diff options
author | Ermal <eri@pfsense.org> | 2012-07-09 10:36:39 +0000 |
---|---|---|
committer | Ermal <eri@pfsense.org> | 2012-07-09 10:36:39 +0000 |
commit | e9a1eaa5bf1681f828cd6abccb5204016965cf43 (patch) | |
tree | 5ba9e485f130307ac2fd38aa21c397281eee87ba /config/snort | |
parent | 40cace16a452cd841a6b3626c44ff0d0b655956f (diff) | |
download | pfsense-packages-e9a1eaa5bf1681f828cd6abccb5204016965cf43.tar.gz pfsense-packages-e9a1eaa5bf1681f828cd6abccb5204016965cf43.tar.bz2 pfsense-packages-e9a1eaa5bf1681f828cd6abccb5204016965cf43.zip |
Use proper class for select inputs. Clean up some more code around and try to fix alerts display page
Diffstat (limited to 'config/snort')
-rw-r--r-- | config/snort/snort.inc | 7 | ||||
-rw-r--r-- | config/snort/snort_alerts.php | 89 | ||||
-rw-r--r-- | config/snort/snort_check_cron_misc.inc | 2 | ||||
-rw-r--r-- | config/snort/snort_interfaces_edit.php | 20 | ||||
-rw-r--r-- | config/snort/snort_interfaces_global.php | 12 | ||||
-rw-r--r-- | config/snort/snort_interfaces_whitelist_edit.php | 2 | ||||
-rw-r--r-- | config/snort/snort_rules.php | 2 |
7 files changed, 50 insertions, 84 deletions
diff --git a/config/snort/snort.inc b/config/snort/snort.inc index 149b6abb..677f0bca 100644 --- a/config/snort/snort.inc +++ b/config/snort/snort.inc @@ -353,7 +353,7 @@ function snort_get_real_interface($interface) { by touch and rm, snort will lose sync and not log. */ -function post_delete_logs() +function snort_post_delete_logs($snort_uuid = 0) { global $config, $g; @@ -362,11 +362,12 @@ function post_delete_logs() return; foreach ($config['installedpackages']['snortglobal']['rule'] as $value) { + if ($value['uuid'] != $snort_uuid) + continue; $if_real = snort_get_real_interface($value['interface']); - $snort_uuid = $value['uuid']; $snort_log_dir = "/var/log/snort/snort_{$if_real}{$snort_uuid}"; - if ($if_real != '' && $snort_uuid != '') { + if ($if_real != '') { $filelist = glob("{$snort_log_dir}/*{$snort_uuid}_{$if_real}.u2.*"); unset($filelist[count($filelist) - 1]); foreach ($filelist as $file) diff --git a/config/snort/snort_alerts.php b/config/snort/snort_alerts.php index c1336350..ae441131 100644 --- a/config/snort/snort_alerts.php +++ b/config/snort/snort_alerts.php @@ -44,15 +44,18 @@ $snort_load_mootools = 'yes'; $snortalertlogt = $config['installedpackages']['snortglobal']['snortalertlogtype']; +if ($_GET['instance']) + $instanceid = $_GET['instance']; +if ($_POST['instance']) + $instanceid = $_POST['instance']; +if (empty($instanceid)) + $instanceid = 0; + if (!is_array($config['installedpackages']['snortglobal']['rule'])) $config['installedpackages']['snortglobal']['rule'] = array(); $a_instance = &$config['installedpackages']['snortglobal']['rule']; -$snort_uuid = $a_instance[0]['uuid']; -$if_real = snort_get_real_interface($a_instance[0]['interface']); -if ($_POST['instance']) { - $snort_uuid = $a_instance[$_POST['instance']]['uuid']; - $if_real = snort_get_real_interface($a_instance[$_POST['instance']]['interface']); -} +$snort_uuid = $a_instance[$instanceid]['uuid']; +$if_real = snort_get_real_interface($a_instance[$instanceid]['interface']); if (is_array($config['installedpackages']['snortglobal']['alertsblocks'])) { $pconfig['arefresh'] = $config['installedpackages']['snortglobal']['alertsblocks']['arefresh']; @@ -73,22 +76,22 @@ if ($_POST['save']) write_config(); - header("Location: /snort/snort_alerts.php"); + header("Location: /snort/snort_alerts.php?instance={$instanceid}"); exit; } if ($_GET['action'] == "clear" || $_POST['clear']) { if (file_exists("/var/log/snort/snort_{$if_real}{$snort_uuid}/alert")) { conf_mount_rw(); + snort_post_delete_logs($snort_uuid); @file_put_contents("/var/log/snort/snort_{$if_real}{$snort_uuid}/alert", ""); - post_delete_logs(); /* XXX: This is needed is snort is run as snort user */ //mwexec('/usr/sbin/chown snort:snort /var/log/snort/*', true); mwexec('/bin/chmod 660 /var/log/snort/*', true); mwexec("/bin/pkill -HUP -F {$g['varrun_path']}/snort_{$if_real}{$snort_uuid}.pid -a"); conf_mount_ro(); } - header("Location: /snort/snort_alerts.php"); + header("Location: /snort/snort_alerts.php?instance={$instanceid}"); exit; } @@ -110,7 +113,7 @@ if ($_POST['download']) { exec("/bin/rm /tmp/{$file_name}"); } - header("Location: /snort/snort_alerts.php"); + header("Location: /snort/snort_alerts.php?instance={$instanceid}"); exit; } @@ -249,9 +252,7 @@ include_once("head.inc"); <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php - include_once("fbegin.inc"); -echo $snort_general_css; /* refresh every 60 secs */ if ($pconfig['arefresh'] == 'on') @@ -259,7 +260,6 @@ if ($pconfig['arefresh'] == 'on') ?> <div class="body2"><?if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}?> - <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr><td> <?php @@ -286,10 +286,13 @@ if ($pconfig['arefresh'] == 'on') <tr> <td width="22%" class="vncell">Instance to inspect</td> <td width="78%" class="vtable"> - <br/> <select name="instance" id="instance" class="formfld unkown" onChange="document.getElementById('formalert').submit()"> + <br/> <select name="instance" id="instance" class="formselect" onChange="document.getElementById('formalert').submit()"> <?php foreach ($a_instance as $id => $instance) { - echo "<option value='{$id}'> (" . snort_get_friendly_interface($instance['interface']) . "){$instance['descr']}</option>\n"; + $selected = ""; + if ($id == $instanceid) + $selected = "selected"; + echo "<option value='{$id}' {$selected}> (" . snort_get_friendly_interface($instance['interface']) . "){$instance['descr']}</option>\n"; } ?> </select><br/> Choose which instance alerts you want to inspect. @@ -364,53 +367,37 @@ if ($pconfig['arefresh'] == 'on') if (!file_exists("/var/log/snort/snort_{$if_real}{$snort_uuid}/alert")) @touch("/var/log/snort/snort_{$if_real}{$snort_uuid}/alert"); - $logent = $anentries; - /* detect the alert file type */ if ($snortalertlogt == 'full') $alerts_array = array_reverse(explode("\n\n", file_get_contents("/var/log/snort/snort_{$if_real}{$snort_uuid}/alert"))); else $alerts_array = array_reverse(explode("\n", file_get_contents("/var/log/snort/snort_{$if_real}{$snort_uuid}/alert"))); - - if (is_array($alerts_array)) { - - $counter = 0; - foreach($alerts_array as $fileline) - { - - if($logent <= $counter) - continue; - - $counter++; + foreach($alerts_array as $counter => $fileline) { + if (empty($fileline)) + continue; + if ($counter > $anentries) + break; /* Date */ $alert_date_str = get_snort_alert_date($fileline); - if($alert_date_str != '') - { $alert_date = $alert_date_str; - }else{ + else $alert_date = 'empty'; - } /* Discription */ $alert_disc_str = get_snort_alert_disc($fileline); - - if($alert_disc_str != '') - { - $alert_disc = $alert_disc_str; - }else{ + if(empty($alert_disc_str)) $alert_disc = 'empty'; - } + else + $alert_disc = $alert_disc_str; /* Classification */ $alert_class_str = get_snort_alert_class($fileline); - if($alert_class_str != '') { - $alert_class_match = array('[Classification:',']'); $alert_class = str_replace($alert_class_match, '', "$alert_class_str"); }else{ @@ -419,7 +406,6 @@ if ($pconfig['arefresh'] == 'on') /* Priority */ $alert_priority_str = get_snort_alert_priority($fileline); - if($alert_priority_str != '') { $alert_priority_match = array('Priority: ',']'); @@ -447,7 +433,6 @@ if ($pconfig['arefresh'] == 'on') /* IP SRC */ $alert_ip_src_str = get_snort_alert_ip_src($fileline); - if($alert_ip_src_str != '') { $alert_ip_src = $alert_ip_src_str; @@ -457,7 +442,6 @@ if ($pconfig['arefresh'] == 'on') /* IP SRC Port */ $alert_src_p_str = get_snort_alert_src_p($fileline); - if($alert_src_p_str != '') { $alert_src_p_match = array(' -',':'); @@ -468,7 +452,6 @@ if ($pconfig['arefresh'] == 'on') /* Flow */ $alert_flow_str = get_snort_alert_flow($fileline); - if($alert_flow_str != '') { $alert_flow = $alert_flow_str; @@ -478,7 +461,6 @@ if ($pconfig['arefresh'] == 'on') /* IP Destination */ $alert_ip_dst_str = get_snort_alert_ip_dst($fileline); - if($alert_ip_dst_str != '') { $alert_ip_dst = $alert_ip_dst_str; @@ -516,8 +498,6 @@ if ($pconfig['arefresh'] == 'on') } /* NOTE: using one echo improves performance by 2x */ - if ($alert_disc != 'empty') - { echo "<tr id=\"{$counter}\"> <td class=\"centerAlign\">{$counter}</td> <td class=\"centerAlign\">{$alert_priority}</td> @@ -532,31 +512,16 @@ if ($pconfig['arefresh'] == 'on') <td class=\"centerAlign\">{$alert_sid}</td> <td>{$alert_date}</td> </tr>\n"; - } - - // <script type="text/javascript"> - // var myTable = {}; - // window.addEvent('domready', function(){ - // myTable = new sortableTable('myTable', {overCls: 'over', onClick: function(){alert(this.id)}}); - // }); - // </script> - } } - ?> </tbody> </table> </td> </table> - </div> - <?php include("fend.inc"); - -echo $snort_custom_rnd_box; - ?> </body> </html> diff --git a/config/snort/snort_check_cron_misc.inc b/config/snort/snort_check_cron_misc.inc index 84f62a0d..ccdaa758 100644 --- a/config/snort/snort_check_cron_misc.inc +++ b/config/snort/snort_check_cron_misc.inc @@ -70,7 +70,7 @@ foreach ($config['installedpackages']['snortglobal']['rule'] as $value) { conf_mount_rw(); if ($snortlogAlertsizeKB >= $snortloglimitAlertsizeKB) @file_put_contents("{$snort_log_dir}/alert", ""); - post_delete_logs(); + snort_post_delete_logs($snort_uuid); conf_mount_ro(); } diff --git a/config/snort/snort_interfaces_edit.php b/config/snort/snort_interfaces_edit.php index 182d0e76..12cb9b00 100644 --- a/config/snort/snort_interfaces_edit.php +++ b/config/snort/snort_interfaces_edit.php @@ -466,7 +466,7 @@ function enable_change(enable_change) { <tr> <td width="22%" valign="top" class="vncellreq2">Interface</td> <td width="78%" class="vtable"> - <select name="interface" class="formfld"> + <select name="interface" class="formselect"> <?php if (function_exists('get_configured_interface_with_descr')) $interfaces = get_configured_interface_with_descr(); @@ -495,8 +495,8 @@ function enable_change(enable_change) { </tr> <tr> <td width="22%" valign="top" class="vncell2">Memory Performance</td> - <td width="78%" class="vtable"><select name="performance" - class="formfld" id="performance"> + <td width="78%" class="vtable"> + <select name="performance" class="formselect" id="performance"> <?php $interfaces2 = array('ac-bnfa' => 'AC-BNFA', 'lowmem' => 'LOWMEM', 'ac-std' => 'AC-STD', 'ac' => 'AC', 'ac-banded' => 'AC-BANDED', 'ac-sparsebands' => 'AC-SPARSEBANDS', 'acs' => 'ACS'); foreach ($interfaces2 as $iface2 => $ifacename2): ?> @@ -518,8 +518,8 @@ function enable_change(enable_change) { </tr> <tr> <td width="22%" valign="top" class="vncell2">Home net</td> - <td width="78%" class="vtable"><select name="homelistname" - class="formfld" id="homelistname"> + <td width="78%" class="vtable"> + <select name="homelistname" class="formselect" id="homelistname"> <?php echo "<option value='default' >default</option>"; /* find whitelist names and filter by type */ @@ -545,8 +545,8 @@ function enable_change(enable_change) { </tr> <tr> <td width="22%" valign="top" class="vncell2">External net</td> - <td width="78%" class="vtable"><select name="externallistname" - class="formfld" id="externallistname"> + <td width="78%" class="vtable"> + <select name="externallistname" class="formselect" id="externallistname"> <?php echo "<option value='default' >default</option>"; /* find whitelist names and filter by type */ @@ -589,7 +589,7 @@ function enable_change(enable_change) { <tr> <td width="22%" valign="top" class="vncell2">Which ip to block</td> <td width="78%" class="vtable"> - <select name="blockoffendersip" class="formfld" id="blockoffendersip"> + <select name="blockoffendersip" class="formselect" id="blockoffendersip"> <?php foreach (array("src", "dst", "both") as $btype) { if ($btype == $pconfig['blockoffendersip']) @@ -606,7 +606,7 @@ function