diff options
author | robiscool <robrob2626@yahoo.com> | 2010-05-03 13:37:58 -0700 |
---|---|---|
committer | robiscool <robrob2626@yahoo.com> | 2010-05-03 13:38:38 -0700 |
commit | ee7d8c15e499214c78b29c99d3a275973e8a3b7c (patch) | |
tree | f904a9333f2cf099338a1317cff3109c31ad9865 /config | |
parent | a9e757fce0e6e8e15dad63a02472959af52f8ff4 (diff) | |
download | pfsense-packages-ee7d8c15e499214c78b29c99d3a275973e8a3b7c.tar.gz pfsense-packages-ee7d8c15e499214c78b29c99d3a275973e8a3b7c.tar.bz2 pfsense-packages-ee7d8c15e499214c78b29c99d3a275973e8a3b7c.zip |
snort, remove old code, fix barmnyrad2
Diffstat (limited to 'config')
-rw-r--r-- | config/snort/snort.inc | 47 | ||||
-rw-r--r-- | config/snort/snort_interfaces.php | 2 | ||||
-rw-r--r-- | config/snort/snort_interfaces_suppress.php | 340 | ||||
-rw-r--r-- | config/snort/snort_interfaces_suppress_edit.php | 634 | ||||
-rw-r--r-- | config/snort/snort_interfaces_whitelist.php | 360 | ||||
-rw-r--r-- | config/snort/snort_interfaces_whitelist_edit.php | 967 |
6 files changed, 1164 insertions, 1186 deletions
diff --git a/config/snort/snort.inc b/config/snort/snort.inc index 035865e2..28f933b2 100644 --- a/config/snort/snort.inc +++ b/config/snort/snort.inc @@ -311,14 +311,14 @@ global $config, $g; $snort_info_chk = $config['installedpackages']['snortglobal']['rule'][$id]['enable']; if ($snort_info_chk == 'on') { - exec("/usr/local/bin/snort -u snort -g snort -R \"{$snort_uuid}{$if_real}\" -D -q -l /var/log/snort --pid-path /var/log/snort/run -G {$snort_uuid} -c /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/snort.conf -i {$if_real}"); + exec("/usr/local/bin/snort -u snort -g snort -R \"{$snort_uuid}{$if_real}\" -D -q -t /var/log/snort -l /var/log/snort --pid-path /var/log/snort/run -G {$snort_uuid} -c /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/snort.conf -i {$if_real}"); } /* define snortbarnyardlog_chk */ /* top will have trouble if the uuid is to far back */ $snortbarnyardlog_info_chk = $config['installedpackages']['snortglobal']['rule'][$id]['barnyard_enable']; $snortbarnyardlog_mysql_info_chk = $config['installedpackages']['snortglobal']['rule'][$id]['barnyard_mysql']; if ($snortbarnyardlog_info_chk == 'on' && $snortbarnyardlog_mysql_info_chk != '' && $snort_info_chk == 'on') { - exec("/usr/local/bin/barnyard2 -f \"snort_{$snort_uuid}_{$if_real}.u2\" -u snort -g snort --pid-path /var/log/snort/run -c /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/barnyard2.conf -w /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/barnyard2.waldo -D -q"); + exec("/usr/local/bin/barnyard2 -f \"snort_{$snort_uuid}_{$if_real}.u2\" -u snort -g snort --pid-path /var/log/snort/run -c /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/barnyard2.conf -d /var/log/snort -D -q"); } /* Log Iface stop */ @@ -988,10 +988,11 @@ function sync_snort_package_all($id, $if_real, $snort_uuid) /* RedDevil suggested code */ /* TODO: more testing needs to be done */ -exec("/sbin/sysctl net.bpf.bufsize=8388608"); -exec("/sbin/sysctl net.bpf.maxbufsize=4194304"); -exec("/sbin/sysctl net.bpf.maxinsns=512"); -exec("/sbin/sysctl net.inet.tcp.rfc1323=1"); +/* may cause voip to fail */ +//exec("/sbin/sysctl net.bpf.bufsize=8388608"); +//exec("/sbin/sysctl net.bpf.maxbufsize=4194304"); +//exec("/sbin/sysctl net.bpf.maxinsns=512"); +//exec("/sbin/sysctl net.inet.tcp.rfc1323=1"); # Error checking if ($id != '' && $if_real != '') //new @@ -1045,10 +1046,11 @@ function sync_snort_package_empty() /* RedDevil suggested code */ /* TODO: more testing needs to be done */ -exec("/sbin/sysctl net.bpf.bufsize=8388608"); -exec("/sbin/sysctl net.bpf.maxbufsize=4194304"); -exec("/sbin/sysctl net.bpf.maxinsns=512"); -exec("/sbin/sysctl net.inet.tcp.rfc1323=1"); +/* may cause voip to fail */ +//exec("/sbin/sysctl net.bpf.bufsize=8388608"); +//exec("/sbin/sysctl net.bpf.maxbufsize=4194304"); +//exec("/sbin/sysctl net.bpf.maxinsns=512"); +//exec("/sbin/sysctl net.inet.tcp.rfc1323=1"); /* do not start config build if rules is empty */ if (!empty($config['installedpackages']['snortglobal']['rule'])) @@ -1115,10 +1117,11 @@ function sync_snort_package_config() /* RedDevil suggested code */ /* TODO: more testing needs to be done */ -exec("/sbin/sysctl net.bpf.bufsize=8388608"); -exec("/sbin/sysctl net.bpf.maxbufsize=4194304"); -exec("/sbin/sysctl net.bpf.maxinsns=512"); -exec("/sbin/sysctl net.inet.tcp.rfc1323=1"); +/* may cause voip to fail */ +//exec("/sbin/sysctl net.bpf.bufsize=8388608"); +//exec("/sbin/sysctl net.bpf.maxbufsize=4194304"); +//exec("/sbin/sysctl net.bpf.maxinsns=512"); +//exec("/sbin/sysctl net.inet.tcp.rfc1323=1"); /* do not start config build if rules is empty */ if (!empty($config['installedpackages']['snortglobal']['rule'])) @@ -1348,7 +1351,7 @@ function create_snort_sh() $snortbarnyardlog_mysql_info_chk = $config['installedpackages']['snortglobal']['rule'][$id]['barnyard_mysql']; if ($snortbarnyardlog_info_chk == 'on' && $snortbarnyardlog_mysql_info_chk != '') { - $start_barnyard2 = "sleep 4;/usr/local/bin/barnyard2 -f snort_{$snort_uuid}_{$if_real}.u2 -u snort -g snort --pid-path /var/log/snort/run -c /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/barnyard2.conf -w /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/barnyard2.waldo -D -q"; + $start_barnyard2 = "sleep 4;/usr/local/bin/barnyard2 -f snort_{$snort_uuid}_{$if_real}.u2 -u snort -g snort --pid-path /var/log/snort/run -c /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/barnyard2.conf -d /var/log/snort -D -q"; } /* Get all interface startup commands ready */ @@ -1365,7 +1368,7 @@ $snort_sh_text2[] = <<<EOD /bin/rm /var/run/snort_{$snort_uuid}_{$if_real}.pid /bin/rm /var/run/snort_{$snort_uuid}_{$if_real}.pid.lck - /usr/local/bin/snort -u snort -g snort -R {$snort_uuid}{$if_real} -D -q -l /var/log/snort --pid-path /var/log/snort/run -G {$snort_uuid} -c /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/snort.conf -i {$if_real} + /usr/local/bin/snort -u snort -g snort -R {$snort_uuid}{$if_real} -D -q -t /var/log/snort -l /var/log/snort --pid-path /var/log/snort/run -G {$snort_uuid} -c /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/snort.conf -i {$if_real} $start_barnyard2 /usr/bin/logger -p daemon.info -i -t SnortStartup "Snort HARD Reload For {$snort_uuid}_{$if_real}..." @@ -1554,14 +1557,14 @@ function create_barnyard2_conf($id, $if_real, $snort_uuid) { if(!file_exists("/usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/barnyard2.conf")) { - exec("/bin//usr/bin/touch /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/barnyard2.conf"); + exec("/usr/bin/touch /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/barnyard2.conf"); } - if(!file_exists("/usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/barnyard2.waldo")) + if(!file_exists("/var/log/snort/barnyard2/{$snort_uuid}_{$if_real}.waldo")) { - exec("/bin//usr/bin/touch /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/barnyard2.waldo"); - exec("/usr/sbin/chown snort:snort /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/barnyard2.waldo"); - exec("/bin/chmod 770 /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/barnyard2.waldo"); + exec("/usr/bin/touch /var/log/snort/barnyard2/{$snort_uuid}_{$if_real}.waldo"); + exec("/usr/sbin/chown snort:snort /var/log/snort/barnyard2/{$snort_uuid}_{$if_real}.waldo"); + exec("/bin/chmod 770 /var/log/snort/barnyard2/{$snort_uuid}_{$if_real}.waldo"); } $barnyard2_conf_text = generate_barnyard2_conf($id, $if_real, $snort_uuid); @@ -1625,6 +1628,8 @@ config sid_file: /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}/sid config hostname: $snortbarnyardlog_hostname_info_chk config interface: {$snort_uuid}_{$if_real} +config decode_data_link +config waldo_file: /var/log/snort/barnyard2/{$snort_uuid}_{$if_real}.waldo ## START user pass through ## diff --git a/config/snort/snort_interfaces.php b/config/snort/snort_interfaces.php index d9ecc333..9db023a7 100644 --- a/config/snort/snort_interfaces.php +++ b/config/snort/snort_interfaces.php @@ -240,7 +240,7 @@ if ($_GET['act'] == 'toggle' && $_GET['id'] != '') -$pgtitle = "Services: Snort 2.8.5.3 pkg v. 1.24"; +$pgtitle = "Services: Snort 2.8.5.3 pkg v. 1.25"; include("head.inc"); ?> diff --git a/config/snort/snort_interfaces_suppress.php b/config/snort/snort_interfaces_suppress.php index c2ecf817..3f67cca8 100644 --- a/config/snort/snort_interfaces_suppress.php +++ b/config/snort/snort_interfaces_suppress.php @@ -1,170 +1,170 @@ -<?php -/* $Id$ */ -/* - firewall_aliases.php - Copyright (C) 2004 Scott Ullrich - All rights reserved. - - originially part of m0n0wall (http://m0n0.ch/wall) - Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>. - All rights reserved. - - modified for the pfsense snort package - Copyright (C) 2009-2010 Robert Zelaya. - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -require("guiconfig.inc"); - - -if (!is_array($config['installedpackages']['snortglobal']['suppress']['item'])) - $config['installedpackages']['snortglobal']['suppress']['item'] = array(); - -//aliases_sort(); << what ? -$a_suppress = &$config['installedpackages']['snortglobal']['suppress']['item']; - -if (isset($config['installedpackages']['snortglobal']['suppress']['item'])) { -$id_gen = count($config['installedpackages']['snortglobal']['suppress']['item']); -}else{ -$id_gen = '0'; -} - -$d_suppresslistdirty_path = '/var/run/snort_suppress.dirty'; - -if ($_POST) { - - $pconfig = $_POST; - - if ($_POST['apply']) { - $retval = 0; - - if(stristr($retval, "error") <> true) - $savemsg = get_std_save_message($retval); - else - $savemsg = $retval; - if ($retval == 0) { - if (file_exists($d_suppresslistdirty_path)) - unlink($d_suppresslistdirty_path); - } - } -} - -if ($_GET['act'] == "del") { - if ($a_suppress[$_GET['id']]) { - /* make sure rule is not being referenced by any nat or filter rules */ - - unset($a_suppress[$_GET['id']]); - write_config(); - filter_configure(); - touch($d_suppresslistdirty_path); - header("Location: /snort/snort_interfaces_suppress.php"); - exit; - } -} - -$pgtitle = "Services: Snort: Suppression"; -include("head.inc"); - -?