Merge pull request #810 from bmeeks8/suricata-2.0.6-v2.1.4

15 files changed, 146 insertions, 97 deletions

diff --git a/config/suricata/suricata.inc b/config/suricata/suricata.inc
index 66c1e799..73208f61 100644
--- a/config/suricata/suricata.inc
+++ b/config/suricata/suricata.inc
@@ -327,10 +327,11 @@ function suricata_build_list($suricatacfg, $listname = "", $passlist = false, $e
 	if (($externallist && $localnet == 'yes') || (!$externallist && (!$passlist || $localnet == 'yes' || empty($localnet)))) {
 		if (is_ipaddrv4($suricataip)) {
 			if ($suricatacfg['interface'] <> "wan") {
-				$sn = get_interface_subnet($suricatacfg['interface']);
-				$ip = gen_subnet($suricataip, $sn) . "/{$sn}";
-				if (!in_array($ip, $home_net))
-					$home_net[] = $ip;
+				if ($sn = get_interface_subnet($suricatacfg['interface'])) {
+					$ip = gen_subnet($suricataip, $sn) . "/{$sn}";
+					if (!in_array($ip, $home_net))
+						$home_net[] = $ip;
+				}
 			}
 		}
 	}
@@ -349,10 +350,11 @@ function suricata_build_list($suricatacfg, $listname = "", $passlist = false, $e
 	if (($externallist && $localnet == 'yes') || (!$externallist && (!$passlist || $localnet == 'yes' || empty($localnet)))) {
 		if (is_ipaddrv6($suricataip)) {
 			if ($suricatacfg['interface'] <> "wan") {
-				$sn = get_interface_subnetv6($suricatacfg['interface']);
-				$ip = gen_subnetv6($suricataip, $sn). "/{$sn}";
-				if (!in_array($ip, $home_net))
-					$home_net[] = $ip;
+				if ($sn = get_interface_subnetv6($suricatacfg['interface'])) {
+					$ip = gen_subnetv6($suricataip, $sn). "/{$sn}";
+					if (!in_array($ip, $home_net))
+						$home_net[] = $ip;
+				}
 			}
 		}
 	}
@@ -386,10 +388,11 @@ function suricata_build_list($suricatacfg, $listname = "", $passlist = false, $e
 				continue;
 			$subnet = get_interface_ip($int);
 			if (is_ipaddrv4($subnet)) {
-				$sn = get_interface_subnet($int);
-				$ip = gen_subnet($subnet, $sn) . "/{$sn}";
-				if (!in_array($ip, $home_net))
-					$home_net[] = $ip;
+				if ($sn = get_interface_subnet($int)) {
+					$ip = gen_subnet($subnet, $sn) . "/{$sn}";
+					if (!in_array($ip, $home_net))
+						$home_net[] = $ip;
+				}
 			}
 
 			$subnet = get_interface_ipv6($int);
@@ -397,10 +400,11 @@ function suricata_build_list($suricatacfg, $listname = "", $passlist = false, $e
 			if (strpos($subnet, "%") !== FALSE)
 				$subnet = substr($subnet, 0, strpos($subnet, "%"));
 			if (is_ipaddrv6($subnet)) {
-				$sn = get_interface_subnetv6($int);
-				$ip = gen_subnetv6($subnet, $sn). "/{$sn}";
-				if (!in_array($ip, $home_net))
-					$home_net[] = $ip;
+				if ($sn = get_interface_subnetv6($int)) {
+					$ip = gen_subnetv6($subnet, $sn). "/{$sn}";
+					if (!in_array($ip, $home_net))
+						$home_net[] = $ip;
+				}
 			}
 
 			// Add link-local address
@@ -642,9 +646,10 @@ function suricata_rules_up_install_cron($should_install=true) {
 	if (suricata_cron_job_exists($command, TRUE, $suricata_rules_up_min, $suricata_rules_up_hr, $suricata_rules_up_mday, $suricata_rules_up_month, $suricata_rules_up_wday, "root"))
 		return;
 
