aboutsummaryrefslogtreecommitdiffstats
path: root/config/snort/snort_rulesets.php
diff options
context:
space:
mode:
authorErmal <eri@pfsense.org>2012-07-12 18:29:33 +0000
committerErmal <eri@pfsense.org>2012-07-12 18:29:52 +0000
commit5180182c8975d4630cbc22174cc41f8e2c6d2b55 (patch)
treef9daf659a6606c28ca336a3679e2b973c07108e5 /config/snort/snort_rulesets.php
parent6990da95b8a274747c3138d16a3b914842c646b7 (diff)
downloadpfsense-packages-5180182c8975d4630cbc22174cc41f8e2c6d2b55.tar.gz
pfsense-packages-5180182c8975d4630cbc22174cc41f8e2c6d2b55.tar.bz2
pfsense-packages-5180182c8975d4630cbc22174cc41f8e2c6d2b55.zip
Fix the issues with rules pages and the ones rpeorted on the forum
Diffstat (limited to 'config/snort/snort_rulesets.php')
-rw-r--r--config/snort/snort_rulesets.php392
1 files changed, 190 insertions, 202 deletions
diff --git a/config/snort/snort_rulesets.php b/config/snort/snort_rulesets.php
index 050ec2ce..34bba9e5 100644
--- a/config/snort/snort_rulesets.php
+++ b/config/snort/snort_rulesets.php
@@ -49,92 +49,39 @@ if (is_null($id)) {
exit;
}
+function snort_copy_rules($files, $snortdir, $snort_uuid, $if_real) {
+
+ if (empty($files))
+ return;
+
+ conf_mount_rw();
+ foreach ($files as $file) {
+ if (!file_exists("{$snortdir}/snort_{$snort_uuid}_{$if_real}/rules/{$file}"))
+ @copy("{$snortdir}/rules/{$file}", "{$snortdir}/snort_{$snort_uuid}_{$if_real}/rules/{$file}");
+ }
+ conf_mount_ro();
+}
+
if (isset($id) && $a_nat[$id]) {
$pconfig['enable'] = $a_nat[$id]['enable'];
$pconfig['interface'] = $a_nat[$id]['interface'];
$pconfig['rulesets'] = $a_nat[$id]['rulesets'];
-
- /* convert fake interfaces to real */
- $if_real = snort_get_real_interface($pconfig['interface']);
-
- $iface_uuid = $a_nat[$id]['uuid'];
}
-$if_friendly = snort_get_friendly_interface($pconfig['interface']);
-$pgtitle = "Snort: Interface {$if_friendly} Categories";
-
-
-/* Check if the rules dir is empy if so warn the user */
-/* TODO give the user the option to delete the installed rules rules */
-$isrulesfolderempty = exec("ls -A {$snortdir}/snort_{$iface_uuid}_{$if_real}/rules/*.rules");
-if ($isrulesfolderempty == "") {
- $isrulesfolderempty = exec("ls -A {$snortdir}/rules/*.rules");
- if ($isrulesfolderempty == "") {
- include_once("head.inc");
- include("fbegin.inc");
-
- echo "<p class=\"pgtitle\">";
- if($pfsense_stable == 'yes'){echo $pgtitle;}
- echo "</p>\n";
-
- echo "<body link=\"#000000\" vlink=\"#000000\" alink=\"#000000\">";
-
- echo "
- <table width=\"99%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\">\n
- <tr><td>\n";
-
- $tab_array = array();
- $tab_array[] = array(gettext("Snort Interfaces"), false, "/snort/snort_interfaces.php");
- $tab_array[] = array(gettext("If Settings"), false, "/snort/snort_interfaces_edit.php?id={$id}");
- $tab_array[] = array(gettext("Categories"), true, "/snort/snort_rulesets.php?id={$id}");
- $tab_array[] = array(gettext("Rules"), false, "/snort/snort_rules.php?id={$id}");
- $tab_array[] = array(gettext("Servers"), false, "/snort/snort_define_servers.php?id={$id}");
- $tab_array[] = array(gettext("Preprocessors"), false, "/snort/snort_preprocessors.php?id={$id}");
- $tab_array[] = array(gettext("Barnyard2"), false, "/snort/snort_barnyard.php?id={$id}");
- display_top_tabs($tab_array);
- echo "
- </td></tr>
- <tr>\n
- <td>\n
- <div id=\"mainarea\">\n
- <table id=\"maintable\" class=\"tabcont\" width=\"100%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\">\n
- <tr>\n
- <td>\n
- # The rules directory is empty. {$snortdir}/snort_{$iface_uuid}_{$if_real}/rules \n
- </td>\n
- </tr>\n
- </table>\n
- </div>\n
- </td>\n
- </tr>\n
- </table>\n
- \n
- </form>\n
