diff options
| author | Scott Ullrich <sullrich@pfsense.org> | 2006-10-08 18:53:21 +0000 |
|---|---|---|
| committer | Scott Ullrich <sullrich@pfsense.org> | 2006-10-08 18:53:21 +0000 |
| commit | a56c2fc9602290b558912e19850221b95609659d (patch) | |
| tree | 9aedcfad798893999a131a8bb9f32588736b7988 /packages/snort | |
| parent | 848dbb6a68d98eb26836d27e1d867e1ce6c830cc (diff) | |
| download | pfsense-packages-a56c2fc9602290b558912e19850221b95609659d.tar.gz pfsense-packages-a56c2fc9602290b558912e19850221b95609659d.tar.bz2 pfsense-packages-a56c2fc9602290b558912e19850221b95609659d.zip | |
* Correct minor variable scope bug
* Add associate snort alert to ip option (handy for large snort installations)
Diffstat (limited to 'packages/snort')
| -rw-r--r-- | packages/snort/snort.inc | 1 | ||||
| -rw-r--r-- | packages/snort/snort.xml | 6 | ||||
| -rw-r--r-- | packages/snort/snort_blocked.php | 6 |
3 files changed, 12 insertions, 1 deletions
diff --git a/packages/snort/snort.inc b/packages/snort/snort.inc index 0f00687a..88fef66a 100644 --- a/packages/snort/snort.inc +++ b/packages/snort/snort.inc @@ -511,6 +511,7 @@ function get_snort_alert($ip) { } function make_clickable($buffer) { + global $config, $g; /* if clickable urls is disabled, simply return buffer back to caller */ $clickablalerteurls = $config['installedpackages']['snort']['config'][0]['oinkmastercode']; if(!$clickablalerteurls) diff --git a/packages/snort/snort.xml b/packages/snort/snort.xml index 5bdf9a06..24b67f55 100644 --- a/packages/snort/snort.xml +++ b/packages/snort/snort.xml @@ -172,6 +172,12 @@ <type>checkbox</type> </field> <field> + <fielddescr>Associate events on Blocked tab</fielddescr> + <fieldname>associatealertip</fieldname> + <description>Checking this option will automatically associate the blocked reason from the snort alerts file.</description> + <type>checkbox</type> + </field> + <field> <fielddescr>Sync Snort configuration to secondary cluster members</fielddescr> <fieldname>syncxmlrpc</fieldname> <description>Checking this option will automatically sync the snort configuration via XMLRPC to CARP cluster members.</description> diff --git a/packages/snort/snort_blocked.php b/packages/snort/snort_blocked.php index 778e607c..67bd1f90 100644 --- a/packages/snort/snort_blocked.php +++ b/packages/snort/snort_blocked.php @@ -81,6 +81,7 @@ include("head.inc"); </tr> <?php + $associatealertip = $config['installedpackages']['snort']['config'][0]['associatealertip']; $ips = `/sbin/pfctl -t snort2c -T show`; $ips_array = split("\n", $ips); $counter = 0; @@ -89,7 +90,10 @@ include("head.inc"); continue; $ww_ip = str_replace(" ", "", $ip); $counter++; - $alert_description = get_snort_alert($ww_ip); + if($associatealertip) + $alert_description = get_snort_alert($ww_ip); + else + $alert_description = ""; echo "\n<tr>"; echo "\n<td align=\"center\" valign=\"top\"'><a href='snort_blocked.php?todelete=" . trim(urlencode($ww_ip)) . "'>"; echo "\n<img title=\"Delete\" border=\"0\" name='todelete' id='todelete' alt=\"Delete\" src=\"./themes/{$g['theme']}/images/icons/icon_x.gif\"></a></td>"; |