aboutsummaryrefslogtreecommitdiffstats
path: root/config
diff options
context:
space:
mode:
authorErmal <eri@pfsense.org>2012-07-16 08:43:35 +0000
committerErmal <eri@pfsense.org>2012-07-16 08:43:35 +0000
commita42356458f46215de8718088c2f9143294532bca (patch)
treebfa23cabeff8db13f8e2788f9f6fc8d490f87fb5 /config
parent39e483f9ac54ffd15db993d9bea675879e8f5f8b (diff)
downloadpfsense-packages-a42356458f46215de8718088c2f9143294532bca.tar.gz
pfsense-packages-a42356458f46215de8718088c2f9143294532bca.tar.bz2
pfsense-packages-a42356458f46215de8718088c2f9143294532bca.zip
Force use of aliases from pfSense for replacing snort var settings. Also make snort var settings generic and overridable in all of its definitions
Diffstat (limited to 'config')
-rw-r--r--config/snort/snort.inc55
-rw-r--r--config/snort/snort_alerts.php70
-rw-r--r--config/snort/snort_blocked.php10
-rw-r--r--config/snort/snort_define_servers.php542
-rw-r--r--config/snort/snort_interfaces_whitelist_edit.php156
5 files changed, 251 insertions, 582 deletions
diff --git a/config/snort/snort.inc b/config/snort/snort.inc
index 26542341..27598f3d 100644
--- a/config/snort/snort.inc
+++ b/config/snort/snort.inc
@@ -49,6 +49,24 @@ define("SNORTLOGDIR", "/var/log/snort");
if (!is_array($config['installedpackages']['snortglobal']))
$config['installedpackages']['snortglobal'] = array();
+function snort_get_blocked_ips() {
+ $blocked_ips = "";
+ exec('/sbin/pfctl -t snort2c -T show', $blocked_ips);
+ $blocked_ips_array = array();
+ if (!empty($blocked_ips)) {
+ $blocked_ips_array = array();
+ if (is_array($blocked_ips)) {
+ foreach ($blocked_ips as $blocked_ip) {
+ if (empty($blocked_ip))
+ continue;
+ $blocked_ips_array[] = trim($blocked_ip, " \n\t");
+ }
+ }
+ }
+
+ return $blocked_ips_array;
+}
+
function snort_get_rule_part($source, $beginning, $ending, $start_pos) {
$beginning_pos = strpos($source, $beginning, $start_pos);
@@ -114,8 +132,8 @@ function snort_build_list($snortcfg, $listname = "") {
$wandns = $whitelist['wandnsips'];
$vips = $whitelist['vips'];
$vpns = $whitelist['vpnips'];
- if (!empty($whitelist['address'])) {
- $home_net .= trim($whitelist['address']);
+ if (!empty($whitelist['address']) && is_alias($whitelist['address'])) {
+ $home_net .= trim(filter_expand_alias($whitelist['address']));
$home_net .= " ";
}
}
@@ -1044,7 +1062,7 @@ function snort_generate_conf($snortcfg) {
$ssh_port = $config['system']['ssh']['port'];
else
$ssh_port = "22";
- $ports = array(
+ $snort_ports = array(
"dns_ports" => "53", "smtp_ports" => "25", "mail_ports" => "25,143,465,691",
"http_ports" => "80", "oracle_ports" => "1521", "mssql_ports" => "1433",
"telnet_ports" => "23","snmp_ports" => "161", "ftp_ports" => "21",
@@ -1075,7 +1093,7 @@ EOD;
if (!empty($snortcfg['flow_depth']))
$def_flow_depth_type = $snortcfg['flow_depth'];
- $http_ports = str_replace(",", " ", $ports['http_ports']);
+ $http_ports = str_replace(",", " ", $snort_ports['http_ports']);
/* def http_inspect */
$http_inspect = <<<EOD
# HTTP Inspect #
@@ -1153,7 +1171,7 @@ preprocessor ftp_telnet_protocol: ftp client default \
EOD;
- $smtp_ports = str_replace(",", " ", $ports['mail_ports']);
+ $smtp_ports = str_replace(",", " ", $snort_ports['mail_ports']);
/* def smtp_preprocessor */
$smtp_preprocessor = <<<EOD
# SMTP preprocessor #
@@ -1189,7 +1207,7 @@ preprocessor sfportscan: scan_type { all } \
EOD;
- $sun_rpc_ports = str_replace(",", " ", $ports['sun_rpc_ports']);
+ $sun_rpc_ports = str_replace(",", " ", $snort_ports['sun_rpc_ports']);
/* def other_preprocs */
$other_preprocs = <<<EOD
# Other preprocs #
@@ -1205,13 +1223,13 @@ EOD;
# DCE/RPC 2 #
preprocessor dcerpc2: memcap 102400, events [smb, co, cl]
preprocessor dcerpc2_server: default, policy WinXP, \
- detect [smb [{$ports['smb_ports']}], tcp 135, udp 135, rpc-over-http-server 593], \
+ detect [smb [{$snort_ports['smb_ports']}], tcp 135, udp 135, rpc-over-http-server 593], \
autodetect [tcp 1025:, udp 1025:, rpc-over-http-server 1025:], \
smb_max_chain 3
EOD;
- $dns_ports = str_replace(",", " ", $ports['dns_ports']);
+ $dns_ports = str_replace(",", " ", $snort_ports['dns_ports']);
/* def dns_preprocessor */
$dns_preprocessor = <<<EOD
# DNS preprocessor #
@@ -1233,7 +1251,7 @@ EOD;
$def_max_queued_segs_type = ", max_queued_segs {$snortcfg['max_queued_segs']}";
/* define servers and ports snortdefservers */
- $servers = array (
+ $snort_servers = array (
"dns_servers" => "\$HOME_NET", "smtp_servers" => "\$HOME_NET", "http_servers" => "\$HOME_NET",
"www_servers" => "\$HOME_NET", "sql_servers" => "\$HOME_NET", "telnet_servers" => "\$HOME_NET",
"snmp_servers" => "\$HOME_NET", "ftp_servers" => "\$HOME_NET", "ssh_servers" => "\$HOME_NET",
@@ -1243,19 +1261,22 @@ EOD;
);
$vardef = "";
- foreach ($servers as $alias => $avalue) {
- if (!empty($snortcfg[$alias]))
- $avalue = $snortcfg[$alias];
+ foreach ($snort_servers as $alias => $avalue) {
+ if (!empty($snortcfg["def_{$alias}"]) && is_alias($snortcfg["def_{$alias}"])) {
+ $avalue = filter_expand_alias($snortcfg["def_{$alias}"]);
+ $avalue = str_replace(" ", ",", trim($avalue));
+ }
$vardef .= "var " . strtoupper($alias) . " [{$avalue}]\n";
}
$portvardef = "";
- foreach ($ports as $alias => $avalue) {
- if (!empty($snortcfg["def_{$alias}"]))
- $ports[$alias] = $snortcfg["def_{$alias}"];
- $portvardef .= "portvar " . strtoupper($alias) . " [" . $ports[$alias] . "]\n";
+ foreach ($snort_ports as $alias => $avalue) {
+ if (!empty($snortcfg["def_{$alias}"]) && is_alias($snortcfg["def_{$alias}"]))
+ $snort_ports[$alias] = filter_expand_alias($snortcfg["def_{$alias}"]);
+ $snort_ports[$alias] = str_replace(" ", ",", trim($snort_ports[$alias]));
+ $portvardef .= "portvar " . strtoupper($alias) . " [" . $snort_ports[$alias] . "]\n";
}
- $def_ssl_ports_ignore = str_replace(",", " ", $ports['ssl_ports']);
+ $def_ssl_ports_ignore = str_replace(",", " ", $snort_ports['ssl_ports']);
$snort_preproc = array (
"perform_stat", "http_inspect", "other_preprocs", "ftp_preprocessor", "smtp_preprocessor",
diff --git a/config/snort/snort_alerts.php b/config/snort/snort_alerts.php
index ea5c6cb5..939381c5 100644
--- a/config/snort/snort_alerts.php
+++ b/config/snort/snort_alerts.php
@@ -74,6 +74,16 @@ if ($_POST['save']) {
