aboutsummaryrefslogtreecommitdiffstats
path: root/config
diff options
context:
space:
mode:
authorRenato Botelho <garga@FreeBSD.org>2015-02-09 09:28:51 -0200
committerRenato Botelho <garga@FreeBSD.org>2015-02-09 09:28:51 -0200
commite8721f705ab1f80b0e1fe897f65b3941e071ebcf (patch)
tree46917a85e4e08fbd5702983ab7db6907be0b115d /config
parentda3cd59d595b075ff33901966065d62a213bae4c (diff)
parent2913f596fc1a87d20a8d2aac9e2eadfc5bc8787d (diff)
downloadpfsense-packages-e8721f705ab1f80b0e1fe897f65b3941e071ebcf.tar.gz
pfsense-packages-e8721f705ab1f80b0e1fe897f65b3941e071ebcf.tar.bz2
pfsense-packages-e8721f705ab1f80b0e1fe897f65b3941e071ebcf.zip
Merge pull request #810 from bmeeks8/suricata-2.0.6-v2.1.4
Diffstat (limited to 'config')
-rw-r--r--config/suricata/suricata.inc55
-rw-r--r--config/suricata/suricata.xml2
-rw-r--r--config/suricata/suricata_alerts.php13
-rw-r--r--config/suricata/suricata_barnyard.php7
-rw-r--r--config/suricata/suricata_blocked.php10
-rw-r--r--config/suricata/suricata_define_vars.php17
-rw-r--r--config/suricata/suricata_interfaces_edit.php29
-rw-r--r--config/suricata/suricata_ip_list_mgmt.php10
-rw-r--r--config/suricata/suricata_ip_reputation.php13
-rw-r--r--config/suricata/suricata_passlist.php7
-rw-r--r--config/suricata/suricata_passlist_edit.php12
-rw-r--r--config/suricata/suricata_post_install.php27
-rw-r--r--config/suricata/suricata_rules.php19
-rw-r--r--config/suricata/suricata_rulesets.php10
-rw-r--r--config/suricata/suricata_suppress_edit.php12
15 files changed, 146 insertions, 97 deletions
diff --git a/config/suricata/suricata.inc b/config/suricata/suricata.inc
index 66c1e799..73208f61 100644
--- a/config/suricata/suricata.inc
+++ b/config/suricata/suricata.inc
@@ -327,10 +327,11 @@ function suricata_build_list($suricatacfg, $listname = "", $passlist = false, $e
if (($externallist && $localnet == 'yes') || (!$externallist && (!$passlist || $localnet == 'yes' || empty($localnet)))) {
if (is_ipaddrv4($suricataip)) {
if ($suricatacfg['interface'] <> "wan") {
- $sn = get_interface_subnet($suricatacfg['interface']);
- $ip = gen_subnet($suricataip, $sn) . "/{$sn}";
- if (!in_array($ip, $home_net))
- $home_net[] = $ip;
+ if ($sn = get_interface_subnet($suricatacfg['interface'])) {
+ $ip = gen_subnet($suricataip, $sn) . "/{$sn}";
+ if (!in_array($ip, $home_net))
+ $home_net[] = $ip;
+ }
}
}
}
@@ -349,10 +350,11 @@ function suricata_build_list($suricatacfg, $listname = "", $passlist = false, $e
if (($externallist && $localnet == 'yes') || (!$externallist && (!$passlist || $localnet == 'yes' || empty($localnet)))) {
if (is_ipaddrv6($suricataip)) {
if ($suricatacfg['interface'] <> "wan") {
- $sn = get_interface_subnetv6($suricatacfg['interface']);
- $ip = gen_subnetv6($suricataip, $sn). "/{$sn}";
- if (!in_array($ip, $home_net))
- $home_net[] = $ip;
+ if ($sn = get_interface_subnetv6($suricatacfg['interface'])) {
+ $ip = gen_subnetv6($suricataip, $sn). "/{$sn}";
+ if (!in_array($ip, $home_net))
+ $home_net[] = $ip;
+ }
}
}
}
@@ -386,10 +388,11 @@ function suricata_build_list($suricatacfg, $listname = "", $passlist = false, $e
continue;