> - -<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> -<?php include("./snort_fbegin.inc"); ?> -<p class="pgtitle"><?=$pgtitle?></p> -<form action="/snort/snort_interfaces_suppress.php" method="post"> -<?php if ($savemsg) print_info_box($savemsg); ?> -<?php if (file_exists($d_suppresslistdirty_path)): ?><p> -<?php print_info_box_np("The white list has been changed.<br>You must apply the changes in order for them to take effect.");?> -<?php endif; ?> - -<table width="100%" border="0" cellpadding="0" cellspacing="0"> - <tr><td class="tabnavtbl"> -<?php - $tab_array = array(); - $tab_array[] = array("Snort Interfaces", false, "/snort/snort_interfaces.php"); - $tab_array[] = array("Global Settings", false, "/snort/snort_interfaces_global.php"); - $tab_array[] = array("Rule Updates", false, "/snort/snort_download_rules.php"); - $tab_array[] = array("Alerts", false, "/snort/snort_alerts.php"); - $tab_array[] = array("Blocked", false, "/snort/snort_blocked.php"); - $tab_array[] = array("Whitelists", false, "/snort/snort_interfaces_whitelist.php"); - $tab_array[] = array("Suppress", true, "/snort/snort_interfaces_suppress.php"); - $tab_array[] = array("Help", false, "/snort/snort_help_info.php"); - display_top_tabs($tab_array); -?> </td></tr> -<tr> -<td class="tabcont"> - -<table width="100%" border="0" cellpadding="0" cellspacing="0"> - -<tr> - <td width="30%" class="listhdrr">File Name</td> - <td width="70%" class="listhdr">Description</td> - - <td width="10%" class="list"> - </td> -</tr> - <?php $i = 0; foreach ($a_suppress as $list): ?> -<tr> - <td class="listlr" ondblclick="document.location='snort_interfaces_suppress_edit.php?id=<?=$i;?>';"> - <?=htmlspecialchars($list['name']);?> - </td> - <td class="listbg" ondblclick="document.location='snort_interfaces_suppress_edit.php?id=<?=$i;?>';"> - <font color="#FFFFFF"> - <?=htmlspecialchars($list['descr']);?> - </td> - - <td valign="middle" nowrap class="list"> - <table border="0" cellspacing="0" cellpadding="1"> - <tr> - <td valign="middle"><a href="snort_interfaces_suppress_edit.php?id=<?=$i;?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0" title="edit whitelist"></a></td> - <td><a href="/snort/snort_interfaces_whitelist.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this whitelist? All elements that still use it will become invalid (e.g. snort rules will fall back to the default whitelist)!')"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="delete whitelist"></a></td> - </tr> - </table> - </td> -</tr> - <?php $i++; endforeach; ?> -<tr> - <td class="list" colspan="2"></td> - <td class="list"> - <table border="0" cellspacing="0" cellpadding="1"> - <tr> - <td valign="middle" width="17"> </td> - <td valign="middle"><a href="snort_interfaces_suppress_edit.php?id=<?php echo $id_gen;?> "><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="add a new list"></a></td> - </tr> - </table> - </td> -</tr> -</table> - </td> - </tr> - </table> -<br> -<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0"> -<td width="100%"><span class="vexpl"><span class="red"><strong>Note:</strong></span> - <p><span class="vexpl">Here you can create event filtering and suppression for your snort package rules.<br>Please note that you must restart a running rule so that changes can take effect.</span></p> -</td> -</table> -</form> -<?php include("fend.inc"); ?> -</body> -</html> +<?php
+/* $Id$ */
+/*
+ firewall_aliases.php
+ Copyright (C) 2004 Scott Ullrich
+ All rights reserved.
+
+ originially part of m0n0wall (http://m0n0.ch/wall)
+ Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ modified for the pfsense snort package
+ Copyright (C) 2009-2010 Robert Zelaya.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+require("guiconfig.inc");
+
+
+if (!is_array($config['installedpackages']['snortglobal']['suppress']['item']))
+ $config['installedpackages']['snortglobal']['suppress']['item'] = array();
+
+//aliases_sort(); << what ?
+$a_suppress = &$config['installedpackages']['snortglobal']['suppress']['item'];
+
+if (isset($config['installedpackages']['snortglobal']['suppress']['item'])) {
+$id_gen = count($config['installedpackages']['snortglobal']['suppress']['item']);
+}else{
+$id_gen = '0';
+}
+
+$d_suppresslistdirty_path = '/var/run/snort_suppress.dirty';
+
+if ($_POST) {
+
+ $pconfig = $_POST;
+
+ if ($_POST['apply']) {
+ $retval = 0;
+
+ if(stristr($retval, "error") <> true)
+ $savemsg = get_std_save_message($retval);
+ else
+ $savemsg = $retval;
+ if ($retval == 0) {
+ if (file_exists($d_suppresslistdirty_path))
+ unlink($d_suppresslistdirty_path);
+ }
+ }
+}
+
+if ($_GET['act'] == "del") {
+ if ($a_suppress[$_GET['id']]) {
+ /* make sure rule is not being referenced by any nat or filter rules */
+
+ unset($a_suppress[$_GET['id']]);
+ write_config();
+ filter_configure();
+ touch($d_suppresslistdirty_path);
+ header("Location: /snort/snort_interfaces_suppress.php");
+ exit;
+ }
+}
+
+$pgtitle = "Services: Snort: Suppression";
+include("head.inc");
+
+?>
+
+<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
+<?php include("./snort_fbegin.inc"); ?>
+<p class="pgtitle"><?=$pgtitle?></p>
+<form action="/snort/snort_interfaces_suppress.php" method="post">
+<?php if ($savemsg) print_info_box($savemsg); ?>
+<?php if (file_exists($d_suppresslistdirty_path)): ?><p>
+<?php print_info_box_np("The white list has been changed.<br>You must apply the changes in order for them to take effect.");?>
+<?php endif; ?>
+
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td class="tabnavtbl">
+<?php
+ $tab_array = array();
+ $tab_array[] = array("Snort Interfaces", false, "/snort/snort_interfaces.php");
+ $tab_array[] = array("Global Settings", false, "/snort/snort_interfaces_global.php");
+ $tab_array[] = array("Rule Updates", false, "/snort/snort_download_rules.php");
+ $tab_array[] = array("Alerts", false, "/snort/snort_alerts.php");
+ $tab_array[] = array("Blocked", false, "/snort/snort_blocked.php");
+ $tab_array[] = array("Whitelists", false, "/snort/snort_interfaces_whitelist.php");
+ $tab_array[] = array("Suppress", true, "/snort/snort_interfaces_suppress.php");
+ $tab_array[] = array("Help", false, "/snort/snort_help_info.php");
+ display_top_tabs($tab_array);
+?> </td></tr>
+<tr>
+<td class="tabcont">
+
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+
+<tr>
+ <td width="30%" class="listhdrr">File Name</td>
+ <td width="70%" class="listhdr">Description</td>
+
+ <td width="10%" class="list">
+ </td>
+</tr>
+ <?php $i = 0; foreach ($a_suppress as $list): ?>
+<tr>
+ <td class="listlr" ondblclick="document.location='snort_interfaces_suppress_edit.php?id=<?=$i;?>';">
+ <?=htmlspecialchars($list['name']);?>
+ </td>
+ <td class="listbg" ondblclick="document.location='snort_interfaces_suppress_edit.php?id=<?=$i;?>';">
+ <font color="#FFFFFF">
+ <?=htmlspecialchars($list['descr']);?>
+ </td>
+
+ <td valign="middle" nowrap class="list">
+ <table border="0" cellspacing="0" cellpadding="1">
+ <tr>
+ <td valign="middle"><a href="snort_interfaces_suppress_edit.php?id=<?=$i;?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0" title="edit whitelist"></a></td>
+ <td><a href="/snort/snort_interfaces_whitelist.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this whitelist? All elements that still use it will become invalid (e.g. snort rules will fall back to the default whitelist)!')"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="delete whitelist"></a></td>
+ </tr>
+ </table>
+ </td>
+</tr>
+ <?php $i++; endforeach; ?>
+<tr>
+ <td class="list" colspan="2"></td>
+ <td class="list">
+ <table border="0" cellspacing="0" cellpadding="1">
+ <tr>
+ <td valign="middle" width="17"> </td>
+ <td valign="middle"><a href="snort_interfaces_suppress_edit.php?id=<?php echo $id_gen;?> "><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="add a new list"></a></td>
+ </tr>
+ </table>
+ </td>
+</tr>
+</table>
+ </td>
+ </tr>
+ </table>
+<br>
+<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
+<td width="100%"><span class="vexpl"><span class="red"><strong>Note:</strong></span>
+ <p><span class="vexpl">Here you can create event filtering and suppression for your snort package rules.<br>Please note that you must restart a running rule so that changes can take effect.</span></p>
+</td>
+</table>
+</form>
+<?php include("fend.inc"); ?>
+</body>
+</html>
