aboutsummaryrefslogtreecommitdiffstats
path: root/config/snort
diff options
context:
space:
mode:
authorErmal <eri@pfsense.org>2012-07-10 07:20:09 +0000
committerErmal <eri@pfsense.org>2012-07-10 07:20:09 +0000
commitd25293151743c44ffef9121d10c0568f04066054 (patch)
treece7531761ddf0b47e3d5776948fa8e458f30cfdf /config/snort
parent14ed520f1e7aeaf13461dabc1eb6bfcf9f4064ba (diff)
downloadpfsense-packages-d25293151743c44ffef9121d10c0568f04066054.tar.gz
pfsense-packages-d25293151743c44ffef9121d10c0568f04066054.tar.bz2
pfsense-packages-d25293151743c44ffef9121d10c0568f04066054.zip
Some validation and whitespace fixes
Diffstat (limited to 'config/snort')
-rw-r--r--config/snort/snort_interfaces_suppress.php11
-rw-r--r--config/snort/snort_interfaces_suppress_edit.php23
-rw-r--r--config/snort/snort_interfaces_whitelist.php149
-rw-r--r--config/snort/snort_interfaces_whitelist_edit.php33
4 files changed, 92 insertions, 124 deletions
diff --git a/config/snort/snort_interfaces_suppress.php b/config/snort/snort_interfaces_suppress.php
index eb66b652..d4fe44ac 100644
--- a/config/snort/snort_interfaces_suppress.php
+++ b/config/snort/snort_interfaces_suppress.php
@@ -45,8 +45,6 @@ if (!is_array($config['installedpackages']['snortglobal']['suppress']['item']))
$a_suppress = &$config['installedpackages']['snortglobal']['suppress']['item'];
$id_gen = count($config['installedpackages']['snortglobal']['suppress']['item']);
-$d_suppresslistdirty_path = '/var/run/snort_suppress.dirty';
-
if ($_GET['act'] == "del") {
if ($a_suppress[$_GET['id']]) {
/* make sure rule is not being referenced by any nat or filter rules */
@@ -68,15 +66,10 @@ include_once("head.inc");
<?php
include_once("fbegin.inc");
+if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}
?>
-<?if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}?>
-
<form action="/snort/snort_interfaces_suppress.php" method="post"><?php if ($savemsg) print_info_box($savemsg); ?>
-<?php if (file_exists($d_suppresslistdirty_path)): ?>
-<p><?php print_info_box_np("The white list has been changed.<br>You must apply the changes in order for them to take effect.");?>
-<?php endif; ?>
-
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr><td>
<?php
@@ -93,7 +86,7 @@ include_once("fbegin.inc");
</td>
</tr>
<tr><td class="tabcont">
-<table width="100%" border="0" cellpadding="6" cellspacing="0">
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="30%" class="listhdrr">File Name</td>
<td width="60%" class="listhdr">Description</td>
diff --git a/config/snort/snort_interfaces_suppress_edit.php b/config/snort/snort_interfaces_suppress_edit.php
index 082911b0..6118c33a 100644
--- a/config/snort/snort_interfaces_suppress_edit.php
+++ b/config/snort/snort_interfaces_suppress_edit.php
@@ -88,6 +88,8 @@ if ($_POST['submit']) {
unset($input_errors);
$pconfig = $_POST;
+ $reqdfields = explode(" ", "name");
+ $reqdfieldsn = array("Name");
do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
if(strtolower($_POST['name']) == "defaultwhitelist")
@@ -129,11 +131,9 @@ if ($_POST['submit']) {
write_config();
sync_snort_package_config();
-
header("Location: /snort/snort_interfaces_suppress.php");
exit;
}
-
}
$pgtitle = "Services: Snort: Suppression: Edit $suppress_uuid";
@@ -145,15 +145,11 @@ include_once("head.inc");
<?php
include("fbegin.inc");
-?>
+if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}
-<?if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}?>
-
-<?php if ($input_errors) print_input_errors($input_errors); ?>
-<?php
- if ($savemsg) {
- print_info_box($savemsg);
- }
+if ($input_errors) print_input_errors($input_errors);
+if ($savemsg)
+ print_info_box($savemsg);
?>
<form action="/snort/snort_interfaces_suppress_edit.php" name="iform" id="iform" method="post">
@@ -166,7 +162,7 @@ include("fbegin.inc");
<tr>
