diff options
author | robiscool <robrob2626@yahoo.com> | 2010-09-09 21:31:10 -0700 |
---|---|---|
committer | robiscool <robrob2626@yahoo.com> | 2010-09-09 21:35:05 -0700 |
commit | 8b2f1c7498469af7ca5926ff8025e1a93fd3579d (patch) | |
tree | 5da1a56e3ec59f3782d824f7af05c6a4b873a52e /config | |
parent | 16c5fbcc1b22914b0c851c519e125f14776846ca (diff) | |
download | pfsense-packages-8b2f1c7498469af7ca5926ff8025e1a93fd3579d.tar.gz pfsense-packages-8b2f1c7498469af7ca5926ff8025e1a93fd3579d.tar.bz2 pfsense-packages-8b2f1c7498469af7ca5926ff8025e1a93fd3579d.zip |
snort, add log rotation, fix bugs
Diffstat (limited to 'config')
-rw-r--r-- | config/snort/snort.inc | 94 | ||||
-rw-r--r-- | config/snort/snort.xml | 5 | ||||
-rw-r--r-- | config/snort/snort_check_cron_misc.inc | 80 | ||||
-rw-r--r-- | config/snort/snort_download_updates.php | 17 | ||||
-rw-r--r-- | config/snort/snort_gui.inc | 11 | ||||
-rw-r--r-- | config/snort/snort_interfaces.php | 18 | ||||
-rw-r--r-- | config/snort/snort_interfaces_edit.php | 2 | ||||
-rw-r--r-- | config/snort/snort_interfaces_global.php | 155 | ||||
-rw-r--r-- | config/snort/snort_rules.php | 2 |
9 files changed, 318 insertions, 66 deletions
diff --git a/config/snort/snort.inc b/config/snort/snort.inc index 3123a8e1..21f06c21 100644 --- a/config/snort/snort.inc +++ b/config/snort/snort.inc @@ -3,7 +3,7 @@ /* snort.inc Copyright (C) 2006 Scott Ullrich - Copyright (C) 2009 Robert Zelaya + Copyright (C) 2009-2010 Robert Zelaya part of pfSense All rights reserved. @@ -195,7 +195,8 @@ global $config, $g; /* this is for snort.conf */ $home_net = trim($home_net); - $home_net = str_replace(" ", ",", $home_net); + // $home_net = str_replace(" ", ",", $home_net); // old code + $home_net = str_replace(",,", ",", $home_net); // by Thrae, helps people with more than one gateway $home_net = "[{$home_net}]"; if($build_netlist == 'netlist') { @@ -362,7 +363,6 @@ function convert_friendly_interface_to_real_interface_name2($interface) return $interface; } -//$if_real_wan = convert_friendly_interface_to_real_interface_name2($interface_fake); /* Allow additional execution time 0 = no limit. */ ini_set('max_execution_time', '9999'); @@ -679,6 +679,7 @@ if($snort_arch_ck[0] == 'i386') { /* install perl-threaded */ + /* TODO: invoke this through pkg_util.inc */ if(!file_exists('/tmp/pkg_s')) { exec('/bin/mkdir -p /tmp/pkg_s'); @@ -754,6 +755,72 @@ function sync_package_snort_reinstall() conf_mount_ro(); } +function snort_Getdirsize($node) { + if(!is_readable($node)) + return false; + + $blah = exec( "/usr/bin/du -kd $node" ); + return substr( $blah, 0, strpos($blah, 9) ); +} + +/* func for log dir size limit cron */ +function snort_snortloglimit_install_cron($should_install) { + global $config, $g; + + if ($g['booting']==true) + return; + + $is_installed = false; + + if(!$config['cron']['item']) + return; + + $x=0; + foreach($config['cron']['item'] as $item) { + if (strstr($item['command'], '/usr/local/pkg/snort/snort_check_cron_misc.inc')) { + $is_installed = true; + break; + } + $x++; + } + + $snort_snortloglimit_info_ck = $config['installedpackages']['snortglobal']['snortloglimit']; + $snort_snortloglimitsize_info_ck = $config['installedpackages']['snortglobal']['snortloglimitsize']; + + switch($should_install) { + case true: + if(!