aboutsummaryrefslogtreecommitdiffstats
path: root/config/suricata/suricata_download_updates.php
diff options
context:
space:
mode:
authorPiBa-NL <pba_2k3@yahoo.com>2014-03-19 17:10:49 +0100
committerPiBa-NL <pba_2k3@yahoo.com>2014-03-19 17:10:49 +0100
commit39b3fe5d22482d16a161193167c00af90390343a (patch)
tree53b19691d90440731195eb2325db2ecd8511feb2 /config/suricata/suricata_download_updates.php
parent2a4f986325ccd3a08273bee285993415da12aeb2 (diff)
parentfd710b1c45207f551d7b0a38eb95b5b5e353ac77 (diff)
downloadpfsense-packages-39b3fe5d22482d16a161193167c00af90390343a.tar.gz
pfsense-packages-39b3fe5d22482d16a161193167c00af90390343a.tar.bz2
pfsense-packages-39b3fe5d22482d16a161193167c00af90390343a.zip
Merge branch 'master' of https://github.com/pfsense/pfsense-packages into hap_de-install_logging
Conflicts: config/haproxy-devel/haproxy.inc
Diffstat (limited to 'config/suricata/suricata_download_updates.php')
-rw-r--r--config/suricata/suricata_download_updates.php316
1 files changed, 316 insertions, 0 deletions
diff --git a/config/suricata/suricata_download_updates.php b/config/suricata/suricata_download_updates.php
new file mode 100644
index 00000000..bae467e4
--- /dev/null
+++ b/config/suricata/suricata_download_updates.php
@@ -0,0 +1,316 @@
+<?php
+/*
+ * suricata_download_updates.php
+ * part of pfSense
+ *
+ * Copyright (C) 2014 Bill Meeks
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+require_once("guiconfig.inc");
+require_once("/usr/local/pkg/suricata/suricata.inc");
+
+/* Define some locally required variables from Suricata constants */
+$suricatadir = SURICATADIR;
+$suricata_rules_upd_log = RULES_UPD_LOGFILE;
+
+$snortdownload = $config['installedpackages']['suricata']['config'][0]['enable_vrt_rules'];
+$emergingthreats = $config['installedpackages']['suricata']['config'][0]['enable_etopen_rules'];
+$etpro = $config['installedpackages']['suricata']['config'][0]['enable_etpro_rules'];
+$snortcommunityrules = $config['installedpackages']['suricata']['config'][0]['snortcommunityrules'];
+
+/* Get last update information if available */
+if (!empty($config['installedpackages']['suricata']['config'][0]['last_rule_upd_time']))
+ $last_rule_upd_time = date('M-d Y H:i', $config['installedpackages']['suricata']['config'][0]['last_rule_upd_time']);
+else
+ $last_rule_upd_time = gettext("Unknown");
+if (!empty($config['installedpackages']['suricata']['config'][0]['last_rule_upd_status']))
+ $last_rule_upd_status = htmlspecialchars($config['installedpackages']['suricata']['config'][0]['last_rule_upd_status']);
+else
+ $last_rule_upd_status = gettext("Unknown");
+
+$snort_rules_file = VRT_DNLD_FILENAME;
+$snort_community_rules_filename = GPLV2_DNLD_FILENAME;
+
+if ($etpro == "on") {
