0fbd00b1c37c4915466834879785a0 (patch)
treee0df8fd2bf3c73fbe5465e6bda076b142a68b22f /config/snort/snort_alerts.php
parentd8a9094c00f80da94d6aa60aa2536745ba90f66d (diff)
downloadpfsense-packages-47d67bc88a0fbd00b1c37c4915466834879785a0.tar.gz
pfsense-packages-47d67bc88a0fbd00b1c37c4915466834879785a0.tar.bz2
pfsense-packages-47d67bc88a0fbd00b1c37c4915466834879785a0.zip
Update config/snort/snort_alerts.php
Fix displaying Snort descriptions with "," like: "ET TROJAN MS Terminal Server User A Login, possible Morto inbound"
Diffstat (limited to 'config/snort/snort_alerts.php')
-rw-r--r--config/snort/snort_alerts.php49
1 files changed, 24 insertions, 25 deletions
diff --git a/config/snort/snort_alerts.php b/config/snort/snort_alerts.php
index 663e7621..b3afe941 100644
--- a/config/snort/snort_alerts.php
+++ b/config/snort/snort_alerts.php
@@ -47,7 +47,7 @@ if (empty($instanceid))
$instanceid = 0;
if (!is_array($config['installedpackages']['snortglobal']['rule']))
- $config['installedpackages']['snortglobal']['rule'] = array();
+ $config['installedpackages']['snortglobal']['rule'] = array();
$a_instance = &$config['installedpackages']['snortglobal']['rule'];
$snort_uuid = $a_instance[$instanceid]['uuid'];
$if_real = snort_get_real_interface($a_instance[$instanceid]['interface']);
@@ -75,13 +75,13 @@ if ($_POST['save']) {
}
if ($_POST['todelete'] || $_GET['todelete']) {
- $ip = "";
- if($_POST['todelete'])
- $ip = $_POST['todelete'];
- else if($_GET['todelete'])
- $ip = $_GET['todelete'];
- if (is_ipaddr($ip))
- exec("/sbin/pfctl -t snort2c -T delete {$ip}");
+ $ip = "";
+ if($_POST['todelete'])
+ $ip = $_POST['todelete'];
+ else if($_GET['todelete'])
+ $ip = $_GET['todelete'];
+ if (is_ipaddr($ip))
+ exec("/sbin/pfctl -t snort2c -T delete {$ip}");
}
if ($_GET['act'] == "addsuppress" && is_numeric($_GET['sidid']) && is_numeric($_GET['gen_id'])) {
@@ -174,23 +174,23 @@ if ($pconfig['arefresh'] == 'on')
<?php if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}
/* Display Alert message */
- if ($input_errors) {
- print_input_errors($input_errors); // TODO: add checks
- }
+ if ($input_errors) {
+ print_input_errors($input_errors); // TODO: add checks
+ }
?>
<form action="/snort/snort_alerts.php" method="post" id="formalert">
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr><td>
<?php
- $tab_array = array();
- $tab_array[0] = array(gettext("Snort Interfaces"), false, "/snort/snort_interfaces.php");
- $tab_array[1] = array(gettext("Global Settings"), false, "/snort/snort_interfaces_global.php");
- $tab_array[2] = array(gettext("Updates"), false, "/snort/snort_download_updates.php");
- $tab_array[3] = array(gettext("Alerts"), true, "/snort/snort_alerts.php?instance={$instanceid}");
- $tab_array[4] = array(gettext("Blocked"), false, "/snort/snort_blocked.php");
- $tab_array[5] = array(gettext("Whitelists"), false, "/snort/snort_interfaces_whitelist.php");
- $tab_array[6] = array(gettext("Suppress"), false, "/snort/snort_interfaces_suppress.php");
- display_top_tabs($tab_array);
+ $tab_array = array();
+ $tab_array[0] = array(gettext("Snort Interfaces"), false, "/snort/snort_interfaces.php");
+ $tab_array[1] = array(gettext("Global Settings"), false, "/snort/snort_interfaces_global.php");
+ $tab_array[2] = array(gettext("Updates"), false, "/snort/snort_download_updates.php");
+ $tab_array[3] = array(gettext("Alerts"), true, "/snort/snort_alerts.php?instance={$instanceid}");
+ $tab_array[4] = array(gettext("Blocked"), false, "/snort/snort_blocked.php");
+ $tab_array[5] = array(gettext("Whitelists"), false, "/snort/snort_interfaces_whitelist.php");
+ $tab_array[6] = array(gettext("Suppress"), false, "/snort/snort_interfaces_suppress.php");
+ display_top_tabs($tab_array);
?>
</td></tr>
<tr>
@@ -265,10 +265,9 @@ if (file_exists("/var/log/snort/snort_{$if_real}{$snort_uuid}/alert")) {
/* 0 1 2 3 4 5 6 7 8 9 10 11 12 */
/* File format timestamp,sig_generator,sig_id,sig_rev,msg,proto,src,srcport,dst,dstport,id,classification,priority */
$fd = fopen("/tmp/alert_{$snort_uuid}", "r");
- while(($fileline = @fgets($fd))) {
- if (empty($fileline))
+ while (($fields = fgetcsv($fd, 1000, ',', '"')) !== FALSE) {
+ if(count($fields) < 11)
continue;
- $fields = explode(",", $fileline);
/* Date */
$alert_date = substr($fields[0], 0, -8);
@@ -311,7 +310,7 @@ if (file_exists("/var/log/snort/snort_{$if_real}{$snort_uuid}/alert")) {
<td class='listr' width='5%' >
{$alert_sid_str}
<a href='?instance={$instanceid}&act=addsuppress&sidid={$fields[2]}&gen_id={$fields[1]}&descr={$alert_descr_url}'>
- <img src='../themes/{$g['theme']}/images/icons/icon_plus.gif'
+ <img src='../themes/{$g['theme']}/images/icons/icon_plus.gif'
width='10' height='10' border='0'
title='click to add to suppress list'></a>
</td>
@@ -337,4 +336,4 @@ if (file_exists("/var/log/snort/snort_{$if_real}{$snort_uuid}/alert")) {
include("fend.inc");
?>
</body>
-</html>
+</html> \ No newline at end of file