$is_installed) { + + $cron_item = array(); + $cron_item['minute'] = "*/5"; + $cron_item['hour'] = "*"; + $cron_item['mday'] = "*"; + $cron_item['month'] = "*"; + $cron_item['wday'] = "*"; + $cron_item['who'] = "root"; + $cron_item['command'] = "/usr/bin/nice -n20 /usr/local/bin/php -f /usr/local/pkg/snort/snort_check_cron_misc.inc"; + $config['cron']['item'][] = $cron_item; + write_config('Installed snort log limit size'); + configure_cron(); + exec('/usr/bin/killall -HUP cron'); // TODO: remove when 2.0 is stable + } + break; + case false: + if($is_installed == true) { + if($x > 0) + { + unset($config['cron']['item'][$x]); + write_config(); + conf_mount_rw(); + } + configure_cron(); + exec('/usr/bin/killall -HUP cron'); // TODO: remove when 2.0 is stable + } + break; + } +} + + /* func for updating cron */ function snort_rm_blocked_install_cron($should_install) { @@ -867,6 +934,7 @@ function snort_rm_blocked_install_cron($should_install) $config['cron']['item'][] = $cron_item; write_config("Installed $snort_rm_blocked_info_ck minute filter reload for Time Based Rules"); configure_cron(); + exec('/usr/bin/killall -HUP cron'); // TODO: remove when 2.0 is stable } break; case false: @@ -879,6 +947,7 @@ function snort_rm_blocked_install_cron($should_install) conf_mount_rw(); } configure_cron(); + exec('/usr/bin/killall -HUP cron'); // TODO: remove when 2.0 is stable } break; } @@ -961,6 +1030,7 @@ function snort_rules_up_install_cron($should_install) { $config['cron']['item'][] = $cron_item; write_config("Installed 15 minute filter reload for Time Based Rules"); configure_cron(); + exec('/usr/bin/killall -HUP cron'); // TODO: remove when 2.0 is stable } break; case false: @@ -971,6 +1041,7 @@ function snort_rules_up_install_cron($should_install) { conf_mount_rw(); } configure_cron(); + exec('/usr/bin/killall -HUP cron'); // TODO: remove when 2.0 is stable } break; } @@ -1063,6 +1134,23 @@ function sync_snort_package() exec('/bin/chmod -R 770 /var/log/snort'); exec('/bin/chmod -R 770 /usr/local/lib/snort'); exec('/bin/chmod -R 770 /usr/local/etc/snort/'); + + /* auto install loglimit dfault if value not set */ + $snortloglimitsize = $config['installedpackages']['snortglobal']['snortloglimitsize']; + + if ($snortloglimitsize == '') { + /* code will set limit to 21% of slice that is unused */ + $snortloglimitDSKsize = round(exec('df -k /var | grep -v "Filesystem" | awk \'{print $4}\'') * .21 / 1024); + $config['installedpackages']['snortglobal']['snortloglimitsize'] = $snortloglimitDSKsize; + write_config(); + conf_mount_rw(); + } + + $snort_snortloglimit_info_ck = $config['installedpackages']['snortglobal']['snortloglimit']; + if ($snort_snortloglimit_info_ck == '') { + snort_snortloglimit_install_cron(''); + snort_snortloglimit_install_cron('true'); + } conf_mount_ro(); } diff --git a/config/snort/snort.xml b/config/snort/snort.xml index 2c4e45e1..98e970ed 100644 --- a/config/snort/snort.xml +++ b/config/snort/snort.xml @@ -79,6 +79,11 @@ <item>http://www.pfsense.com/packages/config/snort/snort_head.inc</item> </additional_files_needed> <additional_files_needed> + <prefix>/usr/local/pkg/snort/</prefix> + <chmod>077</chmod> + <item>http://www.pfsense.com/packages/config/snort/snort_check_cron_misc.php</item> + </additional_files_needed> + <additional_files_needed> <prefix>/usr/local/bin/</prefix> <chmod>077</chmod> <item>http://www.pfsense.com/packages/config/snort/bin/oinkmaster_contrib/create-sidmap.pl</item> diff --git a/config/snort/snort_check_cron_misc.inc b/config/snort/snort_check_cron_misc.inc new file mode 100644 index 00000000..d5d5e095 --- /dev/null +++ b/config/snort/snort_check_cron_misc.inc @@ -0,0 +1,80 @@ +<?php
+/* $Id$ */
+/*
+ snort_chk_log_dir_size.php
+ part of pfSense
+
+ Modified for the Pfsense snort package v. 1.8+
+ Copyright (C) 2009-2010 Robert Zelaya Developer
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+require_once("/usr/local/pkg/snort/snort.inc");
+
+// 'B' => 1,
+// 'KB' => 1024,
+// 'MB' => 1024 * 1024,
+// 'GB' => 1024 * 1024 * 1024,
+// 'TB' => 1024 * 1024 * 1024 * 1024,
+// 'PB' => 1024 * 1024 * 1024 * 1024 * 1024,
+
+
