snort, remove old code, fix barmnyrad2

author: robiscool <robrob2626@yahoo.com> 2010-05-03 13:37:58 -0700
committer: robiscool <robrob2626@yahoo.com> 2010-05-03 13:38:38 -0700
commit: ee7d8c15e499214c78b29c99d3a275973e8a3b7c (patch)
tree: f904a9333f2cf099338a1317cff3109c31ad9865 /config/snort
parent: a9e757fce0e6e8e15dad63a02472959af52f8ff4 (diff)
download: pfsense-packages-ee7d8c15e499214c78b29c99d3a275973e8a3b7c.tar.gz
pfsense-packages-ee7d8c15e499214c78b29c99d3a275973e8a3b7c.tar.bz2
pfsense-packages-ee7d8c15e499214c78b29c99d3a275973e8a3b7c.zip
6 files changed, 1164 insertions, 1186 deletions
diff --git a/config/snort/snort.inc b/config/snort/snort.inc
index 035865e2..28f933b2 100644
--- a/config/snort/snort.inc
+++ b/config/snort/snort.inc
@@ -311,14 +311,14 @@ global $config, $g;
 
 		$snort_info_chk = $config['installedpackages']['snortglobal']['rule'][$id]['enable'];
 		if ($snort_info_chk == 'on') {
-		exec("/usr/local/bin/snort -u snort -g snort -R \"{$snort_uuid}{$if_real}\" -D -q -l /var/log/snort --pid-path /var/log/snort/run -G {$snort_uuid} -c /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/snort.conf -i {$if_real}");
+		exec("/usr/local/bin/snort -u snort -g snort -R \"{$snort_uuid}{$if_real}\" -D -q -t /var/log/snort -l /var/log/snort --pid-path /var/log/snort/run -G {$snort_uuid} -c /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/snort.conf -i {$if_real}");
 		}
 		/* define snortbarnyardlog_chk */
 		/* top will have trouble if the uuid is to far back */
 		$snortbarnyardlog_info_chk = $config['installedpackages']['snortglobal']['rule'][$id]['barnyard_enable'];
 		$snortbarnyardlog_mysql_info_chk = $config['installedpackages']['snortglobal']['rule'][$id]['barnyard_mysql'];
 		if ($snortbarnyardlog_info_chk == 'on' && $snortbarnyardlog_mysql_info_chk != '' && $snort_info_chk == 'on') {
-		exec("/usr/local/bin/barnyard2 -f \"snort_{$snort_uuid}_{$if_real}.u2\" -u snort -g snort --pid-path /var/log/snort/run -c /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/barnyard2.conf -w /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/barnyard2.waldo -D -q");
+		exec("/usr/local/bin/barnyard2 -f \"snort_{$snort_uuid}_{$if_real}.u2\" -u snort -g snort --pid-path /var/log/snort/run -c /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/barnyard2.conf -d /var/log/snort -D -q");
 		}
 		
 		/* Log Iface stop */
@@ -988,10 +988,11 @@ function sync_snort_package_all($id, $if_real, $snort_uuid)
 
 /* RedDevil suggested code */
 /* TODO: more testing needs to be done */
-exec("/sbin/sysctl net.bpf.bufsize=8388608");
-exec("/sbin/sysctl net.bpf.maxbufsize=4194304");
-exec("/sbin/sysctl net.bpf.maxinsns=512");
-exec("/sbin/sysctl net.inet.tcp.rfc1323=1");
+/* may cause voip to fail */
+//exec("/sbin/sysctl net.bpf.bufsize=8388608");
+//exec("/sbin/sysctl net.bpf.maxbufsize=4194304");
+//exec("/sbin/sysctl net.bpf.maxinsns=512");
+//exec("/sbin/sysctl net.inet.tcp.rfc1323=1");
 
 # Error checking
 if ($id != '' && $if_real != '') //new
@@ -1045,10 +1046,11 @@ function sync_snort_package_empty()
 	
 /* RedDevil suggested code */
 /* TODO: more testing needs to be done */
-exec("/sbin/sysctl net.bpf.bufsize=8388608");
-exec("/sbin/sysctl net.bpf.maxbufsize=4194304");
-exec("/sbin/sysctl net.bpf.maxinsns=512");
-exec("/sbin/sysctl net.inet.tcp.rfc1323=1");
+/* may cause voip to fail */
+//exec("/sbin/sysctl net.bpf.bufsize=8388608");
+//exec("/sbin/sysctl net.bpf.maxbufsize=4194304");
+//exec("/sbin/sysctl net.bpf.maxinsns=512");
+//exec("/sbin/sysctl net.inet.tcp.rfc1323=1");
 
 	/* do not start config build if rules is empty */
 	if (!empty($config['installedpackages']['snortglobal']['rule'])) 
@@ -1115,10 +1117,11 @@ function sync_snort_package_config()
 	
 /* RedDevil suggested code */
 /* TODO: more testing needs to be done */
-exec("/sbin/sysctl net.bpf.bufsize=8388608");
-exec("/sbin/sysctl net.bpf.maxbufsize=4194304");
-exec("/sbin/sysctl net.bpf.maxinsns=512");
-exec("/sbin/sysctl net.inet.tcp.rfc1323=1");
+/* may cause voip to fail */
+//exec("/sbin/sysctl net.bpf.bufsize=8388608");
+//exec("/sbin/sysctl net.bpf.maxbufsize=4194304");
+//exec("/sbin/sysctl net.bpf.maxinsns=512");
+//exec("/sbin/sysctl net.inet.tcp.rfc1323=1");
 
 	/* do not start config build if rules is empty */
 	if (!empty($config['installedpackages']['snortglobal']['rule'])) 
@@ -1348,7 +1351,7 @@ function create_snort_sh()
 	$snortbarnyardlog_mysql_info_chk = $config['installedpackages']['snortglobal']['rule'][$id]['barnyard_mysql'];
 	
 	if ($snortbarnyardlog_info_chk == 'on' && $snortbarnyardlog_mysql_info_chk != '') {
-	$start_barnyard2 = "sleep 4;/usr/local/bin/barnyard2 -f snort_{$snort_uuid}_{$if_real}.u2 -u snort -g snort --pid-path /var/log/snort/run -c /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/barnyard2.conf -w /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/barnyard2.waldo -D -q";
+	$start_barnyard2 = "sleep 4;/usr/local/bin/barnyard2 -f snort_{$snort_uuid}_{$if_real}.u2 -u snort -g snort --pid-path /var/log/snort/run -c /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/barnyard2.conf -d /var/log/snort -D -q";
 	}
 			
 /* Get all interface startup commands ready */
@@ -1365,7 +1368,7 @@ $snort_sh_text2[] = <<<EOD
 		/bin/rm /var/run/snort_{$snort_uuid}_{$if_real}.pid
 		/bin/rm /var/run/snort_{$snort_uuid}_{$if_real}.pid.lck
 
-		/usr/local/bin/snort -u snort -g snort -R {$snort_uuid}{$if_real} -D -q -l /var/log/snort --pid-path /var/log/snort/run -G {$snort_uuid} -c /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/snort.conf -i {$if_real}
+		/usr/local/bin/snort -u snort -g snort -R {$snort_uuid}{$if_real} -D -q -t /var/log/snort -l /var/log/snort --pid-path /var/log/snort/run -G {$snort_uuid} -c /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/snort.conf -i {$if_real}
 		$start_barnyard2
 
 		/usr/bin/logger -p daemon.info -i -t SnortStartup "Snort HARD Reload For {$snort_uuid}_{$if_real}..."
@@ -1554,14 +1557,14 @@ function create_barnyard2_conf($id, $if_real, $snort_uuid) {
 
 		if(!file_exists("/usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/barnyard2.conf"))
 		{
-			exec("/bin//usr/bin/touch /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/barnyard2.conf");
+			exec("/usr/bin/touch /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/barnyard2.conf");
 		}
 
-		if(!file_exists("/usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/barnyard2.waldo"))
+		if(!file_exists("/var/log/snort/barnyard2/{$snort_uuid}_{$if_real}.waldo"))
 		{
-			exec("/bin//usr/bin/touch /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/barnyard2.waldo");
-			exec("/usr/sbin/chown snort:snort /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/barnyard2.waldo");
-			exec("/bin/chmod 770 /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/barnyard2.waldo");
+			exec("/usr/bin/touch /var/log/snort/barnyard2/{$snort_uuid}_{$if_real}.waldo");
+			exec("/usr/sbin/chown snort:snort /var/log/snort/barnyard2/{$snort_uuid}_{$if_real}.waldo");
+			exec("/bin/chmod 770 /var/log/snort/barnyard2/{$snort_uuid}_{$if_real}.waldo");
 		}
 		
         $barnyard2_conf_text = generate_barnyard2_conf($id, $if_real, $snort_uuid);
@@ -1625,6 +1628,8 @@ config sid_file:	        /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/sid
 
 config hostname:       $snortbarnyardlog_hostname_info_chk
 config interface:      {$snort_uuid}_{$if_real}
+config decode_data_link
+config waldo_file: /var/log/snort/barnyard2/{$snort_uuid}_{$if_real}.waldo
 
 ## START user pass through ##
 
diff --git a/config/snort/snort_interfaces.php b/config/snort/snort_interfaces.php
index d9ecc333..9db023a7 100644
--- a/config/snort/snort_interfaces.php
+++ b/config/snort/snort_interfaces.php
@@ -240,7 +240,7 @@ if ($_GET['act'] == 'toggle' && $_GET['id'] != '')
 
 
 
-$pgtitle = "Services: Snort 2.8.5.3 pkg v. 1.24";
+$pgtitle = "Services: Snort 2.8.5.3 pkg v. 1.25";
 include("head.inc");
 