- \n
- <p>\n\n";
-
- echo "Please click on the Update Rules tab to install your selected rule sets. $isrulesfolderempty";
- include("fend.inc");
-
- echo "</body>";
- echo "</html>";
-
- exit(0);
- } else {
- /* Make sure that we have the rules */
- mwexec("/bin/cp {$snortdir}/rules/*.rules {$snortdir}/snort_{$iface_uuid}_{$if_real}/rules", true);
- }
-}
+$if_real = snort_get_real_interface($pconfig['interface']);
+$snort_uuid = $a_nat[$id]['uuid'];
+$snortdownload = $config['installedpackages']['snortglobal']['snortdownload'];
+$emergingdownload = $config['installedpackages']['snortglobal']['emergingthreats'];
/* alert file */
if ($_POST["Submit"]) {
$enabled_items = "";
- $isfirst = true;
if (is_array($_POST['toenable']))
$enabled_items = implode("||", $_POST['toenable']);
else
$enabled_items = $_POST['toenable'];
$a_nat[$id]['rulesets'] = $enabled_items;
+ snort_copy_rules(explode("||", $enabled_items), $snortdir, $snort_uuid, $if_real);
write_config();
sync_snort_package_config();
@@ -144,6 +91,13 @@ if ($_POST["Submit"]) {
}
if ($_POST['unselectall']) {
+ if (!empty($pconfig['rulesets'])) {
+ conf_mount_rw();
+ foreach (explode("||", $pconfig['rulesets']) as $file)
+ @unlink("{$snortdir}/snort_{$snort_uuid}_{$if_real}/rules/{$file}");
+ conf_mount_ro();
+ }
+
$a_nat[$id]['rulesets'] = "";
write_config();
@@ -154,10 +108,18 @@ if ($_POST['unselectall']) {
}
if ($_POST['selectall']) {
- $files = glob("{$snortdir}/snort_{$iface_uuid}_{$if_real}/rules/*.rules");
$rulesets = array();
- foreach ($files as $file)
- $rulesets[] = basename($file);
+ if ($emergingdownload == 'on') {
+ $files = glob("{$snortdir}/rules/emerging*.rules");
+ foreach ($files as $file)
+ $rulesets[] = basename($file);
+ }
+ if ($snortdownload == 'on') {
+ $files = glob("{$snortdir}/rules/snort*.rules");
+ foreach ($files as $file)
+ $rulesets[] = basename($file);
+ }
+ snort_copy_rules($rulesets, $snortdir, $snort_uuid, $if_real);
$a_nat[$id]['rulesets'] = implode("||", $rulesets);
@@ -168,21 +130,18 @@ if ($_POST['selectall']) {
exit;
}
-$enabled_rulesets = $a_nat[$id]['rulesets'];
-if($enabled_rulesets)
- $enabled_rulesets_array = explode("||", $enabled_rulesets);
-
+$enabled_rulesets_array = explode("||", $a_nat[$id]['rulesets']);
include_once("head.inc");
-
?>
<body link="#000000" vlink="#000000" alink="#000000">
-<?php include("fbegin.inc"); ?>
-<?if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}?>
+<?php
+include("fbegin.inc");
+$if_friendly = snort_get_friendly_interface($pconfig['interface']);
+$pgtitle = "Snort: Interface {$if_friendly} Categories";
-<form action="snort_rulesets.php" method="post" name="iform" id="iform">";
-<input type="hidden" name="id" id="id" value="<?=$id;?>" />
+if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}?>
<?php
/* Display message */
@@ -196,6 +155,8 @@ if ($savemsg) {
?>
+<form action="snort_rulesets.php" method="post" name="iform" id="iform">
+<input type="hidden" name="id" id="id" value="<?=$id;?>" />
<table width="99%" border="0" cellpadding="0" cellspacing="0">
<tr><td>
<?php
@@ -210,134 +171,161 @@ if ($savemsg) {
display_top_tabs($tab_array);
?>
</td></tr>
- <tr>
- <td>
- <div id="mainarea2">
- <table id="maintable" class="tabcont" width="100%" border="0"
- cellpadding="0" cellspacing="0">
+<tr>
+ <td>
+ <div id="mainarea">
+ <table id="maintable" class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
+<?php
+ $isrulesfolderempty = glob("{$snortdir}/rules/*.rules");
+ if (empty($isrulesfolderempty)):
+?>
+ <tr>
+ <td>
+ # The rules directory is empty. <?=$snortdir;?>/rules <br/>
+ Please go to the updates page to download/fetch the rules configured.