<td width="22%" valign="top" class="vncellreq">Name</td>
<td width="78%" class="vtable"><input name="name" type="text" id="name"
- size="40" value="<?=htmlspecialchars($pconfig['name']);?>" /> <br />
+ class="formfld unkown" size="40" value="<?=htmlspecialchars($pconfig['name']);?>" /> <br />
<span class="vexpl"> The list name may only consist of the
characters a-z, A-Z and 0-9. <span class="red">Note: </span> No
Spaces. </span></td>
@@ -174,7 +170,7 @@ include("fbegin.inc");
<tr>
<td width="22%" valign="top" class="vncell">Description</td>
<td width="78%" class="vtable"><input name="descr" type="text"
- id="descr" size="40" value="<?=$pconfig['descr'];?>" /> <br />
+ class="formfld unkown" id="descr" size="40" value="<?=$pconfig['descr'];?>" /> <br />
<span class="vexpl"> You may enter a description here for your
reference (not parsed). </span></td>
</tr>
@@ -185,7 +181,7 @@ include("fbegin.inc");
<tr>
<td width='8%'>&nbsp;&nbsp;&nbsp;</td>
<td width='70%'><font size="2" color='#FF850A'><b>NOTE:</b></font>
- <font size="2" color='#000000'>&nbsp;&nbsp;The threshold keyword
+ <font color='#000000'>&nbsp;&nbsp;The threshold keyword
is deprecated as of version 2.8.5. Use the event_filter keyword
instead.</font></td>
</tr>
@@ -228,7 +224,6 @@ include("fbegin.inc");
<?php include("fend.inc"); ?>
<script type="text/javascript">
Rounded("div#redbox","all","#FFF","#E0E0E0","smooth");
-Rounded("td#blackbox","all","#FFF","#000000","smooth");
</script>
</body>
</html>
diff --git a/config/snort/snort_interfaces_whitelist.php b/config/snort/snort_interfaces_whitelist.php
index 805fffe9..56d6cdc2 100644
--- a/config/snort/snort_interfaces_whitelist.php
+++ b/config/snort/snort_interfaces_whitelist.php
@@ -39,28 +39,23 @@
require_once("guiconfig.inc");
require_once("/usr/local/pkg/snort/snort.inc");
-
+if (!is_array($config['installedpackages']['snortglobal']['whitelist']))
+ $config['installedpackages']['snortglobal']['whitelist'] = array();
if (!is_array($config['installedpackages']['snortglobal']['whitelist']['item']))
-$config['installedpackages']['snortglobal']['whitelist']['item'] = array();
-
-//aliases_sort(); << what ?
+ $config['installedpackages']['snortglobal']['whitelist']['item'] = array();
$a_whitelist = &$config['installedpackages']['snortglobal']['whitelist']['item'];
-if (isset($config['installedpackages']['snortglobal']['whitelist']['item'])) {
+if (isset($config['installedpackages']['snortglobal']['whitelist']['item']))
$id_gen = count($config['installedpackages']['snortglobal']['whitelist']['item']);
-}else{
+else
$id_gen = '0';
-}
-
-$d_whitelistdirty_path = '/var/run/snort_whitelist.dirty';
if ($_GET['act'] == "del") {
if ($a_whitelist[$_GET['id']]) {
/* make sure rule is not being referenced by any nat or filter rules */
-
unset($a_whitelist[$_GET['id']]);
write_config();
- filter_configure();
+ sync_snort_package_config();
header("Location: /snort/snort_interfaces_whitelist.php");
exit;
}
@@ -68,21 +63,17 @@ if ($_GET['act'] == "del") {
$pgtitle = "Services: Snort: Whitelist";
include_once("head.inc");
-
?>
<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
<?php
include_once("fbegin.inc");
+if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}
+if ($savemsg) print_info_box($savemsg);
?>
-<?if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}?>
-
-<?php if (file_exists($d_whitelistdirty_path)): ?>
-<p><?php print_info_box_np("The white list has been changed.<br>You must apply the changes in order for them to take effect.");?>
-<?php endif; ?>
-<form action="/snort/snort_interfaces_whitelist.php" method="post"><?php if ($savemsg) print_info_box($savemsg); ?>
+<form action="/snort/snort_interfaces_whitelist.php" method="post">
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr><td>
<?php
@@ -96,68 +87,66 @@ include_once("fbegin.inc");