exit;
}
+if ($_POST['todelete'] || $_GET['todelete']) {
+ $ip = "";
+ if($_POST['todelete'])
+ $ip = $_POST['todelete'];
+ else if($_GET['todelete'])
+ $ip = $_GET['todelete'];
+ if (is_ipaddr($ip))
+ exec("/sbin/pfctl -t snort2c -T delete {$ip}");
+}
+
if ($_GET['act'] == "addsuppress" && is_numeric($_GET['sidid']) && is_numeric($_GET['gen_id'])) {
$suppress = "suppress gen_id {$_GET['gen_id']}, sig_id {$_GET['sidid']}\n";
if (!is_array($config['installedpackages']['snortglobal']['suppress']))
@@ -165,6 +175,7 @@ if ($pconfig['arefresh'] == 'on')
print_input_errors($input_errors); // TODO: add checks
}
?>
+<form action="/snort/snort_alerts.php" method="post" id="formalert">
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr><td>
<?php
@@ -181,12 +192,9 @@ if ($pconfig['arefresh'] == 'on')
</td></tr>
<tr>
<td>
- <div id="mainarea">
- <form action="/snort/snort_alerts.php" method="post" id="formalert">
- <input type="hidden" name="instance" value="<?=$instanceid;?>">
<table class="tabcont" width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
- <td width="22%" colspan="0" class="listtopic">Last <?=$anentries;?> Alert Entries.</td>
+ <td width="22%" class="listtopic">Last <?=$anentries;?> Alert Entries.</td>
<td width="78%" class="listtopic">Latest Alert Entries Are Listed First.</td>
</tr>
<tr>
@@ -224,34 +232,11 @@ if ($pconfig['arefresh'] == 'on')
Enter the number of log entries to view. <strong>Default</strong> is <strong>250</strong>.
</td>
</tr>
- </table>
- </form>
- </td>
- </tr>
+ <tr>
+ <td colspan="2" ><br/><br/></td>
+ </tr>
<tr>
- <td width="100%" colspan="2">
- <div class="tableFilter">
- <form id="tableFilter" onsubmit="myTable.filter(this.id); return false;">
- <br/>
- Filter: <select id="column">
- <option value="1">PRIORITY</option>
- <option value="2">PROTO</option>
- <option value="3">DESCRIPTION</option>
- <option value="4">CLASS</option>
- <option value="5">SRC</option>
- <option value="6">SRC PORT</option>
- <option value="8">DST</option>
- <option value="9">DST PORT</option>
- <option value="10">SID</option>
- <option value="11">Date</option>
- </select>
- <input type="text" id="keyword" /> <input type="submit"
- value="Submit" /> <input type="reset" value="Clear" /></form>
- <br/>
- </td>
-</tr>
-<tr>
- <td colspan="2">
+ <td width="100%" colspan="2" class='vtable'>
<table id="myTable" width="100%" class="sortable" border="1" cellpadding="0" cellspacing="0">
<thead>
<th class='listhdr' width='10%' axis="date">Date</th>
@@ -259,7 +244,7 @@ if ($pconfig['arefresh'] == 'on')
<th class='listhdrr' width='3%' axis="string">PROTO</th>
<th class='listhdrr' width='7%' axis="string">CLASS</th>
<th class='listhdrr' width='15%' axis="string">SRC</th>
- <th class='listhdrr' width='5%' axis="string">SRCPORt</th>
+ <th class='listhdrr' width='5%' axis="string">SRCPORT</th>
<th class='listhdrr' width='15%' axis="string">DST</th>
<th class='listhdrr' width='5%' axis="string">DSTPORT</th>
<th class='listhdrr' width='5%' axis="string">SID</th>
@@ -272,6 +257,7 @@ if ($pconfig['arefresh'] == 'on')
if (file_exists("/var/log/snort/snort_{$if_real}{$snort_uuid}/alert")) {
exec("tail -{$anentries} /var/log/snort/snort_{$if_real}{$snort_uuid}/alert | sort -r > /tmp/alert_{$snort_uuid}");
if (file_exists("/tmp/alert_{$snort_uuid}")) {
+ $tmpblocked = array_flip(snort_get_blocked_ips());
$counter = 0;
/* 0 1 2 3 4 5 6 7 8 9 10 11 12 */
/* File format timestamp,sig_generator,sig_id,sig_rev,msg,proto,src,srcport,dst,dstport,id,classification,priority */
@@ -291,17 +277,25 @@ if (file_exists("/var/log/snort/snort_{$if_real}{$snort_uuid}/alert")) {
$alert_proto = $fields[5];
/* IP SRC */
$alert_ip_src = $fields[6];
+ if (isset($tmpblocked[$fields[6]])) {
+ $alert_ip_src .= "<a href='?instance={$id}&todelete=" . trim(urlencode($fields[6])) . "'>
+ <img title=\"Remove from blocked ips\" border=\"0\" width='10' height='10' name='todelete' id='todelete' alt=\"Delete\" src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\"></a>";
+ }
/* IP SRC Port */
$alert_src_p = $fields[7];
/* IP Destination */
$alert_ip_dst = $fields[8];
+ if (isset($tmpblocked[$fields[8]])) {
+ $alert_ip_dst .= "<a href='?instance={$id}&todelete=" . trim(urlencode($fields[8])) . "'>
+ <img title=\"Remove from blocked ips\" border=\"0\" width='10' height='10' name='todelete' id='todelete' alt=\"Delete\" src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\"></a>";
+ }
/* IP DST Port */
$alert_dst_p = $fields[9];
/* SID */
$alert_sid_str = "{$fields[1]}:{$fields[2]}:{$fields[3]}";
$alert_class = $fields[11];
- echo "<tr id=\"{$counter}\">
+ echo "<tr>
<td class='listr' width='10%'>{$alert_date}</td>
<td class='listr' width='5%' >{$alert_priority}</td>
<td class='listr' width='3%'>{$alert_proto}</td>
@@ -330,14 +324,10 @@ if (file_exists("/var/log/snort/snort_{$if_real}{$snort_uuid}/alert")) {
</table>
</td>
</tr>
- </form>
- </div>
</table>
-</div>
-</td></tr></table>
-<script type="text/javascript">
-sortable.reverse("myTable");
-</script>
+</td></tr>
+</table>
+</form>
<?php
include("fend.inc");
?>
diff --git a/config/snort/snort_blocked.php b/config/snort/snort_blocked.php
index 70838ed8..b88b85e9 100644
--- a/config/snort/snort_blocked.php
+++ b/config/snort/snort_blocked.php
@@ -203,10 +203,6 @@ if ($pconfig['brefresh'] == 'on')
</tr>
<?php
/* set the arrays */
- $blocked_ips = "";
- exec('/sbin/pfctl -t snort2c -T show', $blocked_ips);
- $blocked_ips_array = array();
- if (!empty($blocked_ips)) {
$blocked_ips_array = array();
if (is_array($blocked_ips)) {
foreach ($blocked_ips as $blocked_ip) {
@@ -215,6 +211,8 @@ if ($pconfig['brefresh'] == 'on')
$blocked_ips_array[] = trim($blocked_ip, " \n\t");
}
}
+ $blocked_ips_array = snort_get_blocked_ips();
+ if (!empty($blocked_ips_array)) {
$tmpblocked = array_flip($blocked_ips_array);
$src_ip_list = array();
foreach (glob("/var/log/snort/*/alert") as $alertfile) {
@@ -230,12 +228,12 @@ if ($pconfig['brefresh'] == 'on')
if (isset($tmpblocked[$fields[6]])) {
if (!is_array($src_ip_list[$fields[6]]))
$src_ip_list[$fields[6]] = array();
- $src_ip_list[$fields[6]][] = "{$fields[4]} - " . substr($fields[0], 0, -8);
