aboutsummaryrefslogtreecommitdiffstats
path: root/config
diff options
context:
space:
mode:
authorrobiscool <robrob2626@yahoo.com>2010-09-09 21:31:10 -0700
committerrobiscool <robrob2626@yahoo.com>2010-09-09 21:35:05 -0700
commit8b2f1c7498469af7ca5926ff8025e1a93fd3579d (patch)
tree5da1a56e3ec59f3782d824f7af05c6a4b873a52e /config
parent16c5fbcc1b22914b0c851c519e125f14776846ca (diff)
downloadpfsense-packages-8b2f1c7498469af7ca5926ff8025e1a93fd3579d.tar.gz
pfsense-packages-8b2f1c7498469af7ca5926ff8025e1a93fd3579d.tar.bz2
pfsense-packages-8b2f1c7498469af7ca5926ff8025e1a93fd3579d.zip
snort, add log rotation, fix bugs
Diffstat (limited to 'config')
-rw-r--r--config/snort/snort.inc94
-rw-r--r--config/snort/snort.xml5
-rw-r--r--config/snort/snort_check_cron_misc.inc80
-rw-r--r--config/snort/snort_download_updates.php17
-rw-r--r--config/snort/snort_gui.inc11
-rw-r--r--config/snort/snort_interfaces.php18
-rw-r--r--config/snort/snort_interfaces_edit.php2
-rw-r--r--config/snort/snort_interfaces_global.php155
-rw-r--r--config/snort/snort_rules.php2
9 files changed, 318 insertions, 66 deletions
diff --git a/config/snort/snort.inc b/config/snort/snort.inc
index 3123a8e1..21f06c21 100644
--- a/config/snort/snort.inc
+++ b/config/snort/snort.inc
@@ -3,7 +3,7 @@
/*
snort.inc
Copyright (C) 2006 Scott Ullrich
- Copyright (C) 2009 Robert Zelaya
+ Copyright (C) 2009-2010 Robert Zelaya
part of pfSense
All rights reserved.
@@ -195,7 +195,8 @@ global $config, $g;
/* this is for snort.conf */
$home_net = trim($home_net);
- $home_net = str_replace(" ", ",", $home_net);
+ // $home_net = str_replace(" ", ",", $home_net); // old code
+ $home_net = str_replace(",,", ",", $home_net); // by Thrae, helps people with more than one gateway
$home_net = "[{$home_net}]";
if($build_netlist == 'netlist') {
@@ -362,7 +363,6 @@ function convert_friendly_interface_to_real_interface_name2($interface)
return $interface;
}
-//$if_real_wan = convert_friendly_interface_to_real_interface_name2($interface_fake);
/* Allow additional execution time 0 = no limit. */
ini_set('max_execution_time', '9999');
@@ -679,6 +679,7 @@ if($snort_arch_ck[0] == 'i386') {
/* install perl-threaded */
+ /* TODO: invoke this through pkg_util.inc */
if(!file_exists('/tmp/pkg_s'))
{
exec('/bin/mkdir -p /tmp/pkg_s');
@@ -754,6 +755,72 @@ function sync_package_snort_reinstall()
conf_mount_ro();
}
+function snort_Getdirsize($node) {
+ if(!is_readable($node))
+ return false;
+
+ $blah = exec( "/usr/bin/du -kd $node" );
+ return substr( $blah, 0, strpos($blah, 9) );
+}
+
+/* func for log dir size limit cron */
+function snort_snortloglimit_install_cron($should_install) {
+ global $config, $g;
+
+ if ($g['booting']==true)
+ return;
+
+ $is_installed = false;
+
+ if(!$config['cron']['item'])
+ return;
+
+ $x=0;
+ foreach($config['cron']['item'] as $item) {
+ if (strstr($item['command'], '/usr/local/pkg/snort/snort_check_cron_misc.inc')) {
+ $is_installed = true;
+ break;
+ }
+ $x++;
+ }
+
+ $snort_snortloglimit_info_ck = $config['installedpackages']['snortglobal']['snortloglimit'];
+ $snort_snortloglimitsize_info_ck = $config['installedpackages']['snortglobal']['snortloglimitsize'];
+
+ switch($should_install) {
+ case true:
+ if(!$is_installed) {
+
+ $cron_item = array();
+ $cron_item['minute'] = "*/5";
+ $cron_item['hour'] = "*";
+ $cron_item['mday'] = "*";
+ $cron_item['month'] = "*";
+ $cron_item['wday'] = "*";
+ $cron_item['who'] = "root";
+ $cron_item['command'] = "/usr/bin/nice -n20 /usr/local/bin/php -f /usr/local/pkg/snort/snort_check_cron_misc.inc";
+ $config['cron']['item'][] = $cron_item;
+ write_config('Installed snort log limit size');
+ configure_cron();
+ exec('/usr/bin/killall -HUP cron'); // TODO: remove when 2.0 is stable