+/* chk if snort log dir is full if so clear it */
+$snortloglimit = $config['installedpackages']['snortglobal']['snortloglimit'];
+$snortloglimitsize = $config['installedpackages']['snortglobal']['snortloglimitsize'];
+
+if ($g['booting']==true) {
+ exit(0);
+}
+
+if ($snortloglimit == 'off') {
+ exit(0);
+}
+
+$snortloglimitDSKsize = exec('df -k /var | grep -v "Filesystem" | awk \'{print \$4}\'');
+
+$snortlogAlertsizeKB = snort_Getdirsize('/var/log/snort/alert');
+$snortloglimitAlertsizeKB = round($snortlogAlertsizeKB * .70);
+$snortloglimitsizeKB = round($snortloglimitsize * 1024);
+
+/* do I need HUP kill ? */
+if (snort_Getdirsize('/var/log/snort/') >= $snortloglimitsizeKB ) {
+
+ conf_mount_rw();
+ if(file_exists('/var/log/snort/alert')) {
+ if ($snortlogAlertsizeKB >= $snortloglimitAlertsizeKB) {
+ exec('/bin/echo "" > /var/log/snort/alert');
+ }
+ post_delete_logs();
+ exec('/usr/sbin/chown snort:snort /var/log/snort/*');
+ exec('/bin/chmod 660 /var/log/snort/*');
+ //sleep(2);
+ //exec('/usr/bin/killall -HUP snort');
+ }
+ conf_mount_ro();
+
+}
+
+
+?>
\ No newline at end of file diff --git a/config/snort/snort_download_updates.php b/config/snort/snort_download_updates.php index 37d1546a..d87f905f 100644 --- a/config/snort/snort_download_updates.php +++ b/config/snort/snort_download_updates.php @@ -113,27 +113,24 @@ include_once("/usr/local/pkg/snort/snort_head.inc"); jQuery(document).ready(function(){
//Examples of how to assign the ColorBox event to elements
- jQuery(".example7").colorbox({width:"900px", height:"400px", iframe:true, overlayClose:false});
jQuery(".example8").colorbox({width:"820px", height:"700px", iframe:true, overlayClose:false});
- jQuery(".example9").colorbox({width:"90%", height:"65%", iframe:true, overlayClose:false});
});
</script>
-<?php
-include_once("fbegin.inc");
-echo $snort_general_css;
-?>
-<?if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}?>
-
<?php
-echo $snort_general_css;
+echo "{$snort_general_css}\n";
+echo "$snort_interfaces_css\n";
?>
+<?php include("fbegin.inc"); ?>
+
+<div class="body2">
+
<!-- hack to fix the hardcoed fbegin link in header -->
<div id="header-left2"><a href="../index.php" id="status-link2"><img src="./images/transparent.gif" border="0"></img></a></div>
-<div class="body2">
+<?if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}?>
<noscript><div class="alert" ALIGN=CENTER><img src="../themes/nervecenter/images/icons/icon_alert.gif"/><strong>Please enable JavaScript to view this content</CENTER></div></noscript>
diff --git a/config/snort/snort_gui.inc b/config/snort/snort_gui.inc index 9a3f1377..66f9c148 100644 --- a/config/snort/snort_gui.inc +++ b/config/snort/snort_gui.inc @@ -145,6 +145,17 @@ padding-bottom: 12px; border-bottom: 1px solid #999999; } +/* global tab, white lil box */ +.vncell3 { + width: 50px; + background-color: #eeeeee; + padding-right: 2px; + padding-left: 2px; + border-bottom-width: 1px; + border-bottom-style: solid; + border-bottom-color: #999999; +} + .vncellreq2 { background-color: #eeeeee; padding-right: 20px; diff --git a/config/snort/snort_interfaces.php b/config/snort/snort_interfaces.php index d43c1e63..eae518dd 100644 --- a/config/snort/snort_interfaces.php +++ b/config/snort/snort_interfaces.php @@ -255,23 +255,24 @@ include_once("/usr/local/pkg/snort/snort_head.inc"); });
</script>
-<?php include("fbegin.inc"); ?>
-<!-- hack to fix the hardcoed fbegin link in header -->
-<div id="header-left2"><a href="../index.php" id="status-link2"><img src="./images/transparent.gif" border="0"></img></a></div>
-
-<?if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}?>
-
<?php
echo "{$snort_general_css}\n";
echo "$snort_interfaces_css\n";
?>
+<?php include("fbegin.inc"); ?>
+
