aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xconfig/ipblocklist/IP-Blocklist.sh1
-rwxr-xr-xconfig/ipblocklist/convert-execute.sh100
-rwxr-xr-xconfig/ipblocklist/convert.pl67
-rwxr-xr-xconfig/ipblocklist/index.tmp11
-rwxr-xr-xconfig/ipblocklist/ipblocklist.inc130
-rwxr-xr-xconfig/ipblocklist/ipblocklist.tmp158
-rwxr-xr-xconfig/ipblocklist/ipblocklist.xml145
-rwxr-xr-xconfig/ipblocklist/ipblocklist_list.tmp115
-rwxr-xr-xconfig/ipblocklist/manual_add.tmp69
-rwxr-xr-xconfig/ipblocklist/purge.tmp26
-rwxr-xr-xconfig/ipblocklist/purgeip.tmp26
-rwxr-xr-xconfig/ipblocklist/whitelist.tmp66
-rw-r--r--config/packetcapturefix/packetcapturefix.inc18
-rw-r--r--config/packetcapturefix/packetcapturefix.patch23
-rw-r--r--config/packetcapturefix/packetcapturefix.xml65
-rw-r--r--config/snort/javascript/row_helper.js138
-rw-r--r--config/snort/snort_check_for_rule_updates.php16
-rw-r--r--config/snort/snort_download_rules.php16
-rw-r--r--config/snort/snort_interfaces.php2
-rw-r--r--config/snort/snort_interfaces_suppress.php340
-rw-r--r--config/snort/snort_interfaces_suppress_edit.php622
-rw-r--r--config/snort/snort_interfaces_whitelist.php360
-rw-r--r--config/snort/snort_interfaces_whitelist_edit.php952
-rw-r--r--config/varnish64/varnish_backends.xml5
-rwxr-xr-xpkg_config.7.xml30
-rwxr-xr-xpkg_config.8.xml28
-rwxr-xr-xpkg_config.8.xml.amd6414
27 files changed, 2318 insertions, 1225 deletions
diff --git a/config/ipblocklist/IP-Blocklist.sh b/config/ipblocklist/IP-Blocklist.sh
new file mode 100755
index 00000000..14ca535d
--- /dev/null
+++ b/config/ipblocklist/IP-Blocklist.sh
@@ -0,0 +1 @@
+/usr/local/www/packages/ipblocklist/convert-execute.sh \ No newline at end of file
diff --git a/config/ipblocklist/convert-execute.sh b/config/ipblocklist/convert-execute.sh
new file mode 100755
index 00000000..dd668baa
--- /dev/null
+++ b/config/ipblocklist/convert-execute.sh
@@ -0,0 +1,100 @@
+#Version 2
+
+#kill tables to elminate dups
+pfctl -t ipblocklist -T kill
+pfctl -t ipblocklistW -T kill
+sed -i -e '/ipblocklist/d' /tmp/rules.debug
+sed -i -e '/ipblocklistW/d' /tmp/rules.debug
+
+#Generate lists to process
+ls lists > file_list.txt
+ls Wlists > file_Wlist.txt
+filelist="file_list.txt"
+Wfilelist="file_Wlist.txt"
+
+#READ contents in file_list.txt and process as file
+for fileline in $(cat $filelist); do
+iplist="lists/$fileline"
+iplistout="lists/ipfw.ipfw"
+perl convert.pl $iplist $iplistout
+done
+
+#Whitelist
+for Wfileline in $(cat $Wfilelist); do
+Wiplist="Wlists/$Wfileline"
+Wiplistout="Wlists/whitelist"
+perl convert.pl $Wiplist $Wiplistout
+done
+#echo "ipfw made"
+
+#clean up ipfw.ipfw (duplicates)
+rm lists/ipfw.ipfwTEMP
+sort lists/ipfw.ipfw | uniq -u >> lists/ipfw.ipfwTEMP
+mv lists/ipfw.ipfwTEMP lists/ipfw.ipfw
+#echo "ipfw clean"
+
+#clean up whitelist (duplicates)
+rm Wlists/whitelistTEMP
+sort Wlists/whitelist | uniq -u >> Wlists/whitelistTEMP
+mv Wlists/whitelistTEMP Wlists/whitelist
+#echo "whitelist clean"
+
+
+
+#Now edit /tmp/rules.debug
+
+#find my line for table
+export i=`grep -n 'block quick from any to <snort2c>' /tmp/rules.debug | grep -o '[0-9]\{2,4\}'`
+export t=`grep -n 'User Aliases' /tmp/rules.debug |grep -o '[0-9]'`
+
+i=$(($i+'1'))
+t=$(($t+'1'))
+#echo $i
+#echo $t
+
+rm /tmp/rules.debug.tmp
+
+#Insert table-entry limit
+sed -i -e '/900000/d' /tmp/rules.debug
+while read line
+ do a=$(($a+1));
+ #echo $a;
+ if [ "$a" = "$t" ]; then
+ echo "" >> /tmp/rules.debug.tmp
+ echo "set limit table-entries 900000" >> /tmp/rules.debug.tmp
+ fi
+ echo $line >> /tmp/rules.debug.tmp
+done < "/tmp/rules.debug"
+
+mv /tmp/rules.debug /tmp/rules.debug.old
+mv /tmp/rules.debug.tmp /tmp/rules.debug
+