+ }
+ break;
+ case false:
+ if($is_installed == true) {
+ if($x > 0)
+ {
+ unset($config['cron']['item'][$x]);
+ write_config();
+ conf_mount_rw();
+ }
+ configure_cron();
+ exec('/usr/bin/killall -HUP cron'); // TODO: remove when 2.0 is stable
+ }
+ break;
+ }
+}
+
+
/* func for updating cron */
function snort_rm_blocked_install_cron($should_install)
{
@@ -867,6 +934,7 @@ function snort_rm_blocked_install_cron($should_install)
$config['cron']['item'][] = $cron_item;
write_config("Installed $snort_rm_blocked_info_ck minute filter reload for Time Based Rules");
configure_cron();
+ exec('/usr/bin/killall -HUP cron'); // TODO: remove when 2.0 is stable
}
break;
case false:
@@ -879,6 +947,7 @@ function snort_rm_blocked_install_cron($should_install)
conf_mount_rw();
}
configure_cron();
+ exec('/usr/bin/killall -HUP cron'); // TODO: remove when 2.0 is stable
}
break;
}
@@ -961,6 +1030,7 @@ function snort_rules_up_install_cron($should_install) {
$config['cron']['item'][] = $cron_item;
write_config("Installed 15 minute filter reload for Time Based Rules");
configure_cron();
+ exec('/usr/bin/killall -HUP cron'); // TODO: remove when 2.0 is stable
}
break;
case false:
@@ -971,6 +1041,7 @@ function snort_rules_up_install_cron($should_install) {
conf_mount_rw();
}
configure_cron();
+ exec('/usr/bin/killall -HUP cron'); // TODO: remove when 2.0 is stable
}
break;
}
@@ -1063,6 +1134,23 @@ function sync_snort_package()
exec('/bin/chmod -R 770 /var/log/snort');
exec('/bin/chmod -R 770 /usr/local/lib/snort');
exec('/bin/chmod -R 770 /usr/local/etc/snort/');
+
+ /* auto install loglimit dfault if value not set */
+ $snortloglimitsize = $config['installedpackages']['snortglobal']['snortloglimitsize'];
+
+ if ($snortloglimitsize == '') {
+ /* code will set limit to 21% of slice that is unused */
+ $snortloglimitDSKsize = round(exec('df -k /var | grep -v "Filesystem" | awk \'{print $4}\'') * .21 / 1024);
+ $config['installedpackages']['snortglobal']['snortloglimitsize'] = $snortloglimitDSKsize;
+ write_config();
+ conf_mount_rw();
+ }
+
+ $snort_snortloglimit_info_ck = $config['installedpackages']['snortglobal']['snortloglimit'];
+ if ($snort_snortloglimit_info_ck == '') {
+ snort_snortloglimit_install_cron('');
+ snort_snortloglimit_install_cron('true');
+ }
conf_mount_ro();
}
diff --git a/config/snort/snort.xml b/config/snort/snort.xml
index 2c4e45e1..98e970ed 100644
--- a/config/snort/snort.xml
+++ b/config/snort/snort.xml
@@ -79,6 +79,11 @@
<item>http://www.pfsense.com/packages/config/snort/snort_head.inc</item>
</additional_files_needed>
<additional_files_needed>
+ <prefix>/usr/local/pkg/snort/</prefix>
+ <chmod>077</chmod>
+ <item>http://www.pfsense.com/packages/config/snort/snort_check_cron_misc.php</item>
+ </additional_files_needed>
+ <additional_files_needed>
<prefix>/usr/local/bin/</prefix>
<chmod>077</chmod>
<item>http://www.pfsense.com/packages/config/snort/bin/oinkmaster_contrib/create-sidmap.pl</item>
diff --git a/config/snort/snort_check_cron_misc.inc b/config/snort/snort_check_cron_misc.inc
new file mode 100644
index 00000000..d5d5e095
--- /dev/null
+++ b/config/snort/snort_check_cron_misc.inc
@@ -0,0 +1,80 @@
+<?php
+/* $Id$ */
+/*
+ snort_chk_log_dir_size.php
+ part of pfSense
+
+ Modified for the Pfsense snort package v. 1.8+
+ Copyright (C) 2009-2010 Robert Zelaya Developer
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+require_once("/usr/local/pkg/snort/snort.inc");
+
+// 'B' => 1,
+// 'KB' => 1024,
+// 'MB' => 1024 * 1024,
+// 'GB' => 1024 * 1024 * 1024,
+// 'TB' => 1024 * 1024 * 1024 * 1024,
+// 'PB' => 1024 * 1024 * 1024 * 1024 * 1024,
+
+
+/* chk if snort log dir is full if so clear it */