diff --git a/config/snort/snort_interfaces_suppress_edit.php b/config/snort/snort_interfaces_suppress_edit.php index af3e4a9b..530a7800 100644 --- a/config/snort/snort_interfaces_suppress_edit.php +++ b/config/snort/snort_interfaces_suppress_edit.php @@ -1,324 +1,312 @@ -<?php -/* $Id$ */ -/* - firewall_aliases_edit.php - Copyright (C) 2004 Scott Ullrich - All rights reserved. - - originially part of m0n0wall (http://m0n0.ch/wall) - Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>. - All rights reserved. - - modified for the pfsense snort package - Copyright (C) 2009-2010 Robert Zelaya. - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -require_once("guiconfig.inc"); -require_once("/usr/local/pkg/snort/snort.inc"); -require_once("/usr/local/pkg/snort/snort_gui.inc"); - -if (!is_array($config['installedpackages']['snortglobal']['suppress']['item'])) - $config['installedpackages']['snortglobal']['suppress']['item'] = array(); - -$a_suppress = &$config['installedpackages']['snortglobal']['suppress']['item']; - -$id = $_GET['id']; -if (isset($_POST['id'])) - $id = $_POST['id']; - - -/* gen uuid for each iface !inportant */ -if ($config['installedpackages']['snortglobal']['suppress']['item'][$id]['uuid'] == '') { - //$snort_uuid = gen_snort_uuid(strrev(uniqid(true))); -$suppress_uuid = 0; -while ($suppress_uuid > 65535 || $suppress_uuid == 0) { - $suppress_uuid = mt_rand(1, 65535); - $pconfig['uuid'] = $suppress_uuid; - } -} - -if ($config['installedpackages']['snortglobal']['suppress']['item'][$id]['uuid'] != '') { - $suppress_uuid = $config['installedpackages']['snortglobal']['suppress']['item'][$id]['uuid']; -} - -$pgtitle = "Services: Snort: Suppression: Edit $suppress_uuid"; - -$d_snort_suppress_dirty_path = '/var/run/snort_suppress.dirty'; - -/* returns true if $name is a valid name for a whitelist file name or ip */ -function is_validwhitelistname($name) { - if (!is_string($name)) - return false; - - if (!preg_match("/[^a-zA-Z0-9\.\/]/", $name)) - return true; - - return false; -} - - -if (isset($id) && $a_suppress[$id]) { - - /* old settings */ - $pconfig['name'] = $a_suppress[$id]['name']; - $pconfig['uuid'] = $a_suppress[$id]['uuid']; - $pconfig['descr'] = $a_suppress[$id]['descr']; - $pconfig['suppresspassthru'] = base64_decode($a_suppress[$id]['suppresspassthru']); - - - -} - - /* this will exec when alert says apply */ - if ($_POST['apply']) { - - if (file_exists("$d_snort_suppress_dirty_path")) { - - write_config(); - - sync_snort_package_config(); - sync_snort_package(); - - unlink("$d_snort_suppress_dirty_path"); - - } - - } - -if ($_POST['submit']) { - - unset($input_errors); - $pconfig = $_POST; - - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); - - if(strtolower($_POST['name']) == "defaultwhitelist") - $input_errors[] = "Whitelist file names may not be named defaultwhitelist."; - - $x = is_validwhitelistname($_POST['name']); - if (!isset($x)) { - $input_errors[] = "Reserved word used for whitelist file name."; - } else { - if (is_validwhitelistname($_POST['name']) == false) - $input_errors[] = "Whitelist file name may only consist of the characters a-z, A-Z and 0-9 _. Note: No Spaces. Press Cancel to reset."; - } - - - /* check for name conflicts */ - foreach ($a_suppress as $s_list) { - if (isset($id) && ($a_suppress[$id]) && ($a_suppress[$id] === $s_list)) - continue; - - if ($s_list['name'] == $_POST['name']) { - $input_errors[] = "A whitelist file name with this name already exists."; - break; - } - } - - - $s_list = array(); - /* post user input */ - - if (!$input_errors) { - - $s_list['name'] = $_POST['name']; - $s_list['uuid'] = $suppress_uuid; - $s_list['descr'] = mb_convert_encoding($_POST['descr'],"HTML-ENTITIES","auto"); - $s_list['suppresspassthru'] = base64_encode($_POST['suppresspassthru']); - - - if (isset($id) && $a_suppress[$id]) - $a_suppress[$id] = $s_list; - else - $a_suppress[] = $s_list; - - touch($d_snort_suppress_dirty_path); - - write_config(); - - header("Location: /snort/snort_interfaces_suppress_edit.php?id=$id"); - exit; - } - -} - -include("head.inc"); - -?> - -<body link="#0000CC" vlink="#0000CC" alink="#0000CC" onload="<?= $jsevents["body"]["onload"] ?>"> - -<style type="text/css"> -.formpre { -font-family: Tahoma,Verdana,Arial,Helvetica,sans-serif; -font-size: 1.1em; -} -</style> - -<?php - include("./snort_fbegin.inc"); -?> -<p class="pgtitle"><?=$pgtitle?></p> - -<?php if ($input_errors) print_input_errors($input_errors); ?> -<div id="inputerrors"></div> - -<form action="/snort/snort_interfaces_suppress_edit.php?id=<?=$id?>" method="post" name="iform" id="iform"> - -<?php - /* Display Alert message */ - if ($input_errors) { - print_input_errors($input_errors); // TODO: add checks - } - - if ($savemsg) { - print_info_box2($savemsg); - } - - //if (file_exists($d_snortconfdirty_path)) { - if (file_exists($d_snort_suppress_dirty_path)) { - echo '<p>'; - - if($savemsg) { - print_info_box_np2("{$savemsg}"); - }else{ - print_info_box_np2(' - The Snort configuration has changed and snort needs to be restarted on this interface.<br> - You must apply the changes in order for them to take effect.<br> - '); - } - } -?> - -<table width="100%" border="0" cellpadding="0" cellspacing="0"> - <tr><td class="tabnavtbl"> -<?php - $tab_array = array(); - $tab_array[] = array("Snort Interfaces", false, "/snort/snort_interfaces.php"); - $tab_array[] = array("Global Settings", false, "/snort/snort_interfaces_global.php"); - $tab_array[] = array("Rule Updates", false, "/snort/snort_download_rules.php"); - $tab_array[] = array("Alerts", false, "/snort/snort_alerts.php"); - $tab_array[] = array("Blocked", false, "/snort/snort_blocked.php"); - $tab_array[] = array("Whitelists", false, "/snort/snort_interfaces_whitelist.php"); - $tab_array[] = array("Suppress", true, "/snort/snort_interfaces_suppress.php"); - $tab_array[] = array("Help", false, "/snort/snort_help_info.php"); - display_top_tabs($tab_array); -?> </td></tr> -<tr> -<td class="tabcont"> -<table width="100%" border="0" cellpadding="6" cellspacing="0"> - <tr> - <td colspan="2" valign="top" class="listtopic">Add the name and description of the file.</td> - </tr> -<?php if(is_alias_inuse($pconfig['name']) == true): ?> - <tr> - <td valign="top" class="vncellreq">Name</td> - <td class="vtable"> <input name="name" type="hidden" id="name" size="40" value="<?=htmlspecialchars($pconfig['name']);?>" /> - <?php echo $pconfig['name']; ?> - <p> - <span class="vexpl">NOTE: This list is in use so the name may not be modified!</span> - </p> - </td> - </tr> -<?php else: ?> - <tr> - <td valign="top" class="vncellreq">Name</td> - <td class="vtable"> - <input name="name" type="text" id="name" size="40" value="<?=htmlspecialchars($pconfig['name']);?>" /> - <br /> - <span class="vexpl"> - The list name may only consist of the characters a-z, A-Z and 0-9. <span class="red">Note: </span> No Spaces. - </span> - </td> - </tr> -<?php endif; ?> - <tr> - <td width="22%" valign="top" class="vncell">Description</td> - <td width="78%" class="vtable"> - <input name="descr" type="text" id="descr" size="40" value="<?=$pconfig['descr'];?>" /> - <br /> - <span class="vexpl"> - You may enter a description here for your reference (not parsed). - </span> - </td> - </tr> -</table> -<table width="100%" border="0" cellpadding="6" cellspacing="0"> - <table height="32" width="100%"> - <tr> - <td> - <div style='background-color:#E0E0E0' id='redbox'> - <table width='100%'> - <tr> - <td width='8%'> - <img style='vertical-align:middle' src="/snort/images/icon_excli.png" width="40" height="32"> - </td> - <td width='70%'> - <font size="2" color='#FF850A'><b>NOTE:</b></font> - <font size="2" color='#000000'> The threshold keyword is deprecated as of version 2.8.5. Use the event_filter keyword instead.</font> - </td> - </tr> - </table> - </div> - </td> - </tr> - <script type="text/javascript"> - NiftyCheck(); - Rounded("div#redbox","all","#FFF","#E0E0E0","smooth"); - Rounded("td#blackbox","all","#FFF","#000000","smooth"); - </script> - <tr> - <td colspan="2" valign="top" class="listtopic">Apply suppression or filters to rules. Valid keywords are 'suppress', 'event_filter' and 'rate_filter'.</td> - </tr> - <tr> - <td colspan="2" valign="top" class="vncell"> - <b>Example 1;</b> suppress gen_id 1, sig_id 1852, track by_src, ip 10.1.1.54<br> - <b>Example 2;</b> event_filter gen_id 1, sig_id 1851, type limit, track by_src, count 1, seconds 60<br> - <b>Example 3;</b> rate_filter gen_id 135, sig_id 1, track by_src, count 100, seconds 1, new_action log, timeout 10 - </td> - </tr> - <tr> - <td width="100%" class="vtable"> - <textarea wrap="off" name="suppresspassthru" cols="142" rows="28" id="suppresspassthru" class="formpre"><?=htmlspecialchars($pconfig['suppresspassthru']);?></textarea> -</td> - </tr> - <tr> - <td width="78%"> - <input id="submit" name="submit" type="submit" class="formbtn" value="Save" /> - <input id="cancelbutton" name="cancelbutton" type="button" class="formbtn" value="Cancel" onclick="history.back()" /> - <?php if (isset($id) && $a_suppress[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>" /> - <?php endif; ?> - </td> - </tr> - </table> - </table> - </td> - </tr> - </table> -</form> -<?php include("fend.inc"); ?> -</body> +<?php
+/* $Id$ */
+/*
+ firewall_aliases_edit.php
+ Copyright (C) 2004 Scott Ullrich
+ All rights reserved.