+ </td>
+ </tr>
+<?php else:
+ $colspan = 6;
+ if ($emergingdownload != 'on')
+ $colspan -= 2;
+ if ($snortdownload != 'on')
+ $colspan -= 4;
+
+?>
+ <tr>
+ <td>
+ <table id="sortabletable1" class="sortable" width="100%" border="0"
+ cellpadding="0" cellspacing="0">
<tr>
- <td>
- <table id="sortabletable1" class="sortable" width="100%" border="0"
- cellpadding="0" cellspacing="0">
- <tr>
- <td colspan="6" class="listtopic">Check the rulesets that you would like Snort to load at startup.<br/><br/></td>
- </tr>
- <tr>
- <td colspan="2" valign="center"><br/><input value="Save" type="submit" name="Submit" id="Submit" /><br/<br/></td>
- <td colspan="2" valign="center"><br/><input value="Select All" type="submit" name="selectall" id="selectall" /><br/<br/></td>
- <td colspan="2" valign="center"><br/><input value="Unselect All" type="submit" name="unselectall" id="selectall" /><br/<br/></td>
+ <td colspan="6" class="listtopic">Check the rulesets that you would like Snort to load at startup.<br/><br/></td>
+ </tr>
+ <tr>
+ <td colspan="2" valign="center"><br/><input value="Save" type="submit" name="Submit" id="Submit" /><br/<br/></td>
+ <td colspan="2" valign="center"><br/><input value="Select All" type="submit" name="selectall" id="selectall" /><br/<br/></td>
+ <td colspan="2" valign="center"><br/><input value="Unselect All" type="submit" name="unselectall" id="selectall" /><br/<br/></td>
+ </tr>
+ <tr> <td colspan="6">&nbsp;</td> </tr>
+ <tr id="frheader">
+ <?php if ($emergingdownload == 'on'): ?>
+ <td width="5%" class="listhdrr">Enabled</td>
+ <td width="25%" class="listhdrr"><?php echo 'Ruleset: Emerging Threats.';?></td>
+ <?php else: ?>
+ <td colspan="2" width="30%" class="listhdrr">Emerging rules have not been enabled</td>
+ <?php endif; ?>
+ <?php if ($snortdownload == 'on'): ?>
+ <td width="5%" class="listhdrr">Enabled</td>
+ <td width="25%" class="listhdrr"><?php echo 'Ruleset: Snort';?></td>
+ <td width="5%" class="listhdrr">Enabled</td>
+ <td width="25%" class="listhdrr"><?php echo 'Ruleset: Snort SO';?></td>
+ <?php else: ?>
+ <td colspan="2" width="60%" class="listhdrr">Snort rules have not been enabled</td>
+ <?php endif; ?>
</tr>
- <tr> <td colspan="6">&nbsp;</td> </tr>
- <tr id="frheader">
- <td width="5%" class="listhdrr">Enabled</td>
- <td width="25%" class="listhdrr"><?php echo 'Ruleset: Emerging Threats.';?></td>
- <td width="5%" class="listhdrr">Enabled</td>
- <td width="25%" class="listhdrr"><?php echo 'Ruleset: Snort';?></td>
- <td width="5%" class="listhdrr">Enabled</td>
- <td width="25%" class="listhdrr"><?php echo 'Ruleset: Snort SO';?></td>
- </tr>
- <?php
- $emergingrules = array();
- $snortsorules = array();
- $snortrules = array();
- $dh = opendir("{$snortdir}/snort_{$iface_uuid}_{$if_real}/rules/");
- while (false !== ($filename = readdir($dh))) {
- $filename = basename($filename);
- if (substr($filename, -5) != "rules")
- continue;