+$snortloglimit = $config['installedpackages']['snortglobal']['snortloglimit'];
+$snortloglimitsize = $config['installedpackages']['snortglobal']['snortloglimitsize'];
+
+if ($g['booting']==true) {
+ exit(0);
+}
+
+if ($snortloglimit == 'off') {
+ exit(0);
+}
+
+$snortloglimitDSKsize = exec('df -k /var | grep -v "Filesystem" | awk \'{print \$4}\'');
+
+$snortlogAlertsizeKB = snort_Getdirsize('/var/log/snort/alert');
+$snortloglimitAlertsizeKB = round($snortlogAlertsizeKB * .70);
+$snortloglimitsizeKB = round($snortloglimitsize * 1024);
+
+/* do I need HUP kill ? */
+if (snort_Getdirsize('/var/log/snort/') >= $snortloglimitsizeKB ) {
+
+ conf_mount_rw();
+ if(file_exists('/var/log/snort/alert')) {
+ if ($snortlogAlertsizeKB >= $snortloglimitAlertsizeKB) {
+ exec('/bin/echo "" > /var/log/snort/alert');
+ }
+ post_delete_logs();
+ exec('/usr/sbin/chown snort:snort /var/log/snort/*');
+ exec('/bin/chmod 660 /var/log/snort/*');
+ //sleep(2);
+ //exec('/usr/bin/killall -HUP snort');
+ }
+ conf_mount_ro();
+
+}
+
+
+?> \ No newline at end of file
diff --git a/config/snort/snort_download_updates.php b/config/snort/snort_download_updates.php
index 37d1546a..d87f905f 100644
--- a/config/snort/snort_download_updates.php
+++ b/config/snort/snort_download_updates.php
@@ -113,27 +113,24 @@ include_once("/usr/local/pkg/snort/snort_head.inc");
jQuery(document).ready(function(){
//Examples of how to assign the ColorBox event to elements
- jQuery(".example7").colorbox({width:"900px", height:"400px", iframe:true, overlayClose:false});
jQuery(".example8").colorbox({width:"820px", height:"700px", iframe:true, overlayClose:false});
- jQuery(".example9").colorbox({width:"90%", height:"65%", iframe:true, overlayClose:false});
});
</script>
-<?php
-include_once("fbegin.inc");
-echo $snort_general_css;
-?>
-<?if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}?>
-
<?php
-echo $snort_general_css;
+echo "{$snort_general_css}\n";
+echo "$snort_interfaces_css\n";
?>
+<?php include("fbegin.inc"); ?>
+
+<div class="body2">
+
<!-- hack to fix the hardcoed fbegin link in header -->
<div id="header-left2"><a href="../index.php" id="status-link2"><img src="./images/transparent.gif" border="0"></img></a></div>
-<div class="body2">
+<?if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}?>
<noscript><div class="alert" ALIGN=CENTER><img src="../themes/nervecenter/images/icons/icon_alert.gif"/><strong>Please enable JavaScript to view this content</CENTER></div></noscript>
diff --git a/config/snort/snort_gui.inc b/config/snort/snort_gui.inc
index 9a3f1377..66f9c148 100644
--- a/config/snort/snort_gui.inc
+++ b/config/snort/snort_gui.inc
@@ -145,6 +145,17 @@ padding-bottom: 12px;
border-bottom: 1px solid #999999;
}
+/* global tab, white lil box */
+.vncell3 {
+ width: 50px;
+ background-color: #eeeeee;
+ padding-right: 2px;
+ padding-left: 2px;
+ border-bottom-width: 1px;
+ border-bottom-style: solid;
+ border-bottom-color: #999999;
+}
+
.vncellreq2 {
background-color: #eeeeee;
padding-right: 20px;
diff --git a/config/snort/snort_interfaces.php b/config/snort/snort_interfaces.php
index d43c1e63..eae518dd 100644
--- a/config/snort/snort_interfaces.php
+++ b/config/snort/snort_interfaces.php
@@ -255,23 +255,24 @@ include_once("/usr/local/pkg/snort/snort_head.inc");
});
</script>
-<?php include("fbegin.inc"); ?>
-<!-- hack to fix the hardcoed fbegin link in header -->
-<div id="header-left2"><a href="../index.php" id="status-link2"><img src="./images/transparent.gif" border="0"></img></a></div>
-
-<?if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}?>
-
<?php
echo "{$snort_general_css}\n";
echo "$snort_interfaces_css\n";
?>
+<?php include("fbegin.inc"); ?>
+
<div class="body2">