+
+ originially part of m0n0wall (http://m0n0.ch/wall)
+ Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ modified for the pfsense snort package
+ Copyright (C) 2009-2010 Robert Zelaya.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+require_once("guiconfig.inc");
+require_once("/usr/local/pkg/snort/snort.inc");
+require_once("/usr/local/pkg/snort/snort_gui.inc");
+
+if (!is_array($config['installedpackages']['snortglobal']['suppress']['item']))
+ $config['installedpackages']['snortglobal']['suppress']['item'] = array();
+
+$a_suppress = &$config['installedpackages']['snortglobal']['suppress']['item'];
+
+$id = $_GET['id'];
+if (isset($_POST['id']))
+ $id = $_POST['id'];
+
+
+/* gen uuid for each iface !inportant */
+if ($config['installedpackages']['snortglobal']['suppress']['item'][$id]['uuid'] == '') {
+ //$snort_uuid = gen_snort_uuid(strrev(uniqid(true)));
+$suppress_uuid = 0;
+while ($suppress_uuid > 65535 || $suppress_uuid == 0) {
+ $suppress_uuid = mt_rand(1, 65535);
+ $pconfig['uuid'] = $suppress_uuid;
+ }
+}
+
+if ($config['installedpackages']['snortglobal']['suppress']['item'][$id]['uuid'] != '') {
+ $suppress_uuid = $config['installedpackages']['snortglobal']['suppress']['item'][$id]['uuid'];
+}
+
+$pgtitle = "Services: Snort: Suppression: Edit $suppress_uuid";
+
+$d_snort_suppress_dirty_path = '/var/run/snort_suppress.dirty';
+
+/* returns true if $name is a valid name for a whitelist file name or ip */
+function is_validwhitelistname($name) {
+ if (!is_string($name))
+ return false;
+
+ if (!preg_match("/[^a-zA-Z0-9\.\/]/", $name))
+ return true;
+
+ return false;
+}
+
+
+if (isset($id) && $a_suppress[$id]) {
+
+ /* old settings */
+ $pconfig['name'] = $a_suppress[$id]['name'];
+ $pconfig['uuid'] = $a_suppress[$id]['uuid'];
+ $pconfig['descr'] = $a_suppress[$id]['descr'];
+ $pconfig['suppresspassthru'] = base64_decode($a_suppress[$id]['suppresspassthru']);
+
+
+
+}
+
+ /* this will exec when alert says apply */
+ if ($_POST['apply']) {
+
+ if (file_exists("$d_snort_suppress_dirty_path")) {
+
+ write_config();
+
+ sync_snort_package_config();
+ sync_snort_package();
+
+ unlink("$d_snort_suppress_dirty_path");
+
+ }
+
+ }
+
+if ($_POST['submit']) {
+
+ unset($input_errors);
+ $pconfig = $_POST;
+
+ do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
+
+ if(strtolower($_POST['name']) == "defaultwhitelist")
+ $input_errors[] = "Whitelist file names may not be named defaultwhitelist.";
+
+ $x = is_validwhitelistname($_POST['name']);
+ if (!isset($x)) {
+ $input_errors[] = "Reserved word used for whitelist file name.";
+ } else {
+ if (is_validwhitelistname($_POST['name']) == false)
+ $input_errors[] = "Whitelist file name may only consist of the characters a-z, A-Z and 0-9 _. Note: No Spaces. Press Cancel to reset.";
+ }
+
+
+ /* check for name conflicts */
+ foreach ($a_suppress as $s_list) {
+ if (isset($id) && ($a_suppress[$id]) && ($a_suppress[$id] === $s_list))
+ continue;
+
+ if ($s_list['name'] == $_POST['name']) {
+ $input_errors[] = "A whitelist file name with this name already exists.";
+ break;
+ }
+ }
+
+
+ $s_list = array();
+ /* post user input */
+
+ if (!$input_errors) {
+
+ $s_list['name'] = $_POST['name'];
+ $s_list['uuid'] = $suppress_uuid;
+ $s_list['descr'] = mb_convert_encoding($_POST['descr'],"HTML-ENTITIES","auto");
+ $s_list['suppresspassthru'] = base64_encode($_POST['suppresspassthru']);
+
+
+ if (isset($id) && $a_suppress[$id])
+ $a_suppress[$id] = $s_list;
+ else
+ $a_suppress[] = $s_list;
+
+ touch($d_snort_suppress_dirty_path);
+
+ write_config();
+
+ header("Location: /snort/snort_interfaces_suppress_edit.php?id=$id");
+ exit;
+ }
+
+}
+
+include("head.inc");
+
+?>
+
+<body link="#0000CC" vlink="#0000CC" alink="#0000CC" onload="<?= $jsevents["body"]["onload"] ?>">
+
+<style type="text/css">
+.formpre {
+font-family: Tahoma,Verdana,Arial,Helvetica,sans-serif;
+font-size: 1.1em;
+}
+</style>
+
+<?php
+ include("./snort_fbegin.inc");
+?>
+<p class="pgtitle"><?=$pgtitle?></p>
+
+<?php if ($input_errors) print_input_errors($input_errors); ?>
+<div id="inputerrors"></div>
+
+<form action="/snort/snort_interfaces_suppress_edit.php?id=<?=$id?>" method="post" name="iform" id="iform">
+
+<?php
+ /* Display Alert message */
+ if ($input_errors) {
+ print_input_errors($input_errors); // TODO: add checks
+ }
+
+ if ($savemsg) {
+ print_info_box2($savemsg);
+ }
+
+ //if (file_exists($d_snortconfdirty_path)) {
+ if (file_exists($d_snort_suppress_dirty_path)) {
+ echo '<p>';
+
+ if($savemsg) {
+ print_info_box_np2("{$savemsg}");
+ }else{
+ print_info_box_np2('
+ The Snort configuration has changed and snort needs to be restarted on this interface.<br>
+ You must apply the changes in order for them to take effect.<br>
+ ');
+ }
+ }
+?>
+
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td class="tabnavtbl">
+<?php
+ $tab_array = array();
+ $tab_array[] = array("Snort Interfaces", false, "/snort/snort_interfaces.php");
+ $tab_array[] = array("Global Settings", false, "/snort/snort_interfaces_global.php");
+ $tab_array[] = array("Rule Updates", false, "/snort/snort_download_rules.php");
+ $tab_array[] = array("Alerts", false, "/snort/snort_alerts.php");
+ $tab_array[] = array("Blocked", false, "/snort/snort_blocked.php");
+ $tab_array[] = array("Whitelists", false, "/snort/snort_interfaces_whitelist.php");
+ $tab_array[] = array("Suppress", true, "/snort/snort_interfaces_suppress.php");
+ $tab_array[] = array("Help", false, "/snort/snort_help_info.php");
+ display_top_tabs($tab_array);
+?> </td></tr>
+<tr>
+<td class="tabcont">
+<table width="100%" border="0" cellpadding="6" cellspacing="0">
+ <tr>
+ <td colspan="2" valign="top" class="listtopic">Add the name and description of the file.</td>
+ </tr>
+ <tr>
+ <td valign="top" class="vncellreq">Name</td>
+ <td class="vtable">
+ <input name="name" type="text" id="name" size="40" value="<?=htmlspecialchars($pconfig['name']);?>" />
+ <br />
+ <span class="vexpl">
+ The list name may only consist of the characters a-z, A-Z and 0-9. <span class="red">Note: </span> No Spaces.
+ </span>
+ </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">Description</td>
+ <td width="78%" class="vtable">
+ <input name="descr" type="text" id="descr" size="40" value="<?=$pconfig['descr'];?>" />
+ <br />
+ <span class="vexpl">
+ You may enter a description here for your reference (not parsed).
+ </span>
+ </td>
+ </tr>
+</table>
+<table width="100%" border="0" cellpadding="6" cellspacing="0">
+ <table height="32" width="100%">
+ <tr>
+ <td>
+ <div style='background-color:#E0E0E0' id='redbox'>
+ <table width='100%'>
+ <tr>
+ <td width='8%'>
+ <img style='vertical-align:middle' src="/snort/images/icon_excli.png" width="40" height="32">
+ </td>
+ <td width='70%'>
+ <font size="2" color='#FF850A'><b>NOTE:</b></font>
+ <font size="2" color='#000000'> The threshold keyword is deprecated as of version 2.8.5. Use the event_filter keyword instead.</font>
+ </td>
+ </tr>
+ </table>
+ </div>
+ </td>
+ </tr>
+ <script type="text/javascript">
+ NiftyCheck();
+ Rounded("div#redbox","all","#FFF","#E0E0E0","smooth");
+ Rounded("td#blackbox","all","#FFF","#000000","smooth");
+ </script>
+ <tr>
+ <td colspan="2" valign="top" class="listtopic">Apply suppression or filters to rules. Valid keywords are 'suppress', 'event_filter' and 'rate_filter'.</td>
+ </tr>
+ <tr>
+ <td colspan="2" valign="top" class="vncell">
+ <b>Example 1;</b> suppress gen_id 1, sig_id 1852, track by_src, ip 10.1.1.54<br>
+ <b>Example 2;</b> event_filter gen_id 1, sig_id 1851, type limit, track by_src, count 1, seconds 60<br>
+ <b>Example 3;</b> rate_filter gen_id 135, sig_id 1, track by_src, count 100, seconds 1, new_action log, timeout 10
+ </td>
+ </tr>
+ <tr>
+ <td width="100%" class="vtable">
+ <textarea wrap="off" name="suppresspassthru" cols="142" rows="28" id="suppresspassthru" class="formpre"><?=htmlspecialchars($pconfig['suppresspassthru']);?></textarea>
+</td>
+ </tr>
+ <tr>
+ <td width="78%">
+ <input id="submit" name="submit" type="submit" class="formbtn" value="Save" />
+ <input id="cancelbutton" name="cancelbutton" type="button" class="formbtn" value="Cancel" onclick="history.back()" />
+ <?php if (isset($id) && $a_suppress[$id]): ?>
+ <input name="id" type="hidden" value="<?=$id;?>" />
+ <?php endif; ?>
+ </td>
+ </tr>
+ </table>
+ </table>
+ </td>
+ </tr>
+ </table>
+</form>
+<?php include("fend.inc"); ?>
+</body>
</html>
\ No newline at end of file diff --git a/config/snort/snort_interfaces_whitelist.php b/config/snort/snort_interfaces_whitelist.php index 3dd8f4dc..87da2f57 100644 --- a/config/snort/snort_interfaces_whitelist.php +++ b/config/snort/snort_interfaces_whitelist.php @@ -1,180 +1,180 @@ -<?php -/* $Id$ */ -/* - firewall_aliases.php - Copyright (C) 2004 Scott Ullrich - All rights reserved. - - originially part of m0n0wall (http://m0n0.ch/wall) - Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>. - All rights reserved. - - modified for the pfsense snort package - Copyright (C) 2009-2010 Robert Zelaya. - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -require("guiconfig.inc"); - - -if (!is_array($config['installedpackages']['snortglobal']['whitelist']['item'])) - $config['installedpackages']['snortglobal']['whitelist']['item'] = array(); - -//aliases_sort(); << what ? -$a_whitelist = &$config['installedpackages']['snortglobal']['whitelist']['item']; - -if (isset($config['installedpackages']['snortglobal']['whitelist']['item'])) { -$id_gen = count($config['installedpackages']['snortglobal']['whitelist']['item']); -}else{ -$id_gen = '0'; -} - -$d_whitelistdirty_path = '/var/run/snort_whitelist.dirty'; - -if ($_POST) { - - $pconfig = $_POST; - - if ($_POST['apply']) { - $retval = 0; - - if(stristr($retval, "error") <> true) - $savemsg = get_std_save_message($retval); - else - $savemsg = $retval; - if ($retval == 0) { - if (file_exists($d_whitelistdirty_path)) - unlink($d_whitelistdirty_path); - } - } -} - -if ($_GET['act'] == "del") { - if ($a_whitelist[$_GET['id']]) { - /* make sure rule is not being referenced by any nat or filter rules */ - - unset($a_whitelist[$_GET['id']]); - write_config(); - filter_configure(); - touch($d_whitelistdirty_path); - header("Location: /snort/snort_interfaces_whitelist.php"); - exit; - } -} - -$pgtitle = "Services: Snort: Whitelist"; -include("head.inc"); - -?