aboutsummaryrefslogtreecommitdiffstats
path: root/config/snort
diff options
context:
space:
mode:
authorbmeeks8 <bmeeks8@bellsouth.net>2015-07-03 15:58:03 -0400
committerbmeeks8 <bmeeks8@bellsouth.net>2015-07-03 15:58:03 -0400
commit129844406855b3406d9d220df776a3e12ffc55da (patch)
tree41247486f248e8fbda963e277802a2feb751b49b /config/snort
parent4fd76cd7429085db1a43346adf5f0b309e48721e (diff)
downloadpfsense-packages-129844406855b3406d9d220df776a3e12ffc55da.tar.gz
pfsense-packages-129844406855b3406d9d220df776a3e12ffc55da.tar.bz2
pfsense-packages-129844406855b3406d9d220df776a3e12ffc55da.zip
Show validation error for FQDN alias since we do not support them in pkgs.
Diffstat (limited to 'config/snort')
-rwxr-xr-xconfig/snort/snort_define_servers.php8
-rw-r--r--config/snort/snort_passlist_edit.php7
-rwxr-xr-xconfig/snort/snort_preprocessors.php6
3 files changed, 17 insertions, 4 deletions
diff --git a/config/snort/snort_define_servers.php b/config/snort/snort_define_servers.php
index b72a3d4e..0d24f197 100755
--- a/config/snort/snort_define_servers.php
+++ b/config/snort/snort_define_servers.php
@@ -107,11 +107,15 @@ if ($_POST['save']) {
foreach ($snort_servers as $key => $server) {
if ($_POST["def_{$key}"] && !is_alias($_POST["def_{$key}"]))
- $input_errors[] = "Only aliases are allowed";
+ $input_errors[] = "Only aliases are allowed.";
+ if ($_POST["def_{$key}"] && is_alias($_POST["def_{$key}"]) && trim(filter_expand_alias($_POST["def_{$key}"])) == "")
+ $input_errors[] = "FQDN aliases are not allowed in Snort.";
}
foreach ($snort_ports as $key => $server) {
if ($_POST["def_{$key}"] && !is_alias($_POST["def_{$key}"]))
- $input_errors[] = "Only aliases are allowed";
+ $input_errors[] = "Only aliases are allowed.";
+ if ($_POST["def_{$key}"] && is_alias($_POST["def_{$key}"]) && trim(filter_expand_alias($_POST["def_{$key}"])) == "")
+ $input_errors[] = "FQDN aliases are not allowed in Snort.";
}
/* if no errors write to conf */
if (!$input_errors) {
diff --git a/config/snort/snort_passlist_edit.php b/config/snort/snort_passlist_edit.php
index 9f95adb4..75724344 100644
--- a/config/snort/snort_passlist_edit.php
+++ b/config/snort/snort_passlist_edit.php
@@ -155,9 +155,12 @@ if ($_POST['save']) {
}
}
- if ($_POST['address'])
+ if ($_POST['address']) {
if (!is_alias($_POST['address']))
- $input_errors[] = gettext("A valid alias must be provided");
+ $input_errors[] = gettext("A valid alias must be provided.");
+ if (is_alias($_POST['address']) && trim(filter_expand_alias($_POST['address'])) == "")
+ $input_errors[] = gettext("FQDN aliases are not supported in Snort.");
+ }
if (!$input_errors) {
$p_list = array();
diff --git a/config/snort/snort_preprocessors.php b/config/snort/snort_preprocessors.php
index de680886..d5eadfd9 100755
--- a/config/snort/snort_preprocessors.php
+++ b/config/snort/snort_preprocessors.php
@@ -451,6 +451,12 @@ if ($_POST['save']) {
$input_errors[] = gettext("The value for Application ID Stats Period must be between 60 and 3600.");
}
+ // Validate Portscan Ignore_Scanners parameter
+ if ($_POST['sf_portscan'] == 'on' && is_alias($_POST['pscan_ignore_scanners'])) {
+ if (trim(filter_expand_alias($_POST["def_{$key}"])) == "")
+ $input_errors[] = gettext("FQDN aliases are not supported in Snort for the PORTSCAN IGNORE_SCANNERS parameter.");
+ }
+
/* if no errors write to conf */
if (!$input_errors) {
/* post new options */