+<!-- hack to fix the hardcoed fbegin link in header -->
+<div id="header-left2"><a href="../index.php" id="status-link2"><img src="./images/transparent.gif" border="0"></img></a></div>
+
+<?if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}?>
+
<noscript><div class="alert" ALIGN=CENTER><img src="../themes/nervecenter/images/icons/icon_alert.gif"/><strong>Please enable JavaScript to view this content</CENTER></div></noscript>
-<form action="/snort/snort_interfaces.php" method="post" name="iform">
+<form action="snort_interfaces_global.php" method="post" enctype="multipart/form-data" name="iform" id="iform">
<?php
@@ -302,7 +303,8 @@ echo "$snort_interfaces_css\n";
?>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
- <tr><td>
+ <tr>
+ <td>
<div class="snorttabs" style="margin:1px 0px; width:775px;">
<!-- Tabbed bar code-->
diff --git a/config/snort/snort_interfaces_edit.php b/config/snort/snort_interfaces_edit.php
index 455a6d01..c47baad5 100644
--- a/config/snort/snort_interfaces_edit.php
+++ b/config/snort/snort_interfaces_edit.php
@@ -432,7 +432,7 @@ echo "
}
//-->
</script>
-<p class="pgtitle"><?php if($pfsense_stable == 'yes'){echo $pgtitle;}?></p>
+<?if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}?>
<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
<form action="snort_interfaces_edit.php<?php echo "?id=$id";?>" method="post" enctype="multipart/form-data" name="iform" id="iform">
diff --git a/config/snort/snort_interfaces_global.php b/config/snort/snort_interfaces_global.php
index daa50cbf..d4c07456 100644
--- a/config/snort/snort_interfaces_global.php
+++ b/config/snort/snort_interfaces_global.php
@@ -37,34 +37,40 @@ require_once("guiconfig.inc");
require_once("/usr/local/pkg/snort/snort_gui.inc");
require_once("/usr/local/pkg/snort/snort.inc");
+$d_snort_global_dirty_path = '/var/run/snort_global.dirty';
+
/* make things short */
$pconfig['snortdownload'] = $config['installedpackages']['snortglobal']['snortdownload'];
$pconfig['oinkmastercode'] = $config['installedpackages']['snortglobal']['oinkmastercode'];
$pconfig['emergingthreats'] = $config['installedpackages']['snortglobal']['emergingthreats'];
$pconfig['rm_blocked'] = $config['installedpackages']['snortglobal']['rm_blocked'];
+$pconfig['snortloglimit'] = $config['installedpackages']['snortglobal']['snortloglimit'];
+$pconfig['snortloglimitsize'] = $config['installedpackages']['snortglobal']['snortloglimitsize'];
$pconfig['autorulesupdate7'] = $config['installedpackages']['snortglobal']['autorulesupdate7'];
-$pconfig['whitelistvpns'] = $config['installedpackages']['snortglobal']['whitelistvpns'];
-$pconfig['clickablalerteurls'] = $config['installedpackages']['snortglobal']['clickablalerteurls'];
-$pconfig['associatealertip'] = $config['installedpackages']['snortglobal']['associatealertip'];
$pconfig['snortalertlogtype'] = $config['installedpackages']['snortglobal']['snortalertlogtype'];
$pconfig['forcekeepsettings'] = $config['installedpackages']['snortglobal']['forcekeepsettings'];
+ /* this will exec when alert says apply */
+ if ($_POST['apply']) {
+
+ if (file_exists("$d_snort_global_dirty_path")) {
+ conf_mount_rw();
+
+ /* create whitelist and homenet file then sync files */
+ sync_snort_package_empty();
+ sync_snort_package();
-
-if ($_POST) {
-
- unset($input_errors);
- $pconfig = $_POST;
-
- /* input validation */
- if ($_POST['enable'])
- {
-
-/* TODO:a dd check user input code. */
-
+ unlink("$d_snort_global_dirty_path");
+
+ write_config();
+ conf_mount_ro();
+ }
}
+
- if (!$input_errors) {
+
+/* if no errors move foward */
+if (!$input_errors) {
if ($_POST["Submit"]) {
@@ -72,10 +78,9 @@ if ($_POST) {
$config['installedpackages']['snortglobal']['oinkmastercode'] = $_POST['oinkmastercode'];