> - -<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> -<?php include("./snort_fbegin.inc"); ?> -<p class="pgtitle"><?=$pgtitle?></p> -<form action="/snort/snort_interfaces_whitelist.php" method="post"> -<?php if ($savemsg) print_info_box($savemsg); ?> -<?php if (file_exists($d_whitelistdirty_path)): ?><p> -<?php print_info_box_np("The white list has been changed.<br>You must apply the changes in order for them to take effect.");?> -<?php endif; ?> - -<table width="100%" border="0" cellpadding="0" cellspacing="0"> - <tr><td class="tabnavtbl"> -<?php - $tab_array = array(); - $tab_array[] = array("Snort Interfaces", false, "/snort/snort_interfaces.php"); - $tab_array[] = array("Global Settings", false, "/snort/snort_interfaces_global.php"); - $tab_array[] = array("Rule Updates", false, "/snort/snort_download_rules.php"); - $tab_array[] = array("Alerts", false, "/snort/snort_alerts.php"); - $tab_array[] = array("Blocked", false, "/snort/snort_blocked.php"); - $tab_array[] = array("Whitelists", true, "/snort/snort_interfaces_whitelist.php"); - $tab_array[] = array("Suppress", false, "/snort/snort_interfaces_suppress.php"); - $tab_array[] = array("Help", false, "/snort/snort_help_info.php"); - display_top_tabs($tab_array); -?> </td></tr> -<tr> -<td class="tabcont"> - -<table width="100%" border="0" cellpadding="0" cellspacing="0"> - -<tr> - <td width="20%" class="listhdrr">File Name</td> - <td width="40%" class="listhdrr">Values</td> - <td width="40%" class="listhdr">Description</td> - <td width="10%" class="list"> - </td> -</tr> - <?php $i = 0; foreach ($a_whitelist as $list): ?> -<tr> - <td class="listlr" ondblclick="document.location='snort_interfaces_whitelist_edit.php?id=<?=$i;?>';"> - <?=htmlspecialchars($list['name']);?> - </td> - <td class="listr" ondblclick="document.location='snort_interfaces_whitelist_edit.php?id=<?=$i;?>';"> - <?php - $addresses = implode(", ", array_slice(explode(" ", $list['address']), 0, 10)); - echo $addresses; - if(count($addresses) < 10) { - echo " "; - } else { - echo "..."; - } - ?> - </td> - <td class="listbg" ondblclick="document.location='snort_interfaces_whitelist_edit.php?id=<?=$i;?>';"> - <font color="#FFFFFF"> - <?=htmlspecialchars($list['descr']);?> - </td> - <td valign="middle" nowrap class="list"> - <table border="0" cellspacing="0" cellpadding="1"> - <tr> - <td valign="middle"><a href="snort_interfaces_whitelist_edit.php?id=<?=$i;?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0" title="edit whitelist"></a></td> - <td><a href="/snort/snort_interfaces_whitelist.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this whitelist? All elements that still use it will become invalid (e.g. snort rules will fall back to the default whitelist)!')"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="delete whitelist"></a></td> - </tr> - </table> - </td> -</tr> - <?php $i++; endforeach; ?> -<tr> - <td class="list" colspan="3"></td> - <td class="list"> - <table border="0" cellspacing="0" cellpadding="1"> - <tr> - <td valign="middle" width="17"> </td> - <td valign="middle"><a href="snort_interfaces_whitelist_edit.php?id=<?php echo $id_gen;?> "><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="add a new list"></a></td> - </tr> - </table> - </td> -</tr> -</table> - </td> - </tr> - </table> -<br> -<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0"> -<td width="100%"><span class="vexpl"><span class="red"><strong>Note:</strong></span> - <p><span class="vexpl">Here you can create whitelist files for your snort package rules.<br>Please add all the ips or networks you want to protect against snort block decisions.<br>Remember that the default whitelist only includes local networks.<br>Be careful, it is very easy to get locked out of you system.</span></p> -</td> -</table> -</form> -<?php include("fend.inc"); ?> -</body> -</html> +<?php
+/* $Id$ */
+/*
+ firewall_aliases.php
+ Copyright (C) 2004 Scott Ullrich
+ All rights reserved.
+
+ originially part of m0n0wall (http://m0n0.ch/wall)
+ Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ modified for the pfsense snort package
+ Copyright (C) 2009-2010 Robert Zelaya.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+require("guiconfig.inc");
+
+
+if (!is_array($config['installedpackages']['snortglobal']['whitelist']['item']))
+ $config['installedpackages']['snortglobal']['whitelist']['item'] = array();
+
+//aliases_sort(); << what ?
+$a_whitelist = &$config['installedpackages']['snortglobal']['whitelist']['item'];
+
+if (isset($config['installedpackages']['snortglobal']['whitelist']['item'])) {
+$id_gen = count($config['installedpackages']['snortglobal']['whitelist']['item']);
+}else{
+$id_gen = '0';
+}
+
+$d_whitelistdirty_path = '/var/run/snort_whitelist.dirty';
+
+if ($_POST) {
+
+ $pconfig = $_POST;
+
+ if ($_POST['apply']) {
+ $retval = 0;
+
+ if(stristr($retval, "error") <> true)
+ $savemsg = get_std_save_message($retval);
+ else
+ $savemsg = $retval;
+ if ($retval == 0) {
+ if (file_exists($d_whitelistdirty_path))
+ unlink($d_whitelistdirty_path);
+ }
+ }
+}
+
+if ($_GET['act'] == "del") {
+ if ($a_whitelist[$_GET['id']]) {
+ /* make sure rule is not being referenced by any nat or filter rules */
+
+ unset($a_whitelist[$_GET['id']]);
+ write_config();
+ filter_configure();
+ touch($d_whitelistdirty_path);
+ header("Location: /snort/snort_interfaces_whitelist.php");
+ exit;
+ }
+}
+
+$pgtitle = "Services: Snort: Whitelist";
+include("head.inc");
+
+?>
+
+<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
+<?php include("./snort_fbegin.inc"); ?>
+<p class="pgtitle"><?=$pgtitle?></p>
+<form action="/snort/snort_interfaces_whitelist.php" method="post">
+<?php if ($savemsg) print_info_box($savemsg); ?>
+<?php if (file_exists($d_whitelistdirty_path)): ?><p>
+<?php print_info_box_np("The white list has been changed.<br>You must apply the changes in order for them to take effect.");?>
+<?php endif; ?>
+
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td class="tabnavtbl">
+<?php
+ $tab_array = array();
+ $tab_array[] = array("Snort Interfaces", false, "/snort/snort_interfaces.php");
+ $tab_array[] = array("Global Settings", false, "/snort/snort_interfaces_global.php");
+ $tab_array[] = array("Rule Updates", false, "/snort/snort_download_rules.php");
+ $tab_array[] = array("Alerts", false, "/snort/snort_alerts.php");
+ $tab_array[] = array("Blocked", false, "/snort/snort_blocked.php");
+ $tab_array[] = array("Whitelists", true, "/snort/snort_interfaces_whitelist.php");
+ $tab_array[] = array("Suppress", false, "/snort/snort_interfaces_suppress.php");
+ $tab_array[] = array("Help", false, "/snort/snort_help_info.php");
+ display_top_tabs($tab_array);
+?> </td></tr>
+<tr>
+<td class="tabcont">
+
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+
+<tr>
+ <td width="20%" class="listhdrr">File Name</td>
+ <td width="40%" class="listhdrr">Values</td>
+ <td width="40%" class="listhdr">Description</td>
+ <td width="10%" class="list">
+ </td>
+</tr>
+ <?php $i = 0; foreach ($a_whitelist as $list): ?>
+<tr>
+ <td class="listlr" ondblclick="document.location='snort_interfaces_whitelist_edit.php?id=<?=$i;?>';">
+ <?=htmlspecialchars($list['name']);?>
+ </td>
+ <td class="listr" ondblclick="document.location='snort_interfaces_whitelist_edit.php?id=<?=$i;?>';">
+ <?php
+ $addresses = implode(", ", array_slice(explode(" ", $list['address']), 0, 10));
+ echo $addresses;
+ if(count($addresses) < 10) {
+ echo " ";
+ } else {
+ echo "...";
+ }
+ ?>
+ </td>
+ <td class="listbg" ondblclick="document.location='snort_interfaces_whitelist_edit.php?id=<?=$i;?>';">
+ <font color="#FFFFFF">
+ <?=htmlspecialchars($list['descr']);?>
+ </td>
+ <td valign="middle" nowrap class="list">
+ <table border="0" cellspacing="0" cellpadding="1">
+ <tr>
+ <td valign="middle"><a href="snort_interfaces_whitelist_edit.php?id=<?=$i;?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0" title="edit whitelist"></a></td>
+ <td><a href="/snort/snort_interfaces_whitelist.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this whitelist? All elements that still use it will become invalid (e.g. snort rules will fall back to the default whitelist)!')"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="delete whitelist"></a></td>
+ </tr>
+ </table>
+ </td>
+</tr>
+ <?php $i++; endforeach; ?>
+<tr>
+ <td class="list" colspan="3"></td>
+ <td class="list">
+ <table border="0" cellspacing="0" cellpadding="1">
+ <tr>
+ <td valign="middle" width="17"> </td>
+ <td valign="middle"><a href="snort_interfaces_whitelist_edit.php?id=<?php echo $id_gen;?> "><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="add a new list"></a></td>
+ </tr>
+ </table>
+ </td>
+</tr>
+</table>
+ </td>
+ </tr>
+ </table>
+<br>
+<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
+<td width="100%"><span class="vexpl"><span class="red"><strong>Note:</strong></span>
+ <p><span class="vexpl">Here you can create whitelist files for your snort package rules.<br>Please add all the ips or networks you want to protect against snort block decisions.<br>Remember that the default whitelist only includes local networks.<br>Be careful, it is very easy to get locked out of you system.</span></p>
+</td>
+</table>
+</form>
+<?php include("fend.inc"); ?>
+</body>
+</html>