 ?>
diff --git a/config/snort/snort_interfaces_suppress.php b/config/snort/snort_interfaces_suppress.php
index c2ecf817..3f67cca8 100644
--- a/config/snort/snort_interfaces_suppress.php
+++ b/config/snort/snort_interfaces_suppress.php
@@ -1,170 +1,170 @@
-<?php
-/* $Id$ */
-/*
-	firewall_aliases.php
-	Copyright (C) 2004 Scott Ullrich
-	All rights reserved.
-
-	originially part of m0n0wall (http://m0n0.ch/wall)
-	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
-	All rights reserved.
-	
-	modified for the pfsense snort package
-	Copyright (C) 2009-2010 Robert Zelaya.
-	All rights reserved.
-
-	Redistribution and use in source and binary forms, with or without
-	modification, are permitted provided that the following conditions are met:
-
-	1. Redistributions of source code must retain the above copyright notice,
-	   this list of conditions and the following disclaimer.
-
-	2. Redistributions in binary form must reproduce the above copyright
-	   notice, this list of conditions and the following disclaimer in the
-	   documentation and/or other materials provided with the distribution.
-
-	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-	POSSIBILITY OF SUCH DAMAGE.
-*/
-
-require("guiconfig.inc");
-
-
-if (!is_array($config['installedpackages']['snortglobal']['suppress']['item']))
-	$config['installedpackages']['snortglobal']['suppress']['item'] = array();
-
-//aliases_sort(); << what ?
-$a_suppress = &$config['installedpackages']['snortglobal']['suppress']['item'];
-
-if (isset($config['installedpackages']['snortglobal']['suppress']['item'])) {
-$id_gen = count($config['installedpackages']['snortglobal']['suppress']['item']);
-}else{
-$id_gen = '0';
-}
-
-$d_suppresslistdirty_path = '/var/run/snort_suppress.dirty';
-
-if ($_POST) {
-
-	$pconfig = $_POST;
-
-	if ($_POST['apply']) {
-		$retval = 0;
-
-		if(stristr($retval, "error") <> true)
-		    $savemsg = get_std_save_message($retval);
-		else
-		    $savemsg = $retval;
-		if ($retval == 0) {
-			if (file_exists($d_suppresslistdirty_path))
-				unlink($d_suppresslistdirty_path);
-		}
-	}
-}
-
-if ($_GET['act'] == "del") {
-	if ($a_suppress[$_GET['id']]) {
-		/* make sure rule is not being referenced by any nat or filter rules */
-
-			unset($a_suppress[$_GET['id']]);
-			write_config();
-			filter_configure();
-			touch($d_suppresslistdirty_path);
-			header("Location: /snort/snort_interfaces_suppress.php");
-			exit;
-	}
-}
-
-$pgtitle = "Services: Snort: Suppression";
-include("head.inc");
-
-?>
-
-<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
-<?php include("./snort_fbegin.inc"); ?>
-<p class="pgtitle"><?=$pgtitle?></p>
-<form action="/snort/snort_interfaces_suppress.php" method="post">
-<?php if ($savemsg) print_info_box($savemsg); ?>
-<?php if (file_exists($d_suppresslistdirty_path)): ?><p>
-<?php print_info_box_np("The white list has been changed.<br>You must apply the changes in order for them to take effect.");?>
-<?php endif; ?>
-
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-  <tr><td class="tabnavtbl">
-<?php
-	$tab_array = array();
-	$tab_array[] = array("Snort Interfaces", false, "/snort/snort_interfaces.php");
-	$tab_array[] = array("Global Settings", false, "/snort/snort_interfaces_global.php");
-	$tab_array[] = array("Rule Updates", false, "/snort/snort_download_rules.php");
-	$tab_array[] = array("Alerts", false, "/snort/snort_alerts.php");
-    $tab_array[] = array("Blocked", false, "/snort/snort_blocked.php");
-	$tab_array[] = array("Whitelists", false, "/snort/snort_interfaces_whitelist.php");
-	$tab_array[] = array("Suppress", true, "/snort/snort_interfaces_suppress.php");
-	$tab_array[] = array("Help", false, "/snort/snort_help_info.php");
-	display_top_tabs($tab_array);
-?>    </td></tr>
-<tr>
-<td class="tabcont">
-
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-
-<tr>
-  <td width="30%" class="listhdrr">File Name</td>
-  <td width="70%" class="listhdr">Description</td>
-
-  <td width="10%" class="list">
-  </td>
-</tr>
-	  <?php $i = 0; foreach ($a_suppress as $list): ?>
-<tr>
-  <td class="listlr" ondblclick="document.location='snort_interfaces_suppress_edit.php?id=<?=$i;?>';">
-    <?=htmlspecialchars($list['name']);?>
-  </td>
-  <td class="listbg" ondblclick="document.location='snort_interfaces_suppress_edit.php?id=<?=$i;?>';">
-    <font color="#FFFFFF">
-    <?=htmlspecialchars($list['descr']);?>&nbsp;
-  </td>
-
-  <td valign="middle" nowrap class="list">
-    <table border="0" cellspacing="0" cellpadding="1">
-      <tr>
-        <td valign="middle"><a href="snort_interfaces_suppress_edit.php?id=<?=$i;?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0" title="edit whitelist"></a></td>
-        <td><a href="/snort/snort_interfaces_whitelist.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this whitelist? All elements that still use it will become invalid (e.g. snort rules will fall back to the default whitelist)!')"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="delete whitelist"></a></td>
-      </tr>
-    </table>
-  </td>
-</tr>
-	  <?php $i++; endforeach; ?>
-<tr>
-  <td class="list" colspan="2"></td>
-  <td class="list">
-    <table border="0" cellspacing="0" cellpadding="1">
-      <tr>
-	<td valign="middle" width="17">&nbsp;</td>
-        <td valign="middle"><a href="snort_interfaces_suppress_edit.php?id=<?php echo $id_gen;?> "><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="add a new list"></a></td>
-      </tr>
-    </table>
-  </td>
-</tr>
-</table>
-  </td>
-  </tr>
-  </table>
-<br>
-<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
-<td width="100%"><span class="vexpl"><span class="red"><strong>Note:</strong></span>
-   <p><span class="vexpl">Here you can create event filtering and suppression for your snort package rules.<br>Please note that you must restart a running rule so that changes can take effect.</span></p>
-</td>
-</table>
-</form>
-<?php include("fend.inc"); ?>
-</body>
-</html>
+<?php
+/* $Id$ */
+/*
+	firewall_aliases.php
+	Copyright (C) 2004 Scott Ullrich
+	All rights reserved.
+
+	originially part of m0n0wall (http://m0n0.ch/wall)
+	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
+	All rights reserved.
+	
+	modified for the pfsense snort package
+	Copyright (C) 2009-2010 Robert Zelaya.
+	All rights reserved.
+
+	Redistribution and use in source and binary forms, with or without
+	modification, are permitted provided that the following conditions are met:
+
+	1. Redistributions of source code must retain the above copyright notice,
+	   this list of conditions and the following disclaimer.
+
+	2. Redistributions in binary form must reproduce the above copyright
+	   notice, this list of conditions and the following disclaimer in the
+	   documentation and/or other materials provided with the distribution.
+
+	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+	POSSIBILITY OF SUCH DAMAGE.
+*/
+
+require("guiconfig.inc");
+
+
+if (!is_array($config['installedpackages']['snortglobal']['suppress']['item']))
+	$config['installedpackages']['snortglobal']['suppress']['item'] = array();
+
+//aliases_sort(); << what ?
+$a_suppress = &$config['installedpackages']['snortglobal']['suppress']['item'];
+
+if (isset($config['installedpackages']['snortglobal']['suppress']['item'])) {
+$id_gen = count($config['installedpackages']['snortglobal']['suppress']['item']);
+}else{
+$id_gen = '0';
+}
+
+$d_suppresslistdirty_path = '/var/run/snort_suppress.dirty';
+
+if ($_POST) {
+
+	$pconfig = $_POST;
+
+	if ($_POST['apply']) {
+		$retval = 0;
+
+		if(stristr($retval, "error") <> true)
+		    $savemsg = get_std_save_message($retval);
+		else
+		    $savemsg = $retval;
+		if ($retval == 0) {
+			if (file_exists($d_suppresslistdirty_path))
+				unlink($d_suppresslistdirty_path);
+		}
+	}
+}
+
+if ($_GET['act'] == "del") {
+	if ($a_suppress[$_GET['id']]) {
+		/* make sure rule is not being referenced by any nat or filter rules */
+
+			unset($a_suppress[$_GET['id']]);
+			write_config();
+			filter_configure();
+			touch($d_suppresslistdirty_path);
+			header("Location: /snort/snort_interfaces_suppress.php");
+			exit;
+	}
+}
+
+$pgtitle = "Services: Snort: Suppression";
+include("head.inc");
+
+?>
+
+<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
+<?php include("./snort_fbegin.inc"); ?>
+<p class="pgtitle"><?=$pgtitle?></p>
+<form action="/snort/snort_interfaces_suppress.php" method="post">
+<?php if ($savemsg) print_info_box($savemsg); ?>
+<?php if (file_exists($d_suppresslistdirty_path)): ?><p>
+<?php print_info_box_np("The white list has been changed.<br>You must apply the changes in order for them to take effect.");?>
+<?php endif; ?>
+
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+  <tr><td class="tabnavtbl">
+<?php
+	$tab_array = array();
+	$tab_array[] = array("Snort Interfaces", false, "/snort/snort_interfaces.php");
+	$tab_array[] = array("Global Settings", false, "/snort/snort_interfaces_global.php");
+	$tab_array[] = array("Rule Updates", false, "/snort/snort_download_rules.php");
+	$tab_array[] = array("Alerts", false, "/snort/snort_alerts.php");
+    $tab_array[] = array("Blocked", false, "/snort/snort_blocked.php");
+	$tab_array[] = array("Whitelists", false, "/snort/snort_interfaces_whitelist.php");
+	$tab_array[] = array("Suppress", true, "/snort/snort_interfaces_suppress.php");
+	$tab_array[] = array("Help", false, "/snort/snort_help_info.php");
+	display_top_tabs($tab_array);
+?>    </td></tr>
+<tr>
+<td class="tabcont">
+
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+
+<tr>
+  <td width="30%" class="listhdrr">File Name</td>
+  <td width="70%" class="listhdr">Description</td>
+
+  <td width="10%" class="list">
+  </td>
+</tr>
+	  <?php $i = 0; foreach ($a_suppress as $list): ?>
+<tr>
+  <td class="listlr" ondblclick="document.location='snort_interfaces_suppress_edit.php?id=<?=$i;?>';">
+    <?=htmlspecialchars($list['name']);?>
+  </td>
+  <td class="listbg" ondblclick="document.location='snort_interfaces_suppress_edit.php?id=<?=$i;?>';">
+    <font color="#FFFFFF">
+    <?=htmlspecialchars($list['descr']);?>&nbsp;
+  </td>
+
+  <td valign="middle" nowrap class="list">
+    <table border="0" cellspacing="0" cellpadding="1">
+      <tr>
+        <td valign="middle"><a href="snort_interfaces_suppress_edit.php?id=<?=$i;?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0" title="edit whitelist"></a></td>
+        <td><a href="/snort/snort_interfaces_whitelist.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this whitelist? All elements that still use it will become invalid (e.g. snort rules will fall back to the default whitelist)!')"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="delete whitelist"></a></td>
+      </tr>
+    </table>
+  </td>
+</tr>
+	  <?php $i++; endforeach; ?>
+<tr>
+  <td class="list" colspan="2"></td>
+  <td class="list">
+    <table border="0" cellspacing="0" cellpadding="1">
+      <tr>
+	<td valign="middle" width="17">&nbsp;</td>
+        <td valign="middle"><a href="snort_interfaces_suppress_edit.php?id=<?php echo $id_gen;?> "><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="add a new list"></a></td>
