aboutsummaryrefslogtreecommitdiffstats
path: root/config/suricata
diff options
context:
space:
mode:
authorbmeeks8 <bmeeks8@bellsouth.net>2014-04-25 00:16:12 -0400
committerbmeeks8 <bmeeks8@bellsouth.net>2014-04-25 00:16:12 -0400
commit969a7bbc18ee5f222f2e7c4c324c4a8eefc328e0 (patch)
treee5e8f2fdfb028367d5e4488b6b35fea580bbb10a /config/suricata
parente88d8c9a13c12769dc2420a02de073f3f4627214 (diff)
downloadpfsense-packages-969a7bbc18ee5f222f2e7c4c324c4a8eefc328e0.tar.gz
pfsense-packages-969a7bbc18ee5f222f2e7c4c324c4a8eefc328e0.tar.bz2
pfsense-packages-969a7bbc18ee5f222f2e7c4c324c4a8eefc328e0.zip
Add support for new block.log file from alert-pf plugin.
Diffstat (limited to 'config/suricata')
-rw-r--r--config/suricata/suricata_logs_browser.php2
-rw-r--r--config/suricata/suricata_logs_mgmt.php30
2 files changed, 31 insertions, 1 deletions
diff --git a/config/suricata/suricata_logs_browser.php b/config/suricata/suricata_logs_browser.php
index 609a9eb5..bbde5aeb 100644
--- a/config/suricata/suricata_logs_browser.php
+++ b/config/suricata/suricata_logs_browser.php
@@ -164,7 +164,7 @@ if ($input_errors) {
<td width="78%" class="vtable">
<select name="logFile" id="logFile" class="formselect" onChange="loadFile();">
<?php
- $logs = array( "alerts.log", "files-json.log", "http.log", "stats.log", "suricata.log", "tls.log" );
+ $logs = array( "alerts.log", "block.log", "files-json.log", "http.log", "stats.log", "suricata.log", "tls.log" );
foreach ($logs as $log) {
$selected = "";
if ($log == basename($logfile))
diff --git a/config/suricata/suricata_logs_mgmt.php b/config/suricata/suricata_logs_mgmt.php
index 7e6f30cb..d02d708c 100644
--- a/config/suricata/suricata_logs_mgmt.php
+++ b/config/suricata/suricata_logs_mgmt.php
@@ -44,6 +44,8 @@ $pconfig['suricataloglimit'] = $config['installedpackages']['suricata']['config'
$pconfig['suricataloglimitsize'] = $config['installedpackages']['suricata']['config'][0]['suricataloglimitsize'];
$pconfig['alert_log_limit_size'] = $config['installedpackages']['suricata']['config'][0]['alert_log_limit_size'];
$pconfig['alert_log_retention'] = $config['installedpackages']['suricata']['config'][0]['alert_log_retention'];
+$pconfig['block_log_limit_size'] = $config['installedpackages']['suricata']['config'][0]['block_log_limit_size'];
+$pconfig['block_log_retention'] = $config['installedpackages']['suricata']['config'][0]['block_log_retention'];
$pconfig['files_json_log_limit_size'] = $config['installedpackages']['suricata']['config'][0]['files_json_log_limit_size'];
$pconfig['files_json_log_retention'] = $config['installedpackages']['suricata']['config'][0]['files_json_log_retention'];
$pconfig['http_log_limit_size'] = $config['installedpackages']['suricata']['config'][0]['http_log_limit_size'];
@@ -77,6 +79,8 @@ if (empty($pconfig['suricataloglimitsize'])) {
// Set default retention periods for rotated logs
if (empty($pconfig['alert_log_retention']))
$pconfig['alert_log_retention'] = "336";
+if (empty($pconfig['block_log_retention']))
+ $pconfig['block_log_retention'] = "336";
if (empty($pconfig['files_json_log_retention']))
$pconfig['files_json_log_retention'] = "168";
if (empty($pconfig['http_log_retention']))
@@ -91,6 +95,8 @@ if (empty($pconfig['u2_archive_log_retention']))
// Set default log file size limits
if (empty($pconfig['alert_log_limit_size']))
$pconfig['alert_log_limit_size'] = "500";
+if (empty($pconfig['block_log_limit_size']))
+ $pconfig['block_log_limit_size'] = "500";
if (empty($pconfig['files_json_log_limit_size']))
$pconfig['files_json_log_limit_size'] = "1000";
if (empty($pconfig['http_log_limit_size']))
@@ -119,6 +125,8 @@ if ($_POST["save"]) {
$config['installedpackages']['suricata']['config'][0]['suricataloglimitsize'] = $_POST['suricataloglimitsize'];
$config['installedpackages']['suricata']['config'][0]['alert_log_limit_size'] = $_POST['alert_log_limit_size'];
$config['installedpackages']['suricata']['config'][0]['alert_log_retention'] = $_POST['alert_log_retention'];
+ $config['installedpackages']['suricata']['config'][0]['block_log_limit_size'] = $_POST['block_log_limit_size'];
+ $config['installedpackages']['suricata']['config'][0]['block_log_retention'] = $_POST['block_log_retention'];
$config['installedpackages']['suricata']['config'][0]['files_json_log_limit_size'] = $_POST['files_json_log_limit_size'];
$config['installedpackages']['suricata']['config'][0]['files_json_log_retention'] = $_POST['files_json_log_retention'];
$config['installedpackages']['suricata']['config'][0]['http_log_limit_size'] = $_POST['http_log_limit_size'];
@@ -278,6 +286,26 @@ if ($input_errors)
<td class="listbg"><?=gettext("Suricata alerts and event details");?></td>
</tr>
<tr>
+ <td class="listbg">block</td>
+ <td class="listr" align="center"><select name="block_log_limit_size" class="formselect" id="block_log_limit_size">
+ <?php foreach ($log_sizes as $k => $l): ?>
+ <option value="<?=$k;?>"
+ <?php if ($k == $pconfig['block_log_limit_size']) echo "selected"; ?>>
+ <?=htmlspecialchars($l);?></option>
+ <?php endforeach; ?>
+ </select>
+ </td>
+ <td class="listr" align="center"><select name="block_log_retention" class="formselect" id="block_log_retention">
+ <?php foreach ($retentions as $k => $p): ?>
+ <option value="<?=$k;?>"
+ <?php if ($k == $pconfig['block_log_retention']) echo "selected"; ?>>
+ <?=htmlspecialchars($p);?></option>
+ <?php endforeach; ?>
+ </select>
+ </td>
+ <td class="listbg"><?=gettext("Suricata blocked IPs and event details");?></td>
+ </tr>
+ <tr>
<td class="listbg">files-json</td>
<td class="listr" align="center"><select name="files_json_log_limit_size" class="formselect" id="files_json_log_limit_size">
<?php foreach ($log_sizes as $k => $l): ?>
@@ -404,6 +432,8 @@ function enable_change() {
var endis = !(document.iform.enable_log_mgmt.checked);
document.iform.alert_log_limit_size.disabled = endis;
document.iform.alert_log_retention.disabled = endis;
+ document.iform.block_log_limit_size.disabled = endis;
+ document.iform.block_log_retention.disabled = endis;
document.iform.files_json_log_limit_size.disabled = endis;
document.iform.files_json_log_retention.disabled = endis;
document.iform.http_log_limit_size.disabled = endis;