diff --git a/config/snort/snort_interfaces_whitelist_edit.php b/config/snort/snort_interfaces_whitelist_edit.php index 1d4e1fe0..c147ca7f 100644 --- a/config/snort/snort_interfaces_whitelist_edit.php +++ b/config/snort/snort_interfaces_whitelist_edit.php @@ -1,492 +1,477 @@ -<?php -/* $Id$ */ -/* - firewall_aliases_edit.php - Copyright (C) 2004 Scott Ullrich - All rights reserved. - - originially part of m0n0wall (http://m0n0.ch/wall) - Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>. - All rights reserved. - - modified for the pfsense snort package - Copyright (C) 2009-2010 Robert Zelaya. - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -require_once("guiconfig.inc"); -require_once("/usr/local/pkg/snort/snort.inc"); -require_once("/usr/local/pkg/snort/snort_gui.inc"); - -if (!is_array($config['installedpackages']['snortglobal']['whitelist']['item'])) - $config['installedpackages']['snortglobal']['whitelist']['item'] = array(); - -$a_whitelist = &$config['installedpackages']['snortglobal']['whitelist']['item']; - -$id = $_GET['id']; -if (isset($_POST['id'])) - $id = $_POST['id']; - - -/* gen uuid for each iface !inportant */ -if ($config['installedpackages']['snortglobal']['whitelist']['item'][$id]['uuid'] == '') { - //$snort_uuid = gen_snort_uuid(strrev(uniqid(true))); -$whitelist_uuid = 0; -while ($whitelist_uuid > 65535 || $whitelist_uuid == 0) { - $whitelist_uuid = mt_rand(1, 65535); - $pconfig['uuid'] = $whitelist_uuid; - } -} - -if ($config['installedpackages']['snortglobal']['whitelist']['item'][$id]['uuid'] != '') { - $whitelist_uuid = $config['installedpackages']['snortglobal']['whitelist']['item'][$id]['uuid']; -} - -$pgtitle = "Services: Snort: Whitelist: Edit $whitelist_uuid"; - -$d_snort_whitelist_dirty_path = '/var/run/snort_whitelist.dirty'; - -/* returns true if $name is a valid name for a whitelist file name or ip */ -function is_validwhitelistname($name) { - if (!is_string($name)) - return false; - - if (!preg_match("/[^a-zA-Z0-9\.\/]/", $name)) - return true; - - return false; -} - - -if (isset($id) && $a_whitelist[$id]) { - - /* old settings */ - $pconfig['name'] = $a_whitelist[$id]['name']; - $pconfig['uuid'] = $a_whitelist[$id]['uuid']; - $pconfig['detail'] = $a_whitelist[$id]['detail']; - $pconfig['snortlisttype'] = $a_whitelist[$id]['snortlisttype']; - $pconfig['address'] = $a_whitelist[$id]['address']; - $pconfig['descr'] = html_entity_decode($a_whitelist[$id]['descr']); - $pconfig['wanips'] = $a_whitelist[$id]['wanips']; - $pconfig['wangateips'] = $a_whitelist[$id]['wangateips']; - $pconfig['wandnsips'] = $a_whitelist[$id]['wandnsips']; - $pconfig['vips'] = $a_whitelist[$id]['vips']; - $pconfig['vpnips'] = $a_whitelist[$id]['vpnips']; - - - $addresses = explode(' ', $pconfig['address']); - $address = explode(" ", $addresses[0]); - if ($address[1]) - $addresssubnettest = true; - else - $addresssubnettest = false; -} - - /* this will exec when alert says apply */ - if ($_POST['apply']) { - - if (file_exists("$d_snort_whitelist_dirty_path")) { - - write_config(); - - sync_snort_package_config(); - sync_snort_package(); - - unlink("$d_snort_whitelist_dirty_path"); - - } - - } - -if ($_POST['submit']) { - - unset($input_errors); - $pconfig = $_POST; - - /* input validation */ - $reqdfields = explode(" ", "name address"); - $reqdfieldsn = explode(",", "Name,Address"); - - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); - - if(strtolower($_POST['name']) == "defaultwhitelist") - $input_errors[] = "Whitelist file names may not be named defaultwhitelist."; - - $x = is_validwhitelistname($_POST['name']); - if (!isset($x)) { - $input_errors[] = "Reserved word used for whitelist file name."; - } else { - if (is_validwhitelistname($_POST['name']) == false) - $input_errors[] = "Whitelist file name may only consist of the characters a-z, A-Z and 0-9 _. Note: No Spaces. Press Cancel to reset."; - } - - if (is_validwhitelistname($_POST['address']) == false) - $input_errors[] = "Whitelist address may only consist of the characters 0-9 and /. Note: No Spaces. Press Cancel to reset."; - - - /* check for name conflicts */ - foreach ($a_whitelist as $w_list) { - if (isset($id) && ($a_whitelist[$id]) && ($a_whitelist[$id] === $w_list)) - continue; - - if ($w_list['name'] == $_POST['name']) { - $input_errors[] = "A whitelist file name with this name already exists."; - break; - } - } - - - $w_list = array(); - /* post user input */ - $w_list['name'] = $_POST['name']; - $w_list['uuid'] = $whitelist_uuid; - $w_list['snortlisttype'] = $_POST['snortlisttype']; - $w_list['address'] = $_POST['address']; - $w_list['wanips'] = $_POST['wanips']? yes : no; - $w_list['wangateips'] = $_POST['wangateips']? yes : no; - $w_list['wandnsips'] = $_POST['wandnsips']? yes : no; - $w_list['vips'] = $_POST['vips']? yes : no; - $w_list['vpnips'] = $_POST['vpnips']? yes : no; - - - $address = $w_list['address']; - $final_address_detail = mb_convert_encoding($_POST['detail'],"HTML-ENTITIES","auto"); - if($final_address_detail <> "") { - $final_address_details .= $final_address_detail; - } else { - $final_address_details .= "Entry added" . " "; - $final_address_details .= date('r'); - } - $final_address_details .= "||"; - $isfirst = 0; - - - /* add another entry code */ - for($x=0; $x<299; $x++) { - $comd = "\$subnet = \$_POST['address" . $x . "'];"; - eval($comd); - $comd = "\$subnet_address = \$_POST['address_subnet" . $x . "'];"; - eval($comd); - if($subnet <> "") { - $address .= " "; - $address .= $subnet; - if($subnet_address <> "") $address .= "" . $subnet_address; - - /* Compress in details to a single key, data separated by pipes. - Pulling details here lets us only pull in details for valid - address entries, saving us from having to track which ones to - process later. */ - $comd = "\$final_address_detail = mb_convert_encoding(\$_POST['detail" . $x . "'],'HTML-ENTITIES','auto');"; - eval($comd); - if($final_address_detail <> "") { - $final_address_details .= $final_address_detail; - } else { - $final_address_details .= "Entry added" . " "; - $final_address_details .= date('r'); - } - $final_address_details .= "||"; - } - } - - if (!$input_errors) { - $w_list['address'] = $address; - $w_list['descr'] = mb_convert_encoding($_POST['descr'],"HTML-ENTITIES","auto"); - $w_list['detail'] = $final_address_details; - - if (isset($id) && $a_whitelist[$id]) - $a_whitelist[$id] = $w_list; - else - $a_whitelist[] = $w_list; - - touch($d_snort_whitelist_dirty_path); - - write_config(); - - header("Location: /snort/snort_interfaces_whitelist_edit.php?id=$id"); - exit; - } - //we received input errors, copy data to prevent retype - else - { - $pconfig['descr'] = mb_convert_encoding($_POST['descr'],"HTML-ENTITIES","auto"); - $pconfig['address'] = $address; - $pconfig['detail'] = $final_address_details; - } -} - -include("head.inc"); - -?> - -<body link="#0000CC" vlink="#0000CC" alink="#0000CC" onload="<?= $jsevents["body"]["onload"] ?>"> -<?php - include("./snort_fbegin.inc"); - echo $jscriptstr; -?> - -<script type="text/javascript" src="/snort/javascript/row_helper.js"></script> -<input type='hidden' name='address_type' value='textbox' /> -<script type="text/javascript"> - rowname[0] = "address"; - rowtype[0] = "textbox"; - rowsize[0] = "30"; - - rowname[1] = "detail"; - rowtype[1] = "textbox"; - rowsize[1] = "50"; -</script> - -<p class="pgtitle"><?=$pgtitle?></p> - -<?php if ($input_errors) print_input_errors($input_errors); ?> -<div id="inputerrors"></div> - -<form action="snort_interfaces_whitelist_edit.php?id=<?=$id?>" method="post" name="iform" id="iform"> - -<?php - /* Display Alert message */ - if ($input_errors) { - print_input_errors($input_errors); // TODO: add checks - } - - if ($savemsg) { - print_info_box2($savemsg); - } - - //if (file_exists($d_snortconfdirty_path)) { - if (file_exists($d_snort_whitelist_dirty_path)) { - echo '<p>'; - - if($savemsg) { - print_info_box_np2("{$savemsg}"); - }else{ - print_info_box_np2(' - The Snort configuration has changed and snort needs to be restarted on this interface.<br> - You must apply the changes in order for them to take effect.<br> - '); - } - } -?> - -<table width="100%" border="0" cellpadding="0" cellspacing="0"> - <tr><td class="tabnavtbl"> -<?php - $tab_array = array(); - $tab_array[] = array("Snort Interfaces", false, "/snort/snort_interfaces.php"); - $tab_array[] = array("Global Settings", false, "/snort/snort_interfaces_global.php"); - $tab_array[] = array("Rule Updates", false, "/snort/snort_download_rules.php"); - $tab_array[] = array("Alerts", false, "/snort/snort_alerts.php"); - $tab_array[] = array("Blocked", false, "/snort/snort_blocked.php"); - $tab_array[] = array("Whitelists", true, "/snort/snort_interfaces_whitelist.php"); - $tab_array[] = array("Suppress", false, "/snort/snort_interfaces_suppress.php"); - $tab_array[] = array("Help", false, "/snort/snort_help_info.php"); - display_top_tabs($tab_array); -?> </td></tr> -<tr> -<td class="tabcont"> - -<table width="100%" border="0" cellpadding="6" cellspacing="0"> -<?php if(is_alias_inuse($pconfig['name']) == true): ?> - <tr> - <td colspan="2" valign="top" class="listtopic">Add the name and description of the file.</td> - </tr> - <tr> - <td valign="top" class="vncellreq">Name</td> - <td class="vtable"> <input name="name" type="hidden" id="name" size="40" value="<?=htmlspecialchars($pconfig['name']);?>" /> - <?php echo $pconfig['name']; ?> - <p> - <span class="vexpl">NOTE: This list is in use so the name may not be modified!</span> - </p> - </td> - </tr> -<?php else: ?> - <tr> - <td colspan="2" valign="top" class="listtopic">Add the name and description of the file.</td> - </tr> - <tr> - <td valign="top" class="vncellreq">Name</td> - <td class="vtable"> - <input name="name" type="text" id="name" size="40" value="<?=htmlspecialchars($pconfig['name']);?>" /> - <br /> - <span class="vexpl"> - The list name may only consist of the characters a-z, A-Z and 0-9. <span class="red">Note: </span> No Spaces. - </span> - </td> - </tr> -<?php endif; ?> - <tr> - <td width="22%" valign="top" class="vncell">Description</td> - <td width="78%" class="vtable"> - <input name="descr" type="text" id="descr" size="40" value="<?=$pconfig['descr'];?>" /> - <br /> - <span class="vexpl"> - You may enter a description here for your reference (not parsed). - </span> - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">List Type</td> - <td width="78%" class="vtable"> - <select name="snortlisttype" class="formfld" id="snortlisttype"> - <?php - $interfaces4 = array('whitelist' => 'WHITELIST', 'netlist' => 'NETLIST'); - foreach ($interfaces4 as $iface4 => $ifacename4): ?> - <option value="<?=$iface4;?>" <?php if ($iface4 == $pconfig['snortlisttype']) echo "selected"; ?