+      </tr>
+    </table>
+  </td>
+</tr>
+</table>
+  </td>
+  </tr>
+  </table>
+<br>
+<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
+<td width="100%"><span class="vexpl"><span class="red"><strong>Note:</strong></span>
+   <p><span class="vexpl">Here you can create event filtering and suppression for your snort package rules.<br>Please note that you must restart a running rule so that changes can take effect.</span></p>
+</td>
+</table>
+</form>
+<?php include("fend.inc"); ?>
+</body>
+</html>
diff --git a/config/snort/snort_interfaces_suppress_edit.php b/config/snort/snort_interfaces_suppress_edit.php
index af3e4a9b..530a7800 100644
--- a/config/snort/snort_interfaces_suppress_edit.php
+++ b/config/snort/snort_interfaces_suppress_edit.php
@@ -1,324 +1,312 @@
-<?php
-/* $Id$ */
-/*
-	firewall_aliases_edit.php
-	Copyright (C) 2004 Scott Ullrich
-	All rights reserved.
-
-	originially part of m0n0wall (http://m0n0.ch/wall)
-	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
-	All rights reserved.
-	
-	modified for the pfsense snort package
-	Copyright (C) 2009-2010 Robert Zelaya.
-	All rights reserved.
-
-	Redistribution and use in source and binary forms, with or without
-	modification, are permitted provided that the following conditions are met:
-
-	1. Redistributions of source code must retain the above copyright notice,
-	   this list of conditions and the following disclaimer.
-
-	2. Redistributions in binary form must reproduce the above copyright
-	   notice, this list of conditions and the following disclaimer in the
-	   documentation and/or other materials provided with the distribution.
-
-	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-	POSSIBILITY OF SUCH DAMAGE.
-*/
-
-require_once("guiconfig.inc");
-require_once("/usr/local/pkg/snort/snort.inc");
-require_once("/usr/local/pkg/snort/snort_gui.inc");
-
-if (!is_array($config['installedpackages']['snortglobal']['suppress']['item']))
-	$config['installedpackages']['snortglobal']['suppress']['item'] = array();
-
-$a_suppress = &$config['installedpackages']['snortglobal']['suppress']['item'];
-
-$id = $_GET['id'];
-if (isset($_POST['id']))
-	$id = $_POST['id'];
-
-
-/* gen uuid for each iface !inportant */
-if ($config['installedpackages']['snortglobal']['suppress']['item'][$id]['uuid'] == '') {
-	//$snort_uuid = gen_snort_uuid(strrev(uniqid(true)));
-$suppress_uuid = 0;
-while ($suppress_uuid > 65535 || $suppress_uuid == 0) {
-	$suppress_uuid = mt_rand(1, 65535);
-	$pconfig['uuid'] = $suppress_uuid;
-	}
-}
-
-if ($config['installedpackages']['snortglobal']['suppress']['item'][$id]['uuid'] != '') {
-	$suppress_uuid = $config['installedpackages']['snortglobal']['suppress']['item'][$id]['uuid'];
-}	
-	
-$pgtitle = "Services: Snort: Suppression: Edit $suppress_uuid";
-
-$d_snort_suppress_dirty_path = '/var/run/snort_suppress.dirty';
-
-/* returns true if $name is a valid name for a whitelist file name or ip */
-function is_validwhitelistname($name) {
-	if (!is_string($name))
-		return false;
-
-	if (!preg_match("/[^a-zA-Z0-9\.\/]/", $name))
-		return true;
-
-	return false;
-}
-	
-	
-if (isset($id) && $a_suppress[$id]) {
-	
-	/* old settings */
-	$pconfig['name'] = $a_suppress[$id]['name'];
-	$pconfig['uuid'] = $a_suppress[$id]['uuid'];
-	$pconfig['descr'] = $a_suppress[$id]['descr'];
-	$pconfig['suppresspassthru'] = base64_decode($a_suppress[$id]['suppresspassthru']);
-	
-	
-
-}
-
-	/* this will exec when alert says apply */
-	if ($_POST['apply']) {
-		
-		if (file_exists("$d_snort_suppress_dirty_path")) {
-			
-			write_config();
-			
-			sync_snort_package_config();
-			sync_snort_package();
-
-			unlink("$d_snort_suppress_dirty_path");
-			
-		}
-		
-	}
-
-if ($_POST['submit']) {
-
-	unset($input_errors);
-	$pconfig = $_POST;
-
-	do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
-
-	if(strtolower($_POST['name']) == "defaultwhitelist")
-		$input_errors[] = "Whitelist file names may not be named defaultwhitelist.";
-
-	$x = is_validwhitelistname($_POST['name']);
-	if (!isset($x)) {
-		$input_errors[] = "Reserved word used for whitelist file name.";
-	} else {
-		if (is_validwhitelistname($_POST['name']) == false)
-			$input_errors[] = "Whitelist file name may only consist of the characters a-z, A-Z and 0-9 _. Note: No Spaces. Press Cancel to reset.";
-	}
-
-
-	/* check for name conflicts */
-	foreach ($a_suppress as $s_list) {
-		if (isset($id) && ($a_suppress[$id]) && ($a_suppress[$id] === $s_list))
-			continue;
-
-		if ($s_list['name'] == $_POST['name']) {
-			$input_errors[] = "A whitelist file name with this name already exists.";
-			break;
-		}
-	}
-
-	
-	$s_list = array();
-	/* post user input */
-
-	if (!$input_errors) {
-		
-		$s_list['name'] = $_POST['name'];
-		$s_list['uuid'] = $suppress_uuid;
-        $s_list['descr']  =  mb_convert_encoding($_POST['descr'],"HTML-ENTITIES","auto");
-        $s_list['suppresspassthru'] = base64_encode($_POST['suppresspassthru']);
-
-
-		if (isset($id) && $a_suppress[$id])
-			$a_suppress[$id] = $s_list;
-		else
-			$a_suppress[] = $s_list;
-
-		touch($d_snort_suppress_dirty_path);
-
-		write_config();
-
-		header("Location: /snort/snort_interfaces_suppress_edit.php?id=$id");
-		exit;		
-	}
-
-}
-
-include("head.inc");
-
-?>
-
-<body link="#0000CC" vlink="#0000CC" alink="#0000CC" onload="<?= $jsevents["body"]["onload"] ?>">
-
-<style type="text/css">
-.formpre {
-font-family: Tahoma,Verdana,Arial,Helvetica,sans-serif;
-font-size: 1.1em;
-}
-</style>
-
-<?php
-	include("./snort_fbegin.inc");
-?>
-<p class="pgtitle"><?=$pgtitle?></p>
-
-<?php if ($input_errors) print_input_errors($input_errors); ?>
-<div id="inputerrors"></div>
-
-<form action="/snort/snort_interfaces_suppress_edit.php?id=<?=$id?>" method="post" name="iform" id="iform">
-
-<?php
-	/* Display Alert message */
-	if ($input_errors) {
-	print_input_errors($input_errors); // TODO: add checks
-	}
-
-	if ($savemsg) {
-	print_info_box2($savemsg);
-	}
-
-	//if (file_exists($d_snortconfdirty_path)) {
-	if (file_exists($d_snort_suppress_dirty_path)) {
-	echo '<p>';
-
-		if($savemsg) {
-			print_info_box_np2("{$savemsg}");
-		}else{
-			print_info_box_np2('
-			The Snort configuration has changed and snort needs to be restarted on this interface.<br>
-			You must apply the changes in order for them to take effect.<br>
-			');
-		}
-	}
-?>
-
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-  <tr><td class="tabnavtbl">
-<?php
-	$tab_array = array();
-	$tab_array[] = array("Snort Interfaces", false, "/snort/snort_interfaces.php");
-	$tab_array[] = array("Global Settings", false, "/snort/snort_interfaces_global.php");
-	$tab_array[] = array("Rule Updates", false, "/snort/snort_download_rules.php");
-	$tab_array[] = array("Alerts", false, "/snort/snort_alerts.php");
-    $tab_array[] = array("Blocked", false, "/snort/snort_blocked.php");
-	$tab_array[] = array("Whitelists", false, "/snort/snort_interfaces_whitelist.php");
-	$tab_array[] = array("Suppress", true, "/snort/snort_interfaces_suppress.php");
-	$tab_array[] = array("Help", false, "/snort/snort_help_info.php");
-	display_top_tabs($tab_array);
-?>    </td></tr>
-<tr>
-<td class="tabcont">
-<table width="100%" border="0" cellpadding="6" cellspacing="0">
-                <tr>
-                  <td colspan="2" valign="top" class="listtopic">Add the name and description of the file.</td>
-                </tr>
-<?php if(is_alias_inuse($pconfig['name']) == true): ?>
-  <tr>
-    <td valign="top" class="vncellreq">Name</td>
-    <td class="vtable"> <input name="name" type="hidden" id="name" size="40" value="<?=htmlspecialchars($pconfig['name']);?>" />
-		  <?php echo $pconfig['name']; ?>
-      <p>
-        <span class="vexpl">NOTE: This list is in use so the name may not be modified!</span>
-      </p>
-    </td>
-  </tr>
-<?php else: ?>
-  <tr>
-    <td valign="top" class="vncellreq">Name</td>
-    <td class="vtable">
-      <input name="name" type="text" id="name" size="40" value="<?=htmlspecialchars($pconfig['name']);?>" />
-      <br />
-      <span class="vexpl">
-        The list name may only consist of the characters a-z, A-Z and 0-9. <span class="red">Note: </span> No Spaces.
-      </span>
-    </td>
-  </tr>
-<?php endif; ?>
-  <tr>
-    <td width="22%" valign="top" class="vncell">Description</td>
-    <td width="78%" class="vtable">
-      <input name="descr" type="text"  id="descr" size="40" value="<?=$pconfig['descr'];?>" />
-      <br />
-      <span class="vexpl">
-        You may enter a description here for your reference (not parsed).
-      </span>
-    </td>
-  </tr>
-</table>
-<table width="100%" border="0" cellpadding="6" cellspacing="0">
-	<table height="32" width="100%">
-	<tr>
-	<td>
-	<div style='background-color:#E0E0E0' id='redbox'>
-	<table width='100%'>
-	<tr>
-	<td width='8%'>
-	&nbsp;&nbsp;&nbsp;<img style='vertical-align:middle' src="/snort/images/icon_excli.png" width="40" height="32">
-	</td>
-	<td width='70%'>
-	<font size="2" color='#FF850A'><b>NOTE:</b></font>
-	<font size="2" color='#000000'>&nbsp;&nbsp;The threshold keyword is deprecated as of version 2.8.5. Use the event_filter keyword instead.</font>
-	</td>
-	</tr>
-	</table>
-	</div>
-	</td>
-	</tr>
-	<script type="text/javascript">
-	NiftyCheck();
-	Rounded("div#redbox","all","#FFF","#E0E0E0","smooth");
-	Rounded("td#blackbox","all","#FFF","#000000","smooth");
-	</script>
-    <tr>
-    <td colspan="2" valign="top" class="listtopic">Apply suppression or filters to rules. Valid keywords are 'suppress', 'event_filter' and 'rate_filter'.</td>
-    </tr>
-    <tr> 
-    <td colspan="2" valign="top" class="vncell">
-    <b>Example 1;</b> suppress gen_id 1, sig_id 1852, track by_src, ip 10.1.1.54<br>
-    <b>Example 2;</b> event_filter gen_id 1, sig_id 1851, type limit, track by_src, count 1, seconds 60<br>
-    <b>Example 3;</b> rate_filter gen_id 135, sig_id 1, track by_src, count 100, seconds 1, new_action log, timeout 10
-    </td>
-    </tr>
-    <tr> 
-    <td width="100%" class="vtable"> 
-    <textarea wrap="off" name="suppresspassthru" cols="142" rows="28" id="suppresspassthru" class="formpre"><?=htmlspecialchars($pconfig['suppresspassthru']);?></textarea>
-</td>
-  </tr>
-  <tr>
-    <td width="78%">
-      <input id="submit" name="submit" type="submit" class="formbtn" value="Save" />
-      <input id="cancelbutton" name="cancelbutton" type="button" class="formbtn" value="Cancel" onclick="history.back()" />
-      <?php if (isset($id) && $a_suppress[$id]): ?>
-      <input name="id" type="hidden" value="<?=$id;?>" />
-      <?php endif; ?>
-    </td>
-  </tr>
- 	</table>
- </table>
-  </td>
-  </tr>
-  </table>
-</form>
-<?php include("fend.inc"); ?>
-</body>
+<?php
+/* $Id$ */
+/*
+	firewall_aliases_edit.php
+	Copyright (C) 2004 Scott Ullrich
+	All rights reserved.
+
+	originially part of m0n0wall (http://m0n0.ch/wall)
+	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
+	All rights reserved.
+	
+	modified for the pfsense snort package
+	Copyright (C) 2009-2010 Robert Zelaya.
+	All rights reserved.
+
+	Redistribution and use in source and binary forms, with or without