- if (strstr($filename, "emerging"))
- $emergingrules[] = $filename;
- else if (strstr($filename, "snort")) {
- if (strstr($filename, ".so.rules"))
- $snortsorules[] = $filename;
- else
- $snortrules[] = $filename;
- }
+ <?php
+ $emergingrules = array();
+ $snortsorules = array();
+ $snortrules = array();
+ $dh = opendir("{$snortdir}/rules/");
+ while (false !== ($filename = readdir($dh))) {
+ $filename = basename($filename);
+ if (substr($filename, -5) != "rules")
+ continue;
+ if (strstr($filename, "emerging") && $emergingdownload == 'on')
+ $emergingrules[] = $filename;
+ else if (strstr($filename, "snort") && $snortdownload == 'on') {
+ if (strstr($filename, ".so.rules"))
+ $snortsorules[] = $filename;
+ else
+ $snortrules[] = $filename;
}
- sort($emergingrules);
- sort($snortsorules);
- sort($snortrules);
- $i = count($emergingrules);
- if ($i < count($snortsorules))
- $i = count(snortsorules);
- if ($i < count($snortrules))
- $i = count($snortrules);
-
- for ($j = 0; $j < $i; $j++) {
- echo "<tr>\n";
- if (!empty($emergingrules[$j])) {
- $file = $emergingrules[$j];
- echo "<td width='5%' class='listr' align=\"center\" valign=\"top\">";
- if(is_array($enabled_rulesets_array)) {
- if(in_array($file, $enabled_rulesets_array))
- $CHECKED = " checked=\"checked\"";
- else
- $CHECKED = "";
- } else
- $CHECKED = "";
- echo " \n<input type='checkbox' name='toenable[]' value='$file' {$CHECKED} />\n";
- echo "</td>\n";
- echo "<td class='listr' width='25%' >\n";
- if (empty($CHECKED))
- echo $file;
+ }
+ sort($emergingrules);
+ sort($snortsorules);
+ sort($snortrules);
+ $i = count($emergingrules);
+ if ($i < count($snortsorules))
+ $i = count(snortsorules);
+ if ($i < count($snortrules))
+ $i = count($snortrules);
+
+ for ($j = 0; $j < $i; $j++) {
+ echo "<tr>\n";
+ if (!empty($emergingrules[$j])) {
+ $file = $emergingrules[$j];
+ echo "<td width='5%' class='listr' align=\"center\" valign=\"top\">";
+ if(is_array($enabled_rulesets_array)) {
+ if(in_array($file, $enabled_rulesets_array))
+ $CHECKED = " checked=\"checked\"";
else
- echo "<a href='snort_rules.php?id={$jd}&openruleset={$snortdir}/snort_{$jface_uuid}_{$jf_real}/rules/" . urlencode($file) . "'>{$file}</a>\n";
- echo "</td>\n";
- } else
- echo "<td class='listbggrey' width='30%' colspan='2'><br/></td>\n";
- if (!empty($snortrules[$j])) {
- $file = $snortrules[$j];
- echo "<td class='listr' width='5%' align=\"center\" valign=\"top\">";
- if(is_array($enabled_rulesets_array)) {
- if(in_array($file, $enabled_rulesets_array))
- $CHECKED = " checked=\"checked\"";
- else
- $CHECKED = "";
- } else
$CHECKED = "";
- echo " \n<input type='checkbox' name='toenable[]' value='{$file}' {$CHECKED} />\n";
- echo "</td>\n";
- echo "<td class='listr' width='25%' >\n";
- if (empty($CHECKED))
- echo $file;
- else
- echo "<a href='snort_rules.php?id={$jd}&openruleset={$snortdir}/snort_{$jface_uuid}_{$jf_real}/rules/" . urlencode($file) . "'>{$file}</a>\n";