+ $src_ip_list[$fields[6]][$fields[4]] = "{$fields[4]} - " . substr($fields[0], 0, -8);
}
if (isset($tmpblocked[$fields[8]])) {
if (!is_array($src_ip_list[$fields[8]]))
$src_ip_list[$fields[8]] = array();
- $src_ip_list[$fields[8]][] = "{$fields[4]} - " . substr($fields[0], 0, -8);
+ $src_ip_list[$fields[8]][$fields[4]] = "{$fields[4]} - " . substr($fields[0], 0, -8);
}
}
fclose($fd);
diff --git a/config/snort/snort_define_servers.php b/config/snort/snort_define_servers.php
index f69209e5..3cf70bc9 100644
--- a/config/snort/snort_define_servers.php
+++ b/config/snort/snort_define_servers.php
@@ -48,47 +48,41 @@ if (!is_array($config['installedpackages']['snortglobal']['rule'])) {
}
$a_nat = &$config['installedpackages']['snortglobal']['rule'];
-$pconfig = array();
-if (isset($id) && $a_nat[$id]) {
- $pconfig = $a_nat[$id];
+/* NOTE: KEEP IN SYNC WITH SNORT.INC since global do not work quite well with package */
+/* define servers and ports snortdefservers */
+$snort_servers = array (
+"dns_servers" => "\$HOME_NET", "smtp_servers" => "\$HOME_NET", "http_servers" => "\$HOME_NET",
+"www_servers" => "\$HOME_NET", "sql_servers" => "\$HOME_NET", "telnet_servers" => "\$HOME_NET",
+"snmp_servers" => "\$HOME_NET", "ftp_servers" => "\$HOME_NET", "ssh_servers" => "\$HOME_NET",
+"pop_servers" => "\$HOME_NET", "imap_servers" => "\$HOME_NET", "sip_proxy_ip" => "\$HOME_NET",
+"sip_servers" => "\$HOME_NET", "rpc_servers" => "\$HOME_NET",
+"aim_servers" => "64.12.24.0/23,64.12.28.0/23,64.12.161.0/24,64.12.163.0/24,64.12.200.0/24,205.188.3.0/24,205.188.5.0/24,205.188.7.0/24,205.188.9.0/24,205.188.153.0/24,205.188.179.0/24,205.188.248.0/24"
+);
- /* old options */
- $pconfig['def_dns_servers'] = $a_nat[$id]['def_dns_servers'];
- $pconfig['def_dns_ports'] = $a_nat[$id]['def_dns_ports'];
- $pconfig['def_smtp_servers'] = $a_nat[$id]['def_smtp_servers'];
- $pconfig['def_smtp_ports'] = $a_nat[$id]['def_smtp_ports'];
- $pconfig['def_mail_ports'] = $a_nat[$id]['def_mail_ports'];
- $pconfig['def_http_servers'] = $a_nat[$id]['def_http_servers'];
- $pconfig['def_www_servers'] = $a_nat[$id]['def_www_servers'];
- $pconfig['def_http_ports'] = $a_nat[$id]['def_http_ports'];
- $pconfig['def_sql_servers'] = $a_nat[$id]['def_sql_servers'];
- $pconfig['def_oracle_ports'] = $a_nat[$id]['def_oracle_ports'];
- $pconfig['def_mssql_ports'] = $a_nat[$id]['def_mssql_ports'];
- $pconfig['def_telnet_servers'] = $a_nat[$id]['def_telnet_servers'];
- $pconfig['def_telnet_ports'] = $a_nat[$id]['def_telnet_ports'];
- $pconfig['def_snmp_servers'] = $a_nat[$id]['def_snmp_servers'];
- $pconfig['def_snmp_ports'] = $a_nat[$id]['def_snmp_ports'];
- $pconfig['def_ftp_servers'] = $a_nat[$id]['def_ftp_servers'];
- $pconfig['def_ftp_ports'] = $a_nat[$id]['def_ftp_ports'];
- $pconfig['def_ssh_servers'] = $a_nat[$id]['def_ssh_servers'];
- $pconfig['def_ssh_ports'] = $a_nat[$id]['def_ssh_ports'];
- $pconfig['def_pop_servers'] = $a_nat[$id]['def_pop_servers'];
- $pconfig['def_pop2_ports'] = $a_nat[$id]['def_pop2_ports'];
- $pconfig['def_pop3_ports'] = $a_nat[$id]['def_pop3_ports'];
- $pconfig['def_imap_servers'] = $a_nat[$id]['def_imap_servers'];
- $pconfig['def_imap_ports'] = $a_nat[$id]['def_imap_ports'];
- $pconfig['def_sip_proxy_ip'] = $a_nat[$id]['def_sip_proxy_ip'];
- $pconfig['def_sip_servers'] = $a_nat[$id]['def_sip_servers'];
- $pconfig['def_sip_ports'] = $a_nat[$id]['def_sip_ports'];
- $pconfig['def_sip_proxy_ports'] = $a_nat[$id]['def_sip_proxy_ports'];
- $pconfig['def_auth_ports'] = $a_nat[$id]['def_auth_ports'];
- $pconfig['def_finger_ports'] = $a_nat[$id]['def_finger_ports'];
- $pconfig['def_irc_ports'] = $a_nat[$id]['def_irc_ports'];
- $pconfig['def_nntp_ports'] = $a_nat[$id]['def_nntp_ports'];
- $pconfig['def_rlogin_ports'] = $a_nat[$id]['def_rlogin_ports'];
- $pconfig['def_rsh_ports'] = $a_nat[$id]['def_rsh_ports'];
- $pconfig['def_ssl_ports'] = $a_nat[$id]['def_ssl_ports'];
-}
+/* if user has defined a custom ssh port, use it */
+if(is_array($config['system']['ssh']) && isset($config['system']['ssh']['port']))
+ $ssh_port = $config['system']['ssh']['port'];
+else
+ $ssh_port = "22";
+$snort_ports = array(
+"dns_ports" => "53", "smtp_ports" => "25", "mail_ports" => "25,143,465,691",
+"http_ports" => "80", "oracle_ports" => "1521", "mssql_ports" => "1433",
+"telnet_ports" => "23","snmp_ports" => "161", "ftp_ports" => "21",
+"ssh_ports" => $ssh_port, "pop2_ports" => "109", "pop3_ports" => "110",
+"imap_ports" => "143", "sip_proxy_ports" => "5060:5090,16384:32768",
+"sip_ports" => "5060:5090,16384:32768", "auth_ports" => "113", "finger_ports" => "79",
+"irc_ports" => "6665,6666,6667,6668,6669,7000", "smb_ports" => "139,445",
+"nntp_ports" => "119", "rlogin_ports" => "513", "rsh_ports" => "514",
+"ssl_ports" => "443,465,563,636,989,990,992,993,994,995",
+"file_data_ports" => "\$HTTP_PORTS,110,143", "shellcode_ports" => "!80",
+"sun_rpc_ports" => "111,32770,32771,32772,32773,32774,32775,32776,32777,32778,32779",
+"DCERPC_NCACN_IP_TCP" => "139,445", "DCERPC_NCADG_IP_UDP" => "138,1024:",
+"DCERPC_NCACN_IP_LONG" => "135,139,445,593,1024:", "DCERPC_NCACN_UDP_LONG" => "135,1024:",
+"DCERPC_NCACN_UDP_SHORT" => "135,593,1024:", "DCERPC_NCACN_TCP" => "2103,2105,2107",
+"DCERPC_BRIGHTSTORE" => "6503,6504"
+);
+
+$pconfig = $a_nat[$id];
/* convert fake interfaces to real */
$if_real = snort_get_real_interface($pconfig['interface']);
@@ -105,51 +99,20 @@ if ($_POST) {
/* if no errors write to conf */
if (!$input_errors) {
/* post new options */
- if ($_POST['def_dns_servers'] != "") { $natent['def_dns_servers'] = $_POST['def_dns_servers']; }else{ $natent['def_dns_servers'] = ""; }
- if ($_POST['def_dns_ports'] != "") { $natent['def_dns_ports'] = $_POST['def_dns_ports']; }else{ $natent['def_dns_ports'] = ""; }
- if ($_POST['def_smtp_servers'] != "") { $natent['def_smtp_servers'] = $_POST['def_smtp_servers']; }else{ $natent['def_smtp_servers'] = ""; }
- if ($_POST['def_smtp_ports'] != "") { $natent['def_smtp_ports'] = $_POST['def_smtp_ports']; }else{ $natent['def_smtp_ports'] = ""; }
- if ($_POST['def_mail_ports'] != "") { $natent['def_mail_ports'] = $_POST['def_mail_ports']; }else{ $natent['def_mail_ports'] = ""; }
- if ($_POST['def_http_servers'] != "") { $natent['def_http_servers'] = $_POST['def_http_servers']; }else{ $natent['def_http_servers'] = ""; }