-	// Else install the new or updated cron job
-	if ($should_install)
-		install_cron_job($command, $should_install, $suricata_rules_up_min, $suricata_rules_up_hr, $suricata_rules_up_mday, $suricata_rules_up_month, $suricata_rules_up_wday, "root");
+	// Else install the new or updated cron job by removing the
+	// existing job first, then installing the new or updated job.
+	install_cron_job("suricata_check_for_rule_updates.php", false);
+	install_cron_job($command, $should_install, $suricata_rules_up_min, $suricata_rules_up_hr, $suricata_rules_up_mday, $suricata_rules_up_month, $suricata_rules_up_wday, "root");
 }
 
 function suricata_loglimit_install_cron($should_install=true) {
@@ -660,7 +665,9 @@ function suricata_loglimit_install_cron($should_install=true) {
 	if ($should_install && suricata_cron_job_exists("/usr/local/pkg/suricata/suricata_check_cron_misc.inc", TRUE, "*/5"))
 		return;
 
-	// Else install the new or updated cron job
+	// Else install the new or updated cron job by removing the
+	// existing job first, then installing the new or updated job.
+	install_cron_job("suricata_check_cron_misc.inc", false);
 	install_cron_job("/usr/bin/nice -n20 /usr/local/bin/php -f /usr/local/pkg/suricata/suricata_check_cron_misc.inc", $should_install, "*/5");
 }
 
@@ -765,10 +772,10 @@ function suricata_rm_blocked_install_cron($should_install) {
 	if (suricata_cron_job_exists($command, TRUE, $suricata_rm_blocked_min, $suricata_rm_blocked_hr, $suricata_rm_blocked_mday, $suricata_rm_blocked_month, $suricata_rm_blocked_wday, "root"))
 		return;
 
-	// Else install the new or updated cron job
-	if ($should_install) {
-		install_cron_job($command, $should_install, $suricata_rm_blocked_min, $suricata_rm_blocked_hr, $suricata_rm_blocked_mday, $suricata_rm_blocked_month, $suricata_rm_blocked_wday, "root");
-	}
+	// Else install the new or updated cron job by removing the
+	// existing job first, then installing the new or updated job.
+	install_cron_job("{$suri_pf_table}", false);
+	install_cron_job($command, $should_install, $suricata_rm_blocked_min, $suricata_rm_blocked_hr, $suricata_rm_blocked_mday, $suricata_rm_blocked_month, $suricata_rm_blocked_wday, "root");
 }
 
 function sync_suricata_package_config() {
diff --git a/config/suricata/suricata.xml b/config/suricata/suricata.xml
index c510d72b..88628877 100644
--- a/config/suricata/suricata.xml
+++ b/config/suricata/suricata.xml
@@ -42,7 +42,7 @@
 	<description>Suricata IDS/IPS Package</description>
 	<requirements>None</requirements>
 	<name>suricata</name>
-	<version>2.0.4 pkg v2.1.3</version>
+	<version>2.0.4 pkg v2.1.4</version>
 	<title>Services: Suricata IDS</title>
 	<include_file>/usr/local/pkg/suricata/suricata.inc</include_file>
 	<menu>
diff --git a/config/suricata/suricata_alerts.php b/config/suricata/suricata_alerts.php
index f151e173..fa4fed5c 100644
--- a/config/suricata/suricata_alerts.php
+++ b/config/suricata/suricata_alerts.php
@@ -424,20 +424,21 @@ if ($pconfig['arefresh'] == 'on')
 	echo "<meta http-equiv=\"refresh\" content=\"60;url=/suricata/suricata_alerts.php?instance={$instanceid}\" />\n";
 ?>
 
+<form action="/suricata/suricata_alerts.php" method="post" id="formalert">
+<input type="hidden" name="sidid" id="sidid" value=""/>
+<input type="hidden" name="gen_id" id="gen_id" value=""/>
+<input type="hidden" name="ip" id="ip" value=""/>
+<input type="hidden" name="descr" id="descr" value=""/>
+
 <?php
 /* Display Alert message */
 if ($input_errors) {
-	print_input_errors($input_errors); // TODO: add checks
+	print_input_errors($input_errors);
 }
 if ($savemsg) {
 	print_info_box($savemsg);
 }
 ?>
-<form action="/suricata/suricata_alerts.php" method="post" id="formalert">
-<input type="hidden" name="sidid" id="sidid" value=""/>
-<input type="hidden" name="gen_id" id="gen_id" value=""/>
-<input type="hidden" name="ip" id="ip" value=""/>
-<input type="hidden" name="descr" id="descr" value=""/>
 