$subnet = get_interface_ip($int);
if (is_ipaddrv4($subnet)) {
- $sn = get_interface_subnet($int);
- $ip = gen_subnet($subnet, $sn) . "/{$sn}";
- if (!in_array($ip, $home_net))
- $home_net[] = $ip;
+ if ($sn = get_interface_subnet($int)) {
+ $ip = gen_subnet($subnet, $sn) . "/{$sn}";
+ if (!in_array($ip, $home_net))
+ $home_net[] = $ip;
+ }
}
$subnet = get_interface_ipv6($int);
@@ -397,10 +400,11 @@ function suricata_build_list($suricatacfg, $listname = "", $passlist = false, $e
if (strpos($subnet, "%") !== FALSE)
$subnet = substr($subnet, 0, strpos($subnet, "%"));
if (is_ipaddrv6($subnet)) {
- $sn = get_interface_subnetv6($int);
- $ip = gen_subnetv6($subnet, $sn). "/{$sn}";
- if (!in_array($ip, $home_net))
- $home_net[] = $ip;
+ if ($sn = get_interface_subnetv6($int)) {
+ $ip = gen_subnetv6($subnet, $sn). "/{$sn}";
+ if (!in_array($ip, $home_net))
+ $home_net[] = $ip;
+ }
}
// Add link-local address
@@ -642,9 +646,10 @@ function suricata_rules_up_install_cron($should_install=true) {
if (suricata_cron_job_exists($command, TRUE, $suricata_rules_up_min, $suricata_rules_up_hr, $suricata_rules_up_mday, $suricata_rules_up_month, $suricata_rules_up_wday, "root"))
return;
- // Else install the new or updated cron job
- if ($should_install)
- install_cron_job($command, $should_install, $suricata_rules_up_min, $suricata_rules_up_hr, $suricata_rules_up_mday, $suricata_rules_up_month, $suricata_rules_up_wday, "root");
+ // Else install the new or updated cron job by removing the
+ // existing job first, then installing the new or updated job.
+ install_cron_job("suricata_check_for_rule_updates.php", false);
+ install_cron_job($command, $should_install, $suricata_rules_up_min, $suricata_rules_up_hr, $suricata_rules_up_mday, $suricata_rules_up_month, $suricata_rules_up_wday, "root");
}
function suricata_loglimit_install_cron($should_install=true) {
@@ -660,7 +665,9 @@ function suricata_loglimit_install_cron($should_install=true) {
if ($should_install && suricata_cron_job_exists("/usr/local/pkg/suricata/suricata_check_cron_misc.inc", TRUE, "*/5"))
return;
- // Else install the new or updated cron job
+ // Else install the new or updated cron job by removing the
+ // existing job first, then installing the new or updated job.
+ install_cron_job("suricata_check_cron_misc.inc", false);
install_cron_job("/usr/bin/nice -n20 /usr/local/bin/php -f /usr/local/pkg/suricata/suricata_check_cron_misc.inc", $should_install, "*/5");
}
@@ -765,10 +772,10 @@ function suricata_rm_blocked_install_cron($should_install) {
if (suricata_cron_job_exists($command, TRUE, $suricata_rm_blocked_min, $suricata_rm_blocked_hr, $suricata_rm_blocked_mday, $suricata_rm_blocked_month, $suricata_rm_blocked_wday, "root"))
return;
- // Else install the new or updated cron job
- if ($should_install) {
- install_cron_job($command, $should_install, $suricata_rm_blocked_min, $suricata_rm_blocked_hr, $suricata_rm_blocked_mday, $suricata_rm_blocked_month, $suricata_rm_blocked_wday, "root");
- }
+ // Else install the new or updated cron job by removing the
+ // existing job first, then installing the new or updated job.