$config['installedpackages']['snortglobal']['emergingthreats'] = $_POST['emergingthreats'] ? on : off;
$config['installedpackages']['snortglobal']['rm_blocked'] = $_POST['rm_blocked'];
+ $config['installedpackages']['snortglobal']['snortloglimit'] = $_POST['snortloglimit'];
+ $config['installedpackages']['snortglobal']['snortloglimitsize'] = $_POST['snortloglimitsize'];
$config['installedpackages']['snortglobal']['autorulesupdate7'] = $_POST['autorulesupdate7'];
- $config['installedpackages']['snortglobal']['whitelistvpns'] = $_POST['whitelistvpns'] ? on : off;
- $config['installedpackages']['snortglobal']['clickablalerteurls'] = $_POST['clickablalerteurls'] ? on : off;
- $config['installedpackages']['snortglobal']['associatealertip'] = $_POST['associatealertip'] ? on : off;
$config['installedpackages']['snortglobal']['snortalertlogtype'] = $_POST['snortalertlogtype'];
$config['installedpackages']['snortglobal']['forcekeepsettings'] = $_POST['forcekeepsettings'] ? on : off;
@@ -84,6 +89,18 @@ if ($_POST) {
$retval = 0;
+
+ $snort_snortloglimit_info_ck = $config['installedpackages']['snortglobal']['snortloglimit'];
+ if ($snort_snortloglimit_info_ck == 'on') {
+ snort_snortloglimit_install_cron('');
+ snort_snortloglimit_install_cron('true');
+ }
+
+ if ($snort_snortloglimit_info_ck == 'off') {
+ snort_snortloglimit_install_cron('');
+ }
+
+
/* set the snort block hosts time IMPORTANT */
$snort_rm_blocked_info_ck = $config['installedpackages']['snortglobal']['rm_blocked'];
if ($snort_rm_blocked_info_ck == "never_b")
@@ -111,22 +128,27 @@ if ($_POST) {
}
-
+ touch($d_snort_global_dirty_path);
$savemsg = get_std_save_message($retval);
+ write_config();
- }
-
sync_snort_package();
+ /* forces page to reload new settings */
+ header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' );
+ header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' );
+ header( 'Cache-Control: no-store, no-cache, must-revalidate' );
+ header( 'Cache-Control: post-check=0, pre-check=0', false );
+ header( 'Pragma: no-cache' );
+ header("Location: /snort/snort_interfaces_global.php");
+
+ }
}
- if ($_POST["Reset"]) {
-
-//////>>>>>>>>>
+if ($_POST["Reset"]) {
- function snort_deinstall_settings()
-{
+ function snort_deinstall_settings() {
global $config, $g, $id, $if_real;
conf_mount_rw();
@@ -142,8 +164,8 @@ if ($_POST) {
sleep(2);
/* Remove snort cron entries Ugly code needs smoothness*/
-function snort_rm_blocked_deinstall_cron($should_install)
-{
+ function snort_rm_blocked_deinstall_cron($should_install)
+ {
global $config, $g;
conf_mount_rw();
@@ -208,8 +230,8 @@ function snort_rm_blocked_deinstall_cron($should_install)
}
}
-snort_rm_blocked_deinstall_cron("");
-snort_rules_up_deinstall_cron("");
+ snort_rm_blocked_deinstall_cron("");
+ snort_rules_up_deinstall_cron("");
/* Unset snort registers in conf.xml IMPORTANT snort will not start with out this */
@@ -228,7 +250,7 @@ snort_rules_up_deinstall_cron("");
snort_deinstall_settings();
- header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' );
+ header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' );
header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' );
header( 'Cache-Control: no-store, no-cache, must-revalidate' );
header( 'Cache-Control: post-check=0, pre-check=0', false );
@@ -237,12 +259,10 @@ snort_rules_up_deinstall_cron("");
header("Location: /snort/snort_interfaces_global.php");
exit;
-
-//////>>>>>>>>>
- }
}
-$pgtitle = "Services: Snort: Global Settings";
+
+$pgtitle = 'Services: Snort: Global Settings';
include_once("/usr/local/pkg/snort/snort_head.inc");
?>
@@ -258,24 +278,45 @@ include_once("/usr/local/pkg/snort/snort_head.inc");
});
</script>
-<?php