 <table width="100%" border="0" cellpadding="0" cellspacing="0">
 <tbody>
diff --git a/config/suricata/suricata_barnyard.php b/config/suricata/suricata_barnyard.php
index 2938136f..c4e438ba 100644
--- a/config/suricata/suricata_barnyard.php
+++ b/config/suricata/suricata_barnyard.php
@@ -229,8 +229,10 @@ include_once("head.inc");
 ?>
 <body link="#0000CC" vlink="#0000CC" alink="#0000CC">
 
-<?php include("fbegin.inc"); 
+<?php include("fbegin.inc"); ?>
 
+<form action="suricata_barnyard.php" method="post" name="iform" id="iform">
+<?php
 	/* Display Alert message */
 	if ($input_errors) {
 		print_input_errors($input_errors);
@@ -239,10 +241,7 @@ include_once("head.inc");
 	if ($savemsg) {
 		print_info_box($savemsg);
 	}
-
 ?>
-
-<form action="suricata_barnyard.php" method="post" name="iform" id="iform">
 <table width="100%" border="0" cellpadding="0" cellspacing="0">
 <tbody>
 <tr><td>
diff --git a/config/suricata/suricata_blocked.php b/config/suricata/suricata_blocked.php
index 4f4bf095..ccb3548b 100644
--- a/config/suricata/suricata_blocked.php
+++ b/config/suricata/suricata_blocked.php
@@ -163,19 +163,21 @@ include_once("fbegin.inc");
 /* refresh every 60 secs */
 if ($pconfig['brefresh'] == 'on')
 	echo "<meta http-equiv=\"refresh\" content=\"60;url=/suricata/suricata_blocked.php\" />\n";
+?>
+
+<form action="/suricata/suricata_blocked.php" method="post">
+<input type="hidden" name="ip" id="ip" value=""/>
 
+<?php
 /* Display Alert message */
 if ($input_errors) {
-	print_input_errors($input_errors); // TODO: add checks
+	print_input_errors($input_errors);
 }
 if ($savemsg) {
 	print_info_box($savemsg);
 }
 ?>
 
-<form action="/suricata/suricata_blocked.php" method="post">
-<input type="hidden" name="ip" id="ip" value=""/>
-
 <table width="100%" border="0" cellpadding="0" cellspacing="0">
 <tbody>
 <tr>
diff --git a/config/suricata/suricata_define_vars.php b/config/suricata/suricata_define_vars.php
index b94292c3..1aff122c 100644
--- a/config/suricata/suricata_define_vars.php
+++ b/config/suricata/suricata_define_vars.php
@@ -157,13 +157,7 @@ include_once("head.inc");
 <body link="#0000CC" vlink="#0000CC" alink="#0000CC">
 
 <?php 
-include("fbegin.inc"); 
-if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}
-/* Display Alert message */
-if ($input_errors)
-	print_input_errors($input_errors); // TODO: add checks
-if ($savemsg)
-	print_info_box($savemsg);
+include("fbegin.inc");
 ?>
 
 <script type="text/javascript" src="/javascript/autosuggest.js">
@@ -171,6 +165,15 @@ if ($savemsg)
 <script type="text/javascript" src="/javascript/suggestions.js">
 </script>
 <form action="suricata_define_vars.php" method="post" name="iform" id="iform">
+
+<?php
+/* Display Alert message */
+if ($input_errors)
+	print_input_errors($input_errors);
+if ($savemsg)
+	print_info_box($savemsg);
+?>
+
 <table width="100%" border="0" cellpadding="0" cellspacing="0">
 <tbody>
 <tr><td>
diff --git a/config/suricata/suricata_interfaces_edit.php b/config/suricata/suricata_interfaces_edit.php
index 13526031..4319182d 100644
--- a/config/suricata/suricata_interfaces_edit.php
+++ b/config/suricata/suricata_interfaces_edit.php
@@ -307,6 +307,12 @@ if ($_POST["save"] && !$input_errors) {
 		if ($_POST['intf_promisc_mode'] == "on") { $natent['intf_promisc_mode'] = 'on'; }else{ $natent['intf_promisc_mode'] = 'off'; }
 		if ($_POST['configpassthru']) $natent['configpassthru'] = base64_encode(str_replace("\r\n", "\n", $_POST['configpassthru'])); else unset($natent['configpassthru']);
 