+ install_cron_job("{$suri_pf_table}", false);
+ install_cron_job($command, $should_install, $suricata_rm_blocked_min, $suricata_rm_blocked_hr, $suricata_rm_blocked_mday, $suricata_rm_blocked_month, $suricata_rm_blocked_wday, "root");
}
function sync_suricata_package_config() {
diff --git a/config/suricata/suricata.xml b/config/suricata/suricata.xml
index c510d72b..88628877 100644
--- a/config/suricata/suricata.xml
+++ b/config/suricata/suricata.xml
@@ -42,7 +42,7 @@
<description>Suricata IDS/IPS Package</description>
<requirements>None</requirements>
<name>suricata</name>
- <version>2.0.4 pkg v2.1.3</version>
+ <version>2.0.4 pkg v2.1.4</version>
<title>Services: Suricata IDS</title>
<include_file>/usr/local/pkg/suricata/suricata.inc</include_file>
<menu>
diff --git a/config/suricata/suricata_alerts.php b/config/suricata/suricata_alerts.php
index f151e173..fa4fed5c 100644
--- a/config/suricata/suricata_alerts.php
+++ b/config/suricata/suricata_alerts.php
@@ -424,20 +424,21 @@ if ($pconfig['arefresh'] == 'on')
echo "<meta http-equiv=\"refresh\" content=\"60;url=/suricata/suricata_alerts.php?instance={$instanceid}\" />\n";
?>
+<form action="/suricata/suricata_alerts.php" method="post" id="formalert">
+<input type="hidden" name="sidid" id="sidid" value=""/>
+<input type="hidden" name="gen_id" id="gen_id" value=""/>
+<input type="hidden" name="ip" id="ip" value=""/>
+<input type="hidden" name="descr" id="descr" value=""/>
+
<?php
/* Display Alert message */
if ($input_errors) {
- print_input_errors($input_errors); // TODO: add checks
+ print_input_errors($input_errors);
}
if ($savemsg) {
print_info_box($savemsg);
}
?>
-<form action="/suricata/suricata_alerts.php" method="post" id="formalert">
-<input type="hidden" name="sidid" id="sidid" value=""/>
-<input type="hidden" name="gen_id" id="gen_id" value=""/>
-<input type="hidden" name="ip" id="ip" value=""/>
-<input type="hidden" name="descr" id="descr" value=""/>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tbody>
diff --git a/config/suricata/suricata_barnyard.php b/config/suricata/suricata_barnyard.php
index 2938136f..c4e438ba 100644
--- a/config/suricata/suricata_barnyard.php
+++ b/config/suricata/suricata_barnyard.php
@@ -229,8 +229,10 @@ include_once("head.inc");
?>
<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
-<?php include("fbegin.inc");
+<?php include("fbegin.inc"); ?>
+<form action="suricata_barnyard.php" method="post" name="iform" id="iform">
+<?php
/* Display Alert message */
if ($input_errors) {
print_input_errors($input_errors);
@@ -239,10 +241,7 @@ include_once("head.inc");
if ($savemsg) {
print_info_box($savemsg);
}
-
?>
-
-<form action="suricata_barnyard.php" method="post" name="iform" id="iform">
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tbody>
<tr><td>
diff --git a/config/suricata/suricata_blocked.php b/config/suricata/suricata_blocked.php
index 4f4bf095..ccb3548b 100644
--- a/config/suricata/suricata_blocked.php
+++ b/config/suricata/suricata_blocked.php
@@ -163,19 +163,21 @@ include_once("fbegin.inc");
/* refresh every 60 secs */
if ($pconfig['brefresh'] == 'on')
echo "<meta http-equiv=\"refresh\" content=\"60;url=/suricata/suricata_blocked.php\" />\n";
+?>
+
+<form action="/suricata/suricata_blocked.php" method="post">
+<input type="hidden" name="ip" id="ip" value=""/>
+<?php
/* Display Alert message */
if ($input_errors) {
- print_input_errors($input_errors); // TODO: add checks
+ print_input_errors($input_errors);
}
if ($savemsg) {
print_info_box($savemsg);
}
?>
-<form action="/suricata/suricata_blocked.php" method="post">
-<input type="hidden" name="ip" id="ip" value=""/>
-
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tbody>
<tr>
diff --git a/config/suricata/suricata_define_vars.php b/config/suricata/suricata_define_vars.php
index b94292c3..1aff122c 100644
--- a/config/suricata/suricata_define_vars.php
+++ b/config/suricata/suricata_define_vars.php
@@ -157,13 +157,7 @@ include_once("head.inc");
<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
<?php
-include("fbegin.inc");
-if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}
-/* Display Alert message */
-if ($input_errors)
- print_input_errors($input_errors); // TODO: add checks
-if ($savemsg)
- print_info_box($savemsg);
+include("fbegin.inc");
?>
<script type="text/javascript" src="/javascript/autosuggest.js">
@@ -171,6 +165,15 @@ if ($savemsg)
<script type="text/javascript" src="/javascript/suggestions.js">
</script>
<form action="suricata_define_vars.php" method="post" name="iform" id="iform">
+
+<?php
+/* Display Alert message */
+if ($input_errors)
+ print_input_errors($input_errors);
+if ($savemsg)
+ print_info_box($savemsg);
+?>
+
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tbody>
<tr><td>
diff --git a/config/suricata/suricata_interfaces_edit.php b/config/suricata/suricata_interfaces_edit.php
index 13526031..4319182d 100644
--- a/config/suricata/suricata_interfaces_edit.php
+++ b/config/suricata/suricata_interfaces_edit.php
@@ -307,6 +307,12 @@ if ($_POST["save"] && !$input_errors) {
if ($_POST['intf_promisc_mode'] == "on") { $natent['intf_promisc_mode'] = 'on'; }else{ $natent['intf_promisc_mode'] = 'off'; }
if ($_POST['configpassthru']) $natent['configpassthru'] = base64_encode(str_replace("\r\n", "\n", $_POST['configpassthru'])); else unset($natent['configpassthru']);
+ // Check if EVE OUTPUT TYPE is 'syslog' and auto-enable Suricata syslog output if true.