+pfctl -o basic -f /tmp/rules.debug > errorOUT.txt 2>&1
+
+rm /tmp/rules.debug.tmp
+#Insert ipblocklist rules
+a="0"
+echo $a
+while read line
+ do a=$(($a+1));
+ echo $a;
+ if [ "$a" = "$i" ]; then
+ echo "" >> /tmp/rules.debug.tmp
+ echo "#ipblocklist" >> /tmp/rules.debug.tmp
+ echo "table <ipblocklist> persist file '/usr/local/www/packages/ipblocklist/lists/ipfw.ipfw'" >> /tmp/rules.debug.tmp
+ echo "table <ipblocklistW> persist file '/usr/local/www/packages/ipblocklist/Wlists/whitelist'" >> /tmp/rules.debug.tmp
+ echo "pass quick from <ipblocklistW> to any label 'IP-Blocklist'" >> /tmp/rules.debug.tmp
+ echo "pass quick from any to <ipblocklistW> label 'IP-Blocklist'" >> /tmp/rules.debug.tmp
+ echo "block quick from <ipblocklist> to any label 'IP-Blocklist'" >> /tmp/rules.debug.tmp
+ echo "block quick from any to <ipblocklist> label 'IP-Blocklist'" >> /tmp/rules.debug.tmp
+ fi
+ echo $line >> /tmp/rules.debug.tmp
+done < "/tmp/rules.debug"
+
+mv /tmp/rules.debug /tmp/rules.debug.old
+mv /tmp/rules.debug.tmp /tmp/rules.debug
+
+#Now execute the ipfw list (Take a long time in old version)
+#sh lists/ipfw.ipfw (Version 0.1.4)
+rm errorOUT.txt
+pfctl -o basic -f /tmp/rules.debug > errorOUT.txt 2>&1
diff --git a/config/ipblocklist/convert.pl b/config/ipblocklist/convert.pl
new file mode 100755
index 00000000..44b4add2
--- /dev/null
+++ b/config/ipblocklist/convert.pl
@@ -0,0 +1,67 @@
+#!/usr/bin/perl -w
+use strict;
+
+if($#ARGV != 1) {
+ print("Usage: $0 <input file> <output file>\n");
+ exit(1);
+}
+
+my ($line,$title,$iprange,$cidr);
+my $i = 30000;
+
+open(INFILE,'<',$ARGV[0]) or die("Could not open input file $ARGV[0]");
+open(OUTFILE,'>>',$ARGV[1]) or die("Could not open output file $ARGV[1]");
+
+foreach $line (<INFILE>) {
+ chomp($line);
+ $line =~ s/:((\d{1,3}[-\.]*){8})//;
+ $iprange = $1;
+ print OUTFILE "#$line\n";
+ foreach $cidr (split(/\n/,range($iprange))) {
+ print OUTFILE "$cidr\n";
+ #print OUTFILE "ipfw -q add 1000 drop ip from any to $cidr\n"; (version 0.1.4)
+ #$i++;
+ #print OUTFILE "ipfw -q add 1001 drop ip from $cidr to any\n"; (version 0.1.4)
+ #$i++;
+ }
+}
+
+close(INFILE);
+close(OUTFILE);
+
+sub ntoa {
+ return join ".",unpack("CCCC",pack("N",shift));
+}
+sub aton {
+ return unpack 'N', pack 'C4', split/\./, shift;
+}
+sub deaggregate {
+ my $thirtytwobits = 4294967295;
+ my $start = shift;
+ my $end = shift;
+ my $base = $start;
+ my ($step,$output);
+ while ($base <= $end) {
+ $step = 0;
+ while (($base | (1 << $step)) != $base) {
+ if (($base | (((~0) & $thirtytwobits) >> (31-$step))) > $end) {
+ last;
+ }
+ $step++;
+ }
+ if($step == 0) {
+ $output .= ntoa($base);
+ }else{
+ $output .= ntoa($base)."/" .(32-$step);
+ }
+ $output .= "\n";
+ $base += 1 << $step;
+ }
+ return $output;
+}
+sub range {
+ my ($address,$address2) = split /-/, shift;
+ $address = aton($address);
+ $address2 = aton($address2);
+ return deaggregate($address,$address2);
+} \ No newline at end of file
diff --git a/config/ipblocklist/index.tmp b/config/ipblocklist/index.tmp
new file mode 100755
index 00000000..7c768af6
--- /dev/null
+++ b/config/ipblocklist/index.tmp
@@ -0,0 +1,11 @@
+<html>
+<HEAD>
+<SCRIPT language="JavaScript">
+<!--
+window.parent.location="../../index.php";
+//-->
+</SCRIPT>
+</HEAD>
+
+
+</html> \ No newline at end of file
diff --git a/config/ipblocklist/ipblocklist.inc b/config/ipblocklist/ipblocklist.inc
new file mode 100755
index 00000000..c5ce30f4
--- /dev/null
+++ b/config/ipblocklist/ipblocklist.inc
@@ -0,0 +1,130 @@
+<?php
+/* $Id$ */
+/*
+/* ========================================================================== */
+/*
+ ipblocklist.inc v2
+ Copyright (C) 2010 Tom Schaefer
+ All rights reserved.