+		// Check if EVE OUTPUT TYPE is 'syslog' and auto-enable Suricata syslog output if true.
+		if ($natent['eve_output_type'] == "syslog" && $natent['alertsystemlog'] == "off") {
+			$natent['alertsystemlog'] = "on";
+			$savemsg = gettext("EVE Output to syslog requires Suricata alerts to be copied to the system log, so 'Send Alerts to System Log' has been auto-enabled.");
+		}
+
 		$if_real = get_real_interface($natent['interface']);
 		if (isset($id) && $a_rule[$id] && $action == '') {
 			// See if moving an existing Suricata instance to another physical interface
@@ -434,13 +440,8 @@ if ($_POST["save"] && !$input_errors) {
 		sync_suricata_package_config();
 		conf_mount_ro();
 
-		header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' );
-		header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' );
-		header( 'Cache-Control: no-store, no-cache, must-revalidate' );
-		header( 'Cache-Control: post-check=0, pre-check=0', false );
-		header( 'Pragma: no-cache' );
-		header("Location: /suricata/suricata_interfaces.php");
-		exit;
+		// Refresh page fields with just-saved values
+		$pconfig = $natent;
 	} else
 		$pconfig = $_POST;
 }
@@ -452,7 +453,13 @@ include_once("head.inc");
 
 <body link="#0000CC" vlink="#0000CC" alink="#0000CC">
 
-<?php include("fbegin.inc");
+<?php include("fbegin.inc");?>
+
+<form action="suricata_interfaces_edit.php<?php echo "?id=$id";?>" method="post" name="iform" id="iform">
+<input name="id" type="hidden" value="<?=$id;?>"/>
+<input name="action" type="hidden" value="<?=$action;?>"/>
+
+<?php
 /* Display Alert message */
 if ($input_errors) {
 	print_input_errors($input_errors);
@@ -462,10 +469,6 @@ if ($savemsg) {
 }
 ?>
 
-<form action="suricata_interfaces_edit.php<?php echo "?id=$id";?>" method="post" name="iform" id="iform">
-<input name="id" type="hidden" value="<?=$id;?>"/>
-<input name="action" type="hidden" value="<?=$action;?>"/>
-
 <table width="100%" border="0" cellpadding="0" cellspacing="0">
 <tbody>
 <tr><td>
@@ -716,7 +719,7 @@ if ($savemsg) {
 				?> 
 				</select>&nbsp;&nbsp;
 				<?php echo gettext("Select EVE log output destination."); ?><br/>
-				<span class="red"><?php echo gettext("Hint:") . "</span>&nbsp;" . gettext("Choosing FILE is suggested, and it is the default value."); ?><br/>
+				<span class="red"><?php echo gettext("Hint:") . "</span>&nbsp;" . gettext("Choosing FILE is suggested, and is the default value."); ?><br/>
 			</td>
 		</tr>
 		<tr id="eve_systemlog_facility_row">
diff --git a/config/suricata/suricata_ip_list_mgmt.php b/config/suricata/suricata_ip_list_mgmt.php
index 37decaad..c94db61e 100644
--- a/config/suricata/suricata_ip_list_mgmt.php
+++ b/config/suricata/suricata_ip_list_mgmt.php
@@ -170,6 +170,13 @@ include_once("head.inc");
 
 <?php
 include_once("fbegin.inc");
+?>
+
+<form action="/suricata/suricata_ip_list_mgmt.php" enctype="multipart/form-data" method="post" name="iform" id="iform">
+<input type="hidden" name="MAX_FILE_SIZE" value="100000000" />
+<input type="hidden" name="iplist_fname" id="iplist_fname" value=""/>
+
+<?php
 if ($input_errors) {
 	print_input_errors($input_errors);
 }
@@ -178,9 +185,6 @@ if ($savemsg)
 	print_info_box($savemsg);
 ?>
 
-<form action="/suricata/suricata_ip_list_mgmt.php" enctype="multipart/form-data" method="post" name="iform" id="iform">
-<input type="hidden" name="MAX_FILE_SIZE" value="100000000" />
-<input type="hidden" name="iplist_fname" id="iplist_fname" value=""/>
 <table width="100%" border="0" cellpadding="0" cellspacing="0">
 <tbody>
 <tr><td>
diff --git a/config/suricata/suricata_ip_reputation.php b/config/suricata/suricata_ip_reputation.php
index 4615923a..d9d45a5f 100644
--- a/config/suricata/suricata_ip_reputation.php
+++ b/config/suricata/suricata_ip_reputation.php
@@ -177,11 +177,6 @@ include_once("head.inc");
 
 <?php 
 include("fbegin.inc"); 
-/* Display Alert message */
-if ($input_errors)
-	print_input_errors($input_errors);
-if ($savemsg)
-	print_info_box($savemsg);
 ?>
 