+ if ($natent['eve_output_type'] == "syslog" && $natent['alertsystemlog'] == "off") {
+ $natent['alertsystemlog'] = "on";
+ $savemsg = gettext("EVE Output to syslog requires Suricata alerts to be copied to the system log, so 'Send Alerts to System Log' has been auto-enabled.");
+ }
+
$if_real = get_real_interface($natent['interface']);
if (isset($id) && $a_rule[$id] && $action == '') {
// See if moving an existing Suricata instance to another physical interface
@@ -434,13 +440,8 @@ if ($_POST["save"] && !$input_errors) {
sync_suricata_package_config();
conf_mount_ro();
- header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' );
- header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' );
- header( 'Cache-Control: no-store, no-cache, must-revalidate' );
- header( 'Cache-Control: post-check=0, pre-check=0', false );
- header( 'Pragma: no-cache' );
- header("Location: /suricata/suricata_interfaces.php");
- exit;
+ // Refresh page fields with just-saved values
+ $pconfig = $natent;
} else
$pconfig = $_POST;
}
@@ -452,7 +453,13 @@ include_once("head.inc");
<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
-<?php include("fbegin.inc");
+<?php include("fbegin.inc");?>
+
+<form action="suricata_interfaces_edit.php<?php echo "?id=$id";?>" method="post" name="iform" id="iform">
+<input name="id" type="hidden" value="<?=$id;?>"/>
+<input name="action" type="hidden" value="<?=$action;?>"/>
+
+<?php
/* Display Alert message */
if ($input_errors) {
print_input_errors($input_errors);
@@ -462,10 +469,6 @@ if ($savemsg) {
}
?>
-<form action="suricata_interfaces_edit.php<?php echo "?id=$id";?>" method="post" name="iform" id="iform">
-<input name="id" type="hidden" value="<?=$id;?>"/>
-<input name="action" type="hidden" value="<?=$action;?>"/>
-
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tbody>
<tr><td>
@@ -716,7 +719,7 @@ if ($savemsg) {
?>
</select>&nbsp;&nbsp;
<?php echo gettext("Select EVE log output destination."); ?><br/>
- <span class="red"><?php echo gettext("Hint:") . "</span>&nbsp;" . gettext("Choosing FILE is suggested, and it is the default value."); ?><br/>
+ <span class="red"><?php echo gettext("Hint:") . "</span>&nbsp;" . gettext("Choosing FILE is suggested, and is the default value."); ?><br/>
</td>
</tr>
<tr id="eve_systemlog_facility_row">
diff --git a/config/suricata/suricata_ip_list_mgmt.php b/config/suricata/suricata_ip_list_mgmt.php
index 37decaad..c94db61e 100644
--- a/config/suricata/suricata_ip_list_mgmt.php
+++ b/config/suricata/suricata_ip_list_mgmt.php
@@ -170,6 +170,13 @@ include_once("head.inc");
<?php
include_once("fbegin.inc");
+?>
+
+<form action="/suricata/suricata_ip_list_mgmt.php" enctype="multipart/form-data" method="post" name="iform" id="iform">
+<input type="hidden" name="MAX_FILE_SIZE" value="100000000" />
+<input type="hidden" name="iplist_fname" id="iplist_fname" value=""/>
+
+<?php
if ($input_errors) {
print_input_errors($input_errors);
}
@@ -178,9 +185,6 @@ if ($savemsg)
print_info_box($savemsg);
?>
-<form action="/suricata/suricata_ip_list_mgmt.php" enctype="multipart/form-data" method="post" name="iform" id="iform">
-<input type="hidden" name="MAX_FILE_SIZE" value="100000000" />
-<input type="hidden" name="iplist_fname" id="iplist_fname" value=""/>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tbody>
<tr><td>
diff --git a/config/suricata/suricata_ip_reputation.php b/config/suricata/suricata_ip_reputation.php
index 4615923a..d9d45a5f 100644
--- a/config/suricata/suricata_ip_reputation.php
+++ b/config/suricata/suricata_ip_reputation.php
@@ -177,11 +177,6 @@ include_once("head.inc");
<?php
include("fbegin.inc");
-/* Display Alert message */
-if ($input_errors)