+ */
+/* ========================================================================== */
+/*
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+
+
+function pkg_is_service_running($servicename)
+{
+ exec("/bin/ps ax | awk '{ print $5 }'", $psout);
+ array_shift($psout);
+ foreach($psout as $line) {
+ $ps[] = trim(array_pop(explode(' ', array_pop(explode('/', $line)))));
+ }
+ if(is_service_running($servicename, $ps) or is_process_running($servicename) ) {
+ return true;
+ }
+ else {
+ return false;
+ }
+}
+*/
+function byte_convert( $bytes ) {
+ if ($bytes<=0)
+ return '0 Byte';
+
+ $convention=1000; //[1000->10^x|1024->2^x]
+ $s=array('B', 'kB', 'MB', 'GB', 'TB', 'PB', 'EB', 'ZB');
+ $e=floor(log($bytes,$convention));
+ return round($bytes/pow($convention,$e),2).' '.$s[$e];
+}
+
+
+
+
+function php_sync_package()
+{
+ global $config;
+}
+
+
+function php_install_command()
+{
+
+ global $config;
+ conf_mount_rw();
+ config_lock();
+
+ if (!is_dir('/usr/local/www/packages/')) {
+ exec("mkdir /usr/local/www/packages/");
+ }
+
+ if (!is_dir('/usr/local/www/packages/ipblocklist/')) {
+ exec("mkdir /usr/local/www/packages/ipblocklist/");
+ }
+
+
+ //install PERL
+ exec("pkg_add -r ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-7.2-release/All/perl-5.8.9_2.tbz");
+ exec("pkg_add -r ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-7.2-release/All/p5-Net-CIDR-0.13.tbz");
+
+ //rename PHP files from .tmp to .php
+ exec("cp /tmp/ipblocklist.tmp /usr/local/www/packages/ipblocklist/ipblocklist.php");
+ unlink_if_exists("/tmp/ipblocklist.tmp");
+ exec("cp /tmp/ipblocklist_list.tmp /usr/local/www/packages/ipblocklist/ipblocklist_list.php");
+ unlink_if_exists("/tmp/ipblocklist_list.tmp");
+ exec("cp /tmp/purge.tmp /usr/local/www/packages/ipblocklist/purge.php");
+ unlink_if_exists("/tmp/purge.tmp");
+ exec("cp /tmp/index.tmp /usr/local/www/packages/ipblocklist/index.php");
+ unlink_if_exists("/tmp/index.tmp");
+ exec("cp /tmp/whitelist.tmp /usr/local/www/packages/ipblocklist/whitelist.php");
+ unlink_if_exists("/tmp/whitelist.tmp");
+ exec("cp /tmp/purgeip.tmp /usr/local/www/packages/ipblocklist/purgeip.php");
+ unlink_if_exists("/tmp/purgeip.tmp");
+ //Get scripts
+ exec("cp /tmp/convert.pl /usr/local/www/packages/ipblocklist/convert.pl");
+ unlink_if_exists("/tmp/convert.pl");
+ exec("cp /tmp/convert-execute.sh /usr/local/www/packages/ipblocklist/convert-execute.sh");
+ unlink_if_exists("/tmp/convert-execute.sh");
+ exec("cp /tmp/IP-Blocklist.sh /usr/local/etc/rc.d/IP-Blocklist.sh");
+ unlink_if_exists("/tmp/IP-Blocklist.sh");
+
+
+
+ conf_mount_ro();
+ config_unlock();
+}
+
+
+function deinstall_command()
+{
+ conf_mount_rw();
+ $handle = popen("/usr/local/etc/rc.d/ipblocklist.sh stop", "r");
+ unlink_if_exists("/usr/local/pkg/ipblocklist.xml");
+ unlink_if_exists("/usr/local/pkg/ipblocklist.inc");
+ exec("rm -R /usr/local/www/packages/ipblocklist/ipblocklists");
+ exec("rm -R /usr/local/www/packages/ipblocklist");
+ exec("rm /usr/local/etc/rc.d/IP-Blocklist.sh");
+ exec("pfctl -t ipblocklist -T kill");
+ exec("ipfw -f flush");
+ conf_mount_ro();
+}
+
+?> \ No newline at end of file
diff --git a/config/ipblocklist/ipblocklist.tmp b/config/ipblocklist/ipblocklist.tmp
new file mode 100755
index 00000000..6387cb34
--- /dev/null
+++ b/config/ipblocklist/ipblocklist.tmp
@@ -0,0 +1,158 @@
+<?php
+ //Version 2
+
+ require_once('config.inc');
+ require("guiconfig.inc");
+ include("head.inc");
+
+ //set the config as a global variable
+ global $config;
+
+ $global_usage = '/usr/local/www/packages/ipblocklist/global_usage';
+ //$fh = fopen($global_usage, 'r');
+
+ //phpinfo();
+
+if (count($_POST)>0) {
+
+ conf_mount_rw();
+
+ $ent = array();
+
+ if ($_POST['enable'] == 1) {
+ //echo "enabled";
+ $config['installedpackages']['ipblocklist_settings']['config'][0]['enable'] = 1;
+
+ //Process list by downloading and extracting
+ $myFile = "lists.txt";
+ $myWFile = "wlists.txt";
+ $fileContents = file_get_contents($myFile);
+ $fileWContents = file_get_contents($myWFile);
+ $lines = explode(PHP_EOL, $fileContents);
+ $Wlines = explode(PHP_EOL, $fileWContents);
+ //Remove DIR lists to eliminate duplates
+ exec("rm -R lists");
+ exec("rm -R Wlists");
+ //Process each list URL, Extract, and put in DIR lists
+ exec("mkdir lists");
+ exec("mkdir Wlists");
+ foreach ($lines as $line) {
+ exec("fetch -o lists $line");
+ $filename = basename($line);
+ //Extract list
+ exec("gzip -d lists/$filename");
+ }
+ foreach ($Wlines as $Wline) {
+ exec("fetch -o Wlists $Wline");
+ $Wfilename = basename($Wline);
+ //Extract Whitelist
+ exec("gzip -d Wlists/$Wfilename");
+ }
+ //Prep pfctl
+ mwexec("touch lists/ipfw.ipfw");
+ mwexec("touch Wlists/whitelist");
+ //Now clear ipfw, and process each list to ipfw commands
+ mwexec("sh convert-execute.sh");
+
+ }
+ else {
+ //echo "disabled";
+ $config['installedpackages']['ipblocklist_settings']['config'][0]['enable'] = 0;