 <form action="suricata_ip_reputation.php" method="post" name="iform" id="iform" >
@@ -193,7 +188,13 @@ if ($savemsg)
 <?php if (is_subsystem_dirty('suricata_iprep') && !$input_errors): ?><p>
 <?php print_info_box_np(gettext("A change has been made to IP List file assignments.") . "<br/>" . gettext("You must apply the change in order for it to take effect."));?>
 <?php endif; ?>
-
+<?php
+/* Display Alert message */
+if ($input_errors)
+	print_input_errors($input_errors);
+if ($savemsg)
+	print_info_box($savemsg);
+?>
 <table width="100%" border="0" cellpadding="0" cellspacing="0">
 	<tbody>
 	<tr>
diff --git a/config/suricata/suricata_passlist.php b/config/suricata/suricata_passlist.php
index af1c4ff5..e7e55d20 100644
--- a/config/suricata/suricata_passlist.php
+++ b/config/suricata/suricata_passlist.php
@@ -104,7 +104,11 @@ include_once("head.inc");
 
 <?php
 include_once("fbegin.inc");
+?>
 
+<form action="/suricata/suricata_passlist.php" method="post">
+<input type="hidden" name="list_id" id="list_id" value=""/>
+<?php
 /* Display Alert message */
 if ($input_errors) {
 	print_input_errors($input_errors);
@@ -113,9 +117,6 @@ if ($savemsg) {
 	print_info_box($savemsg);
 }
 ?>
-
-<form action="/suricata/suricata_passlist.php" method="post">
-<input type="hidden" name="list_id" id="list_id" value=""/>
 <table width="100%" border="0" cellpadding="0" cellspacing="0">
 <tbody>
 <tr><td>
diff --git a/config/suricata/suricata_passlist_edit.php b/config/suricata/suricata_passlist_edit.php
index 5bfeb8b9..1d92e644 100644
--- a/config/suricata/suricata_passlist_edit.php
+++ b/config/suricata/suricata_passlist_edit.php
@@ -199,10 +199,6 @@ include_once("head.inc");
 
 <?php
 include("fbegin.inc");
-if ($input_errors)
-	print_input_errors($input_errors);
-if ($savemsg)
-	print_info_box($savemsg);
 ?>
 <script type="text/javascript" src="/javascript/autosuggest.js">
 </script>
@@ -210,6 +206,14 @@ if ($savemsg)
 </script>
 <form action="suricata_passlist_edit.php" method="post" name="iform" id="iform">
 <input name="id" type="hidden" value="<?=$id;?>" />
+
+<?php
+if ($input_errors)
+	print_input_errors($input_errors);
+if ($savemsg)
+	print_info_box($savemsg);
+?>
+
 <table width="100%" border="0" cellpadding="0" cellspacing="0">
 <tbody>
 <tr><td>
diff --git a/config/suricata/suricata_post_install.php b/config/suricata/suricata_post_install.php
index 070cf095..61d37130 100644
--- a/config/suricata/suricata_post_install.php
+++ b/config/suricata/suricata_post_install.php
@@ -130,6 +130,29 @@ if ($config['installedpackages']['suricata']['config'][0]['et_iqrisk_enable'] ==
 	install_cron_job("/usr/bin/nice -n20 /usr/local/bin/php -f /usr/local/pkg/suricata/suricata_etiqrisk_update.php", TRUE, 0, "*/6", "*", "*", "*", "root");
 }
 
+/*********************************************************/
+/* START OF BUG FIX CODE                                 */
+/*                                                       */
+/* Remove any Suricata cron tasks that may have been     */
+/* left from a previous uninstall due to a bug that      */
+/* saved edited cron tasks as new ones while still       */
+/* leaving the original task.  Correct cron task         */
+/* entries will be recreated below if saved settings     */
+/* are detected.                                         */
+/*********************************************************/
+$cron_count = 0;
+$suri_pf_table = SURICATA_PF_TABLE;
+while (suricata_cron_job_exists($suri_pf_table, FALSE)) {
+	install_cron_job($suri_pf_table, false);
+	$cron_count++;
+}
+if ($cron_count > 0)
+	log_error(gettext("[Suricata] Removed {$cron_count} duplicate 'remove_blocked_hosts' cron task(s)."));
+
+/*********************************************************/
+/* END OF BUG FIX CODE                                   */
+/*********************************************************/
+
 // remake saved settings if previously flagged
 if ($config['installedpackages']['suricata']['config'][0]['forcekeepsettings'] == 'on') {
 	log_error(gettext("[Suricata] Saved settings detected... rebuilding installation with saved settings..."));
@@ -258,8 +281,8 @@ if (empty($config['installedpackages']['suricata']['config'][0]['forcekeepsettin
 conf_mount_ro();
 