- print_input_errors($input_errors);
-if ($savemsg)
- print_info_box($savemsg);
?>
<form action="suricata_ip_reputation.php" method="post" name="iform" id="iform" >
@@ -193,7 +188,13 @@ if ($savemsg)
<?php if (is_subsystem_dirty('suricata_iprep') && !$input_errors): ?><p>
<?php print_info_box_np(gettext("A change has been made to IP List file assignments.") . "<br/>" . gettext("You must apply the change in order for it to take effect."));?>
<?php endif; ?>
-
+<?php
+/* Display Alert message */
+if ($input_errors)
+ print_input_errors($input_errors);
+if ($savemsg)
+ print_info_box($savemsg);
+?>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tbody>
<tr>
diff --git a/config/suricata/suricata_passlist.php b/config/suricata/suricata_passlist.php
index af1c4ff5..e7e55d20 100644
--- a/config/suricata/suricata_passlist.php
+++ b/config/suricata/suricata_passlist.php
@@ -104,7 +104,11 @@ include_once("head.inc");
<?php
include_once("fbegin.inc");
+?>
+<form action="/suricata/suricata_passlist.php" method="post">
+<input type="hidden" name="list_id" id="list_id" value=""/>
+<?php
/* Display Alert message */
if ($input_errors) {
print_input_errors($input_errors);
@@ -113,9 +117,6 @@ if ($savemsg) {
print_info_box($savemsg);
}
?>
-
-<form action="/suricata/suricata_passlist.php" method="post">
-<input type="hidden" name="list_id" id="list_id" value=""/>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tbody>
<tr><td>
diff --git a/config/suricata/suricata_passlist_edit.php b/config/suricata/suricata_passlist_edit.php
index 5bfeb8b9..1d92e644 100644
--- a/config/suricata/suricata_passlist_edit.php
+++ b/config/suricata/suricata_passlist_edit.php
@@ -199,10 +199,6 @@ include_once("head.inc");
<?php
include("fbegin.inc");
-if ($input_errors)
- print_input_errors($input_errors);
-if ($savemsg)
- print_info_box($savemsg);
?>
<script type="text/javascript" src="/javascript/autosuggest.js">
</script>
@@ -210,6 +206,14 @@ if ($savemsg)
</script>
<form action="suricata_passlist_edit.php" method="post" name="iform" id="iform">
<input name="id" type="hidden" value="<?=$id;?>" />
+
+<?php
+if ($input_errors)
+ print_input_errors($input_errors);
+if ($savemsg)
+ print_info_box($savemsg);
+?>
+
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tbody>
<tr><td>
diff --git a/config/suricata/suricata_post_install.php b/config/suricata/suricata_post_install.php
index 070cf095..61d37130 100644
--- a/config/suricata/suricata_post_install.php
+++ b/config/suricata/suricata_post_install.php
@@ -130,6 +130,29 @@ if ($config['installedpackages']['suricata']['config'][0]['et_iqrisk_enable'] ==
install_cron_job("/usr/bin/nice -n20 /usr/local/bin/php -f /usr/local/pkg/suricata/suricata_etiqrisk_update.php", TRUE, 0, "*/6", "*", "*", "*", "root");
}
+/*********************************************************/
+/* START OF BUG FIX CODE */
+/* */
+/* Remove any Suricata cron tasks that may have been */
+/* left from a previous uninstall due to a bug that */
+/* saved edited cron tasks as new ones while still */
+/* leaving the original task. Correct cron task */
+/* entries will be recreated below if saved settings */
+/* are detected. */
+/*********************************************************/
+$cron_count = 0;
+$suri_pf_table = SURICATA_PF_TABLE;
+while (suricata_cron_job_exists($suri_pf_table, FALSE)) {
+ install_cron_job($suri_pf_table, false);
+ $cron_count++;
+}
+if ($cron_count > 0)
+ log_error(gettext("[Suricata] Removed {$cron_count} duplicate 'remove_blocked_hosts' cron task(s)."));
+
+/*********************************************************/
+/* END OF BUG FIX CODE */
+/*********************************************************/