+ //Clear Lists
+ mwexec("ipfw -f flush");
+ mwexec("pfctl -t ipblocklist -T kill");
+ mwexec("rm -R /usr/local/www/packages/ipblocklist/lists");
+ mwexec("sed -i -e '/ipblocklist/d' /tmp/rules.debug");
+ mwexec("pfctl -o basic -f /tmp/rules.debug");
+ //Clear errorOUT.txt
+ mwexec("rm errorOUT.txt");
+
+ }
+
+
+ write_config();
+ //services_dnsmasq_configure();
+ sleep(1);
+ $savemsg_dnsb = "IP-Blocklist settings have been saved/updated. ";
+ conf_mount_ro();
+}
+?>
+
+<?php include("fbegin.inc"); ?>
+<p class="pgtitle">Firewall: IP-Blocklist</p>
+<form method=POST action="">
+
+<?php
+if ($config['installedpackages']['ipblocklist_settings']['config'][0]['enable'] == 1) {
+ echo "<input name='enable' type='checkbox' value='1' checked>\n";
+}
+else {
+ echo "<input name='enable' type='checkbox' value='1'>\n";
+}
+?>
+
+<strong>Enable IP-Blocklist</strong><br><br>
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+<tr>
+ <td class="tabcont" >
+ <?php if ($savemsg_dnsb) print_info_box($savemsg_dnsb); ?>
+
+ </form>
+ <center>
+ <iframe frameboarder=0 boarder=0 src="ipblocklist_list.php" name="lists" id="lists" width="100%" height="200">
+ </iframe>
+ </center>
+ <br/>
+ <u>Usage</u>
+ <br/>
+ Add direct link to list and press <img src="../../themes/nervecenter/images/icons/icon_plus.gif">
+ (Example:
+ <a href="http://iblocklist.whitacrecomputers.com/files/bt_level1.gz">Level1</a>,
+ <a href="http://iblocklist.whitacrecomputers.com/files/bt_level2.gz">Level2</a>,
+ <a href="http://iblocklist.whitacrecomputers.com/files/bt_level3.gz">Level3</a>)
+ <br/>
+ Compressed lists should have .gz extention and follows PeerBlock syntax <br/>
+
+ <br/><span style="color:red">Warning!</span> - Apply after firewall change or state reset. Use at your own risk.
+ <?php
+ echo "<br/><br/>Current Status = ";
+ ob_start();
+ $results = exec("pfctl -s rules | grep -c ipblocklist");
+ ob_end_clean();
+ if ($results > '2') echo "Running";
+ else
+ echo "<span style='color:red'>NOT running</span>";
+
+ //Get Errors if exists
+ ob_start();
+ $results = exec("tail -r errorOUT.txt");
+ ob_end_clean();
+ echo "<br/><span style='color:red'>";
+ echo $results;
+ echo "</span>";
+ ?>
+
+
+
+<br/>
+<br/>
+
+
+
+
+</div>
+<?php
+ //This input guarantees that a POST is sent
+ echo "<input type='hidden' name='zzz' value='required'>";
+?>
+
+</td>
+</tr>
+</table>
+<input type="submit" value="Save/Update">
+</form>
+
+<?php include("fend.inc"); ?>
+
+</body>
+</html> \ No newline at end of file
diff --git a/config/ipblocklist/ipblocklist.xml b/config/ipblocklist/ipblocklist.xml
new file mode 100755
index 00000000..16c26c3e
--- /dev/null
+++ b/config/ipblocklist/ipblocklist.xml
@@ -0,0 +1,145 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
+<packagegui>
+ <copyright>
+ <![CDATA[
+/* $Id$ */
+/* ========================================================================== */
+/*
+ ipblocklist.xml
+ Copyright (C) 2010 Tom Schaefer
+ All rights reserved.
+ */
+/* ========================================================================== */
+/*
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+ */
+/* ========================================================================== */
+ ]]>
+ </copyright>
+ <description>IP Blocklist</description>
+ <requirements>perl</requirements>
+ <faq>http://forum.pfsense.org/index.php/topic,24769.0.html</faq>
+ <name>IP Blocklist Settings</name>
+ <version>0.1.9</version>
+ <title>Settings</title>
+ <include_file>/usr/local/pkg/ipblocklist.inc</include_file>
+ <menu>
+ <name>IP Blocklist</name>
+ <tooltiptext>IP Blocklist settings.</tooltiptext>
+ <section>Firewall</section>
+ <configfile>ipblocklist.xml</configfile>
+ <url>/packages/ipblocklist/ipblocklist.php</url>
+ </menu>
+ <tabs>
+ <tab>
+ <text>Settings</text>
+ <url>/packages/ipblocklist/ipblocklist.php</url>
+ <active/>
+ </tab>
+ </tabs>
+ <configpath>installedpackages->package->$packagename->configuration->ipblocklist</configpath>
+ <additional_files_needed>
+ <prefix>/usr/local/pkg/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.com/packages/config/ipblocklist/ipblocklist.xml</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/usr/local/pkg/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.com/packages/config/ipblocklist/ipblocklist.inc</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/tmp/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.com/packages/config/ipblocklist/ipblocklist.tmp</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/tmp/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.com/packages/config/ipblocklist/ipblocklist_list.tmp</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/tmp/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.com/packages/config/ipblocklist/convert.pl</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/tmp/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.com/packages/config/ipblocklist/convert-execute