<div class="body2">
+<!-- hack to fix the hardcoed fbegin link in header -->
+<div id="header-left2"><a href="../index.php" id="status-link2"><img src="./images/transparent.gif" border="0"></img></a></div>
+
+<?if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}?>
+
<noscript><div class="alert" ALIGN=CENTER><img src="../themes/nervecenter/images/icons/icon_alert.gif"/><strong>Please enable JavaScript to view this content</CENTER></div></noscript>
-<form action="/snort/snort_interfaces.php" method="post" name="iform">
+<form action="snort_interfaces_global.php" method="post" enctype="multipart/form-data" name="iform" id="iform">
<?php
@@ -302,7 +303,8 @@ echo "$snort_interfaces_css\n"; ?>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
- <tr><td>
+ <tr>
+ <td>
<div class="snorttabs" style="margin:1px 0px; width:775px;">
<!-- Tabbed bar code-->
diff --git a/config/snort/snort_interfaces_edit.php b/config/snort/snort_interfaces_edit.php index 455a6d01..c47baad5 100644 --- a/config/snort/snort_interfaces_edit.php +++ b/config/snort/snort_interfaces_edit.php @@ -432,7 +432,7 @@ echo " } //--> </script> -<p class="pgtitle"><?php if($pfsense_stable == 'yes'){echo $pgtitle;}?></p> +<?if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}?> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <form action="snort_interfaces_edit.php<?php echo "?id=$id";?>" method="post" enctype="multipart/form-data" name="iform" id="iform"> diff --git a/config/snort/snort_interfaces_global.php b/config/snort/snort_interfaces_global.php index daa50cbf..d4c07456 100644 --- a/config/snort/snort_interfaces_global.php +++ b/config/snort/snort_interfaces_global.php @@ -37,34 +37,40 @@ require_once("guiconfig.inc"); require_once("/usr/local/pkg/snort/snort_gui.inc"); require_once("/usr/local/pkg/snort/snort.inc"); +$d_snort_global_dirty_path = '/var/run/snort_global.dirty'; + /* make things short */ $pconfig['snortdownload'] = $config['installedpackages']['snortglobal']['snortdownload']; $pconfig['oinkmastercode'] = $config['installedpackages']['snortglobal']['oinkmastercode']; $pconfig['emergingthreats'] = $config['installedpackages']['snortglobal']['emergingthreats']; $pconfig['rm_blocked'] = $config['installedpackages']['snortglobal']['rm_blocked']; +$pconfig['snortloglimit'] = $config['installedpackages']['snortglobal']['snortloglimit']; +$pconfig['snortloglimitsize'] = $config['installedpackages']['snortglobal']['snortloglimitsize']; $pconfig['autorulesupdate7'] = $config['installedpackages']['snortglobal']['autorulesupdate7']; -$pconfig['whitelistvpns'] = $config['installedpackages']['snortglobal']['whitelistvpns']; -$pconfig['clickablalerteurls'] = $config['installedpackages']['snortglobal']['clickablalerteurls']; -$pconfig['associatealertip'] = $config['installedpackages']['snortglobal']['associatealertip']; $pconfig['snortalertlogtype'] = $config['installedpackages']['snortglobal']['snortalertlogtype']; $pconfig['forcekeepsettings'] = $config['installedpackages']['snortglobal']['forcekeepsettings']; + /* this will exec when alert says apply */ + if ($_POST['apply']) { + + if (file_exists("$d_snort_global_dirty_path")) { + conf_mount_rw(); + + /* create whitelist and homenet file then sync files */ + sync_snort_package_empty(); + sync_snort_package(); - -if ($_POST) { - - unset($input_errors); - $pconfig = $_POST; - - /* input validation */ - if ($_POST['enable']) - { - -/* TODO:a dd check user input code. */ - + unlink("$d_snort_global_dirty_path"); + + write_config(); + conf_mount_ro(); + } } + - if (!$input_errors) { + +/* if no errors move foward */ +if (!