$tab_array[6] = array(gettext("Suppress"), false, "/snort/snort_interfaces_suppress.php");
display_top_tabs($tab_array);
?>
- </td>
- </tr>
- <tr>
- <td class="tabcont">
-
- <table width="100%" border="0" cellpadding="6" cellspacing="0">
-
- <tr>
- <td width="20%" class="listhdrr">File Name</td>
- <td width="40%" class="listhdrr">Values</td>
- <td width="40%" class="listhdr">Description</td>
- <td width="10%" class="list"></td>
- </tr>
- <?php $i = 0; foreach ($a_whitelist as $list): ?>
- <tr>
- <td class="listlr"
- ondblclick="document.location='snort_interfaces_whitelist_edit.php?id=<?=$i;?>';">
- <?=htmlspecialchars($list['name']);?></td>
- <td class="listr"
- ondblclick="document.location='snort_interfaces_whitelist_edit.php?id=<?=$i;?>';">
- <?php
- $addresses = implode(", ", array_slice(explode(" ", $list['address']), 0, 10));
- echo $addresses;
- if(count($addresses) < 10) {
- echo " ";
- } else {
- echo "...";
- }
- ?></td>
- <td class="listbg"
- ondblclick="document.location='snort_interfaces_whitelist_edit.php?id=<?=$i;?>';">
- <font color="#FFFFFF"> <?=htmlspecialchars($list['descr']);?>&nbsp;
- </td>
- <td valign="middle" nowrap class="list">
- <table border="0" cellspacing="0" cellpadding="1">
- <tr>
- <td valign="middle"><a
- href="snort_interfaces_whitelist_edit.php?id=<?=$i;?>"><img
- src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif"
- width="17" height="17" border="0" title="edit whitelist"></a></td>
- <td><a
- href="/snort/snort_interfaces_whitelist.php?act=del&id=<?=$i;?>"
- onclick="return confirm('Do you really want to delete this whitelist? All elements that still use it will become invalid (e.g. snort rules will fall back to the default whitelist)!')"><img
- src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif"
- width="17" height="17" border="0" title="delete whitelist"></a></td>
- </tr>
- </table>
- </td>
- </tr>
- <?php $i++; endforeach; ?>
- <tr>
- <td class="list" colspan="3"></td>
- <td class="list">
- <table border="0" cellspacing="0" cellpadding="1">
- <tr>
- <td valign="middle" width="17">&nbsp;</td>
- <td valign="middle"><a
- href="snort_interfaces_whitelist_edit.php?id=<?php echo $id_gen;?> "><img
- src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif"
- width="17" height="17" border="0" title="add a new list"></a></td>
- </tr>
- </table>
+ </td>
+</tr>
+<tr>
+ <td class="tabcont">
+ <table width="100%" border="0" cellpadding="6" cellspacing="0">
+ <tr>
+ <td width="20%" class="listhdrr">File Name</td>
+ <td width="40%" class="listhdrr">Values</td>
+ <td width="40%" class="listhdr">Description</td>
+ <td width="10%" class="list"></td>
+ </tr>
+ <?php foreach ($a_whitelist as $i => $list): ?>
+ <tr>
+ <td class="listlr"
+ ondblclick="document.location='snort_interfaces_whitelist_edit.php?id=<?=$i;?>';">
+ <?=htmlspecialchars($list['name']);?></td>
+ <td class="listr"
+ ondblclick="document.location='snort_interfaces_whitelist_edit.php?id=<?=$i;?>';">
+ <?php
+ $addresses = implode(", ", array_slice(explode(" ", $list['address']), 0, 10));
+ echo $addresses;
+ if(count($addresses) < 10) {
+ echo " ";
+ } else {
+ echo "...";
+ }
+ ?></td>
+ <td class="listbg"
+ ondblclick="document.location='snort_interfaces_whitelist_edit.php?id=<?=$i;?>';">
+ <font color="#FFFFFF"> <?=htmlspecialchars($list['descr']);?>&nbsp;
+ </td>
+ <td valign="middle" nowrap class="list">
+ <table border="0" cellspacing="0" cellpadding="1">
+ <tr>
+ <td valign="middle"><a
+ href="snort_interfaces_whitelist_edit.php?id=<?=$i;?>"><img
+ src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif"
+ width="17" height="17" border="0" title="edit whitelist"></a></td>
+ <td><a
+ href="/snort/snort_interfaces_whitelist.php?act=del&id=<?=$i;?>"
+ onclick="return confirm('Do you really want to delete this whitelist? All elements that still use it will become invalid (e.g. snort rules will fall back to the default whitelist)!')"><img