.sh</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/tmp/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.com/packages/config/ipblocklist/purge.tmp</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/tmp/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.com/packages/config/ipblocklist/index.tmp</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/tmp/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.com/packages/config/ipblocklist/whitelist.tmp</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/tmp/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.com/packages/config/ipblocklist/purgeip.tmp</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/tmp/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.com/packages/config/ipblocklist/IP-Blocklist.sh</item>
+ </additional_files_needed>
+ <fields>
+ <field>
+ <fielddescr>Variable One</fielddescr>
+ <fieldname>var1</fieldname>
+ <description>Enter the variable one here.</description>
+ <type>input</type>
+ </field>
+ <field>
+ <fielddescr>Variable Two</fielddescr>
+ <fieldname>var1</fieldname>
+ <description>Enter the variable one here.</description>
+ <type>input</type>
+ </field>
+ </fields>
+ <custom_add_php_command>
+ </custom_add_php_command>
+ <custom_php_resync_config_command>
+ php_sync_package();
+ </custom_php_resync_config_command>
+ <custom_delete_php_command>
+ php_sync_package();
+ </custom_delete_php_command>
+ <custom_php_install_command>
+ php_install_command();
+ </custom_php_install_command>
+ <custom_php_deinstall_command>
+ deinstall_command();
+ </custom_php_deinstall_command>
+</packagegui> \ No newline at end of file
diff --git a/config/ipblocklist/ipblocklist_list.tmp b/config/ipblocklist/ipblocklist_list.tmp
new file mode 100755
index 00000000..d1b3cf8a
--- /dev/null
+++ b/config/ipblocklist/ipblocklist_list.tmp
@@ -0,0 +1,115 @@
+<html>
+<head>
+<a href="whitelist.php"><img src="../../themes/nervecenter/images/icons/icon_plus.gif" ALT="Whitelist" ALIGN=RIGHT></a>
+Add List URL: <form method="post" action="">
+<input name="content" type="text" />
+<input type="image" src="../../themes/nervecenter/images/icons/icon_plus.gif" value="submit">
+<a href="purge.php?line=0">Purge All</a>
+
+<STYLE type="text/css">
+ a img {border:none; }
+ </STYLE>
+</head>
+
+<?php
+
+function delLineFromFile($fileName, $lineNum){
+// check the file exists
+ if(!is_writable($fileName))
+ {
+ // print an error
+ print "The file $fileName is not writable";
+ // exit the function
+ exit;
+ }
+ else
+ {
+ // read the file into an array
+ $arr = file($fileName);
+ }
+
+ // the line to delete is the line number minus 1, because arrays begin at zero
+ $lineToDelete = $lineNum-1;
+
+ // check if the line to delete is greater than the length of the file
+ if($lineToDelete > sizeof($arr))
+ {
+ // print an error
+ print "You have chosen a line number, <b>[$lineNum]</b>, higher than the length of the file.";
+ // exit the function
+ exit;
+ }
+
+ //remove the line
+ unset($arr["$lineToDelete"]);
+
+ // open the file for reading
+ if (!$fp = fopen($fileName, 'w+'))
+ {
+ // print an error
+ print "Cannot open file ($fileName)";
+ // exit the function
+ exit;
+ }
+
+ // if $fp is valid
+ if($fp)
+ {
+ // write the array to the file
+ foreach($arr as $line) { fwrite($fp,$line); }
+
+ // close the file
+ fclose($fp);
+ }
+
+echo "done";
+}
+
+
+$myFile = "lists.txt";
+$content = $_REQUEST['content'];
+$fh = fopen($myFile, 'a+');
+fwrite($fh, $content);
+if (strlen($content) > 1) {
+ fwrite($fh, "\n");
+ } else {
+}
+fclose($fh);
+
+
+//echo (filesize($myFile));
+if (filesize($myFile) > 1) {
+ //$fh = fopen($myFile, 'r');
+ //$theData = fread($fh, filesize($myFile));
+ //fclose($fh);
+ echo "<br/> Current List(s): <br/>";
+ // Get the whole file into a single string
+ $fileContents = file_get_contents($myFile);
+
+ // Explode the file contents string by each line
+ $lines = explode(PHP_EOL, $fileContents); // Replace PHP_EOL with "\r\n" or "\n" or "\r" if you like
+
+ // Iterate through each line and do what you need with it
+
+ foreach ($lines as $line) {
+ $i++;
+ echo "<a href=purge.php?line=$i style='border-style: none'><img src='../../themes/nervecenter/images/icons/icon_x.gif'></a>";
+ echo " ";
+ echo $line;
+ //echo "";
+ // echo $i;
+ echo "<br/>";
+
+ }
+
+
+ //echo $theData;
+
+
+}
+echo "<br/><br/>";
+
+
+
+
+?> \ No newline at end of file
diff --git a/config/ipblocklist/manual_add.tmp b/config/ipblocklist/manual_add.tmp
new file mode 100755
index 00000000..ecf42678
--- /dev/null
+++ b/config/ipblocklist/manual_add.tmp
@@ -0,0 +1,69 @@
+<html>
+<head>
+<STYLE type="text/css">
+ a img {border:none; }
+ </STYLE>
+</head>
+<a href="ipblocklist_list.php"><img src="../../themes/nervecenter/images/icons/icon_alias_url_reload.gif" ALT="Manual" ALIGN=RIGHT></a>
+