 // Update Suricata package version in configuration
-$config['installedpackages']['suricata']['config'][0]['suricata_config_ver'] = "2.1.2";
-write_config("Suricata pkg v2.1.2: post-install configuration saved.");
+$config['installedpackages']['suricata']['config'][0]['suricata_config_ver'] = "2.1.4";
+write_config("Suricata pkg v2.1.4: post-install configuration saved.");
 
 // Done with post-install, so clear flag
 unset($g['suricata_postinstall']);
diff --git a/config/suricata/suricata_rules.php b/config/suricata/suricata_rules.php
index 480bf3dc..020a826d 100644
--- a/config/suricata/suricata_rules.php
+++ b/config/suricata/suricata_rules.php
@@ -436,15 +436,6 @@ $pgtitle = gettext("Suricata: Interface {$if_friendly} - Rules: {$currentruleset
 <body link="#0000CC" vlink="#0000CC" alink="#0000CC">
 <?php
 include("fbegin.inc");
-/* Display error or save messages if present */
-if ($input_errors) {
-        print_input_errors($input_errors); // TODO: add checks
-}
-
-if ($savemsg) {
-        print_info_box($savemsg);
-}
-
 ?>
 
 <form action='/suricata/suricata_rules.php' method='post' name='iform' id='iform'>
@@ -456,6 +447,16 @@ if ($savemsg) {
 <?php if (is_subsystem_dirty('suricata_rules')): ?><p>
 <?php print_info_box_np(gettext("A change has been made to a rule state.") . "<br/>" . gettext("Click APPLY when finished to send the changes to the running configuration."));?>
 <?php endif; ?>
+<?php
+/* Display error or save messages if present */
+if ($input_errors) {
+        print_input_errors($input_errors);
+}
+
+if ($savemsg) {
+        print_info_box($savemsg);
+}
+?>
 
 <table width="100%" border="0" cellpadding="0" cellspacing="0">
 	<tbody>
diff --git a/config/suricata/suricata_rulesets.php b/config/suricata/suricata_rulesets.php
index 7f591b6c..902352c0 100644
--- a/config/suricata/suricata_rulesets.php
+++ b/config/suricata/suricata_rulesets.php
@@ -260,20 +260,22 @@ include_once("head.inc");
 
 <?php
 include("fbegin.inc"); 
+?>
+
+<form action="suricata_rulesets.php" method="post" name="iform" id="iform">
+<input type="hidden" name="id" id="id" value="<?=$id;?>" />
 
+<?php
 /* Display message */
 if ($input_errors) {
-	print_input_errors($input_errors); // TODO: add checks
+	print_input_errors($input_errors);
 }
 
 if ($savemsg) {
 	print_info_box($savemsg);
 }
-
 ?>
 
-<form action="suricata_rulesets.php" method="post" name="iform" id="iform">
-<input type="hidden" name="id" id="id" value="<?=$id;?>" />
 <table width="100%" border="0" cellpadding="0" cellspacing="0">
 <tbody>
 <tr><td>
diff --git a/config/suricata/suricata_suppress_edit.php b/config/suricata/suricata_suppress_edit.php
index 8814d3db..d9b6e8bc 100644
--- a/config/suricata/suricata_suppress_edit.php
+++ b/config/suricata/suricata_suppress_edit.php
@@ -143,16 +143,14 @@ include_once("head.inc");
 
 <body link="#0000CC" vlink="#0000CC" alink="#0000CC">
 
-<?php
-include("fbegin.inc");
-if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}
+<?php include("fbegin.inc"); ?>
+<form action="/suricata/suricata_suppress_edit.php" name="iform" id="iform" method="post">
 
+<?php
 if ($input_errors) print_input_errors($input_errors);
-if ($savemsg)
-	print_info_box($savemsg);
-
+if ($savemsg) print_info_box($savemsg);
 ?>
-<form action="/suricata/suricata_suppress_edit.php" name="iform" id="iform" method="post">
+
 <table width="100%" border="0" cellpadding="0" cellspacing="0">
 <tr><td>
 <?php