+ src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif"
+ width="17" height="17" border="0" title="delete whitelist"></a></td>
+ </tr>
+ </table>
+ </td>
+ </tr>
+ <?php endforeach; ?>
+ <tr>
+ <td class="list" colspan="3"></td>
+ <td class="list">
+ <table border="0" cellspacing="0" cellpadding="1">
+ <tr>
+ <td valign="middle" width="17">&nbsp;</td>
+ <td valign="middle"><a
+ href="snort_interfaces_whitelist_edit.php?id=<?php echo $id_gen;?> "><img
+ src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif"
+ width="17" height="17" border="0" title="add a new list"></a></td>
+ </tr>
+ </table>
</td>
</tr>
</table>
diff --git a/config/snort/snort_interfaces_whitelist_edit.php b/config/snort/snort_interfaces_whitelist_edit.php
index 965dd4be..60bfea14 100644
--- a/config/snort/snort_interfaces_whitelist_edit.php
+++ b/config/snort/snort_interfaces_whitelist_edit.php
@@ -39,9 +39,10 @@
require_once("guiconfig.inc");
require_once("/usr/local/pkg/snort/snort.inc");
+if (!is_array($config['installedpackages']['snortglobal']['whitelist']))
+ $config['installedpackages']['snortglobal']['whitelist'] = array();
if (!is_array($config['installedpackages']['snortglobal']['whitelist']['item']))
$config['installedpackages']['snortglobal']['whitelist']['item'] = array();
-
$a_whitelist = &$config['installedpackages']['snortglobal']['whitelist']['item'];
$id = $_GET['id'];
@@ -52,33 +53,27 @@ if (is_null($id)) {
exit;
}
-/* gen uuid for each iface !inportant */
-if ($config['installedpackages']['snortglobal']['whitelist']['item'][$id]['uuid'] == '') {
+if (empty($config['installedpackages']['snortglobal']['whitelist']['item'][$id]['uuid'])) {
$whitelist_uuid = 0;
while ($whitelist_uuid > 65535 || $whitelist_uuid == 0) {
$whitelist_uuid = mt_rand(1, 65535);
$pconfig['uuid'] = $whitelist_uuid;
}
-} else if ($config['installedpackages']['snortglobal']['whitelist']['item'][$id]['uuid'] != '') {
+} else
$whitelist_uuid = $config['installedpackages']['snortglobal']['whitelist']['item'][$id]['uuid'];
-}
-
-$d_snort_whitelist_dirty_path = '/var/run/snort_whitelist.dirty';
/* returns true if $name is a valid name for a whitelist file name or ip */
function is_validwhitelistname($name) {
if (!is_string($name))
- return false;
+ return false;
if (!preg_match("/[^a-zA-Z0-9\.\/]/", $name))
- return true;
+ return true;
return false;
}
-
if (isset($id) && $a_whitelist[$id]) {
-
/* old settings */
$pconfig = array();
$pconfig['name'] = $a_whitelist[$id]['name'];
@@ -97,7 +92,6 @@ if (isset($id) && $a_whitelist[$id]) {
}
if ($_POST['submit']) {
-
conf_mount_rw();
unset($input_errors);
@@ -106,7 +100,6 @@ if ($_POST['submit']) {
/* input validation */
$reqdfields = explode(" ", "name");
$reqdfieldsn = explode(",", "Name");
-
do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
if(strtolower($_POST['name']) == "defaultwhitelist")
@@ -197,7 +190,6 @@ if ($_POST['submit']) {
$pgtitle = "Services: Snort: Whitelist: Edit $whitelist_uuid";
include_once("head.inc");
-
?>
<body link="#0000CC" vlink="#0000CC" alink="#0000CC" >
@@ -218,17 +210,16 @@ include("fbegin.inc");
rowsize[1] = "30";
</script>
-<?if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}?>
-
-<?php if ($input_errors) print_input_errors($input_errors); ?>
-
<?php
- if ($savemsg)
- print_info_box($savemsg);
-
+if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}
+if ($input_errors) print_input_errors($input_errors);
+if ($savemsg)
+ print_info_box($savemsg);
?>
<form action="snort_interfaces_whitelist_edit.php" method="post" name="iform" id="iform">
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+<tr><td class="tabcont">
<table width="100%" border="0" cellpadding="6" cellspacing="0">
<tr>
<td colspan="2" valign="top" class="listtopic">Add the name and