- if ($_POST['def_www_servers'] != "") { $natent['def_www_servers'] = $_POST['def_www_servers']; }else{ $natent['def_www_servers'] = ""; }
- if ($_POST['def_http_ports'] != "") { $natent['def_http_ports'] = $_POST['def_http_ports']; }else{ $natent['def_http_ports'] = ""; }
- if ($_POST['def_sql_servers'] != "") { $natent['def_sql_servers'] = $_POST['def_sql_servers']; }else{ $natent['def_sql_servers'] = ""; }
- if ($_POST['def_oracle_ports'] != "") { $natent['def_oracle_ports'] = $_POST['def_oracle_ports']; }else{ $natent['def_oracle_ports'] = ""; }
- if ($_POST['def_mssql_ports'] != "") { $natent['def_mssql_ports'] = $_POST['def_mssql_ports']; }else{ $natent['def_mssql_ports'] = ""; }
- if ($_POST['def_telnet_servers'] != "") { $natent['def_telnet_servers'] = $_POST['def_telnet_servers']; }else{ $natent['def_telnet_servers'] = ""; }
- if ($_POST['def_telnet_ports'] != "") { $natent['def_telnet_ports'] = $_POST['def_telnet_ports']; }else{ $natent['def_telnet_ports'] = ""; }
- if ($_POST['def_snmp_servers'] != "") { $natent['def_snmp_servers'] = $_POST['def_snmp_servers']; }else{ $natent['def_snmp_servers'] = ""; }
- if ($_POST['def_snmp_ports'] != "") { $natent['def_snmp_ports'] = $_POST['def_snmp_ports']; }else{ $natent['def_snmp_ports'] = ""; }
- if ($_POST['def_ftp_servers'] != "") { $natent['def_ftp_servers'] = $_POST['def_ftp_servers']; }else{ $natent['def_ftp_servers'] = ""; }
- if ($_POST['def_ftp_ports'] != "") { $natent['def_ftp_ports'] = $_POST['def_ftp_ports']; }else{ $natent['def_ftp_ports'] = ""; }
- if ($_POST['def_ssh_servers'] != "") { $natent['def_ssh_servers'] = $_POST['def_ssh_servers']; }else{ $natent['def_ssh_servers'] = ""; }
- if ($_POST['def_ssh_ports'] != "") { $natent['def_ssh_ports'] = $_POST['def_ssh_ports']; }else{ $natent['def_ssh_ports'] = ""; }
- if ($_POST['def_pop_servers'] != "") { $natent['def_pop_servers'] = $_POST['def_pop_servers']; }else{ $natent['def_pop_servers'] = ""; }
- if ($_POST['def_pop2_ports'] != "") { $natent['def_pop2_ports'] = $_POST['def_pop2_ports']; }else{ $natent['def_pop2_ports'] = ""; }
- if ($_POST['def_pop3_ports'] != "") { $natent['def_pop3_ports'] = $_POST['def_pop3_ports']; }else{ $natent['def_pop3_ports'] = ""; }
- if ($_POST['def_imap_servers'] != "") { $natent['def_imap_servers'] = $_POST['def_imap_servers']; }else{ $natent['def_imap_servers'] = ""; }
- if ($_POST['def_imap_ports'] != "") { $natent['def_imap_ports'] = $_POST['def_imap_ports']; }else{ $natent['def_imap_ports'] = ""; }
- if ($_POST['def_sip_proxy_ip'] != "") { $natent['def_sip_proxy_ip'] = $_POST['def_sip_proxy_ip']; }else{ $natent['def_sip_proxy_ip'] = ""; }
- if ($_POST['def_sip_proxy_ports'] != "") { $natent['def_sip_proxy_ports'] = $_POST['def_sip_proxy_ports']; }else{ $natent['def_sip_proxy_ports'] = ""; }
- if ($_POST['def_sip_servers'] != "") { $natent['def_sip_servers'] = $_POST['def_sip_servers']; }else{ $natent['def_sip_servers'] = ""; }
- if ($_POST['def_sip_ports'] != "") { $natent['def_sip_ports'] = $_POST['def_sip_ports']; }else{ $natent['def_sip_ports'] = ""; }
- if ($_POST['def_auth_ports'] != "") { $natent['def_auth_ports'] = $_POST['def_auth_ports']; }else{ $natent['def_auth_ports'] = ""; }
- if ($_POST['def_finger_ports'] != "") { $natent['def_finger_ports'] = $_POST['def_finger_ports']; }else{ $natent['def_finger_ports'] = ""; }
- if ($_POST['def_irc_ports'] != "") { $natent['def_irc_ports'] = $_POST['def_irc_ports']; }else{ $natent['def_irc_ports'] = ""; }
- if ($_POST['def_nntp_ports'] != "") { $natent['def_nntp_ports'] = $_POST['def_nntp_ports']; }else{ $natent['def_nntp_ports'] = ""; }
- if ($_POST['def_rlogin_ports'] != "") { $natent['def_rlogin_ports'] = $_POST['def_rlogin_ports']; }else{ $natent['def_rlogin_ports'] = ""; }
- if ($_POST['def_rsh_ports'] != "") { $natent['def_rsh_ports'] = $_POST['def_rsh_ports']; }else{ $natent['def_rsh_ports'] = ""; }
- if ($_POST['def_ssl_ports'] != "") { $natent['def_ssl_ports'] = $_POST['def_ssl_ports']; }else{ $natent['def_ssl_ports'] = ""; }
-
-
- if (isset($id) && $a_nat[$id])
- $a_nat[$id] = $natent;
- else {
- if (is_numeric($after))
- array_splice($a_nat, $after+1, 0, array($natent));
+ foreach ($snort_servers as $key => $server) {
+ if ($_POST["def_{$key}"])
+ $natent["def_{$key}"] = $_POST["def_{$key}"];
else
- $a_nat[] = $natent;
+ unset($natent["def_{$key}"]);
}
+ foreach ($snort_ports as $key => $server) {
+ if ($_POST["def_{$key}"])
+ $natent["def_{$key}"] = $_POST["def_{$key}"];
+ else
+ unset($natent["def_{$key}"]);
+ }
+
+ $a_nat[$id] = $natent;
write_config();
@@ -171,30 +134,23 @@ $pgtitle = "Snort: Interface {$if_friendly} Define Servers";
include_once("head.inc");
?>
-<body
- link="#0000CC" vlink="#0000CC" alink="#0000CC">
+<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
<?php
include("fbegin.inc");
if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}
+/* Display Alert message */
+if ($input_errors)
+ print_input_errors($input_errors); // TODO: add checks
+if ($savemsg)
+ print_info_box($savemsg);
?>
-
-<?php
- /* Display Alert message */
-
- if ($input_errors) {
- print_input_errors($input_errors); // TODO: add checks
- }
-
- if ($savemsg) {
- print_info_box($savemsg);
- }
-
- ?>
-
-<form action="snort_define_servers.php" method="post"
- enctype="multipart/form-data" name="iform" id="iform">
+<script type="text/javascript" src="/javascript/autosuggest.js">
+</script>
+<script type="text/javascript" src="/javascript/suggestions.js">
+</script>
+<form action="snort_define_servers.php" method="post" name="iform" id="iform">
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr><td>
<?php
@@ -212,313 +168,99 @@ if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}
<tr>
<td class="tabcont">
<table width="100%" border="0" cellpadding="6" cellspacing="0">
+ <tr>
+ <td colspan="2" valign="top" class="listtopic">Define Servers</td>
+ </tr>
+<?php
+ foreach ($snort_servers as $key => $server):
+ if (strlen($server) > 40)
+ $server = substr($server, 0, 40) . "...";
+ $label = strtoupper($key);
+ $value = "";
+ if (!empty($pconfig["def_{$key}"]))
+ $value = htmlspecialchars($pconfig["def_{$key}"]);
+?>
<tr>