>> - <?=htmlspecialchars($ifacename4);?> - </option> - <?php endforeach; ?> - </select><br> - <span class="vexpl">Choose the type of list you will like see in your Interface Edit Tab. Hint: Best pratice is to test every list you make. - </span> <span class="red">Note:</span> NETLIST's are only for defining snort.conf's external or home NETS.</td> - </tr> - <tr> - <td colspan="2" valign="top" class="listtopic">Add auto generated ips.</td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">WAN IPs</td> - <td width="78%" class="vtable"> - <input name="wanips" type="checkbox" id="wanips" size="40" value="yes" <?php if($pconfig['wanips'] == 'yes'){ echo "checked";} if($pconfig['wanips'] == ''){ echo "checked";} ?>/> - <span class="vexpl"> - Add WAN IPs to the list. - </span> - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Wan Gateways</td> - <td width="78%" class="vtable"> - <input name="wangateips" type="checkbox" id="wangateips" size="40" value="yes" <?php if($pconfig['wangateips'] == 'yes'){ echo "checked";} if($pconfig['wangateips'] == ''){ echo "checked";} ?>/> - <span class="vexpl"> - Add WAN Gateways to the list. - </span> - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Wan DNS servers</td> - <td width="78%" class="vtable"> - <input name="wandnsips" type="checkbox" id="wandnsips" size="40" value="yes" <?php if($pconfig['wandnsips'] == 'yes'){ echo "checked";} if($pconfig['wandnsips'] == ''){ echo "checked";} ?>/> - <span class="vexpl"> - Add WAN DNS servers to the list. - </span> - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">Virtual IP Addresses</td> - <td width="78%" class="vtable"> - <input name="vips" type="checkbox" id="vips" size="40" value="yes" <?php if($pconfig['vips'] == 'yes'){ echo "checked";} if($pconfig['vips'] == ''){ echo "checked";} ?>/> - <span class="vexpl"> - Add Virtual IP Addresses to the list. - </span> - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell">VPNs</td> - <td width="78%" class="vtable"> - <input name="vpnips" type="checkbox" id="vpnips" size="40" value="yes" <?php if($pconfig['vpnips'] == 'yes'){ echo "checked";} if($pconfig['vpnips'] == ''){ echo "checked";} ?>/> - <span class="vexpl"> - Add VPN Addresses to the list. - </span> - </td> - </tr> - <tr> - <td colspan="2" valign="top" class="listtopic">Add your own custom ips.</td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"><div id="addressnetworkport">IP or CIDR items</div></td> - <td width="78%" class="vtable"> - <table id="maintable"> - <tbody> - <tr> - <td colspan="4"> - <div style="padding:5px; margin-top: 16px; margin-bottom: 16px; border:1px dashed #000066; background-color: #ffffff; color: #000000; font-size: 8pt;" id="itemhelp"> - Enter only ips or CIDR notations. Example: 192.168.4.1 or 192.168.1.0/24</div> - </td> - </tr> - <tr> - <td><div id="onecolumn">IP or CIDR</div></td> - <td><div id="threecolumn">Add a Description or leave blank and a date will be added.</div></td> - </tr> - - <?php - /* cleanup code */ - $counter = 0; - $address = $pconfig['address']; - $item = explode(" ", $address); - $item3 = explode("||", $pconfig['detail']); - foreach($item as $ww) { - $address = $item[$counter]; - $item4 = $item3[$counter]; - if($counter > 0) $tracker = $counter + 1; - ?> - <tr> - <td> - <input name="address<?php echo $tracker; ?>" type="text" id="address<?php echo $tracker; ?>" size="30" value="<?=htmlspecialchars($address);?>" /> - </td> - <td> - <input name="detail<?php echo $tracker; ?>" type="text" id="detail<?php echo $tracker; ?>" size="50" value="<?=$item4;?>" /> - </td> - <td> - <?php - if($counter > 0) - echo "<input type=\"image\" src=\"/themes/".$g['theme']."/images/icons/icon_x.gif\" onclick=\"removeRow(this); return false;\" value=\"Delete\" />"; - ?> - </td> - </tr> - <?php - $counter++; - - } // end foreach - ?> - </tbody> - </table> - <a onclick="javascript:addRowTo('maintable'); return false;" href="#"><img border="0" src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" alt="" title="add another entry" /> - </a> - </td> - </tr> - <tr> - <td width="22%" valign="top"> </td> - <td width="78%"> - <input id="submit" name="submit" type="submit" class="formbtn" value="Save" /> - <input id="cancelbutton" name="cancelbutton" type="button" class="formbtn" value="Cancel" onclick="history.back()" /> - <?php if (isset($id) && $a_whitelist[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>" /> - <?php endif; ?> - </td> - </tr> -</table> - </td> - </tr> - </table> -</form> - -<script type="text/javascript"> - /* row and col adjust when you add extra entries */ - field_counter_js = 2; - rows = 1; - totalrows = <?php echo $counter; ?>; - loaded = <?php echo $counter; ?>; -</script> - -<?php include("fend.inc"); ?> -</body> +<?php
+/* $Id$ */
+/*
+ firewall_aliases_edit.php
+ Copyright (C) 2004 Scott Ullrich
+ All rights reserved.
+
+ originially part of m0n0wall (http://m0n0.ch/wall)
+ Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ modified for the pfsense snort package
+ Copyright (C) 2009-2010 Robert Zelaya.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+require_once("guiconfig.inc");
+require_once("/usr/local/pkg/snort/snort.inc");
+require_once("/usr/local/pkg/snort/snort_gui.inc");
+
+if (!is_array($config['installedpackages']['snortglobal']['whitelist']['item']))
+ $config['installedpackages']['snortglobal']['whitelist']['item'] = array();
+
+$a_whitelist = &$config['installedpackages']['snortglobal']['whitelist']['item'];
+
+$id = $_GET['id'];
+if (isset($_POST['id']))
+ $id = $_POST['id'];
+
+
+/* gen uuid for each iface !inportant */
+if ($config['installedpackages']['snortglobal']['whitelist']['item'][$id]['uuid'] == '') {
+ //$snort_uuid = gen_snort_uuid(strrev(uniqid(true)));
+$whitelist_uuid = 0;
+while ($whitelist_uuid > 65535 || $whitelist_uuid == 0) {
+ $whitelist_uuid = mt_rand(1, 65535);
+ $pconfig['uuid'] = $whitelist_uuid;
+ }
+}
+
+if ($config['installedpackages']['snortglobal']['whitelist']['item'][$id]['uuid'] != '') {
+ $whitelist_uuid = $config['installedpackages']['snortglobal']['whitelist']['item'][$id]['uuid'];
+}
+
+$pgtitle = "Services: Snort: Whitelist: Edit $whitelist_uuid";
+
+$d_snort_whitelist_dirty_path = '/var/run/snort_whitelist.dirty';
+
+/* returns true if $name is a valid name for a whitelist file name or ip */
+function is_validwhitelistname($name) {
+ if (!is_string($name))
+ return false;
+
+ if (!preg_match("/[^a-zA-Z0-9\.\/]/", $name))
+ return true;
+
+ return false;
+}
+
+
+if (isset($id) && $a_whitelist[$id]) {
+
+ /* old settings */
+ $pconfig['name'] = $a_whitelist[$id]['name'];
+ $pconfig['uuid'] = $a_whitelist[$id]['uuid'];
+ $pconfig['detail'] = $a_whitelist[$id]['detail'];
+ $pconfig['snortlisttype'] = $a_whitelist[$id]['snortlisttype'];
+ $pconfig['address'] = $a_whitelist[$id]['address'];
+ $pconfig['descr'] = html_entity_decode($a_whitelist[$id]['descr']);
+ $pconfig['wanips'] = $a_whitelist[$id]['wanips'];
+ $pconfig['wangateips'] = $a_whitelist[$id]['wangateips'];
+ $pconfig['wandnsips'] = $a_whitelist[$id]['wandnsips'];
+ $pconfig['vips'] = $a_whitelist[$id]['vips'];
+ $pconfig['vpnips'] = $a_whitelist[$id]['vpnips'];
+
+
+ $addresses = explode(' ', $pconfig['address']);
+ $address = explode(" ", $addresses[0]);
+ if ($address[1])
+ $addresssubnettest = true;
+ else
+ $addresssubnettest = false;
+}
+
+ /* this will exec when alert says apply */
+ if ($_POST['apply']) {
+
+ if (file_exists("$d_snort_whitelist_dirty_path")) {
+
+ write_config();
+
+ sync_snort_package_config();
+ sync_snort_package();
+
+ unlink("$d_snort_whitelist_dirty_path");
+
+ }
+
+ }
+
+if ($_POST['submit']) {
+
+ unset($input_errors);
+ $pconfig = $_POST;
+
+ /* input validation */
+ $reqdfields = explode(" ", "name address");
+ $reqdfieldsn = explode(",", "Name,Address");
+
+ do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
+
+ if(strtolower($_POST['name']) == "defaultwhitelist")
+ $input_errors[] = "Whitelist file names may not be named defaultwhitelist.";
+
+ $x = is_validwhitelistname($_POST['name']);
+ if (!isset($x)) {
+ $input_errors[] = "Reserved word used for whitelist file name.";
+ } else {
+ if (is_validwhitelistname($_POST['name']) == false)
+ $input_errors[] = "Whitelist file name may only consist of the characters a-z, A-Z and 0-9 _. Note: No Spaces. Press Cancel to reset.";
+ }
+
+ if (is_validwhitelistname($_POST['address']) == false)
+ $input_errors[] = "Whitelist address may only consist of the characters 0-9 and /. Note: No Spaces. Press Cancel to reset.";
+
+
+ /* check for name conflicts */
+ foreach ($a_whitelist as $w_list) {
+ if (isset($id) && ($a_whitelist[$id]) && ($a_whitelist[$id] === $w_list))
+ continue;
+
+ if ($w_list['name'] == $_POST['name']) {
+ $input_errors[] = "A whitelist file name with this name already exists.";
+ break;
+ }
+ }
+
+
+ $w_list = array();
+ /* post user input */
+ $w_list['name'] = $_POST['name'];
+ $w_list['uuid'] = $whitelist_uuid;
+ $w_list['snortlisttype'] = $_POST['snortlisttype'];
+ $w_list['address'] = $_POST['address'];
+ $w_list['wanips'] = $_POST['wanips']? yes : no;
+ $w_list['wangateips'] = $_POST['wangateips']? yes : no;
+ $w_list['wandnsips'] = $_POST['wandnsips']? yes : no;
+ $w_list['vips'] = $_POST['vips']? yes : no;
+ $w_list['vpnips'] = $_POST['vpnips']? yes : no;
+
+
+ $address = $w_list['address'];
+ $final_address_detail = mb_convert_encoding($_POST['detail'],"HTML-ENTITIES","auto");
+ if($final_address_detail <> "") {
+ $final_address_details .= $final_address_detail;
+ } else {
+ $final_address_details .= "Entry added" . " ";
+ $final_address_details .= date('r');
+ }
+ $final_address_details .= "||";
+ $isfirst = 0;
+
+
+ /* add another entry code */
+ for($x=0; $x<299; $x++) {
+ $comd = "\$subnet = \$_POST['address" . $x . "'];";
+ eval($comd);
+ $comd = "\$subnet_address = \$_POST['address_subnet" . $x . "'];";
+ eval($comd);
+ if($subnet <> "") {
+ $address .= " ";
+ $address .= $subnet;
+ if($subnet_address <> "") $address .= "" . $subnet_address;
+
+ /* Compress in details to a single key, data separated by pipes.