+	modification, are permitted provided that the following conditions are met:
+
+	1. Redistributions of source code must retain the above copyright notice,
+	   this list of conditions and the following disclaimer.
+
+	2. Redistributions in binary form must reproduce the above copyright
+	   notice, this list of conditions and the following disclaimer in the
+	   documentation and/or other materials provided with the distribution.
+
+	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+	POSSIBILITY OF SUCH DAMAGE.
+*/
+
+require_once("guiconfig.inc");
+require_once("/usr/local/pkg/snort/snort.inc");
+require_once("/usr/local/pkg/snort/snort_gui.inc");
+
+if (!is_array($config['installedpackages']['snortglobal']['suppress']['item']))
+	$config['installedpackages']['snortglobal']['suppress']['item'] = array();
+
+$a_suppress = &$config['installedpackages']['snortglobal']['suppress']['item'];
+
+$id = $_GET['id'];
+if (isset($_POST['id']))
+	$id = $_POST['id'];
+
+
+/* gen uuid for each iface !inportant */
+if ($config['installedpackages']['snortglobal']['suppress']['item'][$id]['uuid'] == '') {
+	//$snort_uuid = gen_snort_uuid(strrev(uniqid(true)));
+$suppress_uuid = 0;
+while ($suppress_uuid > 65535 || $suppress_uuid == 0) {
+	$suppress_uuid = mt_rand(1, 65535);
+	$pconfig['uuid'] = $suppress_uuid;
+	}
+}
+
+if ($config['installedpackages']['snortglobal']['suppress']['item'][$id]['uuid'] != '') {
+	$suppress_uuid = $config['installedpackages']['snortglobal']['suppress']['item'][$id]['uuid'];
+}	
+	
+$pgtitle = "Services: Snort: Suppression: Edit $suppress_uuid";
+
+$d_snort_suppress_dirty_path = '/var/run/snort_suppress.dirty';
+
+/* returns true if $name is a valid name for a whitelist file name or ip */
+function is_validwhitelistname($name) {
+	if (!is_string($name))
+		return false;
+
+	if (!preg_match("/[^a-zA-Z0-9\.\/]/", $name))
+		return true;
+
+	return false;
+}
+	
+	
+if (isset($id) && $a_suppress[$id]) {
+	
+	/* old settings */
+	$pconfig['name'] = $a_suppress[$id]['name'];
+	$pconfig['uuid'] = $a_suppress[$id]['uuid'];
+	$pconfig['descr'] = $a_suppress[$id]['descr'];
+	$pconfig['suppresspassthru'] = base64_decode($a_suppress[$id]['suppresspassthru']);
+	
+	
+
+}
+
+	/* this will exec when alert says apply */
+	if ($_POST['apply']) {
+		
+		if (file_exists("$d_snort_suppress_dirty_path")) {
+			
+			write_config();
+			
+			sync_snort_package_config();
+			sync_snort_package();
+
+			unlink("$d_snort_suppress_dirty_path");
+			
+		}
+		
+	}
+
+if ($_POST['submit']) {
+
+	unset($input_errors);
+	$pconfig = $_POST;
+
+	do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
+
+	if(strtolower($_POST['name']) == "defaultwhitelist")
+		$input_errors[] = "Whitelist file names may not be named defaultwhitelist.";
+
+	$x = is_validwhitelistname($_POST['name']);
+	if (!isset($x)) {
+		$input_errors[] = "Reserved word used for whitelist file name.";
+	} else {
+		if (is_validwhitelistname($_POST['name']) == false)
+			$input_errors[] = "Whitelist file name may only consist of the characters a-z, A-Z and 0-9 _. Note: No Spaces. Press Cancel to reset.";
+	}
+
+
+	/* check for name conflicts */
+	foreach ($a_suppress as $s_list) {
+		if (isset($id) && ($a_suppress[$id]) && ($a_suppress[$id] === $s_list))
+			continue;
+
+		if ($s_list['name'] == $_POST['name']) {
+			$input_errors[] = "A whitelist file name with this name already exists.";
+			break;
+		}
+	}
+
+	
+	$s_list = array();
+	/* post user input */
+
+	if (!$input_errors) {
+		
+		$s_list['name'] = $_POST['name'];
+		$s_list['uuid'] = $suppress_uuid;
+        $s_list['descr']  =  mb_convert_encoding($_POST['descr'],"HTML-ENTITIES","auto");
+        $s_list['suppresspassthru'] = base64_encode($_POST['suppresspassthru']);
+
+
+		if (isset($id) && $a_suppress[$id])
+			$a_suppress[$id] = $s_list;
+		else
+			$a_suppress[] = $s_list;
+
+		touch($d_snort_suppress_dirty_path);
+
+		write_config();
+
+		header("Location: /snort/snort_interfaces_suppress_edit.php?id=$id");
+		exit;		
+	}
+
+}
+
+include("head.inc");
+
+?>
+
+<body link="#0000CC" vlink="#0000CC" alink="#0000CC" onload="<?= $jsevents["body"]["onload"] ?>">
+
+<style type="text/css">
+.formpre {
+font-family: Tahoma,Verdana,Arial,Helvetica,sans-serif;
+font-size: 1.1em;
+}
+</style>
+
+<?php
+	include("./snort_fbegin.inc");
+?>
+<p class="pgtitle"><?=$pgtitle?></p>
+
+<?php if ($input_errors) print_input_errors($input_errors); ?>
+<div id="inputerrors"></div>
+
+<form action="/snort/snort_interfaces_suppress_edit.php?id=<?=$id?>" method="post" name="iform" id="iform">
+
+<?php
+	/* Display Alert message */
+	if ($input_errors) {
+	print_input_errors($input_errors); // TODO: add checks
+	}
+
+	if ($savemsg) {
+	print_info_box2($savemsg);
+	}
+
+	//if (file_exists($d_snortconfdirty_path)) {
+	if (file_exists($d_snort_suppress_dirty_path)) {
+	echo '<p>';
+
+		if($savemsg) {
+			print_info_box_np2("{$savemsg}");
+		}else{
+			print_info_box_np2('
+			The Snort configuration has changed and snort needs to be restarted on this interface.<br>
+			You must apply the changes in order for them to take effect.<br>
+			');
+		}
+	}
+?>
+
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+  <tr><td class="tabnavtbl">
+<?php
+	$tab_array = array();
+	$tab_array[] = array("Snort Interfaces", false, "/snort/snort_interfaces.php");
+	$tab_array[] = array("Global Settings", false, "/snort/snort_interfaces_global.php");
+	$tab_array[] = array("Rule Updates", false, "/snort/snort_download_rules.php");
+	$tab_array[] = array("Alerts", false, "/snort/snort_alerts.php");
+    $tab_array[] = array("Blocked", false, "/snort/snort_blocked.php");
+	$tab_array[] = array("Whitelists", false, "/snort/snort_interfaces_whitelist.php");
+	$tab_array[] = array("Suppress", true, "/snort/snort_interfaces_suppress.php");
+	$tab_array[] = array("Help", false, "/snort/snort_help_info.php");
+	display_top_tabs($tab_array);
+?>    </td></tr>
+<tr>
+<td class="tabcont">
+<table width="100%" border="0" cellpadding="6" cellspacing="0">
+                <tr>
+                  <td colspan="2" valign="top" class="listtopic">Add the name and description of the file.</td>
+                </tr>
+  <tr>
+    <td valign="top" class="vncellreq">Name</td>
+    <td class="vtable">
+      <input name="name" type="text" id="name" size="40" value="<?=htmlspecialchars($pconfig['name']);?>" />
+      <br />
+      <span class="vexpl">
+        The list name may only consist of the characters a-z, A-Z and 0-9. <span class="red">Note: </span> No Spaces.
+      </span>
+    </td>
+  </tr>
+  <tr>
+    <td width="22%" valign="top" class="vncell">Description</td>
+    <td width="78%" class="vtable">
+      <input name="descr" type="text"  id="descr" size="40" value="<?=$pconfig['descr'];?>" />
+      <br />
+      <span class="vexpl">
+        You may enter a description here for your reference (not parsed).
+      </span>
+    </td>
+  </tr>
+</table>
+<table width="100%" border="0" cellpadding="6" cellspacing="0">
+	<table height="32" width="100%">
+	<tr>
+	<td>
+	<div style='background-color:#E0E0E0' id='redbox'>
+	<table width='100%'>
+	<tr>
+	<td width='8%'>
+	&nbsp;&nbsp;&nbsp;<img style='vertical-align:middle' src="/snort/images/icon_excli.png" width="40" height="32">
+	</td>
+	<td width='70%'>
+	<font size="2" color='#FF850A'><b>NOTE:</b></font>
+	<font size="2" color='#000000'>&nbsp;&nbsp;The threshold keyword is deprecated as of version 2.8.5. Use the event_filter keyword instead.</font>
+	</td>
+	</tr>
+	</table>
+	</div>
+	</td>
+	</tr>
+	<script type="text/javascript">
+	NiftyCheck();
+	Rounded("div#redbox","all","#FFF","#E0E0E0","smooth");
+	Rounded("td#blackbox","all","#FFF","#000000","smooth");
+	</script>
+    <tr>
+    <td colspan="2" valign="top" class="listtopic">Apply suppression or filters to rules. Valid keywords are 'suppress', 'event_filter' and 'rate_filter'.</td>
+    </tr>
+    <tr> 
+    <td colspan="2" valign="top" class="vncell">
+    <b>Example 1;</b> suppress gen_id 1, sig_id 1852, track by_src, ip 10.1.1.54<br>
+    <b>Example 2;</b> event_filter gen_id 1, sig_id 1851, type limit, track by_src, count 1, seconds 60<br>
+    <b>Example 3;</b> rate_filter gen_id 135, sig_id 1, track by_src, count 100, seconds 1, new_action log, timeout 10
+    </td>
+    </tr>
+    <tr> 
+    <td width="100%" class="vtable"> 
+    <textarea wrap="off" name="suppresspassthru" cols="142" rows="28" id="suppresspassthru" class="formpre"><?=htmlspecialchars($pconfig['suppresspassthru']);?></textarea>
+</td>
+  </tr>
+  <tr>
+    <td width="78%">
+      <input id="submit" name="submit" type="submit" class="formbtn" value="Save" />
+      <input id="cancelbutton" name="cancelbutton" type="button" class="formbtn" value="Cancel" onclick="history.back()" />
+      <?php if (isset($id) && $a_suppress[$id]): ?>
+      <input name="id" type="hidden" value="<?=$id;?>" />
+      <?php endif; ?>
+    </td>
+  </tr>
+ 	</table>
+ </table>
+  </td>
+  </tr>
+  </table>
+</form>
+<?php include("fend.inc"); ?>
+</body>
 </html>
 \ No newline at end of file
diff --git a/config/snort/snort_interfaces_whitelist.php b/config/snort/snort_interfaces_whitelist.php
index 3dd8f4dc..87da2f57 100644
--- a/config/snort/snort_interfaces_whitelist.php
+++ b/config/snort/snort_interfaces_whitelist.php
@@ -1,180 +1,180 @@
-<?php
-/* $Id$ */
-/*
-	firewall_aliases.php
-	Copyright (C) 2004 Scott Ullrich
-	All rights reserved.
-
-	originially part of m0n0wall (http://m0n0.ch/wall)
-	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
-	All rights reserved.
-	
-	modified for the pfsense snort package
-	Copyright (C) 2009-2010 Robert Zelaya.
-	All rights reserved.
-
-	Redistribution and use in source and binary forms, with or without
-	modification, are permitted provided that the following conditions are met:
-
-	1. Redistributions of source code must retain the above copyright notice,
-	   this list of conditions and the following disclaimer.
-
-	2. Redistributions in binary form must reproduce the above copyright
-	   notice, this list of conditions and the following disclaimer in the
-	   documentation and/or other materials provided with the distribution.
-
-	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-	POSSIBILITY OF SUCH DAMAGE.
-*/
-
-require("guiconfig.inc");
-
-
-if (!is_array($config['installedpackages']['snortglobal']['whitelist']['item']))
-	$config['installedpackages']['snortglobal']['whitelist']['item'] = array();
-
-//aliases_sort(); << what ?
-$a_whitelist = &$config['installedpackages']['snortglobal']['whitelist']['item'];
-
-if (isset($config['installedpackages']['snortglobal']['whitelist']['item'])) {
-$id_gen = count($config['installedpackages']['snortglobal']['whitelist']['item']);
-}else{
-$id_gen = '0';
-}
-
-$d_whitelistdirty_path = '/var/run/snort_whitelist.dirty';
-
-if ($_POST) {
-
-	$pconfig = $_POST;
-
-	if ($_POST['apply']) {
-		$retval = 0;
-
-		if(stristr($retval, "error") <> true)
-		    $savemsg = get_std_save_message($retval);
-		else
-		    $savemsg = $retval;
-		if ($retval == 0) {
-			if (file_exists($d_whitelistdirty_path))