+<span style="color:red">Experimental!</span> - This uses a different process to block IPs (uses IPFW) <a href="http://forum.pfsense.org/index.php/topic,24822.0.html" target="_blank"><img src="../../themes/nervecenter/images/icons/icon_log.gif"></a>
+ <br/>Enter in IP format (xx.xx.xx.xx) or CIDR format (xx.xx.xx.xx/xx)
+<br/><form method="post" action="">
+<input name="content" type="text" />
+<input type="image" src="../../themes/nervecenter/images/icons/icon_plus.gif" value="submit">
+<br/>
+
+<?php
+
+
+$myFile = "ips.ipfw";
+$content = $_REQUEST['content'];
+$fh = fopen($myFile, 'a+');
+fwrite($fh, $content);
+if (strlen($content) > 1) {
+ fwrite($fh, "\n");
+ } else {
+
+}
+fclose($fh);
+
+
+//echo (filesize($myFile));
+if (filesize($myFile) > 1) {
+ //$fh = fopen($myFile, 'r');
+ //$theData = fread($fh, filesize($myFile));
+ //fclose($fh);
+ echo "<br/> Current List(s): <br/>";
+ // Get the whole file into a single string
+ $fileContents = file_get_contents($myFile);
+
+ // Explode the file contents string by each line
+ $lines = explode(PHP_EOL, $fileContents); // Replace PHP_EOL with "\r\n" or "\n" or "\r" if you like
+
+ // Iterate through each line and do what you need with it
+
+ foreach ($lines as $line) {
+ $i++;
+ echo "<a href=purgeip.php?line=$i style='border-style: none'><img src='../../themes/nervecenter/images/icons/icon_x.gif'></a>";
+ echo " ";
+ exec("kldload ipfw.ko");
+ exec("ipfw -q add 2000 drop ip from any to $line");
+ exec("ipfw -q add 2001 drop ip from $line to any");
+ echo $line;
+ //echo "";
+ // echo $i;
+ echo "<br/>";
+
+ }
+
+
+
+
+
+}
+echo "<br/><br/>";
+
+
+
+
+?> \ No newline at end of file
diff --git a/config/ipblocklist/purge.tmp b/config/ipblocklist/purge.tmp
new file mode 100755
index 00000000..47dbed98
--- /dev/null
+++ b/config/ipblocklist/purge.tmp
@@ -0,0 +1,26 @@
+<?php
+$line = $_GET["line"];
+
+//echo("$line");
+//exec("more lists.txt > temp_lists.txt");
+if ($line == 0) {
+ exec("rm lists.txt");
+ } else {
+ exec("sed $line'd' lists.txt > temp_lists.txt");
+ }
+exec("more temp_lists.txt > lists.txt");
+exec("rm temp_lists.txt");
+
+
+?>
+<html>
+<HEAD>
+<SCRIPT language="JavaScript">
+<!--
+window.parent.location="ipblocklist.php";
+//-->
+</SCRIPT>
+</HEAD>
+
+
+</html> \ No newline at end of file
diff --git a/config/ipblocklist/purgeip.tmp b/config/ipblocklist/purgeip.tmp
new file mode 100755
index 00000000..449cb262
--- /dev/null
+++ b/config/ipblocklist/purgeip.tmp
@@ -0,0 +1,26 @@
+<?php
+$line = $_GET["line"];
+
+//echo("$line");
+//exec("more ips.ipfw > temp_ips.ipfw");
+if ($line == 0) {
+ exec("rm wlists.txt");
+ } else {
+ exec("sed $line'd' wlists.txt > temp_wlists.txt");
+ }
+exec("more temp_wlists.txt > wlists.txt");
+exec("rm temp_wlists.txt");
+
+
+?>
+<html>
+<HEAD>
+<SCRIPT language="JavaScript">
+<!--
+window.parent.location="ipblocklist.php";
+//-->
+</SCRIPT>
+</HEAD>
+
+
+</html> \ No newline at end of file
diff --git a/config/ipblocklist/whitelist.tmp b/config/ipblocklist/whitelist.tmp
new file mode 100755
index 00000000..17cae247
--- /dev/null
+++ b/config/ipblocklist/whitelist.tmp
@@ -0,0 +1,66 @@
+<html>
+<head>
+<STYLE type="text/css">
+ a img {border:none; }
+ </STYLE>
+</head>
+<a href="ipblocklist_list.php"><img src="../../themes/nervecenter/images/icons/icon_alias_url_reload.gif" ALT="Manual" ALIGN=RIGHT></a>
+
+<span style="color:red">White lists</span> - The lists added here will be added to a whitelist
+ <br/>Add List URL:
+<br/><form method="post" action="">
+<input name="content" type="text" />
+<input type="image" src="../../themes/nervecenter/images/icons/icon_plus.gif" value="submit">
+<br/>
+
+<?php
+
+
+$myFile = "wlists.txt";
+$content = $_REQUEST['content'];
+$fh = fopen($myFile, 'a+');
+fwrite($fh, $content);
+if (strlen($content) > 1) {
+ fwrite($fh, "\n");
+ } else {
+
+}
+fclose($fh);
+
+
+//echo (filesize($myFile));
+if (filesize($myFile) > 1) {
+ //$fh = fopen($myFile, 'r');
+ //$theData = fread($fh, filesize($myFile));
+ //fclose($fh);
+ echo "<br/> Current List(s): <br/>";
+ // Get the whole file into a single string
+ $fileContents = file_get_contents($myFile);
+
+ // Explode the file contents string by each line
+ $lines = explode(PHP_EOL, $fileContents); // Replace PHP_EOL with "\r\n" or "\n" or "\r" if you like
+
+ // Iterate through each line and do what you need with it
+
+ foreach ($lines as $line) {
+ $i++;
+ echo "<a href=purgeip.php?line=$i style='border-style: none'><img src='../../themes/nervecenter/images/icons/icon_x.gif'></a>";
+ echo " ";
+ echo $line;
+ //echo "";
+ // echo $i;
+ echo "<br/>";
+
+ }
+
+
+
+
+
+}
+echo "<br/><br/>";
+
+
+
+
+?> \ No newline at end of file
diff --git a/config/packetcapturefix/packetcapturefix.inc b/config/packetcapturefix/packetcapturefix.inc
new file mode 100644
index 00000000..8636c25c
--- /dev/null
+++ b/config/packetcapturefix/packetcapturefix.inc
@@ -0,0 +1,18 @@
+<?php
+
+function packetcapturefix_install() {
+ global $g, $config;
+
+ // Test to make sure the patch is not already applied.