$input_errors) { if ($_POST["Submit"]) { @@ -72,10 +78,9 @@ if ($_POST) { $config['installedpackages']['snortglobal']['oinkmastercode'] = $_POST['oinkmastercode']; $config['installedpackages']['snortglobal']['emergingthreats'] = $_POST['emergingthreats'] ? on : off; $config['installedpackages']['snortglobal']['rm_blocked'] = $_POST['rm_blocked']; + $config['installedpackages']['snortglobal']['snortloglimit'] = $_POST['snortloglimit']; + $config['installedpackages']['snortglobal']['snortloglimitsize'] = $_POST['snortloglimitsize']; $config['installedpackages']['snortglobal']['autorulesupdate7'] = $_POST['autorulesupdate7']; - $config['installedpackages']['snortglobal']['whitelistvpns'] = $_POST['whitelistvpns'] ? on : off; - $config['installedpackages']['snortglobal']['clickablalerteurls'] = $_POST['clickablalerteurls'] ? on : off; - $config['installedpackages']['snortglobal']['associatealertip'] = $_POST['associatealertip'] ? on : off; $config['installedpackages']['snortglobal']['snortalertlogtype'] = $_POST['snortalertlogtype']; $config['installedpackages']['snortglobal']['forcekeepsettings'] = $_POST['forcekeepsettings'] ? on : off; @@ -84,6 +89,18 @@ if ($_POST) { $retval = 0; + + $snort_snortloglimit_info_ck = $config['installedpackages']['snortglobal']['snortloglimit']; + if ($snort_snortloglimit_info_ck == 'on') { + snort_snortloglimit_install_cron(''); + snort_snortloglimit_install_cron('true'); + } + + if ($snort_snortloglimit_info_ck == 'off') { + snort_snortloglimit_install_cron(''); + } + + /* set the snort block hosts time IMPORTANT */ $snort_rm_blocked_info_ck = $config['installedpackages']['snortglobal']['rm_blocked']; if ($snort_rm_blocked_info_ck == "never_b") @@ -111,22 +128,27 @@ if ($_POST) { } - + touch($d_snort_global_dirty_path); $savemsg = get_std_save_message($retval); + write_config(); - } - sync_snort_package(); + /* forces page to reload new settings */ + header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' ); + header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' ); + header( 'Cache-Control: no-store, no-cache, must-revalidate' ); + header( 'Cache-Control: post-check=0, pre-check=0', false ); + header( 'Pragma: no-cache' ); + header("Location: /snort/snort_interfaces_global.php"); + + } } - if ($_POST["Reset"]) { - -//////>>>>>>>>> +if ($_POST["Reset"]) { - function snort_deinstall_settings() -{ + function snort_deinstall_settings() { global $config, $g, $id, $if_real; conf_mount_rw(); @@ -142,8 +164,8 @@ if ($_POST) { sleep(2); /* Remove snort cron entries Ugly code needs smoothness*/ -function snort_rm_blocked_deinstall_cron($should_install) -{ + function snort_rm_blocked_deinstall_cron($should_install) + { global $config, $g; conf_mount_rw(); @@ -208,8 +230,8 @@ function snort_rm_blocked_deinstall_cron($should_install) } } -snort_rm_blocked_deinstall_cron(""); -snort_rules_up_deinstall_cron(""); + snort_rm_blocked_deinstall_cron(""); + snort_rules_up_deinstall_cron(""); /* Unset snort registers in conf.xml IMPORTANT snort will not start with out this */ @@ -228,7 +250,7 @@ snort_rules_up_deinstall_cron(""); snort_deinstall_settings(); - header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' ); + header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' ); header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' ); header( 'Cache-Control: no-store, no-cache, must-revalidate' ); header( 'Cache-Control: post-check=0, pre-check=0', false ); @@ -237,12 +259,10 @@ snort_rules_up_deinstall_cron(""); header("Location: /snort/snort_interfaces_global.php"); exit; - -//////>>>>>>>>> - } } -$pgtitle = "Services: Snort: Global Settings"; + +$pgtitle = 'Services: Snort: Global Settings'; include_once("/usr/local/pkg/snort/snort_head.inc"); ?