- <td width="22%" valign="top">&nbsp;</td>
- <td width="78%"><span class="vexpl"><span class="red"><strong>Note:</strong></span><br>
- Please save your settings before you click start.<br>
- Please make sure there are <strong>no spaces</strong> in your
- definitions. </td>
- </tr>
- <tr>
- <td colspan="2" valign="top" class="listtopic">Define Servers</td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Define DNS_SERVERS</td>
- <td width="78%" class="vtable"><input name="def_dns_servers"
- type="text" class="formfld" id="def_dns_servers" size="40"
- value="<?=htmlspecialchars($pconfig['def_dns_servers']);?>"> <br>
- <span class="vexpl">Example: "192.168.1.3/24,192.168.1.4/24". Leave
- blank to scan all networks.</span></td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Define DNS_PORTS</td>
- <td width="78%" class="vtable"><input name="def_dns_ports"
- type="text" class="formfld" id="def_dns_ports" size="40"
- value="<?=htmlspecialchars($pconfig['def_dns_ports']);?>"> <br>
- <span class="vexpl">Example: Specific ports "25,443" or All ports
- betwen "5060:5090 . Default is 53.</span></td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Define SMTP_SERVERS</td>
- <td width="78%" class="vtable"><input name="def_smtp_servers"
- type="text" class="formfld" id="def_smtp_servers" size="40"
- value="<?=htmlspecialchars($pconfig['def_smtp_servers']);?>"> <br>
- <span class="vexpl">Example: "192.168.1.3/24,192.168.1.4/24". Leave
- blank to scan all networks.</span></td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Define SMTP_PORTS</td>
- <td width="78%" class="vtable"><input name="def_smtp_ports"
- type="text" class="formfld" id="def_smtp_ports" size="40"
- value="<?=htmlspecialchars($pconfig['def_smtp_ports']);?>"> <br>
- <span class="vexpl">Example: Specific ports "25,443" or All ports
- betwen "5060:5090 . Default is 25.</span></td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Define Mail_Ports</td>
- <td width="78%" class="vtable"><input name="def_mail_ports"
- type="text" class="formfld" id="def_mail_ports" size="40"
- value="<?=htmlspecialchars($pconfig['def_mail_ports']);?>"> <br>
- <span class="vexpl">Example: Specific ports "25,443" or All ports
- betwen "5060:5090 . Default is 25,143,465,691.</span></td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Define HTTP_SERVERS</td>
- <td width="78%" class="vtable"><input name="def_http_servers"
- type="text" class="formfld" id="def_http_servers" size="40"
- value="<?=htmlspecialchars($pconfig['def_http_servers']);?>"> <br>
- <span class="vexpl">Example: "192.168.1.3/24,192.168.1.4/24". Leave
- blank to scan all networks.</span></td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Define WWW_SERVERS</td>
- <td width="78%" class="vtable"><input name="def_www_servers"
- type="text" class="formfld" id="def_www_servers" size="40"
- value="<?=htmlspecialchars($pconfig['def_www_servers']);?>"> <br>
- <span class="vexpl">Example: "192.168.1.3/24,192.168.1.4/24". Leave
- blank to scan all networks.</span></td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Define HTTP_PORTS</td>
- <td width="78%" class="vtable"><input name="def_http_ports"
- type="text" class="formfld" id="def_http_ports" size="40"
- value="<?=htmlspecialchars($pconfig['def_http_ports']);?>"> <br>
- <span class="vexpl">Example: Specific ports "25,443" or All ports
- betwen "5060:5090 . Default is 80.</span></td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Define SQL_SERVERS</td>
- <td width="78%" class="vtable"><input name="def_sql_servers"
- type="text" class="formfld" id="def_sql_servers" size="40"
- value="<?=htmlspecialchars($pconfig['def_sql_servers']);?>"> <br>
- <span class="vexpl">Example: "192.168.1.3/24,192.168.1.4/24". Leave
- blank to scan all networks.</span></td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Define ORACLE_PORTS</td>
- <td width="78%" class="vtable"><input name="def_oracle_ports"
- type="text" class="formfld" id="def_oracle_ports" size="40"
- value="<?=htmlspecialchars($pconfig['def_oracle_ports']);?>"> <br>
- <span class="vexpl">Example: Specific ports "25,443" or All ports
- betwen "5060:5090 . Default is 1521.</span></td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Define MSSQL_PORTS</td>
- <td width="78%" class="vtable"><input name="def_mssql_ports"
- type="text" class="formfld" id="def_mssql_ports" size="40"
- value="<?=htmlspecialchars($pconfig['def_mssql_ports']);?>"> <br>
- <span class="vexpl">Example: Specific ports "25,443" or All ports
- betwen "5060:5090 . Default is 1433.</span></td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Define TELNET_SERVERS</td>
- <td width="78%" class="vtable"><input name="def_telnet_servers"
- type="text" class="formfld" id="def_telnet_servers" size="40"
- value="<?=htmlspecialchars($pconfig['def_telnet_servers']);?>"> <br>
- <span class="vexpl">Example: "192.168.1.3/24,192.168.1.4/24". Leave
- blank to scan all networks.</span></td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Define TELNET_PORTS</td>
- <td width="78%" class="vtable"><input name="def_telnet_ports"
- type="text" class="formfld" id="def_telnet_ports" size="40"
- value="<?=htmlspecialchars($pconfig['def_telnet_ports']);?>"> <br>
- <span class="vexpl">Example: Specific ports "25,443" or All ports
- betwen "5060:5090 . Default is 23.</span></td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Define SNMP_SERVERS</td>
- <td width="78%" class="vtable"><input name="def_snmp_servers"
- type="text" class="formfld" id="def_snmp_servers" size="40"
- value="<?=htmlspecialchars($pconfig['def_snmp_servers']);?>"> <br>
- <span class="vexpl">Example: "192.168.1.3/24,192.168.1.4/24". Leave
- blank to scan all networks.</span></td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Define SNMP_PORTS</td>
- <td width="78%" class="vtable"><input name="def_snmp_ports"
- type="text" class="formfld" id="def_snmp_ports" size="40"
- value="<?=htmlspecialchars($pconfig['def_snmp_ports']);?>"> <br>
- <span class="vexpl">Example: Specific ports "25,443" or All ports
- betwen "5060:5090 . Default is 161.</span></td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Define FTP_SERVERS</td>