+ $emergingthreats_filename = ETPRO_DNLD_FILENAME;
+ $et_name = "Emerging Threats Pro Rules";
+}
+else {
+ $emergingthreats_filename = ET_DNLD_FILENAME;
+ $et_name = "Emerging Threats Open Rules";
+}
+
+/* quick md5 chk of downloaded rules */
+if ($snortdownload == 'on') {
+ $snort_org_sig_chk_local = 'Not Downloaded';
+ $snort_org_sig_date = 'Not Downloaded';
+}
+else {
+ $snort_org_sig_chk_local = 'Not Enabled';
+ $snort_org_sig_date = 'Not Enabled';
+}
+if (file_exists("{$suricatadir}{$snort_rules_file}.md5")){
+ $snort_org_sig_chk_local = file_get_contents("{$suricatadir}{$snort_rules_file}.md5");
+ $snort_org_sig_date = date(DATE_RFC850, filemtime("{$suricatadir}{$snort_rules_file}.md5"));
+}
+
+if ($etpro == "on" || $emergingthreats == "on") {
+ $emergingt_net_sig_chk_local = 'Not Downloaded';
+ $emergingt_net_sig_date = 'Not Downloaded';
+}
+else {
+ $emergingt_net_sig_chk_local = 'Not Enabled';
+ $emergingt_net_sig_date = 'Not Enabled';
+}
+if (file_exists("{$suricatadir}{$emergingthreats_filename}.md5")) {
+ $emergingt_net_sig_chk_local = file_get_contents("{$suricatadir}{$emergingthreats_filename}.md5");
+ $emergingt_net_sig_date = date(DATE_RFC850, filemtime("{$suricatadir}{$emergingthreats_filename}.md5"));
+}
+
+if ($snortcommunityrules == 'on') {
+ $snort_community_sig_chk_local = 'Not Downloaded';
+ $snort_community_sig_sig_date = 'Not Downloaded';
+}
+else {
+ $snort_community_sig_chk_local = 'Not Enabled';
+ $snort_community_sig_sig_date = 'Not Enabled';
+}
+if (file_exists("{$suricatadir}{$snort_community_rules_filename}.md5")) {
+ $snort_community_sig_chk_local = file_get_contents("{$suricatadir}{$snort_community_rules_filename}.md5");
+ $snort_community_sig_sig_date = date(DATE_RFC850, filemtime("{$suricatadir}{$snort_community_rules_filename}.md5"));
+}
+
+/* Check for postback to see if we should clear the update log file. */
+if ($_POST['clear']) {
+ if (file_exists("{$suricata_rules_upd_log}"))
+ mwexec("/bin/rm -f {$suricata_rules_upd_log}");
+}
+
+if ($_POST['check']) {
+ // Go see if new updates for rule sets are available
+ header("Location: /suricata/suricata_download_rules.php");
+ exit;
+}
+
+if ($_POST['force']) {
+ // Mount file system R/W since we need to remove files
+ conf_mount_rw();
+
+ // Remove the existing MD5 signature files to force a download
+ if (file_exists("{$suricatadir}{$emergingthreats_filename}.md5"))
+ @unlink("{$suricatadir}{$emergingthreats_filename}.md5");
+ if (file_exists("{$suricatadir}{$snort_community_rules_filename}.md5"))
+ @unlink("{$suricatadir}{$snort_community_rules_filename}.md5");
+ if (file_exists("{$suricatadir}{$snort_rules_file}.md5"))
+ @unlink("{$suricatadir}{$snort_rules_file}.md5");
+
+ // Revert file system to R/O.
