diff options
author | Renato Botelho <garga@pfSense.org> | 2014-03-19 10:28:24 -0300 |
---|---|---|
committer | Renato Botelho <garga@pfSense.org> | 2014-03-19 10:28:24 -0300 |
commit | d50c07fd00ac203332e57a45532a265759922993 (patch) | |
tree | ad427c579bcd5e731369f709d0307f9028fbc2d2 /config/suricata/suricata_rules_edit.php | |
parent | a84a84bf31ed33c7e132b704186a56b77cc9148a (diff) | |
parent | 172270f302e2cdb0e0b6f7581152bc32befa99bc (diff) | |
download | pfsense-packages-d50c07fd00ac203332e57a45532a265759922993.tar.gz pfsense-packages-d50c07fd00ac203332e57a45532a265759922993.tar.bz2 pfsense-packages-d50c07fd00ac203332e57a45532a265759922993.zip |
Merge pull request #622 from bmeeks8/master
Suricata 1.4.6 pkg. v0.2-BETA -- more bug fixes, no version bump
Diffstat (limited to 'config/suricata/suricata_rules_edit.php')
-rw-r--r-- | config/suricata/suricata_rules_edit.php | 41 |
1 files changed, 19 insertions, 22 deletions
diff --git a/config/suricata/suricata_rules_edit.php b/config/suricata/suricata_rules_edit.php index ad6b2986..b61c2f3a 100644 --- a/config/suricata/suricata_rules_edit.php +++ b/config/suricata/suricata_rules_edit.php @@ -33,31 +33,28 @@ require_once("/usr/local/pkg/suricata/suricata.inc"); $flowbit_rules_file = FLOWBITS_FILENAME; $suricatadir = SURICATADIR; -if (!is_array($config['installedpackages']['suricata']['rule'])) { - $config['installedpackages']['suricata']['rule'] = array(); -} -$a_rule = &$config['installedpackages']['suricata']['rule']; +if (isset($_GET['id']) && is_numericint($_GET['id'])) + $id = htmlspecialchars($_GET['id']); -$id = $_GET['id']; +// If we were not passed a valid index ID, close the pop-up and exit if (is_null($id)) { - header("Location: /suricata/suricata_interfaces.php"); + echo '<html><body link="#000000" vlink="#000000" alink="#000000">'; + echo '<script language="javascript" type="text/javascript">'; + echo 'window.close();</script>'; + echo '</body></html>'; exit; } -if (isset($id) && $a_rule[$id]) { - $pconfig['enable'] = $a_rule[$id]['enable']; - $pconfig['interface'] = $a_rule[$id]['interface']; - $pconfig['rulesets'] = $a_rule[$id]['rulesets']; -} -else { - header("Location: /suricata/suricata_interfaces.php"); - exit; +if (!is_array($config['installedpackages']['suricata']['rule'])) { + $config['installedpackages']['suricata']['rule'] = array(); } -/* convert fake interfaces to real */ -$if_real = get_real_interface($pconfig['interface']); +$a_rule = &$config['installedpackages']['suricata']['rule']; + +$if_real = get_real_interface($a_rule[$id]['interface']); $suricata_uuid = $a_rule[$id]['uuid']; -$suricatacfgdir = "{$suricatadir}suricata_{$suricata_uuid}_{$if_real}"; +$suricatacfgdir = "{$suricatadir}suricata_{$suricata_uuid}_{$if_real}/"; + $file = htmlspecialchars($_GET['openruleset'], ENT_QUOTES | ENT_HTML401); $contents = ''; $wrap_flag = "off"; @@ -73,13 +70,13 @@ else // a standard rules file, or a complete file name. // Test for the special case of an IPS Policy file. if (substr($file, 0, 10) == "IPS Policy") { - $rules_map = suricata_load_vrt_policy($a_rule[$id]['ips_policy']); - if (isset($_GET['ids'])) { - $contents = $rules_map[$_GET['gid']][trim($_GET['ids'])]['rule']; + $rules_map = suricata_load_vrt_policy(strtolower(trim(substr($file, strpos($file, "-")+1)))); + if (isset($_GET['sid']) && is_numericint($_GET['sid']) && isset($_GET['gid']) && is_numericint($_GET['gid'])) { + $contents = $rules_map[$_GET['gid']][trim($_GET['sid'])]['rule']; $wrap_flag = "soft"; } else { - $contents = "# Suricata IPS Policy - " . ucfirst($a_rule[$id]['ips_policy']) . "\n\n"; + $contents = "# Suricata IPS Policy - " . ucfirst(trim(substr($file, strpos($file, "-")+1))) . "\n\n"; foreach (array_keys($rules_map) as $k1) { foreach (array_keys($rules_map[$k1]) as $k2) { $contents .= "# Category: " . $rules_map[$k1][$k2]['category'] . " SID: {$k2}\n"; @@ -90,7 +87,7 @@ if (substr($file, 0, 10) == "IPS Policy") { unset($rules_map); } // Is it a SID to load the rule text from? -elseif (isset($_GET['sid']) && is_numeric(trim($_GET['sid']))) { +elseif (isset($_GET['sid']) && is_numericint($_GET['sid']) && isset($_GET['gid']) && is_numericint($_GET['gid'])) { // If flowbit rule, point to interface-specific file if ($file == "Auto-Flowbit Rules") $rules_map = suricata_load_rules_map("{$suricatacfgdir}rules/" . FLOWBITS_FILENAME); |