- <td width="78%" class="vtable"><input name="def_ftp_servers"
- type="text" class="formfld" id="def_ftp_servers" size="40"
- value="<?=htmlspecialchars($pconfig['def_ftp_servers']);?>"> <br>
- <span class="vexpl">Example: "192.168.1.3/24,192.168.1.4/24". Leave
- blank to scan all networks.</span></td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Define FTP_PORTS</td>
- <td width="78%" class="vtable"><input name="def_ftp_ports"
- type="text" class="formfld" id="def_ftp_ports" size="40"
- value="<?=htmlspecialchars($pconfig['def_ftp_ports']);?>"> <br>
- <span class="vexpl">Example: Specific ports "25,443" or All ports
- betwen "5060:5090 . Default is 21.</span></td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Define SSH_SERVERS</td>
- <td width="78%" class="vtable"><input name="def_ssh_servers"
- type="text" class="formfld" id="def_ssh_servers" size="40"
- value="<?=htmlspecialchars($pconfig['def_ssh_servers']);?>"> <br>
- <span class="vexpl">Example: "192.168.1.3/24,192.168.1.4/24". Leave
- blank to scan all networks.</span></td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Define SSH_PORTS</td>
- <td width="78%" class="vtable"><input name="def_ssh_ports"
- type="text" class="formfld" id="def_ssh_ports" size="40"
- value="<?=htmlspecialchars($pconfig['def_ssh_ports']);?>"> <br>
- <span class="vexpl">Example: Specific ports "25,443" or All ports
- betwen "5060:5090 . Default is the firewall's SSH port.</span></td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Define POP_SERVERS</td>
- <td width="78%" class="vtable"><input name="def_pop_servers"
- type="text" class="formfld" id="def_pop_servers" size="40"
- value="<?=htmlspecialchars($pconfig['def_pop_servers']);?>"> <br>
- <span class="vexpl">Example: "192.168.1.3/24,192.168.1.4/24". Leave
- blank to scan all networks.</span></td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Define POP2_PORTS</td>
- <td width="78%" class="vtable"><input name="def_pop2_ports"
- type="text" class="formfld" id="def_pop2_ports" size="40"
- value="<?=htmlspecialchars($pconfig['def_pop2_ports']);?>"> <br>
- <span class="vexpl">Example: Specific ports "25,443" or All ports
- betwen "5060:5090 . Default is 109.</span></td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Define POP3_PORTS</td>
- <td width="78%" class="vtable"><input name="def_pop3_ports"
- type="text" class="formfld" id="def_pop3_ports" size="40"
- value="<?=htmlspecialchars($pconfig['def_pop3_ports']);?>"> <br>
- <span class="vexpl">Example: Specific ports "25,443" or All ports
- betwen "5060:5090 . Default is 110.</span></td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Define IMAP_SERVERS</td>
- <td width="78%" class="vtable"><input name="def_imap_servers"
- type="text" class="formfld" id="def_imap_servers" size="40"
- value="<?=htmlspecialchars($pconfig['def_imap_servers']);?>"> <br>
- <span class="vexpl">Example: "192.168.1.3/24,192.168.1.4/24". Leave
- blank to scan all networks.</span></td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Define IMAP_PORTS</td>
- <td width="78%" class="vtable"><input name="def_imap_ports"
- type="text" class="formfld" id="def_imap_ports" size="40"
- value="<?=htmlspecialchars($pconfig['def_imap_ports']);?>"> <br>
- <span class="vexpl">Example: Specific ports "25,443" or All ports
- betwen "5060:5090 . Default is 143.</span></td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Define SIP_PROXY_IP</td>
- <td width="78%" class="vtable"><input name="def_sip_proxy_ip"
- type="text" class="formfld" id="def_sip_proxy_ip" size="40"
- value="<?=htmlspecialchars($pconfig['def_sip_proxy_ip']);?>"> <br>
- <span class="vexpl">Example: "192.168.1.3/24,192.168.1.4/24". Leave
- blank to scan all networks.</span></td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Define SIP_PROXY_PORTS</td>
- <td width="78%" class="vtable"><input name="def_sip_proxy_ports"
- type="text" class="formfld" id="def_sip_proxy_ports" size="40"
- value="<?=htmlspecialchars($pconfig['def_sip_proxy_ports']);?>"> <br>
- <span class="vexpl">Example: Specific ports "25,443" or All ports
- betwen "5060:5090 . Default is 5060:5090,16384:32768.</span></td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Define SIP_SERVERS</td>
- <td width="78%" class="vtable"><input name="def_sip_servers"
- type="text" class="formfld" id="def_sip_servers" size="40"
- value="<?=htmlspecialchars($pconfig['def_sip_servers']);?>"> <br>
- <span class="vexpl">Example: "192.168.1.3/24,192.168.1.4/24". Leave
- blank to scan all networks.</span></td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Define SIP_PORTS</td>
- <td width="78%" class="vtable"><input name="def_sip_ports"
- type="text" class="formfld" id="def_sip_ports" size="40"
- value="<?=htmlspecialchars($pconfig['def_sip_ports']);?>"> <br>
- <span class="vexpl">Example: Specific ports "25,443" or All ports
- betwen "5060:5090 . Default is 5060:5090,16384:32768.</span></td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Define AUTH_PORTS</td>
- <td width="78%" class="vtable"><input name="def_auth_ports"
- type="text" class="formfld" id="def_auth_ports" size="40"
- value="<?=htmlspecialchars($pconfig['def_auth_ports']);?>"> <br>
- <span class="vexpl">Example: Specific ports "25,443" or All ports
- betwen "5060:5090 . Default is 113.</span></td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Define FINGER_PORTS</td>
- <td width="78%" class="vtable"><input name="def_finger_ports"
- type="text" class="formfld" id="def_finger_ports" size="40"
- value="<?=htmlspecialchars($pconfig['def_finger_ports']);?>"> <br>
- <span class="vexpl">Example: Specific ports "25,443" or All ports
- betwen "5060:5090 . Default is 79.</span></td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Define IRC_PORTS</td>
- <td width="78%" class="vtable"><input name="def_irc_ports"
- type="text" class="formfld" id="def_irc_ports" size="40"
- value="<?=htmlspecialchars($pconfig['def_irc_ports']);?>"> <br>
- <span class="vexpl">Example: Specific ports "25,443" or All ports
- betwen "5060:5090 . Default is 6665,6666,6667,6668,6669,7000.</span></td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Define NNTP_PORTS</td>
- <td width="78%" class="vtable"><input name="def_nntp_ports"
