aboutsummaryrefslogtreecommitdiffstats
path: root/config/suricata/suricata_interfaces_edit.php
diff options
context:
space:
mode:
authorbmeeks8 <bmeeks8@bellsouth.net>2014-09-04 16:28:27 -0400
committerbmeeks8 <bmeeks8@bellsouth.net>2014-09-04 16:28:27 -0400
commit46ba3729b4bbf7dd321fc3555677a66c67f4c784 (patch)
treed09cafaffff387f721204bc4cee0103da5f51b43 /config/suricata/suricata_interfaces_edit.php
parent2c4435fa4db6a4d24d7faf0b4cdbd7cde8d73089 (diff)
downloadpfsense-packages-46ba3729b4bbf7dd321fc3555677a66c67f4c784.tar.gz
pfsense-packages-46ba3729b4bbf7dd321fc3555677a66c67f4c784.tar.bz2
pfsense-packages-46ba3729b4bbf7dd321fc3555677a66c67f4c784.zip
Add new GUI control for setting interface promisc mode on/off.
Diffstat (limited to 'config/suricata/suricata_interfaces_edit.php')
-rw-r--r--config/suricata/suricata_interfaces_edit.php13
1 files changed, 13 insertions, 0 deletions
diff --git a/config/suricata/suricata_interfaces_edit.php b/config/suricata/suricata_interfaces_edit.php
index ff21b48f..e1e6675f 100644
--- a/config/suricata/suricata_interfaces_edit.php
+++ b/config/suricata/suricata_interfaces_edit.php
@@ -169,6 +169,8 @@ if (empty($pconfig['eve_log_files']))
$pconfig['eve_log_files'] = "on";
if (empty($pconfig['eve_log_ssh']))
$pconfig['eve_log_ssh'] = "on";
+if (empty($pconfig['intf_promisc_mode']))
+ $pconfig['intf_promisc_mode'] = "on";
// See if creating a new interface by duplicating an existing one
if (strcasecmp($action, 'dup') == 0) {
@@ -300,6 +302,7 @@ if ($_POST["save"] && !$input_errors) {
if ($_POST['eve_log_files'] == "on") { $natent['eve_log_files'] = 'on'; }else{ $natent['eve_log_files'] = 'off'; }
if ($_POST['eve_log_ssh'] == "on") { $natent['eve_log_ssh'] = 'on'; }else{ $natent['eve_log_ssh'] = 'off'; }
if ($_POST['delayed_detect'] == "on") { $natent['delayed_detect'] = 'on'; }else{ $natent['delayed_detect'] = 'off'; }
+ if ($_POST['intf_promisc_mode'] == "on") { $natent['intf_promisc_mode'] = 'on'; }else{ $natent['intf_promisc_mode'] = 'off'; }
if ($_POST['configpassthru']) $natent['configpassthru'] = base64_encode(str_replace("\r\n", "\n", $_POST['configpassthru'])); else unset($natent['configpassthru']);
$if_real = get_real_interface($natent['interface']);
@@ -367,6 +370,7 @@ if ($_POST["save"] && !$input_errors) {
$natent['enable_midstream_sessions'] = 'off';
$natent['enable_async_sessions'] = 'off';
$natent['delayed_detect'] = 'off';
+ $natent['intf_promisc_mode'] = 'on';
$natent['asn1_max_frames'] = '256';
$natent['dns_global_memcap'] = "16777216";
@@ -885,6 +889,14 @@ if ($savemsg) {
"<strong>" . gettext("Not Checked") . "</strong>."; ?></td>
</tr>
<tr>
+ <td width="22%" valign="top" class="vncell"><?php echo gettext("Promiscuous Mode"); ?></td>
+ <td width="78%" class="vtable">
+ <input name="intf_promisc_mode" id="intf_promisc_mode" type="checkbox" value="on"
+ <?php if ($pconfig['intf_promisc_mode'] == "on") echo " checked"; ?>/>
+ <?php echo gettext("Suricata will place the monitored interface in promiscuous mode when checked. Default is ") .
+ "<strong>" . gettext("Checked") . "</strong>."; ?></td>
+ </tr>
+ <tr>
<td colspan="2" class="listtopic"><?php echo gettext("Networks " . "Suricata Should Inspect and Protect"); ?></td>
</tr>
<tr>
@@ -1197,6 +1209,7 @@ function enable_change(enable_change) {
document.iform.btnPasslist.disabled=endis;
document.iform.btnSuppressList.disabled=endis;
document.iform.delayed_detect.disabled=endis;
+ document.iform.intf_promisc_mode.disabled=endis;
}
function wopen(url, name, w, h) {