+ $out = `patch -fslC --reverse -p1 -b .before_packetcapturefix -d / -i /usr/local/pkg/packetcapturefix.patch |& grep -ci reject`;
+ if ($out == 0) {
+ // If the patch has not already been applied, test to see if it will apply cleanly.
+ $out = `patch -fsNlC -p1 -b .before_packetcapturefix -d / -i /usr/local/pkg/packetcapturefix.patch |& grep -ci reject`;
+ if ($out == 0) {
+ // The patch should apply cleanly, let 'er rip.
+ mwexec("patch -fsNl -p1 -b .before_packetcapturefix -d / -i /usr/local/pkg/packetcapturefix.patch ");
+ }
+ }
+}
+
+?> \ No newline at end of file
diff --git a/config/packetcapturefix/packetcapturefix.patch b/config/packetcapturefix/packetcapturefix.patch
new file mode 100644
index 00000000..659fdd10
--- /dev/null
+++ b/config/packetcapturefix/packetcapturefix.patch
@@ -0,0 +1,23 @@
+diff --git a/usr/local/www/diag_packet_capture.php b/usr/local/www/diag_packet_capture.php
+index 69fd677..91d61cd 100644
+--- a/usr/local/www/diag_packet_capture.php
++++ b/usr/local/www/diag_packet_capture.php
+@@ -265,6 +265,9 @@ include("head.inc"); ?>
+ <textarea style="width:98%" name="code" rows="15" cols="66" wrap="off" readonly="readonly">
+ <?php
+ system ("/usr/sbin/tcpdump $disabledns $detail -r $fp$fn");?>
++
++ conf_mount_ro();
++
+ </textarea><?php
+ }
+ }?>
+@@ -277,8 +280,6 @@ include("head.inc"); ?>
+ </td></tr></table>
+ <?php
+
+-conf_mount_ro();
+-
+ include("fend.inc");
+
+ ?>
diff --git a/config/packetcapturefix/packetcapturefix.xml b/config/packetcapturefix/packetcapturefix.xml
new file mode 100644
index 00000000..96386cf9
--- /dev/null
+++ b/config/packetcapturefix/packetcapturefix.xml
@@ -0,0 +1,65 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
+<packagegui>
+ <copyright>
+ <![CDATA[
+/* $Id$ */
+/* ========================================================================== */
+/*
+ packetcapturefix.xml
+ part of pfSense (http://www.pfSense.com)
+ Copyright (C) 2007 to whom it may belong
+ All rights reserved.
+
+ Based on m0n0wall (http://m0n0.ch/wall)
+ Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+ */
+/* ========================================================================== */
+/*
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+ */
+/* ========================================================================== */
+ ]]>
+ </copyright>
+ <description>Patch to fix packet capture on 1.2.3 Embedded (NanoBSD)</description>
+ <requirements>pfSense 1.2.3</requirements>
+ <faq>None</faq>
+ <name>Packet Capture NanoBSD Fix</name>
+ <version>0.2</version>
+ <title>Packet Capture NanoBSD Fix</title>
+ <include_file>/usr/local/pkg/packetcapturefix.inc</include_file>
+ <additional_files_needed>
+ <prefix>/usr/local/pkg/</prefix>
+ <chmod>077</chmod>
+ <item>http://www.pfsense.com/packages/config/packetcapturefix/packetcapturefix.inc</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/usr/local/pkg/</prefix>
+ <chmod>077</chmod>
+ <item>http://www.pfsense.com/packages/config/packetcapturefix/packetcapturefix.patch</item>
+ </additional_files_needed>
+ <custom_php_install_command>
+ packetcapturefix_install();
+ </custom_php_install_command>
+</packagegui>
diff --git a/config/snort/javascript/row_helper.js b/config/snort/javascript/row_helper.js
index aaf6df37..8b14732d 100644
--- a/config/snort/javascript/row_helper.js
+++ b/config/snort/javascript/row_helper.js
@@ -1,69 +1,69 @@
-// Global Variables
-var rowname = new Array(99);
-var rowtype = new Array(99);
-var newrow = new Array(99);
-var rowsize = new Array(99);
-
-for (i = 0; i < 99; i++) {
- rowname[i] = '';
- rowtype[i] = '';
- newrow[i] = '';
- rowsize[i] = '25';
-}
-
-var field_counter_js = 0;
-var loaded = 0;
-var is_streaming_progress_bar = 0;
-var temp_streaming_text = "";
-
-var addRowTo = (function() {
- return (function (tableId) {
- var d, tbody, tr, td, bgc, i, ii, j;
- d = document;
- tbody = d.getElementById(tableId).getElementsByTagName("tbody").item(0);
- tr = d.createElement("tr");
- totalrows++;
- for (i = 0; i < field_counter_js; i++) {
- td = d.createElement("td");
- if(rowtype[i] == 'textbox') {
- td.innerHTML="<INPUT type='hidden' value='" + totalrows +"' name='" + rowname[i] + "_row-" + totalrows + "'></input><input size='" + rowsize[i] + "' name='" + rowname[i] + totalrows + "'></input> ";
- } else if(rowtype[i] == 'select') {