enable_change(enable_change) { <tr> <td width="22%" valign="top" class="vncell2">Whitelist</td> <td width="78%" class="vtable"> - <select name="whitelistname" class="formfld" id="whitelistname"> + <select name="whitelistname" class="formselect" id="whitelistname"> <?php /* find whitelist names and filter by type, make sure to track by uuid */ echo "<option value='default' >default</option>\n"; @@ -633,7 +633,7 @@ function enable_change(enable_change) { <td width="22%" valign="top" class="vncell2">Suppression and filtering</td> <td width="78%" class="vtable"> - <select name="suppresslistname" class="formfld" id="suppresslistname"> + <select name="suppresslistname" class="formselect" id="suppresslistname"> <?php echo "<option value='default' >default</option>\n"; if (is_array($config['installedpackages']['snortglobal']['suppress']['item'])) { diff --git a/config/snort/snort_interfaces_global.php b/config/snort/snort_interfaces_global.php index c49390a1..acfcfde9 100644 --- a/config/snort/snort_interfaces_global.php +++ b/config/snort/snort_interfaces_global.php @@ -297,8 +297,8 @@ enable JavaScript to view this content <tr> <td width="22%" valign="top" class="vncell2">Update rules automatically</td> - <td width="78%" class="vtable"><select name="autorulesupdate7" - class="formfld" id="autorulesupdate7"> + <td width="78%" class="vtable"> + <select name="autorulesupdate7" class="formselect" id="autorulesupdate7"> <?php $interfaces3 = array('never_up' => 'NEVER', '6h_up' => '6 HOURS', '12h_up' => '12 HOURS', '1d_up' => '1 DAY', '4d_up' => '4 DAYS', '7d_up' => '7 DAYS', '28d_up' => '28 DAYS'); foreach ($interfaces3 as $iface3 => $ifacename3): ?> @@ -361,8 +361,8 @@ enable JavaScript to view this content <tr> <td width="22%" valign="top" class="vncell2">Remove blocked hosts every</td> - <td width="78%" class="vtable"><select name="rm_blocked" - class="formfld" id="rm_blocked"> + <td width="78%" class="vtable"> + <select name="rm_blocked" class="formselect" id="rm_blocked"> <?php $interfaces3 = array('never_b' => 'NEVER', '1h_b' => '1 HOUR', '3h_b' => '3 HOURS', '6h_b' => '6 HOURS', '12h_b' => '12 HOURS', '1d_b' => '1 DAY', '4d_b' => '4 DAYS', '7d_b' => '7 DAYS', '28d_b' => '28 DAYS'); foreach ($interfaces3 as $iface3 => $ifacename3): ?> @@ -378,8 +378,8 @@ enable JavaScript to view this content <tr> <td width="22%" valign="top" class="vncell2">Alerts file description type</td> - <td width="78%" class="vtable"><select name="snortalertlogtype" - class="formfld" id="snortalertlogtype"> + <td width="78%" class="vtable"> + <select name="snortalertlogtype" class="formselect" id="snortalertlogtype"> <?php $interfaces4 = array('full' => 'FULL', 'fast' => 'SHORT'); foreach ($interfaces4 as $iface4 => $ifacename4): ?> diff --git a/config/snort/snort_interfaces_whitelist_edit.php b/config/snort/snort_interfaces_whitelist_edit.php index fe3c54a5..a546c642 100644 --- a/config/snort/snort_interfaces_whitelist_edit.php +++ b/config/snort/snort_interfaces_whitelist_edit.php @@ -272,7 +272,7 @@ echo $snort_general_css; <strong>NETLIST:</strong> This list is for defining addresses as $HOME_NET or $EXTERNAL_NET in the snort.conf file.</div> - <select name="snortlisttype" class="formfld" id="snortlisttype"> + <select name="snortlisttype" class="formselect" id="snortlisttype"> <?php $interfaces4 = array('whitelist' => 'WHITELIST', 'netlist' => 'NETLIST'); foreach ($interfaces4 as $iface4 => $ifacename4): ?> diff --git a/config/snort/snort_rules.php b/config/snort/snort_rules.php index d04e1b41..56c68980 100644 --- a/config/snort/snort_rules.php +++ b/config/snort/snort_rules.php @@ -282,7 +282,7 @@ function popup(url) <tr> <td class="listt" colspan="8"> <br>Category: - <select id="selectbox" name="selectbox" class="formfld" onChange="go()"> + <select id="selectbox" name="selectbox" class="formselect" onChange="go()"> <?php foreach ($files as $value) { echo "<option value='?id={$id}&openruleset={$ruledir}{$value}' "; |