-include_once("fbegin.inc");
-echo $snort_general_css;
+<?php
+echo "{$snort_general_css}\n";
+echo "$snort_interfaces_css\n";
?>
-<!-- hack to fix the hardcoed fbegin link in header -->
-<div id="header-left2"><a href="../index.php" id="status-link2"><img src="./images/transparent.gif" border="0"></img></a></div>
+<?php include("fbegin.inc"); ?>
<div class="body2">
+<!-- hack to fix the hardcoed fbegin link in header -->
+<div id="header-left2"><a href="../index.php" id="status-link2"><img src="./images/transparent.gif" border="0"></img></a></div>
+
<?if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}?>
-<?php if ($input_errors) print_input_errors($input_errors); ?>
-<?php if ($savemsg) print_info_box($savemsg); ?>
+<noscript><div class="alert" ALIGN=CENTER><img src="../themes/nervecenter/images/icons/icon_alert.gif"/><strong>Please enable JavaScript to view this content</CENTER></div></noscript>
+
+
<form action="snort_interfaces_global.php" method="post" enctype="multipart/form-data" name="iform" id="iform">
+
+<?php
+ /* Display Alert message, under form tag or no refresh */
+ if ($input_errors) {
+ print_input_errors($input_errors); // TODO: add checks
+ }
+
+ if (!$input_errors) {
+ if (file_exists($d_snort_global_dirty_path)) {
+
+ print_info_box_np2('
+ The Snort configuration has changed and snort needs to be restarted on this interface.<br>
+ You must apply the changes in order for them to take effect.<br>
+ ');
+ }
+ }
+?>
+
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
- <td class="tabnavtbl">
+ <td>
<div class="snorttabs" style="margin:1px 0px; width:775px;">
<!-- Tabbed bar code-->
@@ -353,6 +394,32 @@ echo $snort_general_css;
<tr>
<td colspan="2" valign="top" class="listtopic">General Settings</td>
</tr>
+
+ <tr>
+ <td width="22%" valign="top" class="vncell2">Log Directory Size Limit</td>
+ <td width="78%" class="vtable">
+ <table cellpadding="0" cellspacing="0">
+ <tr>
+ <td colspan="2"><input name="snortloglimit" type="radio" id="snortloglimit" value="on" onClick="enable_change(false)" <?php if($pconfig['snortloglimit']=='on' || $pconfig['snortloglimit']=='') echo 'checked'; ?>>
+ <strong>Enable</strong> directory size limit (<strong>Default</strong>)</td>
+ </tr>
+ <tr>
+ <td colspan="2"><input name="snortloglimit" type="radio" id="snortloglimit" value="off" onClick="enable_change(false)" <?php if($pconfig['snortloglimit']=='off') echo 'checked'; ?>>
+ <strong>Disable</strong> directory size limit<br><br><span class="red"><strong>Warning</span>:</strong> Pfsense Nanobsd should use no more than 10MB of space.
+ </td>
+ </tr>
+ <tr>
+ <td>&nbsp;</td>
+ </tr>
+ </table>
+ <table width="100%" border="0" cellpadding="6" cellspacing="0">
+ <tr>
+ <td class="vncell3" >Size in <strong>MB</strong></td>
+ <td class="vtable"><input name="snortloglimitsize" type="text" class="formfld" id="snortloglimitsize" size="7" value="<?=htmlspecialchars($pconfig['snortloglimitsize']);?>">
+ Default is <strong>20%</strong> of available space.</td>
+ </table>
+ </tr>
+
<tr>
<td width="22%" valign="top" class="vncell2">Remove blocked hosts every</td>
<td width="78%" class="vtable">
diff --git a/config/snort/snort_rules.php b/config/snort/snort_rules.php
index 7a3f5b03..73de553b 100644
--- a/config/snort/snort_rules.php
+++ b/config/snort/snort_rules.php
@@ -69,6 +69,8 @@ include("fbegin.inc");
echo "<body link=\"#000000\" vlink=\"#000000\" alink=\"#000000\">";
+if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}
+
echo "<script src=\"/row_toggle.js\" type=\"text/javascript\"></script>\n
<script src=\"/javascript/sorttable.js\" type=\"text/javascript\"></script>\n
<table width=\"99%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\">\n