- echo "</td>\n";
} else
- echo "<td class='listbggrey' width='30%' colspan='2'><br/></td>\n";
- if (!empty($snortsorules[$j])) {
- $file = $snortsorules[$j];
- echo "<td class='listr' width='5%' align=\"center\" valign=\"top\">";
- if(is_array($enabled_rulesets_array)) {
- if(in_array($file, $enabled_rulesets_array))
- $CHECKED = " checked=\"checked\"";
- else
- $CHECKED = "";
- } else
+ $CHECKED = "";
+ echo " \n<input type='checkbox' name='toenable[]' value='$file' {$CHECKED} />\n";
+ echo "</td>\n";
+ echo "<td class='listr' width='25%' >\n";
+ if (empty($CHECKED))
+ echo $file;
+ else
+ echo "<a href='snort_rules.php?id={$id}&openruleset=" . urlencode($file) . "'>{$file}</a>\n";
+ echo "</td>\n";
+ } else
+ echo "<td class='listbggrey' width='30%' colspan='2'><br/></td>\n";
+
+ if (!empty($snortrules[$j])) {
+ $file = $snortrules[$j];
+ echo "<td class='listr' width='5%' align=\"center\" valign=\"top\">";
+ if(is_array($enabled_rulesets_array)) {
+ if(in_array($file, $enabled_rulesets_array))
+ $CHECKED = " checked=\"checked\"";
+ else
$CHECKED = "";
- echo " \n<input type='checkbox' name='toenable[]' value='{$file}' {$CHECKED} />\n";
- echo "</td>\n";
- echo "<td class='listr' width='25%' >\n";
- if (empty($CHECKED))
- echo $file;
+ } else
+ $CHECKED = "";
+ echo " \n<input type='checkbox' name='toenable[]' value='{$file}' {$CHECKED} />\n";
+ echo "</td>\n";
+ echo "<td class='listr' width='25%' >\n";
+ if (empty($CHECKED))
+ echo $file;
+ else
+ echo "<a href='snort_rules.php?id={$id}&openruleset=" . urlencode($file) . "'>{$file}</a>\n";
+ echo "</td>\n";
+ } else
+ echo "<td class='listbggrey' width='30%' colspan='2'><br/></td>\n";
+ if (!empty($snortsorules[$j])) {
+ $file = $snortsorules[$j];
+ echo "<td class='listr' width='5%' align=\"center\" valign=\"top\">";
+ if(is_array($enabled_rulesets_array)) {
+ if(in_array($file, $enabled_rulesets_array))
+ $CHECKED = " checked=\"checked\"";
else
- echo "<a href='snort_rules.php?id={$jd}&openruleset={$snortdir}/snort_{$jface_uuid}_{$jf_real}/rules/" . urlencode($file) . "'>{$file}</a>\n";
- echo "</td>\n";
+ $CHECKED = "";
} else
- echo "<td class='listbggrey' width='30%' colspan='2'><br/></td>\n";
- echo "</tr>\n";
- }
- ?>
- </table>
- </td>
- </tr>
- <tr>
- <td colspan="6">&nbsp;</td>
- </tr>
- </table>
- </div>
- </td>
- </tr>
+ $CHECKED = "";
+ echo " \n<input type='checkbox' name='toenable[]' value='{$file}' {$CHECKED} />\n";
+ echo "</td>\n";
+ echo "<td class='listr' width='25%' >\n";
+ if (empty($CHECKED))
+ echo $file;
+ else
+ echo "<a href='snort_rules.php?id={$id}&openruleset=" . urlencode($file) . "'>{$file}</a>\n";
+ echo "</td>\n";
+ } else
+ echo "<td class='listbggrey' width='30%' colspan='2'><br/></td>\n";
+ echo "</tr>\n";
+ }
+ ?>
+ </table>
+ </td>
+</tr>
+<tr>
+<td colspan="6">&nbsp;</td>
+</tr>
+<?php endif; ?>
+</table>
+</div>
+</td>
+</tr>
</table>
</form>
<?php