+ Pulling details here lets us only pull in details for valid
+ address entries, saving us from having to track which ones to
+ process later. */
+ $comd = "\$final_address_detail = mb_convert_encoding(\$_POST['detail" . $x . "'],'HTML-ENTITIES','auto');";
+ eval($comd);
+ if($final_address_detail <> "") {
+ $final_address_details .= $final_address_detail;
+ } else {
+ $final_address_details .= "Entry added" . " ";
+ $final_address_details .= date('r');
+ }
+ $final_address_details .= "||";
+ }
+ }
+
+ if (!$input_errors) {
+ $w_list['address'] = $address;
+ $w_list['descr'] = mb_convert_encoding($_POST['descr'],"HTML-ENTITIES","auto");
+ $w_list['detail'] = $final_address_details;
+
+ if (isset($id) && $a_whitelist[$id])
+ $a_whitelist[$id] = $w_list;
+ else
+ $a_whitelist[] = $w_list;
+
+ touch($d_snort_whitelist_dirty_path);
+
+ write_config();
+
+ header("Location: /snort/snort_interfaces_whitelist_edit.php?id=$id");
+ exit;
+ }
+ //we received input errors, copy data to prevent retype
+ else
+ {
+ $pconfig['descr'] = mb_convert_encoding($_POST['descr'],"HTML-ENTITIES","auto");
+ $pconfig['address'] = $address;
+ $pconfig['detail'] = $final_address_details;
+ }
+}
+
+include("head.inc");
+
+?>
+
+<body link="#0000CC" vlink="#0000CC" alink="#0000CC" onload="<?= $jsevents["body"]["onload"] ?>">
+<?php
+ include("./snort_fbegin.inc");
+ echo $jscriptstr;
+?>
+
+<script type="text/javascript" src="/snort/javascript/row_helper.js"></script>
+<input type='hidden' name='address_type' value='textbox' />
+<script type="text/javascript">
+ rowname[0] = "address";
+ rowtype[0] = "textbox";
+ rowsize[0] = "30";
+
+ rowname[1] = "detail";
+ rowtype[1] = "textbox";
+ rowsize[1] = "50";
+</script>
+
+<p class="pgtitle"><?=$pgtitle?></p>
+
+<?php if ($input_errors) print_input_errors($input_errors); ?>
+<div id="inputerrors"></div>
+
+<form action="snort_interfaces_whitelist_edit.php?id=<?=$id?>" method="post" name="iform" id="iform">
+
+<?php
+ /* Display Alert message */
+ if ($input_errors) {
+ print_input_errors($input_errors); // TODO: add checks
+ }
+
+ if ($savemsg) {
+ print_info_box2($savemsg);
+ }
+
+ //if (file_exists($d_snortconfdirty_path)) {
+ if (file_exists($d_snort_whitelist_dirty_path)) {
+ echo '<p>';
+
+ if($savemsg) {
+ print_info_box_np2("{$savemsg}");
+ }else{
+ print_info_box_np2('
+ The Snort configuration has changed and snort needs to be restarted on this interface.<br>
+ You must apply the changes in order for them to take effect.<br>
+ ');
+ }
+ }
+?>
+
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td class="tabnavtbl">
+<?php
+ $tab_array = array();
+ $tab_array[] = array("Snort Interfaces", false, "/snort/snort_interfaces.php");
+ $tab_array[] = array("Global Settings", false, "/snort/snort_interfaces_global.php");
+ $tab_array[] = array("Rule Updates", false, "/snort/snort_download_rules.php");
+ $tab_array[] = array("Alerts", false, "/snort/snort_alerts.php");
+ $tab_array[] = array("Blocked", false, "/snort/snort_blocked.php");
+ $tab_array[] = array("Whitelists", true, "/snort/snort_interfaces_whitelist.php");
+ $tab_array[] = array("Suppress", false, "/snort/snort_interfaces_suppress.php");
+ $tab_array[] = array("Help", false, "/snort/snort_help_info.php");
+ display_top_tabs($tab_array);
+?> </td></tr>
+<tr>
+<td class="tabcont">
+
+<table width="100%" border="0" cellpadding="6" cellspacing="0">
+ <tr>
+ <td colspan="2" valign="top" class="listtopic">Add the name and description of the file.</td>
+ </tr>
+ <tr>
+ <td valign="top" class="vncellreq">Name</td>
+ <td class="vtable">
+ <input name="name" type="text" id="name" size="40" value="<?=htmlspecialchars($pconfig['name']);?>" />
+ <br />
+ <span class="vexpl">
+ The list name may only consist of the characters a-z, A-Z and 0-9. <span class="red">Note: </span> No Spaces.
+ </span>
+ </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">Description</td>
+ <td width="78%" class="vtable">
+ <input name="descr" type="text" id="descr" size="40" value="<?=$pconfig['descr'];?>" />
+ <br />
+ <span class="vexpl">
+ You may enter a description here for your reference (not parsed).
+ </span>
+ </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">List Type</td>
+ <td width="78%" class="vtable">
+ <select name="snortlisttype" class="formfld" id="snortlisttype">
+ <?php
+ $interfaces4 = array('whitelist' => 'WHITELIST', 'netlist' => 'NETLIST');
+ foreach ($interfaces4 as $iface4 => $ifacename4): ?>
+ <option value="<?=$iface4;?>" <?php if ($iface4 == $pconfig['snortlisttype']) echo "selected"; ?>>
+ <?=htmlspecialchars($ifacename4);?>
+ </option>
+ <?php endforeach; ?>
+ </select><br>
+ <span class="vexpl">Choose the type of list you will like see in your Interface Edit Tab. Hint: Best pratice is to test every list you make.
+ </span> <span class="red">Note:</span> NETLIST's are only for defining snort.conf's external or home NETS.</td>
+ </tr>
+ <tr>
+ <td colspan="2" valign="top" class="listtopic">Add auto generated ips.</td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">WAN IPs</td>
+ <td width="78%" class="vtable">
+ <input name="wanips" type="checkbox" id="wanips" size="40" value="yes" <?php if($pconfig['wanips'] == 'yes'){ echo "checked";} if($pconfig['wanips'] == ''){ echo "checked";} ?>/>
+ <span class="vexpl">
+ Add WAN IPs to the list.
+ </span>
+ </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">Wan Gateways</td>
+ <td width="78%" class="vtable">
+ <input name="wangateips" type="checkbox" id="wangateips" size="40" value="yes" <?php if($pconfig['wangateips'] == 'yes'){ echo "checked";} if($pconfig['wangateips'] == ''){ echo "checked";} ?>/>
+ <span class="vexpl">
+ Add WAN Gateways to the list.
+ </span>
+ </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">Wan DNS servers</td>
+ <td width="78%" class="vtable">
+ <input name="wandnsips" type="checkbox" id="wandnsips" size="40" value="yes" <?php if($pconfig['wandnsips'] == 'yes'){ echo "checked";} if($pconfig['wandnsips'] == ''){ echo "checked";} ?>/>
+ <span class="vexpl">
+ Add WAN DNS servers to the list.
+ </span>
+ </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">Virtual IP Addresses</td>
+ <td width="78%" class="vtable">
+ <input name="vips" type="checkbox" id="vips" size="40" value="yes" <?php if($pconfig['vips'] == 'yes'){ echo "checked";} if($pconfig['vips'] == ''){ echo "checked";} ?>/>
+ <span class="vexpl">
+ Add Virtual IP Addresses to the list.
+ </span>
+ </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">VPNs</td>
+ <td width="78%" class="vtable">
+ <input name="vpnips" type="checkbox" id="vpnips" size="40" value="yes" <?php if($pconfig['vpnips'] == 'yes'){ echo "checked";} if($pconfig['vpnips'] == ''){ echo "checked";} ?>/>
+ <span class="vexpl">
+ Add VPN Addresses to the list.
+ </span>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="2" valign="top" class="listtopic">Add your own custom ips.</td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncellreq"><div id="addressnetworkport">IP or CIDR items</div></td>
+ <td width="78%" class="vtable">
+ <table id="maintable">
+ <tbody>
+ <tr>
+ <td colspan="4">
+ <div style="padding:5px; margin-top: 16px; margin-bottom: 16px; border:1px dashed #000066; background-color: #ffffff; color: #000000; font-size: 8pt;" id="itemhelp">
+ Enter only ips or CIDR notations. Example: 192.168.4.1 or 192.168.1.0/24</div>
+ </td>
+ </tr>
+ <tr>
+ <td><div id="onecolumn">IP or CIDR</div></td>
+ <td><div id="threecolumn">Add a Description or leave blank and a date will be added.</div></td>
+ </tr>
+
+ <?php
+ /* cleanup code */
+ $counter = 0;
+ $address = $pconfig['address'];
+ $item = explode(" ", $address);
+ $item3 = explode("||", $pconfig['detail']);
+ foreach($item as $ww) {
+ $address = $item[$counter];
+ $item4 = $item3[$counter];
+ if($counter > 0) $tracker = $counter + 1;
+ ?>
+ <tr>
+ <td>
+ <input name="address<?php echo $tracker; ?>" type="text" id="address<?php echo $tracker; ?>" size="30" value="<?=htmlspecialchars($address);?>" />
+ </td>
+ <td>
+ <input name="detail<?php echo $tracker; ?>" type="text" id="detail<?php echo $tracker; ?>" size="50" value="<?=$item4;?>" />
+ </td>
+ <td>
+ <?php
+ if($counter > 0)
+ echo "<input type=\"image\" src=\"/themes/".$g['theme']."/images/icons/icon_x.gif\" onclick=\"removeRow(this); return false;\" value=\"Delete\" />";
+ ?>
+ </td>
+ </tr>
+ <?php
+ $counter++;
+
+ } // end foreach
+ ?>
+ </tbody>
+ </table>
+ <a onclick="javascript:addRowTo('maintable'); return false;" href="#"><img border="0" src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" alt="" title="add another entry" />
+ </a>
+ </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top"> </td>
+ <td width="78%">
+ <input id="submit" name="submit" type="submit" class="formbtn" value="Save" />
+ <input id="cancelbutton" name="cancelbutton" type="button" class="formbtn" value="Cancel" onclick="history.back()" />
+ <?php if (isset($id) && $a_whitelist[$id]): ?>
+ <input name="id" type="hidden" value="<?=$id;?>" />
+ <?php endif; ?>
+ </td>
+ </tr>
+</table>
+ </td>
+ </tr>
+ </table>
+</form>
+
+<script type="text/javascript">
+ /* row and col adjust when you add extra entries */
+ field_counter_js = 2;
+ rows = 1;
+ totalrows = <?php echo $counter; ?>;
+ loaded = <?php echo $counter; ?>;
+</script>
+
+<?php include("fend.inc"); ?>
+</body>
</html>
\ No newline at end of file |