-				unlink($d_whitelistdirty_path);
-		}
-	}
-}
-
-if ($_GET['act'] == "del") {
-	if ($a_whitelist[$_GET['id']]) {
-		/* make sure rule is not being referenced by any nat or filter rules */
-
-			unset($a_whitelist[$_GET['id']]);
-			write_config();
-			filter_configure();
-			touch($d_whitelistdirty_path);
-			header("Location: /snort/snort_interfaces_whitelist.php");
-			exit;
-	}
-}
-
-$pgtitle = "Services: Snort: Whitelist";
-include("head.inc");
-
-?>
-
-<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
-<?php include("./snort_fbegin.inc"); ?>
-<p class="pgtitle"><?=$pgtitle?></p>
-<form action="/snort/snort_interfaces_whitelist.php" method="post">
-<?php if ($savemsg) print_info_box($savemsg); ?>
-<?php if (file_exists($d_whitelistdirty_path)): ?><p>
-<?php print_info_box_np("The white list has been changed.<br>You must apply the changes in order for them to take effect.");?>
-<?php endif; ?>
-
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-  <tr><td class="tabnavtbl">
-<?php
-	$tab_array = array();
-	$tab_array[] = array("Snort Interfaces", false, "/snort/snort_interfaces.php");
-	$tab_array[] = array("Global Settings", false, "/snort/snort_interfaces_global.php");
-	$tab_array[] = array("Rule Updates", false, "/snort/snort_download_rules.php");
-	$tab_array[] = array("Alerts", false, "/snort/snort_alerts.php");
-    $tab_array[] = array("Blocked", false, "/snort/snort_blocked.php");
-	$tab_array[] = array("Whitelists", true, "/snort/snort_interfaces_whitelist.php");
-	$tab_array[] = array("Suppress", false, "/snort/snort_interfaces_suppress.php");
-	$tab_array[] = array("Help", false, "/snort/snort_help_info.php");
-	display_top_tabs($tab_array);
-?>    </td></tr>
-<tr>
-<td class="tabcont">
-
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-
-<tr>
-  <td width="20%" class="listhdrr">File Name</td>
-  <td width="40%" class="listhdrr">Values</td>
-  <td width="40%" class="listhdr">Description</td>
-  <td width="10%" class="list">
-  </td>
-</tr>
-	  <?php $i = 0; foreach ($a_whitelist as $list): ?>
-<tr>
-  <td class="listlr" ondblclick="document.location='snort_interfaces_whitelist_edit.php?id=<?=$i;?>';">
-    <?=htmlspecialchars($list['name']);?>
-  </td>
-  <td class="listr" ondblclick="document.location='snort_interfaces_whitelist_edit.php?id=<?=$i;?>';">
-      <?php
-	$addresses = implode(", ", array_slice(explode(" ", $list['address']), 0, 10));
-	echo $addresses;
-	if(count($addresses) < 10) {
-		echo " ";
-	} else {
-		echo "...";
-	}
-    ?>
-  </td>
-  <td class="listbg" ondblclick="document.location='snort_interfaces_whitelist_edit.php?id=<?=$i;?>';">
-    <font color="#FFFFFF">
-    <?=htmlspecialchars($list['descr']);?>&nbsp;
-  </td>
-  <td valign="middle" nowrap class="list">
-    <table border="0" cellspacing="0" cellpadding="1">
-      <tr>
-        <td valign="middle"><a href="snort_interfaces_whitelist_edit.php?id=<?=$i;?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0" title="edit whitelist"></a></td>
-        <td><a href="/snort/snort_interfaces_whitelist.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this whitelist? All elements that still use it will become invalid (e.g. snort rules will fall back to the default whitelist)!')"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="delete whitelist"></a></td>
-      </tr>
-    </table>
-  </td>
-</tr>
-	  <?php $i++; endforeach; ?>
-<tr>
-  <td class="list" colspan="3"></td>
-  <td class="list">
-    <table border="0" cellspacing="0" cellpadding="1">
-      <tr>
-	<td valign="middle" width="17">&nbsp;</td>
-        <td valign="middle"><a href="snort_interfaces_whitelist_edit.php?id=<?php echo $id_gen;?> "><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="add a new list"></a></td>
-      </tr>
-    </table>
-  </td>
-</tr>
-</table>
-  </td>
-  </tr>
-  </table>
-<br>
-<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
-<td width="100%"><span class="vexpl"><span class="red"><strong>Note:</strong></span>
-   <p><span class="vexpl">Here you can create whitelist files for your snort package rules.<br>Please add all the ips or networks you want to protect against snort block decisions.<br>Remember that the default whitelist only includes local networks.<br>Be careful, it is very easy to get locked out of you system.</span></p>
-</td>
-</table>
-</form>
-<?php include("fend.inc"); ?>
-</body>
-</html>
+<?php
+/* $Id$ */
+/*
+	firewall_aliases.php
+	Copyright (C) 2004 Scott Ullrich
+	All rights reserved.
+
+	originially part of m0n0wall (http://m0n0.ch/wall)
+	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
+	All rights reserved.
+	
+	modified for the pfsense snort package
+	Copyright (C) 2009-2010 Robert Zelaya.
+	All rights reserved.
+
+	Redistribution and use in source and binary forms, with or without
+	modification, are permitted provided that the following conditions are met:
+
+	1. Redistributions of source code must retain the above copyright notice,
+	   this list of conditions and the following disclaimer.
+
+	2. Redistributions in binary form must reproduce the above copyright
+	   notice, this list of conditions and the following disclaimer in the
+	   documentation and/or other materials provided with the distribution.
+
+	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+	POSSIBILITY OF SUCH DAMAGE.
+*/
+
+require("guiconfig.inc");
+
+
+if (!is_array($config['installedpackages']['snortglobal']['whitelist']['item']))
+	$config['installedpackages']['snortglobal']['whitelist']['item'] = array();
+
+//aliases_sort(); << what ?
+$a_whitelist = &$config['installedpackages']['snortglobal']['whitelist']['item'];
+
+if (isset($config['installedpackages']['snortglobal']['whitelist']['item'])) {
+$id_gen = count($config['installedpackages']['snortglobal']['whitelist']['item']);
+}else{
+$id_gen = '0';
+}
+
+$d_whitelistdirty_path = '/var/run/snort_whitelist.dirty';
+
+if ($_POST) {
+
+	$pconfig = $_POST;
+
+	if ($_POST['apply']) {
+		$retval = 0;
+
+		if(stristr($retval, "error") <> true)
+		    $savemsg = get_std_save_message($retval);
+		else
+		    $savemsg = $retval;
+		if ($retval == 0) {
+			if (file_exists($d_whitelistdirty_path))
+				unlink($d_whitelistdirty_path);
+		}
+	}
+}
+
+if ($_GET['act'] == "del") {
+	if ($a_whitelist[$_GET['id']]) {
+		/* make sure rule is not being referenced by any nat or filter rules */
+
+			unset($a_whitelist[$_GET['id']]);
+			write_config();
+			filter_configure();
+			touch($d_whitelistdirty_path);
+			header("Location: /snort/snort_interfaces_whitelist.php");
+			exit;
+	}
+}
+
+$pgtitle = "Services: Snort: Whitelist";
+include("head.inc");
+
+?>
+
+<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
+<?php include("./snort_fbegin.inc"); ?>
+<p class="pgtitle"><?=$pgtitle?></p>
+<form action="/snort/snort_interfaces_whitelist.php" method="post">
+<?php if ($savemsg) print_info_box($savemsg); ?>
+<?php if (file_exists($d_whitelistdirty_path)): ?><p>
+<?php print_info_box_np("The white list has been changed.<br>You must apply the changes in order for them to take effect.");?>
+<?php endif; ?>
+
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+  <tr><td class="tabnavtbl">
+<?php
+	$tab_array = array();
+	$tab_array[] = array("Snort Interfaces", false, "/snort/snort_interfaces.php");
+	$tab_array[] = array("Global Settings", false, "/snort/snort_interfaces_global.php");
+	$tab_array[] = array("Rule Updates", false, "/snort/snort_download_rules.php");
+	$tab_array[] = array("Alerts", false, "/snort/snort_alerts.php");
+    $tab_array[] = array("Blocked", false, "/snort/snort_blocked.php");
+	$tab_array[] = array("Whitelists", true, "/snort/snort_interfaces_whitelist.php");
+	$tab_array[] = array("Suppress", false, "/snort/snort_interfaces_suppress.php");
+	$tab_array[] = array("Help", false, "/snort/snort_help_info.php");
+	display_top_tabs($tab_array);
+?>    </td></tr>
+<tr>
+<td class="tabcont">
+
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+
+<tr>
+  <td width="20%" class="listhdrr">File Name</td>
+  <td width="40%" class="listhdrr">Values</td>
+  <td width="40%" class="listhdr">Description</td>
+  <td width="10%" class="list">
+  </td>
+</tr>
+	  <?php $i = 0; foreach ($a_whitelist as $list): ?>
+<tr>
+  <td class="listlr" ondblclick="document.location='snort_interfaces_whitelist_edit.php?id=<?=$i;?>';">
+    <?=htmlspecialchars($list['name']);?>
+  </td>
+  <td class="listr" ondblclick="document.location='snort_interfaces_whitelist_edit.php?id=<?=$i;?>';">
+      <?php
+	$addresses = implode(", ", array_slice(explode(" ", $list['address']), 0, 10));
+	echo $addresses;
+	if(count($addresses) < 10) {
+		echo " ";
+	} else {
+		echo "...";
+	}
+    ?>
+  </td>
+  <td class="listbg" ondblclick="document.location='snort_interfaces_whitelist_edit.php?id=<?=$i;?>';">
+    <font color="#FFFFFF">
+    <?=htmlspecialchars($list['descr']);?>&nbsp;
+  </td>
+  <td valign="middle" nowrap class="list">
+    <table border="0" cellspacing="0" cellpadding="1">
+      <tr>
+        <td valign="middle"><a href="snort_interfaces_whitelist_edit.php?id=<?=$i;?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0" title="edit whitelist"></a></td>
+        <td><a href="/snort/snort_interfaces_whitelist.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this whitelist? All elements that still use it will become invalid (e.g. snort rules will fall back to the default whitelist)!')"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="delete whitelist"></a></td>
+      </tr>
+    </table>
+  </td>
+</tr>
+	  <?php $i++; endforeach; ?>
+<tr>
+  <td class="list" colspan="3"></td>
+  <td class="list">
+    <table border="0" cellspacing="0" cellpadding="1">
+      <tr>
+	<td valign="middle" width="17">&nbsp;</td>
+        <td valign="middle"><a href="snort_interfaces_whitelist_edit.php?id=<?php echo $id_gen;?> "><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="add a new list"></a></td>
+      </tr>
+    </table>
+  </td>
+</tr>
+</table>
+  </td>
+  </tr>
+  </table>
+<br>
+<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
+<td width="100%"><span class="vexpl"><span class="red"><strong>Note:</strong></span>
+   <p><span class="vexpl">Here you can create whitelist files for your snort package rules.<br>Please add all the ips or networks you want to protect against snort block decisions.<br>Remember that the default whitelist only includes local networks.<br>Be careful, it is very easy to get locked out of you system.</span></p>
+</td>
+</table>
+</form>
+<?php include("fend.inc"); ?>
+</body>
+</html>
diff --git a/config/snort/snort_interfaces_whitelist_edit.php b/config/snort/snort_interfaces_whitelist_edit.php
index 1d4e1fe0..c147ca7f 100644
--- a/config/snort/snort_interfaces_whitelist_edit.php
+++ b/config/snort/snort_interfaces_whitelist_edit.php
@@ -1,492 +1,477 @@
-<?php
-/* $Id$ */
-/*
-	firewall_aliases_edit.php
-	Copyright (C) 2004 Scott Ullrich
-	All rights reserved.
-
-	originially part of m0n0wall (http://m0n0.ch/wall)
-	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
-	All rights reserved.
-	
-	modified for the pfsense snort package