+
// remake saved settings if previously flagged
if ($config['installedpackages']['suricata']['config'][0]['forcekeepsettings'] == 'on') {
log_error(gettext("[Suricata] Saved settings detected... rebuilding installation with saved settings..."));
@@ -258,8 +281,8 @@ if (empty($config['installedpackages']['suricata']['config'][0]['forcekeepsettin
conf_mount_ro();
// Update Suricata package version in configuration
-$config['installedpackages']['suricata']['config'][0]['suricata_config_ver'] = "2.1.2";
-write_config("Suricata pkg v2.1.2: post-install configuration saved.");
+$config['installedpackages']['suricata']['config'][0]['suricata_config_ver'] = "2.1.4";
+write_config("Suricata pkg v2.1.4: post-install configuration saved.");
// Done with post-install, so clear flag
unset($g['suricata_postinstall']);
diff --git a/config/suricata/suricata_rules.php b/config/suricata/suricata_rules.php
index 480bf3dc..020a826d 100644
--- a/config/suricata/suricata_rules.php
+++ b/config/suricata/suricata_rules.php
@@ -436,15 +436,6 @@ $pgtitle = gettext("Suricata: Interface {$if_friendly} - Rules: {$currentruleset
<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
<?php
include("fbegin.inc");
-/* Display error or save messages if present */
-if ($input_errors) {
- print_input_errors($input_errors); // TODO: add checks
-}
-
-if ($savemsg) {
- print_info_box($savemsg);
-}
-
?>
<form action='/suricata/suricata_rules.php' method='post' name='iform' id='iform'>
@@ -456,6 +447,16 @@ if ($savemsg) {
<?php if (is_subsystem_dirty('suricata_rules')): ?><p>
<?php print_info_box_np(gettext("A change has been made to a rule state.") . "<br/>" . gettext("Click APPLY when finished to send the changes to the running configuration."));?>
<?php endif; ?>
+<?php
+/* Display error or save messages if present */
+if ($input_errors) {
+ print_input_errors($input_errors);
+}
+
+if ($savemsg) {
+ print_info_box($savemsg);
+}
+?>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tbody>
diff --git a/config/suricata/suricata_rulesets.php b/config/suricata/suricata_rulesets.php
index 7f591b6c..902352c0 100644
--- a/config/suricata/suricata_rulesets.php
+++ b/config/suricata/suricata_rulesets.php
@@ -260,20 +260,22 @@ include_once("head.inc");
<?php
include("fbegin.inc");
+?>
+
+<form action="suricata_rulesets.php" method="post" name="iform" id="iform">
+<input type="hidden" name="id" id="id" value="<?=$id;?>" />
+<?php
/* Display message */
if ($input_errors) {
- print_input_errors($input_errors); // TODO: add checks
+ print_input_errors($input_errors);
}
if ($savemsg) {
print_info_box($savemsg);
}
-
?>
-<form action="suricata_rulesets.php" method="post" name="iform" id="iform">
-<input type="hidden" name="id" id="id" value="<?=$id;?>" />
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tbody>
<tr><td>
diff --git a/config/suricata/suricata_suppress_edit.php b/config/suricata/suricata_suppress_edit.php
index 8814d3db..d9b6e8bc 100644
--- a/config/suricata/suricata_suppress_edit.php
+++ b/config/suricata/suricata_suppress_edit.php
@@ -143,16 +143,14 @@ include_once("head.inc");
<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
-<?php
-include("fbegin.inc");
-if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}
+<?php include("fbegin.inc"); ?>
+<form action="/suricata/suricata_suppress_edit.php" name="iform" id="iform" method="post">
+<?php
if ($input_errors) print_input_errors($input_errors);
-if ($savemsg)
- print_info_box($savemsg);
-
+if ($savemsg) print_info_box($savemsg);
?>
-<form action="/suricata/suricata_suppress_edit.php" name="iform" id="iform" method="post">
+
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr><td>
<?php