+ conf_mount_ro();
+
+ // Go download the updates
+ header("Location: /suricata/suricata_download_rules.php");
+ exit;
+}
+
+/* check for logfile */
+if (file_exists("{$suricata_rules_upd_log}"))
+ $suricata_rules_upd_log_chk = 'yes';
+else
+ $suricata_rules_upd_log_chk = 'no';
+
+if ($_POST['view']&& $suricata_rules_upd_log_chk == 'yes') {
+ $contents = @file_get_contents($suricata_rules_upd_log);
+ if (empty($contents))
+ $input_errors[] = gettext("Unable to read log file: {$suricata_rules_upd_log}");
+}
+
+if ($_POST['hide'])
+ $contents = "";
+
+$pgtitle = gettext("Suricata: Update Rules Set Files");
+include_once("head.inc");
+?>
+
+<body link="#000000" vlink="#000000" alink="#000000">
+
+<?php include("fbegin.inc"); ?>
+<?php
+ /* Display Alert message */
+ if ($input_errors) {
+ print_input_errors($input_errors);
+ }
+
+ if ($savemsg) {
+ print_info_box($savemsg);
+ }
+?>
+<form action="suricata_download_updates.php" method="post" name="iform" id="iform">
+
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+<tr><td>
+<?php
+ $tab_array = array();
+ $tab_array[] = array(gettext("Suricata Interfaces"), false, "/suricata/suricata_interfaces.php");
+ $tab_array[] = array(gettext("Global Settings"), false, "/suricata/suricata_global.php");
+ $tab_array[] = array(gettext("Update Rules"), true, "/suricata/suricata_download_updates.php");
+ $tab_array[] = array(gettext("Alerts"), false, "/suricata/suricata_alerts.php");
+ $tab_array[] = array(gettext("Suppress"), false, "/suricata/suricata_suppress.php");
+ $tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php");
+ display_top_tabs($tab_array);
+?>
+</td></tr>
+<tr>
+ <td>
+ <div id="mainarea">
+ <table id="maintable4" class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr>
+ <td valign="top" class="listtopic" align="center"><?php echo gettext("INSTALLED RULE SET MD5 SIGNATURE");?></td>
+ </tr>
+ <tr>
+ <td align="center"><br/>
+ <table width="95%" border="0" cellpadding="2" cellspacing="2">
+ <thead>
+ <tr>
+ <th class="listhdrr"><?=gettext("Rule Set Name/Publisher");?></th>
+ <th class="listhdrr"><?=gettext("MD5 Signature Hash");?></th>
+ <th class="listhdrr"><?=gettext("MD5 Signature Date");?></th>
+ </tr>
+ </thead>
+ <tr>
+ <td align="center" class="vncell vexpl"><b><?=$et_name;?></b></td>
+ <td align="center" class="vncell vexpl"><? echo trim($emergingt_net_sig_chk_local);?></td>
+ <td align="center" class="vncell vexpl"><?php echo gettext($emergingt_net_sig_date);?></td>
+ </tr>
+ <tr>
+ <td align="center" class="vncell vexpl"><b>Snort VRT Rules</b></td>
+ <td align="center" class="vncell vexpl"><? echo trim($snort_org_sig_chk_local);?></td>
+ <td align="center" class="vncell vexpl"><?php echo gettext($snort_org_sig_date);?></td>
+ </tr>
+ <tr>
+ <td align="center" class="vncell vexpl"><b>Snort GPLv2 Community Rules</b></td>
+ <td align="center" class="vncell vexpl"><? echo trim($snort_community_sig_chk_local);?></td>
+ <td align="center" class="vncell vexpl"><?php echo gettext($snort_community_sig_sig_date);?></td>
+ </tr>
+ </table><br/>
+ </td>
+ </tr>
+ <tr>
+ <td valign="top" class="listtopic" align="center"><?php echo gettext("UPDATE YOUR RULE SET");?></td>
+ </tr>
+ <tr>
+ <td align="center">
+ <table width="45%" border="0" cellpadding="0" cellspacing="0">
+ <tbody>
+ <tr>
+ <td class="list" align="right"><strong><?php echo gettext("Last Update:");?></strong></td>
+ <td class="list" align="left"><?php echo $last_rule_upd_time;?></td>
+ </tr>
+ <tr>
+ <td class="list" align="right"><strong><?php echo gettext("Result:");?></strong></td>
+ <td class="list" align="left"><?php echo $last_rule_upd_status;?></td>
+ </tr>
+ </tbody>
+ </table>
+ </td>
+ </tr>
+ <tr>
+ <td align="center">
+ <?php if ($snortdownload != 'on' && $emergingthreats != 'on' && $etpro != 'on'): ?>
+ <br/><button disabled="disabled"><?=gettext("Check");?></button>&nbsp;&nbsp;&nbsp;&nbsp;
+ <button disabled="disabled"><?=gettext("Force");?></button>
+ <br/>
+ <p style="text-align:center;" class="vexpl">
+ <font class="red"><b><?php echo gettext("WARNING:");?></b></font>&nbsp;
+ <?php echo gettext('No rule types have been selected for download. ') .