- type="text" class="formfld" id="def_nntp_ports" size="40"
- value="<?=htmlspecialchars($pconfig['def_nntp_ports']);?>"> <br>
- <span class="vexpl">Example: Specific ports "25,443" or All ports
- betwen "5060:5090 . Default is 119.</span></td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Define RLOGIN_PORTS</td>
- <td width="78%" class="vtable"><input name="def_rlogin_ports"
- type="text" class="formfld" id="def_rlogin_ports" size="40"
- value="<?=htmlspecialchars($pconfig['def_rlogin_ports']);?>"> <br>
- <span class="vexpl">Example: Specific ports "25,443" or All ports
- betwen "5060:5090 . Default is 513.</span></td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Define RSH_PORTS</td>
- <td width="78%" class="vtable"><input name="def_rsh_ports"
- type="text" class="formfld" id="def_rsh_ports" size="40"
- value="<?=htmlspecialchars($pconfig['def_rsh_ports']);?>"> <br>
- <span class="vexpl">Example: Specific ports "25,443" or All ports
- betwen "5060:5090 . Default is 514.</span></td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Define SSL_PORTS</td>
- <td width="78%" class="vtable"><input name="def_ssl_ports"
- type="text" class="formfld" id="def_ssl_ports" size="40"
- value="<?=htmlspecialchars($pconfig['def_ssl_ports']);?>"> <br>
- <span class="vexpl">Example: Specific ports "25,443" or All ports
- betwen "5060:5090 . Default is 25,443,465,636,993,995.</span></td>
- </tr>
- <tr>
- <td width="22%" valign="top">&nbsp;</td>
- <td width="78%">
- <input name="Submit" type="submit" class="formbtn" value="Save">
- <input name="id" type="hidden" value="<?=$id;?>">
+ <td width='22%' valign='top' class='vncell'>Define <?=$label;?></td>
+ <td width="78%" class="vtable">
+ <input name="def_<?=$key;?>"
+ type="text" autocomplete="off" class="formfldalias" id="def_<?=$key;?>"
+ value="<?=$value;?>"> <br/>
+ <span class="vexpl">Default value: "<?=$server;?>" <br/>Leave
+ blank for default value.</span>
</td>
</tr>
+<?php endforeach; ?>
+ <tr>
+ <td colspan="2" valign="top" class="listtopic">Define Ports</td>
+ </tr>
+<?php
+ foreach ($snort_ports as $key => $server):
+ $server = substr($server, 0, 20);
+ $label = strtoupper($key);
+ $value = "";
+ if (!empty($pconfig["def_{$key}"]))
+ $value = htmlspecialchars($pconfig["def_{$key}"]);
+?>
<tr>
- <td width="22%" valign="top">&nbsp;</td>
- <td width="78%"><span class="vexpl"><span class="red"><strong>Note:</strong></span>
- <br>
- Please save your settings before you click start. </td>
+ <td width='22%' valign='top' class='vncell'>Define <?=$label;?></td>
+ <td width="78%" class="vtable"><input name="def_<?=$key;?>"
+ type="text" autocomplete="off" class="formfldalias" id="def_<?=$key;?>"
+ value="<?=$value;?>"> <br/>
+ <span class="vexpl">Default value: "<?=$server;?>" <br/> Leave
+ blank for default value.</span>
+ </td>
</tr>
- </table>
+<?php endforeach; ?>
+ <tr>
+ <td width="22%" valign="top">&nbsp;</td>
+ <td width="78%">
+ <input name="Submit" type="submit" class="formbtn" value="Save">
+ <input name="id" type="hidden" value="<?=$id;?>">
+ </td>
+ </tr>
+ </table>
</td></tr>
</table>
</form>
+<script type="text/javascript">
+<?php
+ $isfirst = 0;
+ $aliases = "";
+ $addrisfirst = 0;
+ $portisfirst = 0;
+ $aliasesaddr = "";
+ $aliasesports = "";
+ if(isset($config['aliases']['alias']) && is_array($config['aliases']['alias']))
+ foreach($config['aliases']['alias'] as $alias_name) {
+ if ($alias_name['type'] == "host" || $alias_name['type'] == "network") {
+ if($addrisfirst == 1) $aliasesaddr .= ",";
+ $aliasesaddr .= "'" . $alias_name['name'] . "'";
+ $addrisfirst = 1;
+ } else if ($alias_name['type'] == "port") {
+ if($portisfirst == 1) $aliasesports .= ",";
+ $aliasesports .= "'" . $alias_name['name'] . "'";
+ $portisfirst = 1;
+ }
+ }
+?>
+
+ var addressarray=new Array(<?php echo $aliasesaddr; ?>);
+ var portsarray=new Array(<?php echo $aliasesports; ?>);
+
+function createAutoSuggest() {
+<?php
+ foreach ($snort_servers as $key => $server)
+ echo "objAlias{$key} = new AutoSuggestControl(document.getElementById('def_{$key}'), new StateSuggestions(addressarray));\n";
+ foreach ($snort_ports as $key => $server)
+ echo "pobjAlias{$key} = new AutoSuggestControl(document.getElementById('def_{$key}'), new StateSuggestions(portsarray));\n";
+?>
+}
+
+setTimeout("createAutoSuggest();", 500);
+
+</script>
+
<?php include("fend.inc"); ?>
</body>
</html>
diff --git a/config/snort/snort_interfaces_whitelist_edit.php b/config/snort/snort_interfaces_whitelist_edit.php
index aa6ca238..c86f60d3 100644
--- a/config/snort/snort_interfaces_whitelist_edit.php
+++ b/config/snort/snort_interfaces_whitelist_edit.php
@@ -85,8 +85,6 @@ if (isset($id) && $a_whitelist[$id]) {
$pconfig['wandnsips'] = $a_whitelist[$id]['wandnsips'];
$pconfig['vips'] = $a_whitelist[$id]['vips'];
$pconfig['vpnips'] = $a_whitelist[$id]['vpnips'];
- $addresses = explode(' ', $pconfig['address']);
- $address = explode(" ", $addresses[0]);
}
if ($_POST['submit']) {
@@ -103,13 +101,8 @@ if ($_POST['submit']) {
if(strtolower($_POST['name']) == "defaultwhitelist")
$input_errors[] = "Whitelist file names may not be named defaultwhitelist.";
- $x = is_validwhitelistname($_POST['name']);
- if (!isset($x)) {
- $input_errors[] = "Reserved word used for whitelist file name.";
- } else {
- if (is_validwhitelistname($_POST['name']) == false)
- $input_errors[] = "Whitelist file name may only consist of the characters a-z, A-Z and 0-9 _. Note: No Spaces. Press Cancel to reset.";
- }
+ if (is_validwhitelistname($_POST['name']) == false)
+ $input_errors[] = "Whitelist file name may only consist of the characters a-z, A-Z and 0-9 _. Note: No Spaces. Press Cancel to reset.";
/* check for name conflicts */
foreach ($a_whitelist as $w_list) {
@@ -122,33 +115,9 @@ if ($_POST['submit']) {
}
}
- $isfirst = 0;
- $address = "";
- $final_address_details .= "";
- /* add another entry code */
- for($x=0; $x<499; $x++) {
- if (!empty($_POST["address{$x}"])) {
- if ($is_first > 0)
- $address .= " ";
- $address .= $_POST["address{$x}"];
- if ($_POST["address_subnet{$x}"] <> "")
- $address .= "" . $_POST["address_subnet{$x}"];
-
- /* Compress in details to a single key, data separated by pipes.
