aboutsummaryrefslogtreecommitdiffstats
path: root/config/suricata/suricata_alerts.php
diff options
context:
space:
mode:
authorErmal <eri@pfsense.org>2014-04-29 08:50:38 +0000
committerErmal <eri@pfsense.org>2014-04-29 08:50:38 +0000
commit1641fd6dd0133119529be2b1ac57fcc605a0a976 (patch)
tree84be8e92aca33e4d909384f2d04262379ba27fb8 /config/suricata/suricata_alerts.php
parentd298aee67a45d08a93831a2b6f272165ff2f89e6 (diff)
parent06cf384a6603bc771dd91773b0d1f4347b47904b (diff)
downloadpfsense-packages-1641fd6dd0133119529be2b1ac57fcc605a0a976.tar.gz
pfsense-packages-1641fd6dd0133119529be2b1ac57fcc605a0a976.tar.bz2
pfsense-packages-1641fd6dd0133119529be2b1ac57fcc605a0a976.zip
Merge pull request #652 from bmeeks8/suricata-1.0
Diffstat (limited to 'config/suricata/suricata_alerts.php')
-rw-r--r--config/suricata/suricata_alerts.php33
1 files changed, 18 insertions, 15 deletions
diff --git a/config/suricata/suricata_alerts.php b/config/suricata/suricata_alerts.php
index 01d4daeb..71739f82 100644
--- a/config/suricata/suricata_alerts.php
+++ b/config/suricata/suricata_alerts.php
@@ -32,6 +32,7 @@ require_once("guiconfig.inc");
require_once("/usr/local/pkg/suricata/suricata.inc");
$supplist = array();
+$suri_pf_table = SURICATA_PF_TABLE;
function suricata_is_alert_globally_suppressed($list, $gid, $sid) {
@@ -165,12 +166,12 @@ if ($_POST['save']) {
exit;
}
-//if ($_POST['unblock'] && $_POST['ip']) {
-// if (is_ipaddr($_POST['ip'])) {
-// exec("/sbin/pfctl -t snort2c -T delete {$_POST['ip']}");
-// $savemsg = gettext("Host IP address {$_POST['ip']} has been removed from the Blocked Table.");
-// }
-//}
+if ($_POST['unblock'] && $_POST['ip']) {
+ if (is_ipaddr($_POST['ip'])) {
+ exec("/sbin/pfctl -t {$suri_pf_table} -T delete {$_POST['ip']}");
+ $savemsg = gettext("Host IP address {$_POST['ip']} has been removed from the Blocked Table.");
+ }
+}
if (($_POST['addsuppress_srcip'] || $_POST['addsuppress_dstip'] || $_POST['addsuppress']) && is_numeric($_POST['sidid']) && is_numeric($_POST['gen_id'])) {
if ($_POST['addsuppress_srcip'])
@@ -355,10 +356,12 @@ if ($savemsg) {
$tab_array[] = array(gettext("Global Settings"), false, "/suricata/suricata_global.php");
$tab_array[] = array(gettext("Update Rules"), false, "/suricata/suricata_download_updates.php");
$tab_array[] = array(gettext("Alerts"), true, "/suricata/suricata_alerts.php");
+ $tab_array[] = array(gettext("Blocked"), false, "/suricata/suricata_blocked.php");
+ $tab_array[] = array(gettext("Pass Lists"), false, "/suricata/suricata_passlist.php");
$tab_array[] = array(gettext("Suppress"), false, "/suricata/suricata_suppress.php");
$tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php?instance={$instanceid}");
$tab_array[] = array(gettext("Logs Mgmt"), false, "/suricata/suricata_logs_mgmt.php");
- display_top_tabs($tab_array);
+ display_top_tabs($tab_array, true);
?>
</td></tr>
<tr>
@@ -495,10 +498,10 @@ if (file_exists("/var/log/suricata/suricata_{$if_real}{$suricata_uuid}/alerts.lo
$alert_ip_src .= "title='" . gettext("This alert track by_src IP is already in the Suppress List") . "'/>";
}
/* Add icon for auto-removing from Blocked Table if required */
-// if (isset($tmpblocked[$fields[9]])) {
-// $alert_ip_src .= "&nbsp;<input type='image' name='unblock[]' onClick=\"document.getElementById('ip').value='{$fields[9]}';\" ";
-// $alert_ip_src .= "title='" . gettext("Remove host from Blocked Table") . "' border='0' width='12' height='12' src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\"/>";
-// }
+ if (isset($tmpblocked[$fields[9]])) {
+ $alert_ip_src .= "&nbsp;<input type='image' name='unblock[]' onClick=\"document.getElementById('ip').value='{$fields[9]}';\" ";
+ $alert_ip_src .= "title='" . gettext("Remove host from Blocked Table") . "' border='0' width='12' height='12' src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\"/>";
+ }
/* IP SRC Port */
$alert_src_p = $fields[10];
/* IP Destination */
@@ -524,10 +527,10 @@ if (file_exists("/var/log/suricata/suricata_{$if_real}{$suricata_uuid}/alerts.lo
$alert_ip_dst .= "title='" . gettext("This alert track by_dst IP is already in the Suppress List") . "'/>";
}
/* Add icon for auto-removing from Blocked Table if required */
-// if (isset($tmpblocked[$fields[11]])) {
-// $alert_ip_dst .= "&nbsp;<input type='image' name='unblock[]' onClick=\"document.getElementById('ip').value='{$fields[11]}';\" ";
-// $alert_ip_dst .= "title='" . gettext("Remove host from Blocked Table") . "' border='0' width='12' height='12' src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\"/>";
-// }
+ if (isset($tmpblocked[$fields[11]])) {
+ $alert_ip_dst .= "&nbsp;<input type='image' name='unblock[]' onClick=\"document.getElementById('ip').value='{$fields[11]}';\" ";
+ $alert_ip_dst .= "title='" . gettext("Remove host from Blocked Table") . "' border='0' width='12' height='12' src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\"/>";
+ }
/* IP DST Port */
$alert_dst_p = $fields[12];
/* SID */