+ gettext('Visit the ') . '<a href="/suricata/suricata_global.php">Global Settings Tab</a>' . gettext(' to select rule types.'); ?>
+ <br/></p>
+ <?php else: ?>
+ <br/>
+ <input type="submit" value="<?=gettext("Check");?>" name="check" id="check" class="formbtn"
+ title="<?php echo gettext("Check for new updates to enabled rule sets"); ?>"/>&nbsp;&nbsp;&nbsp;&nbsp;
+ <input type="submit" value="<?=gettext("Force");?>" name="force" id="force" class="formbtn"
+ title="<?=gettext("Force an update of all enabled rule sets");?>"
+ onclick="return confirm('<?=gettext("This will zero-out the MD5 hashes to force a fresh download of all enabled rule sets. Click OK to continue or CANCEL to quit");?>');"/>
+ <br/><br/>
+ <?php endif; ?>
+ </td>
+ </tr>
+
+ <tr>
+ <td valign="top" class="listtopic" align="center"><?php echo gettext("MANAGE RULE SET LOG");?></td>
+ </tr>
+ <tr>
+ <td align="center" valign="middle" class="vexpl">
+ <?php if ($suricata_rules_upd_log_chk == 'yes'): ?>
+ <br/>
+ <?php if (!empty($contents)): ?>
+ <input type="submit" value="<?php echo gettext("Hide"); ?>" name="hide" id="hide" class="formbtn"
+ title="<?php echo gettext("Hide rules update log"); ?>"/>
+ <?php else: ?>
+ <input type="submit" value="<?php echo gettext("View"); ?>" name="view" id="view" class="formbtn"
+ title="<?php echo gettext("View rules update log"); ?>"/>
+ <?php endif; ?>
+ &nbsp;&nbsp;&nbsp;&nbsp;
+ <input type="submit" value="<?php echo gettext("Clear"); ?>" name="clear" id="clear" class="formbtn"
+ title="<?php echo gettext("Clear rules update log"); ?>" onClick="return confirm('Are you sure you want to delete the log contents?\nOK to confirm, or CANCEL to quit');"/>
+ <br/>
+ <?php else: ?>
+ <br/>
+ <button disabled='disabled'><?php echo gettext("View Log"); ?></button><br/><?php echo gettext("Log is empty."); ?><br/>
+ <?php endif; ?>
+ <br/><?php echo gettext("The log file is limited to 1024K in size and automatically clears when the limit is exceeded."); ?><br/><br/>
+ </td>
+ </tr>
+ <?php if (!empty($contents)): ?>
+ <tr>
+ <td valign="top" class="listtopic" align="center"><?php echo gettext("RULE SET UPDATE LOG");?></td>
+ </tr>
+ <tr>
+ <td align="center">
+ <div style="background: #eeeeee; width:100%; height:100%;" id="textareaitem"><!-- NOTE: The opening *and* the closing textarea tag must be on the same line. -->
+ <textarea style="width:100%; height:100%;" readonly wrap="off" rows="24" cols="80" name="logtext"><?=$contents;?></textarea>
+ </div>
+ </td>
+ </tr>
+ <?php endif; ?>
+ <tr>
+ <td align="center">
+ <span class="vexpl"><br/>
+ <span class="red"><b><?php echo gettext("NOTE:"); ?></b></span>
+ &nbsp;<a href="http://www.snort.org/" target="_blank"><?php echo gettext("Snort.org") . "</a>" .
+ gettext(" and ") . "<a href=\"http://www.emergingthreats.net/\" target=\"_blank\">" . gettext("EmergingThreats.net") . "</a>" .
+ gettext(" will go down from time to time. Please be patient."); ?></span><br/>
+ </td>
+ </tr>
+ </table>
+ </div>
+ </td>
+</tr>
+</table>
+<!-- end of final table -->
+</form>
+<?php include("fend.inc"); ?>
+</body>
+</html>