-	Copyright (C) 2009-2010 Robert Zelaya.
-	All rights reserved.
-
-	Redistribution and use in source and binary forms, with or without
-	modification, are permitted provided that the following conditions are met:
-
-	1. Redistributions of source code must retain the above copyright notice,
-	   this list of conditions and the following disclaimer.
-
-	2. Redistributions in binary form must reproduce the above copyright
-	   notice, this list of conditions and the following disclaimer in the
-	   documentation and/or other materials provided with the distribution.
-
-	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-	POSSIBILITY OF SUCH DAMAGE.
-*/
-
-require_once("guiconfig.inc");
-require_once("/usr/local/pkg/snort/snort.inc");
-require_once("/usr/local/pkg/snort/snort_gui.inc");
-
-if (!is_array($config['installedpackages']['snortglobal']['whitelist']['item']))
-	$config['installedpackages']['snortglobal']['whitelist']['item'] = array();
-
-$a_whitelist = &$config['installedpackages']['snortglobal']['whitelist']['item'];
-
-$id = $_GET['id'];
-if (isset($_POST['id']))
-	$id = $_POST['id'];
-
-
-/* gen uuid for each iface !inportant */
-if ($config['installedpackages']['snortglobal']['whitelist']['item'][$id]['uuid'] == '') {
-	//$snort_uuid = gen_snort_uuid(strrev(uniqid(true)));
-$whitelist_uuid = 0;
-while ($whitelist_uuid > 65535 || $whitelist_uuid == 0) {
-	$whitelist_uuid = mt_rand(1, 65535);
-	$pconfig['uuid'] = $whitelist_uuid;
-	}
-}
-
-if ($config['installedpackages']['snortglobal']['whitelist']['item'][$id]['uuid'] != '') {
-	$whitelist_uuid = $config['installedpackages']['snortglobal']['whitelist']['item'][$id]['uuid'];
-}	
-	
-$pgtitle = "Services: Snort: Whitelist: Edit $whitelist_uuid";
-
-$d_snort_whitelist_dirty_path = '/var/run/snort_whitelist.dirty';
-
-/* returns true if $name is a valid name for a whitelist file name or ip */
-function is_validwhitelistname($name) {
-	if (!is_string($name))
-		return false;
-
-	if (!preg_match("/[^a-zA-Z0-9\.\/]/", $name))
-		return true;
-
-	return false;
-}
-	
-	
-if (isset($id) && $a_whitelist[$id]) {
-	
-	/* old settings */
-	$pconfig['name'] = $a_whitelist[$id]['name'];
-	$pconfig['uuid'] = $a_whitelist[$id]['uuid'];
-	$pconfig['detail'] = $a_whitelist[$id]['detail'];
-	$pconfig['snortlisttype'] = $a_whitelist[$id]['snortlisttype'];
-	$pconfig['address'] = $a_whitelist[$id]['address'];
-	$pconfig['descr'] = html_entity_decode($a_whitelist[$id]['descr']);
-	$pconfig['wanips'] = $a_whitelist[$id]['wanips'];
-	$pconfig['wangateips'] = $a_whitelist[$id]['wangateips'];
-	$pconfig['wandnsips'] = $a_whitelist[$id]['wandnsips'];
-	$pconfig['vips'] = $a_whitelist[$id]['vips'];
-	$pconfig['vpnips'] = $a_whitelist[$id]['vpnips'];
-
-	
-	$addresses = explode(' ', $pconfig['address']);
-	$address = explode(" ", $addresses[0]);
-	if ($address[1])
-		$addresssubnettest = true;
-	else
-		$addresssubnettest = false;	
-}
-
-	/* this will exec when alert says apply */
-	if ($_POST['apply']) {
-		
-		if (file_exists("$d_snort_whitelist_dirty_path")) {
-			
-			write_config();
-			
-			sync_snort_package_config();
-			sync_snort_package();
-
-			unlink("$d_snort_whitelist_dirty_path");
-			
-		}
-		
-	}
-
-if ($_POST['submit']) {
-
-	unset($input_errors);
-	$pconfig = $_POST;
-
-	/* input validation */
-	$reqdfields = explode(" ", "name address");
-	$reqdfieldsn = explode(",", "Name,Address");
-
-	do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
-
-	if(strtolower($_POST['name']) == "defaultwhitelist")
-		$input_errors[] = "Whitelist file names may not be named defaultwhitelist.";
-
-	$x = is_validwhitelistname($_POST['name']);
-	if (!isset($x)) {
-		$input_errors[] = "Reserved word used for whitelist file name.";
-	} else {
-		if (is_validwhitelistname($_POST['name']) == false)
-			$input_errors[] = "Whitelist file name may only consist of the characters a-z, A-Z and 0-9 _. Note: No Spaces. Press Cancel to reset.";
-	}
-	
-	if (is_validwhitelistname($_POST['address']) == false)
-		$input_errors[] = "Whitelist address may only consist of the characters 0-9 and /. Note: No Spaces. Press Cancel to reset.";
-
-
-	/* check for name conflicts */
-	foreach ($a_whitelist as $w_list) {
-		if (isset($id) && ($a_whitelist[$id]) && ($a_whitelist[$id] === $w_list))
-			continue;
-
-		if ($w_list['name'] == $_POST['name']) {
-			$input_errors[] = "A whitelist file name with this name already exists.";
-			break;
-		}
-	}
-
-	
-	$w_list = array();
-	/* post user input */
-	$w_list['name'] = $_POST['name'];
-	$w_list['uuid'] = $whitelist_uuid;
-	$w_list['snortlisttype'] = $_POST['snortlisttype'];
-	$w_list['address'] = $_POST['address'];
-	$w_list['wanips'] = $_POST['wanips']? yes : no;
-	$w_list['wangateips'] = $_POST['wangateips']? yes : no;
-	$w_list['wandnsips'] = $_POST['wandnsips']? yes : no;
-	$w_list['vips'] = $_POST['vips']? yes : no;
-	$w_list['vpnips'] = $_POST['vpnips']? yes : no;
-	
-
-	$address = $w_list['address'];
-	$final_address_detail = mb_convert_encoding($_POST['detail'],"HTML-ENTITIES","auto");
-  		if($final_address_detail <> "") {
-	       	$final_address_details .= $final_address_detail;
-	} else {
-		$final_address_details .= "Entry added" . " ";
-   			$final_address_details .= date('r');
-		}
-    	$final_address_details .= "||";
-	$isfirst = 0;
-	
-
-		/* add another entry code */
-		for($x=0; $x<299; $x++) {
-			$comd = "\$subnet = \$_POST['address" . $x . "'];";
-			eval($comd);
-			$comd = "\$subnet_address = \$_POST['address_subnet" . $x . "'];";
-			eval($comd);
-			if($subnet <> "") {
-				$address .= " ";
-				$address .= $subnet;
-				if($subnet_address <> "") $address .= "" . $subnet_address;
-
-				/* Compress in details to a single key, data separated by pipes.
-				   Pulling details here lets us only pull in details for valid
-				   address entries, saving us from having to track which ones to
-				   process later. */
-	       $comd  =  "\$final_address_detail  =  mb_convert_encoding(\$_POST['detail"  .  $x  .  "'],'HTML-ENTITIES','auto');"; 
-	       eval($comd);
-	       if($final_address_detail <> "") {
-	       $final_address_details .= $final_address_detail;
-	       } else {
-		       $final_address_details .= "Entry added" . " ";
-		       $final_address_details .= date('r');
-	       }
-	       $final_address_details .= "||";
-			}
-		}
-
-	if (!$input_errors) {
-		$w_list['address'] = $address;
-        $w_list['descr']  =  mb_convert_encoding($_POST['descr'],"HTML-ENTITIES","auto");
-		$w_list['detail'] = $final_address_details;
-
-		if (isset($id) && $a_whitelist[$id])
-			$a_whitelist[$id] = $w_list;
-		else
-			$a_whitelist[] = $w_list;
-
-		touch($d_snort_whitelist_dirty_path);
-
-		write_config();
-
-		header("Location: /snort/snort_interfaces_whitelist_edit.php?id=$id");
-		exit;		
-	}
-	//we received input errors, copy data to prevent retype
-	else
-	{
-                $pconfig['descr']  =  mb_convert_encoding($_POST['descr'],"HTML-ENTITIES","auto");
-                $pconfig['address'] = $address;
-				$pconfig['detail'] = $final_address_details;
-	}
-}
-
-include("head.inc");
-
-?>
-
-<body link="#0000CC" vlink="#0000CC" alink="#0000CC" onload="<?= $jsevents["body"]["onload"] ?>">
-<?php
-	include("./snort_fbegin.inc");
-	echo $jscriptstr;
-?>
-
-<script type="text/javascript" src="/snort/javascript/row_helper.js"></script>
-<input type='hidden' name='address_type' value='textbox' />
-<script type="text/javascript">
-	rowname[0] = "address";
-	rowtype[0] = "textbox";
-	rowsize[0] = "30";
-
-	rowname[1] = "detail";
-	rowtype[1] = "textbox";
-	rowsize[1] = "50";
-</script>
-
-<p class="pgtitle"><?=$pgtitle?></p>
-
-<?php if ($input_errors) print_input_errors($input_errors); ?>
-<div id="inputerrors"></div>
-
-<form action="snort_interfaces_whitelist_edit.php?id=<?=$id?>" method="post" name="iform" id="iform">
-
-<?php
-	/* Display Alert message */
-	if ($input_errors) {
-	print_input_errors($input_errors); // TODO: add checks
-	}
-
-	if ($savemsg) {
-	print_info_box2($savemsg);
-	}
-
-	//if (file_exists($d_snortconfdirty_path)) {
-	if (file_exists($d_snort_whitelist_dirty_path)) {
-	echo '<p>';
-
-		if($savemsg) {
-			print_info_box_np2("{$savemsg}");
-		}else{
-			print_info_box_np2('
-			The Snort configuration has changed and snort needs to be restarted on this interface.<br>
-			You must apply the changes in order for them to take effect.<br>
-			');
-		}
-	}
-?>
-
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-  <tr><td class="tabnavtbl">
-<?php
-	$tab_array = array();
-	$tab_array[] = array("Snort Interfaces", false, "/snort/snort_interfaces.php");
-	$tab_array[] = array("Global Settings", false, "/snort/snort_interfaces_global.php");
-	$tab_array[] = array("Rule Updates", false, "/snort/snort_download_rules.php");
-	$tab_array[] = array("Alerts", false, "/snort/snort_alerts.php");
-    $tab_array[] = array("Blocked", false, "/snort/snort_blocked.php");
-	$tab_array[] = array("Whitelists", true, "/snort/snort_interfaces_whitelist.php");
-	$tab_array[] = array("Suppress", false, "/snort/snort_interfaces_suppress.php");
-	$tab_array[] = array("Help", false, "/snort/snort_help_info.php");
-	display_top_tabs($tab_array);
-?>    </td></tr>
-<tr>
-<td class="tabcont">
-
-<table width="100%" border="0" cellpadding="6" cellspacing="0">
-<?php if(is_alias_inuse($pconfig['name']) == true): ?>
-  <tr>
-      <td colspan="2" valign="top" class="listtopic">Add the name and description of the file.</td>
-  </tr>
-  <tr>
-    <td valign="top" class="vncellreq">Name</td>
-    <td class="vtable"> <input name="name" type="hidden" id="name" size="40" value="<?=htmlspecialchars($pconfig['name']);?>" />
-		  <?php echo $pconfig['name']; ?>
-      <p>
-        <span class="vexpl">NOTE: This list is in use so the name may not be modified!</span>
-      </p>
-    </td>
-  </tr>
-<?php else: ?>
-  <tr>
-      <td colspan="2" valign="top" class="listtopic">Add the name and description of the file.</td>
-  </tr>
-  <tr>
-    <td valign="top" class="vncellreq">Name</td>
-    <td class="vtable">
-      <input name="name" type="text" id="name" size="40" value="<?=htmlspecialchars($pconfig['name']);?>" />
-      <br />
-      <span class="vexpl">
-        The list name may only consist of the characters a-z, A-Z and 0-9. <span class="red">Note: </span> No Spaces.
-      </span>
-    </td>
-  </tr>
-<?php endif; ?>
-  <tr>
-    <td width="22%" valign="top" class="vncell">Description</td>
-    <td width="78%" class="vtable">
-      <input name="descr" type="text"  id="descr" size="40" value="<?=$pconfig['descr'];?>" />
-      <br />
-      <span class="vexpl">
-        You may enter a description here for your reference (not parsed).
-      </span>
-    </td>
-  </tr>
-	<tr>
-	<td width="22%" valign="top" class="vncell">List Type</td>
-	<td width="78%" class="vtable">
-		<select name="snortlisttype" class="formfld" id="snortlisttype">
-			<?php
-				$interfaces4 = array('whitelist' => 'WHITELIST', 'netlist' => 'NETLIST');
-				foreach ($interfaces4 as $iface4 => $ifacename4): ?>
-				<option value="<?=$iface4;?>" <?php if ($iface4 == $pconfig['snortlisttype']) echo "selected"; ?>>