> @@ -258,24 +278,45 @@ include_once("/usr/local/pkg/snort/snort_head.inc"); }); </script> -<?php -include_once("fbegin.inc"); -echo $snort_general_css; +<?php +echo "{$snort_general_css}\n"; +echo "$snort_interfaces_css\n"; ?> -<!-- hack to fix the hardcoed fbegin link in header --> -<div id="header-left2"><a href="../index.php" id="status-link2"><img src="./images/transparent.gif" border="0"></img></a></div> +<?php include("fbegin.inc"); ?> <div class="body2"> +<!-- hack to fix the hardcoed fbegin link in header --> +<div id="header-left2"><a href="../index.php" id="status-link2"><img src="./images/transparent.gif" border="0"></img></a></div> + <?if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}?> -<?php if ($input_errors) print_input_errors($input_errors); ?> -<?php if ($savemsg) print_info_box($savemsg); ?> +<noscript><div class="alert" ALIGN=CENTER><img src="../themes/nervecenter/images/icons/icon_alert.gif"/><strong>Please enable JavaScript to view this content</CENTER></div></noscript> + + <form action="snort_interfaces_global.php" method="post" enctype="multipart/form-data" name="iform" id="iform"> + +<?php + /* Display Alert message, under form tag or no refresh */ + if ($input_errors) { + print_input_errors($input_errors); // TODO: add checks + } + + if (!$input_errors) { + if (file_exists($d_snort_global_dirty_path)) { + + print_info_box_np2(' + The Snort configuration has changed and snort needs to be restarted on this interface.<br> + You must apply the changes in order for them to take effect.<br> + '); + } + } +?> + <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> - <td class="tabnavtbl"> + <td> <div class="snorttabs" style="margin:1px 0px; width:775px;"> <!-- Tabbed bar code--> @@ -353,6 +394,32 @@ echo $snort_general_css; <tr> <td colspan="2" valign="top" class="listtopic">General Settings</td> </tr> + + <tr> + <td width="22%" valign="top" class="vncell2">Log Directory Size Limit</td> + <td width="78%" class="vtable"> + <table cellpadding="0" cellspacing="0"> + <tr> + <td colspan="2"><input name="snortloglimit" type="radio" id="snortloglimit" value="on" onClick="enable_change(false)" <?php if($pconfig['snortloglimit']=='on' || $pconfig['snortloglimit']=='') echo 'checked'; ?>> + <strong>Enable</strong> directory size limit (<strong>Default</strong>)</td> + </tr> + <tr> + <td colspan="2"><input name="snortloglimit" type="radio" id="snortloglimit" value="off" onClick="enable_change(false)" <?php if($pconfig['snortloglimit']=='off') echo 'checked'; ?>> + <strong>Disable</strong> directory size limit<br><br><span class="red"><strong>Warning</span>:</strong> Pfsense Nanobsd should use no more than 10MB of space. + </td> + </tr> + <tr> + <td> </td> + </tr> + </table> + <table width="100%" border="0" cellpadding="6" cellspacing="0"> + <tr> + <td class="vncell3" >Size in <strong>MB</strong></td> + <td class="vtable"><input name="snortloglimitsize" type="text" class="formfld" id="snortloglimitsize" size="7" value="<?=htmlspecialchars($pconfig['snortloglimitsize']);?>"> + Default is <strong>20%</strong> of available space.</td> + </table> + </tr> + <tr> <td width="22%" valign="top" class="vncell2">Remove blocked hosts every</td> <td width="78%" class="vtable"> diff --git a/config/snort/snort_rules.php b/config/snort/snort_rules.php index 7a3f5b03..73de553b 100644 --- a/config/snort/snort_rules.php +++ b/config/snort/snort_rules.php @@ -69,6 +69,8 @@ include("fbegin.inc"); echo "<body link=\"#000000\" vlink=\"#000000\" alink=\"#000000\">"; +if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';} + echo "<script src=\"/row_toggle.js\" type=\"text/javascript\"></script>\n <script src=\"/javascript/sorttable.js\" type=\"text/javascript\"></script>\n <table width=\"99%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\">\n |