- Pulling details here lets us only pull in details for valid
- address entries, saving us from having to track which ones to
- process later. */
- $final_address_detail = mb_convert_encoding($_POST["detail{$x}"],'HTML-ENTITIES','auto');
- if ($final_address_detail <> "")
- $final_address_details .= $final_address_detail;
- else {
- $final_address_details .= "Entry added" . " ";
- $final_address_details .= date('r');
- }
- $final_address_details .= "||";
- $is_first++;
- }
- }
+ if ($_POST['address'])
+ if (!is_alias($_POST['address']))
+ $input_errors[] = "A valid alias need to be provided";
if (!$input_errors) {
$w_list = array();
@@ -161,7 +130,7 @@ if ($_POST['submit']) {
$w_list['vips'] = $_POST['vips']? 'yes' : 'no';
$w_list['vpnips'] = $_POST['vpnips']? 'yes' : 'no';
- $w_list['address'] = $address;
+ $w_list['address'] = $_POST['address'];
$w_list['descr'] = mb_convert_encoding($_POST['descr'],"HTML-ENTITIES","auto");
$w_list['detail'] = $final_address_details;
@@ -177,12 +146,7 @@ if ($_POST['submit']) {
header("Location: /snort/snort_interfaces_whitelist.php");
exit;
- } else {
- $pconfig['descr'] = mb_convert_encoding($_POST['descr'],"HTML-ENTITIES","auto");
- $pconfig['address'] = $address;
- $pconfig['detail'] = $final_address_details;
}
-
}
$pgtitle = "Services: Snort: Whitelist: Edit $whitelist_uuid";
@@ -193,27 +157,15 @@ include_once("head.inc");
<?php
include("fbegin.inc");
-?>
-<script type="text/javascript" src="/javascript/row_helper.js"></script>
- <input type='hidden' name='address_type' value='textbox' />
- <script type="text/javascript">
-
- rowname[0] = "address";
- rowtype[0] = "textbox";
- rowsize[0] = "20";
-
- rowname[1] = "detail";
- rowtype[1] = "textbox";
- rowsize[1] = "30";
-</script>
-
-<?php
if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}
if ($input_errors) print_input_errors($input_errors);
if ($savemsg)
print_info_box($savemsg);
?>
-
+<script type="text/javascript" src="/javascript/autosuggest.js">
+</script>
+<script type="text/javascript" src="/javascript/suggestions.js">
+</script>
<form action="snort_interfaces_whitelist_edit.php" method="post" name="iform" id="iform">
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr><td class="tabcont">
@@ -282,61 +234,11 @@ if ($savemsg)
</tr>
<tr>
<td width="22%" valign="top" class="vncellreq">
- <div id="addressnetworkport">IP or CIDR items</div>
+ <div id="addressnetworkport">Alias of IP's</div>
</td>
<td width="78%" class="vtable">
- <table id="maintable">
- <tbody>
- <tr>
- <td colspan="4">
- <div
- style="padding: 5px; margin-top: 16px; margin-bottom: 16px; border: 1px dashed #ff3333; background-color: #eee; color: #000; font-size: 8pt;"
- id="itemhelp">For <strong>WHITELIST's</strong> enter <strong>ONLY
- IPs not CIDRs</strong>. Example: 192.168.4.1<br>
- <br>
- For <strong>NETLIST's</strong> you may enter <strong>IPs and
- CIDRs</strong>. Example: 192.168.4.1 or 192.168.4.0/24</div>
- </td>
- </tr>
- <tr>
- <td>
- <div id="onecolumn">IP or CIDR</div>
- </td>
- <td>
- <div id="threecolumn">Add a Description or leave blank and a date
- will be added.</div>
- </td>
- </tr>
-
- <?php
- /* cleanup code */
- $counter = 0;
- $address = $pconfig['address'];
- if ($address <> ""):
- $item = explode(" ", $address);
- $item3 = explode("||", $pconfig['detail']);
- foreach($item as $ww):
- $address = $item[$counter];
- $item4 = $item3[$counter];
- ?>
- <tr>
- <td><input name="address<?php echo $counter; ?>" class="formfld unknown" type="text" id="address<?php echo $counter; ?>" size="30" value="<?=htmlspecialchars($address);?>" /></td>
- <td><input name="detail<?php echo $counter; ?>" class="formfld unknown" type="text" id="address<?php echo $counter; ?>" size="50" value="<?=$item4;?>" /></td>
- <td>
- <?php echo "<input type=\"image\" src=\"/themes/".$g['theme']."/images/icons/icon_x.gif\" onclick=\"removeRow(this); return false;\" value=\"Delete\" />"; ?>
- </td>
- </tr>
- <?php
- $counter++;
-
- endforeach; endif;
- ?>
- </tbody>
- </table>
- <a onclick="javascript:addRowTo('maintable'); return false;"
- href="#"><img border="0"
- src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" alt=""
- title="add another entry" /> </a></td>
+ <input autocomplete="off" name="address" type="text" class="formfldalias" id="address" size="30" value="<?=htmlspecialchars($pconfig['address']);?>" />
+ </td>
</tr>
<tr>
<td width="22%" valign="top">&nbsp;</td>
@@ -350,17 +252,33 @@ if ($savemsg)
</td></tr>
</table>
</form>
-
<script type="text/javascript">
-/* row and col adjust when you add extra entries */
+<?php
+ $isfirst = 0;
+ $aliases = "";
+ $addrisfirst = 0;
+ $aliasesaddr = "";
+ if(isset($config['aliases']['alias']) && is_array($config['aliases']['alias']))
+ foreach($config['aliases']['alias'] as $alias_name) {
+ if ($alias_name['type'] != "host" && $alias_name['type'] != "network")
+ continue;
+ if($addrisfirst == 1) $aliasesaddr .= ",";
+ $aliasesaddr .= "'" . $alias_name['name'] . "'";
+ $addrisfirst = 1;
+ }
+?>
-field_counter_js = 3;
- rows = 1;
- totalrows = <?php echo $counter; ?>;
- loaded = <?php echo $counter; ?>;
-
-</script>
+ var addressarray=new Array(<?php echo $aliasesaddr; ?>);
+function createAutoSuggest() {
+<?php
+ echo "objAlias = new AutoSuggestControl(document.getElementById('address'), new StateSuggestions(addressarray));\n";
+?>
+}
+
+setTimeout("createAutoSuggest();", 500);
+
+</script>
<?php include("fend.inc"); ?>
</body>
</html>