-				<?=htmlspecialchars($ifacename4);?>
-				</option>
-			<?php endforeach; ?>
-		</select><br>
-		<span class="vexpl">Choose the type of list you will like see in your Interface Edit Tab.&nbsp;Hint: Best pratice is to test every list you make.
-		</span>&nbsp;<span class="red">Note:</span>&nbsp;NETLIST's are only for defining snort.conf's external or home NETS.</td>
-	</tr>
-    <tr>
-        <td colspan="2" valign="top" class="listtopic">Add auto generated ips.</td>
-   </tr>
-  <tr>
-    <td width="22%" valign="top" class="vncell">WAN IPs</td>
-    <td width="78%" class="vtable">
-      <input name="wanips" type="checkbox"  id="wanips" size="40" value="yes" <?php if($pconfig['wanips'] == 'yes'){ echo "checked";} if($pconfig['wanips'] == ''){ echo "checked";} ?>/>
-      <span class="vexpl">
-        Add WAN IPs to the list.
-      </span>
-    </td>
-  </tr>
-  <tr>
-    <td width="22%" valign="top" class="vncell">Wan Gateways</td>
-    <td width="78%" class="vtable">
-      <input name="wangateips" type="checkbox"  id="wangateips" size="40" value="yes" <?php if($pconfig['wangateips'] == 'yes'){ echo "checked";} if($pconfig['wangateips'] == ''){ echo "checked";} ?>/>
-      <span class="vexpl">
-        Add WAN Gateways to the list.
-      </span>
-    </td>
-  </tr>
-  <tr>
-    <td width="22%" valign="top" class="vncell">Wan DNS servers</td>
-    <td width="78%" class="vtable">
-      <input name="wandnsips" type="checkbox"  id="wandnsips" size="40" value="yes" <?php if($pconfig['wandnsips'] == 'yes'){ echo "checked";} if($pconfig['wandnsips'] == ''){ echo "checked";} ?>/>
-      <span class="vexpl">
-        Add WAN DNS servers to the list.
-      </span>
-    </td>
-  </tr>
-  <tr>
-    <td width="22%" valign="top" class="vncell">Virtual IP Addresses</td>
-    <td width="78%" class="vtable">
-      <input name="vips" type="checkbox"  id="vips" size="40" value="yes" <?php if($pconfig['vips'] == 'yes'){ echo "checked";} if($pconfig['vips'] == ''){ echo "checked";} ?>/>
-      <span class="vexpl">
-        Add Virtual IP Addresses to the list.
-      </span>
-    </td>
-  </tr>
-   <tr>
-    <td width="22%" valign="top" class="vncell">VPNs</td>
-    <td width="78%" class="vtable">
-      <input name="vpnips" type="checkbox"  id="vpnips" size="40" value="yes" <?php if($pconfig['vpnips'] == 'yes'){ echo "checked";} if($pconfig['vpnips'] == ''){ echo "checked";} ?>/>
-      <span class="vexpl">
-        Add VPN Addresses to the list.
-      </span>
-    </td>
-  </tr>
-  <tr>
-     <td colspan="2" valign="top" class="listtopic">Add your own custom ips.</td>
-  </tr>
-  <tr>
-    <td width="22%" valign="top" class="vncellreq"><div id="addressnetworkport">IP or CIDR items</div></td>
-    <td width="78%" class="vtable">
-      <table id="maintable">
-        <tbody>
-          <tr>
-            <td colspan="4">
-      		    <div style="padding:5px; margin-top: 16px; margin-bottom: 16px; border:1px dashed #000066; background-color: #ffffff; color: #000000; font-size: 8pt;" id="itemhelp">
-      		    Enter only ips or CIDR notations. Example: 192.168.4.1 or 192.168.1.0/24</div>
-            </td>
-          </tr>
-          <tr>
-            <td><div id="onecolumn">IP or CIDR</div></td>
-           <td><div id="threecolumn">Add a Description or leave blank and a date will be added.</div></td>
-          </tr>
-
-			<?php
-			/* cleanup code */
-			$counter = 0;
-			$address = $pconfig['address'];
-			$item = explode(" ", $address);
-			$item3 = explode("||", $pconfig['detail']);
-			foreach($item as $ww) {
-				$address = $item[$counter];
-				$item4 = $item3[$counter];
-				if($counter > 0) $tracker = $counter + 1;
-			?>
-          <tr>
-            <td>
-              <input name="address<?php echo $tracker; ?>" type="text"  id="address<?php echo $tracker; ?>" size="30" value="<?=htmlspecialchars($address);?>" />
-            </td>
-            <td>
-              <input name="detail<?php echo $tracker; ?>" type="text"  id="detail<?php echo $tracker; ?>" size="50" value="<?=$item4;?>" />
-            </td>
-            <td>
-    			  <?php
-    				if($counter > 0)
-    					echo "<input type=\"image\" src=\"/themes/".$g['theme']."/images/icons/icon_x.gif\" onclick=\"removeRow(this); return false;\" value=\"Delete\" />";
-    			  ?>
-			      </td>
-          </tr>
-			<?php
-        $counter++;
-
-        } // end foreach
-      ?>
-        </tbody>
-		</table>
-		<a onclick="javascript:addRowTo('maintable'); return false;" href="#"><img border="0" src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" alt="" title="add another entry" />
-      </a>
-		</td>
-  </tr>
-  <tr>
-    <td width="22%" valign="top">&nbsp;</td>
-    <td width="78%">
-      <input id="submit" name="submit" type="submit" class="formbtn" value="Save" />
-      <input id="cancelbutton" name="cancelbutton" type="button" class="formbtn" value="Cancel" onclick="history.back()" />
-      <?php if (isset($id) && $a_whitelist[$id]): ?>
-      <input name="id" type="hidden" value="<?=$id;?>" />
-      <?php endif; ?>
-    </td>
-  </tr>
-</table>
-  </td>
-  </tr>
-  </table>
-</form>
-
-<script type="text/javascript">
-	/* row and col adjust when you add extra entries */
-	field_counter_js = 2;
-	rows = 1;
-	totalrows = <?php echo $counter; ?>;
-	loaded = <?php echo $counter; ?>;
-</script>
-
-<?php include("fend.inc"); ?>
-</body>
+<?php
+/* $Id$ */
+/*
+	firewall_aliases_edit.php
+	Copyright (C) 2004 Scott Ullrich
+	All rights reserved.
+
+	originially part of m0n0wall (http://m0n0.ch/wall)
+	Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
+	All rights reserved.
+	
+	modified for the pfsense snort package
+	Copyright (C) 2009-2010 Robert Zelaya.
+	All rights reserved.
+
+	Redistribution and use in source and binary forms, with or without
+	modification, are permitted provided that the following conditions are met:
+
+	1. Redistributions of source code must retain the above copyright notice,
+	   this list of conditions and the following disclaimer.
+
+	2. Redistributions in binary form must reproduce the above copyright
+	   notice, this list of conditions and the following disclaimer in the
+	   documentation and/or other materials provided with the distribution.
+
+	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+	POSSIBILITY OF SUCH DAMAGE.
+*/
+
+require_once("guiconfig.inc");
+require_once("/usr/local/pkg/snort/snort.inc");
+require_once("/usr/local/pkg/snort/snort_gui.inc");
+
+if (!is_array($config['installedpackages']['snortglobal']['whitelist']['item']))
+	$config['installedpackages']['snortglobal']['whitelist']['item'] = array();
+
+$a_whitelist = &$config['installedpackages']['snortglobal']['whitelist']['item'];
+
+$id = $_GET['id'];
+if (isset($_POST['id']))
+	$id = $_POST['id'];
+
+
+/* gen uuid for each iface !inportant */
+if ($config['installedpackages']['snortglobal']['whitelist']['item'][$id]['uuid'] == '') {
+	//$snort_uuid = gen_snort_uuid(strrev(uniqid(true)));
+$whitelist_uuid = 0;
+while ($whitelist_uuid > 65535 || $whitelist_uuid == 0) {
+	$whitelist_uuid = mt_rand(1, 65535);
+	$pconfig['uuid'] = $whitelist_uuid;
+	}
+}
+
+if ($config['installedpackages']['snortglobal']['whitelist']['item'][$id]['uuid'] != '') {
+	$whitelist_uuid = $config['installedpackages']['snortglobal']['whitelist']['item'][$id]['uuid'];
+}	
+	
+$pgtitle = "Services: Snort: Whitelist: Edit $whitelist_uuid";
+
+$d_snort_whitelist_dirty_path = '/var/run/snort_whitelist.dirty';
+
+/* returns true if $name is a valid name for a whitelist file name or ip */
+function is_validwhitelistname($name) {
+	if (!is_string($name))
+		return false;
+
+	if (!preg_match("/[^a-zA-Z0-9\.\/]/", $name))
+		return true;
+
+	return false;
+}
+	
+	
+if (isset($id) && $a_whitelist[$id]) {
+	
+	/* old settings */
+	$pconfig['name'] = $a_whitelist[$id]['name'];
+	$pconfig['uuid'] = $a_whitelist[$id]['uuid'];
+	$pconfig['detail'] = $a_whitelist[$id]['detail'];
+	$pconfig['snortlisttype'] = $a_whitelist[$id]['snortlisttype'];
+	$pconfig['address'] = $a_whitelist[$id]['address'];
+	$pconfig['descr'] = html_entity_decode($a_whitelist[$id]['descr']);
+	$pconfig['wanips'] = $a_whitelist[$id]['wanips'];
+	$pconfig['wangateips'] = $a_whitelist[$id]['wangateips'];
+	$pconfig['wandnsips'] = $a_whitelist[$id]['wandnsips'];
+	$pconfig['vips'] = $a_whitelist[$id]['vips'];
+	$pconfig['vpnips'] = $a_whitelist[$id]['vpnips'];
+
+	
+	$addresses = explode(' ', $pconfig['address']);
+	$address = explode(" ", $addresses[0]);
+	if ($address[1])
+		$addresssubnettest = true;
+	else
+		$addresssubnettest = false;	
+}
+
+	/* this will exec when alert says apply */
+	if ($_POST['apply']) {
+		
+		if (file_exists("$d_snort_whitelist_dirty_path")) {
+			
+			write_config();
+			
+			sync_snort_package_config();
+			sync_snort_package();
+
+			unlink("$d_snort_whitelist_dirty_path");
+			
+		}
+		
+	}
+
+if ($_POST['submit']) {
+
+	unset($input_errors);
+	$pconfig = $_POST;
+
+	/* input validation */
+	$reqdfields = explode(" ", "name address");
+	$reqdfieldsn = explode(",", "Name,Address");
+
+	do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
+
+	if(strtolower($_POST['name']) == "defaultwhitelist")
+		$input_errors[] = "Whitelist file names may not be named defaultwhitelist.";
+
+	$x = is_validwhitelistname($_POST['name']);
+	if (!isset($x)) {
+		$input_errors[] = "Reserved word used for whitelist file name.";
+	} else {
+		if (is_validwhitelistname($_POST['name']) == false)
+			$input_errors[] = "Whitelist file name may only consist of the characters a-z, A-Z and 0-9 _. Note: No Spaces. Press Cancel to reset.";
+	}
+	
+	if (is_validwhitelistname($_POST['address']) == false)
+		$input_errors[] = "Whitelist address may only consist of the characters 0-9 and /. Note: No Spaces. Press Cancel to reset.";
+
+
+	/* check for name conflicts */
+	foreach ($a_whitelist as $w_list) {
+		if (isset($id) && ($a_whitelist[$id]) && ($a_whitelist[$id] === $w_list))
+			continue;
+
+		if ($w_list['name'] == $_POST['name']) {
+			$input_errors[] = "A whitelist file name with this name already exists.";
+			break;
+		}
+	}
+
+	
+	$w_list = array();
+	/* post user input */
+	$w_list['name'] = $_POST['name'];
+	$w_list['uuid'] = $whitelist_uuid;
+	$w_list['snortlisttype'] = $_POST['snortlisttype'];
+	$w_list['address'] = $_POST['address'];
+	$w_list['wanips'] = $_POST['wanips']? yes : no;
+	$w_list['wangateips'] = $_POST['wangateips']? yes : no;
+	$w_list['wandnsips'] = $_POST['wandnsips']? yes : no;
+	$w_list['vips'] = $_POST['vips']? yes : no;
+	$w_list['vpnips'] = $_POST['vpnips']? yes : no;
+	
+
+	$address = $w_list['address'];
+	$final_address_detail = mb_convert_encoding($_POST['detail'],"HTML-ENTITIES","auto");
+  		if($final_address_detail <> "") {
+	       	$final_address_details .= $final_address_detail;
+	} else {
+		$final_address_details .= "Entry added" . " ";
+   			$final_address_details .= date('r');
+		}
+    	$final_address_details .= "||";
+	$isfirst = 0;
+	
+
+		/* add another entry code */
+		for($x=0; $x<299; $x++) {
+			$comd = "\$subnet = \$_POST['address" . $x . "'];";
+			eval($comd);
+			$comd = "\$subnet_address = \$_POST['address_subnet" . $x . "'];";
+			eval($comd);
+			if($subnet <> "") {
+				$address .= " ";
+				$address .= $subnet;
+				if($subnet_address <> "") $address .= "" . $subnet_address;
+
+				/* Compress in details to a single key, data separated by pipes.
+				   Pulling details here lets us only pull in details for valid
+				   address entries, saving us from having to track which ones to
+				   process later. */
+	       $comd  =  "\$final_address_detail  =  mb_convert_encoding(\$_POST['detail"  .  $x  .  "'],'HTML-ENTITIES','auto');"; 
+	       eval($comd);
+	       if($final_address_detail <> "") {
+	       $final_address_details .= $final_address_detail;
+	       } else {
+		       $final_address_details .= "Entry added" . " ";
+		       $final_address_details .= date('r');
+	       }
+	       $final_address_details .= "||";
+			}
+		}
+
+	if (!$input_errors) {
+		$w_list['address'] = $address;
+        $w_list['descr']  =  mb_convert_encoding($_POST['descr'],"HTML-ENTITIES","auto");
+		$w_list['detail'] = $final_address_details;
+
+		if (isset($id) && $a_whitelist[$id])
+			$a_whitelist[$id] = $w_list;
+		else
+			$a_whitelist[] = $w_list;
+
+		touch($d_snort_whitelist_dirty_path);
+
+		write_config();
+
+		header("Location: /snort/snort_interfaces_whitelist_edit.php?id=$id");
+		exit;		
+	}
+	//we received input errors, copy data to prevent retype
+	else
+	{
+                $pconfig['descr']  =  mb_convert_encoding($_POST['descr'],"HTML-ENTITIES","auto");
+                $pconfig['address'] = $address;
+				$pconfig['detail'] = $final_address_details;
+	}
+}
+
+include("head.inc");
+
+?>
+
+<body link="#0000CC" vlink="#0000CC" alink="#0000CC" onload="<?= $jsevents["body"]["onload"] ?>">
+<?php
+	include("./snort_fbegin.inc");
+	echo $jscriptstr;
+?>
+
+<script type="text/javascript" src="/snort/javascript/row_helper.js"></script>
+<input type='hidden' name='address_type' value='textbox' />
+<script type="text/javascript">
+	rowname[0] = "address";
+	rowtype[0] = "textbox";
+	rowsize[0] = "30";
+
+	rowname[1] = "detail";
+	rowtype[1] = "textbox";
+	rowsize[1] = "50";
+</script>
+
+<p class="pgtitle"><?=$pgtitle?></p>
+
+<?php if ($input_errors) print_input_errors($input_errors); ?>
+<div id="inputerrors"></div>
+
+<form action="snort_interfaces_whitelist_edit.php?id=<?=$id?>" method="post" name="iform" id="iform">
+
+<?php
+	/* Display Alert message */
+	if ($input_errors) {
+	print_input_errors($input_errors); // TODO: add checks
+	}
+
+	if ($savemsg) {
+	print_info_box2($savemsg);
+	}
+
+	//if (file_exists($d_snortconfdirty_path)) {
+	if (file_exists($d_snort_whitelist_dirty_path)) {
+	echo '<p>';
+
+		if($savemsg) {
+			print_info_box_np2("{$savemsg}");
+		}else{
+			print_info_box_np2('
+			The Snort configuration has changed and snort needs to be restarted on this interface.<br>
+			You must apply the changes in order for them to take effect.<br>
+			');
+		}
+	}
+?>
+
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+  <tr><td class="tabnavtbl">
+<?php
+	$tab_array = array();
+	$tab_array[] = array("Snort Interfaces", false, "/snort/snort_interfaces.php");
+	$tab_array[] = array("Global Settings", false, "/snort/snort_interfaces_global.php");
+	$tab_array[] = array("Rule Updates", false, "/snort/snort_download_rules.php");
+	$tab_array[] = array("Alerts", false, "/snort/snort_alerts.php");
+    $tab_array[] = array("Blocked", false, "/snort/snort_blocked.php");
+	$tab_array[] = array("Whitelists", true, "/snort/snort_interfaces_whitelist.php");
+	$tab_array[] = array("Suppress", false, "/snort/snort_interfaces_suppress.php");
+	$tab_array[] = array("Help", false, "/snort/snort_help_info.php");
+	display_top_tabs($tab_array);
+?>    </td></tr>
+<tr>
+<td class="tabcont">
+
+<table width="100%" border="0" cellpadding="6" cellspacing="0">
+  <tr>
+      <td colspan="2" valign="top" class="listtopic">Add the name and description of the file.</td>
+  </tr>
+  <tr>
+    <td valign="top" class="vncellreq">Name</td>
+    <td class="vtable">
+      <input name="name" type="text" id="name" size="40" value="<?=htmlspecialchars($pconfig['name']);?>" />
+      <br />
+      <span class="vexpl">
+        The list name may only consist of the characters a-z, A-Z and 0-9. <span class="red">Note: </span> No Spaces.
+      </span>
+    </td>
+  </tr>
+  <tr>
+    <td width="22%" valign="top" class="vncell">Description</td>
+    <td width="78%" class="vtable">
+      <input name="descr" type="text"  id="descr" size="40" value="<?=$pconfig['descr'];?>" />
+      <br />
+      <span class="vexpl">
+        You may enter a description here for your reference (not parsed).
+      </span>
+    </td>
+  </tr>
+	<tr>
+	<td width="22%" valign="top" class="vncell">List Type</td>
+	<td width="78%" class="vtable">
+		<select name="snortlisttype" class="formfld" id="snortlisttype">
+			<?php
+				$interfaces4 = array('whitelist' => 'WHITELIST', 'netlist' => 'NETLIST');
+				foreach ($interfaces4 as $iface4 => $ifacename4): ?>
+				<option value="<?=$iface4;?>" <?php if ($iface4 == $pconfig['snortlisttype']) echo "selected"; ?>>
+				<?=htmlspecialchars($ifacename4);?>
+				</option>
+			<?php endforeach; ?>
+		</select><br>
+		<span class="vexpl">Choose the type of list you will like see in your Interface Edit Tab.&nbsp;Hint: Best pratice is to test every list you make.
+		</span>&nbsp;<span class="red">Note:</span>&nbsp;NETLIST's are only for defining snort.conf's external or home NETS.</td>
+	</tr>
+    <tr>
+        <td colspan="2" valign="top" class="listtopic">Add auto generated ips.</td>
+   </tr>
+  <tr>
+    <td width="22%" valign="top" class="vncell">WAN IPs</td>
+    <td width="78%" class="vtable">
+      <input name="wanips" type="checkbox"  id="wanips" size="40" value="yes" <?php if($pconfig['wanips'] == 'yes'){ echo "checked";} if($pconfig['wanips'] == ''){ echo "checked";} ?>/>
+      <span class="vexpl">
+        Add WAN IPs to the list.
+      </span>
+    </td>
+  </tr>
+  <tr>
+    <td width="22%" valign="top" class="vncell">Wan Gateways</td>
+    <td width="78%" class="vtable">
+      <input name="wangateips" type="checkbox"  id="wangateips" size="40" value="yes" <?php if($pconfig['wangateips'] == 'yes'){ echo "checked";} if($pconfig['wangateips'] == ''){ echo "checked";} ?>/>
+      <span class="vexpl">
+        Add WAN Gateways to the list.
+      </span>
+    </td>
+  </tr>
+  <tr>
+    <td width="22%" valign="top" class="vncell">Wan DNS servers</td>
+    <td width="78%" class="vtable">
+      <input name="wandnsips" type="checkbox"  id="wandnsips" size="40" value="yes" <?php if($pconfig['wandnsips'] == 'yes'){ echo "checked";} if($pconfig['wandnsips'] == ''){ echo "checked";} ?>/>
+      <span class="vexpl">
+        Add WAN DNS servers to the list.
+      </span>
+    </td>
+  </tr>
+  <tr>
+    <td width="22%" valign="top" class="vncell">Virtual IP Addresses</td>
+    <td width="78%" class="vtable">
+      <input name="vips" type="checkbox"  id="vips" size="40" value="yes" <?php if($pconfig['vips'] == 'yes'){ echo "checked";} if($pconfig['vips'] == ''){ echo "checked";} ?>/>
+      <span class="vexpl">
+        Add Virtual IP Addresses to the list.
+      </span>
+    </td>
+  </tr>
+   <tr>
+    <td width="22%" valign="top" class="vncell">VPNs</td>
+    <td width="78%" class="vtable">
+      <input name="vpnips" type="checkbox"  id="vpnips" size="40" value="yes" <?php if($pconfig['vpnips'] == 'yes'){ echo "checked";} if($pconfig['vpnips'] == ''){ echo "checked";} ?>/>
+      <span class="vexpl">
+        Add VPN Addresses to the list.
+      </span>
+    </td>
+  </tr>
+  <tr>
+     <td colspan="2" valign="top" class="listtopic">Add your own custom ips.</td>
+  </tr>
+  <tr>
+    <td width="22%" valign="top" class="vncellreq"><div id="addressnetworkport">IP or CIDR items</div></td>
+    <td width="78%" class="vtable">
+      <table id="maintable">
+        <tbody>
+          <tr>
+            <td colspan="4">
+      		    <div style="padding:5px; margin-top: 16px; margin-bottom: 16px; border:1px dashed #000066; background-color: #ffffff; color: #000000; font-size: 8pt;" id="itemhelp">
+      		    Enter only ips or CIDR notations. Example: 192.168.4.1 or 192.168.1.0/24</div>
+            </td>
+          </tr>
+          <tr>
+            <td><div id="onecolumn">IP or CIDR</div></td>
+           <td><div id="threecolumn">Add a Description or leave blank and a date will be added.</div></td>
+          </tr>
+
+			<?php
+			/* cleanup code */
+			$counter = 0;
+			$address = $pconfig['address'];
+			$item = explode(" ", $address);
+			$item3 = explode("||", $pconfig['detail']);
+			foreach($item as $ww) {
+				$address = $item[$counter];
+				$item4 = $item3[$counter];
+				if($counter > 0) $tracker = $counter + 1;
+			?>
+          <tr>
+            <td>
+              <input name="address<?php echo $tracker; ?>" type="text"  id="address<?php echo $tracker; ?>" size="30" value="<?=htmlspecialchars($address);?>" />
+            </td>
+            <td>
+              <input name="detail<?php echo $tracker; ?>" type="text"  id="detail<?php echo $tracker; ?>" size="50" value="<?=$item4;?>" />
+            </td>
+            <td>
+    			  <?php
+    				if($counter > 0)
+    					echo "<input type=\"image\" src=\"/themes/".$g['theme']."/images/icons/icon_x.gif\" onclick=\"removeRow(this); return false;\" value=\"Delete\" />";
+    			  ?>
+			      </td>
+          </tr>
+			<?php
+        $counter++;
+
+        } // end foreach
+      ?>
+        </tbody>
+		</table>
+		<a onclick="javascript:addRowTo('maintable'); return false;" href="#"><img border="0" src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" alt="" title="add another entry" />
+      </a>
+		</td>
+  </tr>
+  <tr>
+    <td width="22%" valign="top">&nbsp;</td>
+    <td width="78%">
+      <input id="submit" name="submit" type="submit" class="formbtn" value="Save" />
+      <input id="cancelbutton" name="cancelbutton" type="button" class="formbtn" value="Cancel" onclick="history.back()" />
+      <?php if (isset($id) && $a_whitelist[$id]): ?>
+      <input name="id" type="hidden" value="<?=$id;?>" />
+      <?php endif; ?>
+    </td>
+  </tr>
+</table>
+  </td>
+  </tr>
+  </table>
+</form>
+
+<script type="text/javascript">
+	/* row and col adjust when you add extra entries */
+	field_counter_js = 2;
+	rows = 1;
+	totalrows = <?php echo $counter; ?>;
+	loaded = <?php echo $counter; ?>;
+</script>
+
+<?php include("fend.inc"); ?>
+</body>
 </html>
 \ No newline at end of file
author	robiscool <robrob2626@yahoo.com>	2010-05-03 13:37:58 -0700
committer	robiscool <robrob2626@yahoo.com>	2010-05-03 13:38:38 -0700
commit	ee7d8c15e499214c78b29c99d3a275973e8a3b7c (patch)
tree	f904a9333f2cf099338a1317cff3109c31ad9865 /config/snort
parent	a9e757fce0e6e8e15dad63a02472959af52f8ff4 (diff)
download	pfsense-packages-ee7d8c15e499214c78b29c99d3a275973e8a3b7c.tar.gz pfsense-packages-ee7d8c15e499214c78b29c99d3a275973e8a3b7c.tar.bz2 pfsense-packages-ee7d8c15e499214c78b29c99d3a275973e8a3b7c.zip