- td.innerHTML="<INPUT type='hidden' value='" + totalrows +"' name='" + rowname[i] + "_row-" + totalrows + "'></input><select size='" + rowsize[i] + "' name='" + rowname[i] + totalrows + "'><option value=\"32\" selected>32</option><option value=\"31\" >31</option><option value=\"30\" >30</option><option value=\"29\" >29</option><option value=\"28\" >28</option><option value=\"27\" >27</option><option value=\"26\" >26</option><option value=\"25\" >25</option><option value=\"24\" >24</option><option value=\"23\" >23</option><option value=\"22\" >22</option><option value=\"21\" >21</option><option value=\"20\" >20</option><option value=\"19\" >19</option><option value=\"18\" >18</option><option value=\"17\" >17</option><option value=\"16\" >16</option><option value=\"15\" >15</option><option value=\"14\" >14</option><option value=\"13\" >13</option><option value=\"12\" >12</option><option value=\"11\" >11</option><option value=\"10\" >10</option><option value=\"9\" >9</option><option value=\"8\" >8</option><option value=\"7\" >7</option><option value=\"6\" >6</option><option value=\"5\" >5</option><option value=\"4\" >4</option><option value=\"3\" >3</option><option value=\"2\" >2</option><option value=\"1\" >1</option></select> ";
- } else {
- td.innerHTML="<INPUT type='hidden' value='" + totalrows +"' name='" + rowname[i] + "_row-" + totalrows + "'></input><input type='checkbox' name='" + rowname[i] + totalrows + "'></input> ";
- }
- tr.appendChild(td);
- }
- td = d.createElement("td");
- td.rowSpan = "1";
-
- td.innerHTML = '<input type="image" src="/themes/' + theme + '/images/icons/icon_x.gif" onclick="removeRow(this); return false;" value="Delete">';
- tr.appendChild(td);
- tbody.appendChild(tr);
- });
-})();
-
-function removeRow(el) {
- var cel;
- while (el && el.nodeName.toLowerCase() != "tr")
- el = el.parentNode;
-
- if (el && el.parentNode) {
- cel = el.getElementsByTagName("td").item(0);
- el.parentNode.removeChild(el);
- }
-}
-
-function find_unique_field_name(field_name) {
- // loop through field_name and strip off -NUMBER
- var last_found_dash = 0;
- for (var i = 0; i < field_name.length; i++) {
- // is this a dash, if so, update
- // last_found_dash
- if (field_name.substr(i,1) == "-" )
- last_found_dash = i;
- }
- if (last_found_dash < 1)
- return field_name;
- return(field_name.substr(0,last_found_dash));
-}
+// Global Variables
+var rowname = new Array(99);
+var rowtype = new Array(99);
+var newrow = new Array(99);
+var rowsize = new Array(99);
+
+for (i = 0; i < 99; i++) {
+ rowname[i] = '';
+ rowtype[i] = '';
+ newrow[i] = '';
+ rowsize[i] = '25';
+}
+
+var field_counter_js = 0;
+var loaded = 0;
+var is_streaming_progress_bar = 0;
+var temp_streaming_text = "";
+
+var addRowTo = (function() {
+ return (function (tableId) {
+ var d, tbody, tr, td, bgc, i, ii, j;
+ d = document;
+ tbody = d.getElementById(tableId).getElementsByTagName("tbody").item(0);
+ tr = d.createElement("tr");
+ totalrows++;
+ for (i = 0; i < field_counter_js; i++) {
+ td = d.createElement("td");
+ if(rowtype[i] == 'textbox') {
+ td.innerHTML="<INPUT type='hidden' value='" + totalrows +"' name='" + rowname[i] + "_row-" + totalrows + "'></input><input size='" + rowsize[i] + "' name='" + rowname[i] + totalrows + "'></input> ";
+ } else if(rowtype[i] == 'select') {
+ td.innerHTML="<INPUT type='hidden' value='" + totalrows +"' name='" + rowname[i] + "_row-" + totalrows + "'></input><select size='" + rowsize[i] + "' name='" + rowname[i] + totalrows + "'><option value=\"32\" selected>32</option><option value=\"31\" >31</option><option value=\"30\" >30</option><option value=\"29\" >29</option><option value=\"28\" >28</option><option value=\"27\" >27</option><option value=\"26\" >26</option><option value=\"25\" >25</option><option value=\"24\" >24</option><option value=\"23\" >23</option><option value=\"22\" >22</option><option value=\"21\" >21</option><option value=\"20\" >20</option><option value=\"19\" >19</option><option value=\"18\" >18</option><option value=\"17\" >17</option><option value=\"16\" >16</option><option value=\"15\" >15</option><option value=\"14\" >14</option><option value=\"13\" >13</option><option value=\"12\" >12</option><option value=\"11\" >11</option><option value=\"10\" >10</option><option value=\"9\" >9</option><option value=\"8\" >8</option><option value=\"7\" >7</option><option value=\"6\" >6</option><option value=\"5\" >5</option><option value=\"4\" >4</option><option value=\"3\" >3</option><option value=\"2\" >2</option><option value=\"1\" >1</option></select> ";
+ } else {
+ td.innerHTML="<INPUT type='hidden' value='" + totalrows +"' name='" + rowname[i] + "_row-" + totalrows + "'></input><input type='checkbox' name='" + rowname[i] + totalrows + "'></input> ";
+ }
+ tr.appendChild(td);
+ }
+ td = d.createElement("td");
+ td.rowSpan = "1";
+
+ td.innerHTML = '<input type="image" src="/themes/' + theme + '/images/icons/icon_x.gif" onclick="removeRow(this); return false;" value="Delete">';
+ tr.appendChild(td);
+ tbody.appendChild(tr);
+ });
+})();
+
+function removeRow(el) {
+ var cel;
+ while (el && el.nodeName.toLowerCase() != "tr")
+ el = el.parentNode;
+
+ if (el && el.parentNode) {
+ cel = el.getElementsByTagName("td").item(0);
+ el.parentNode.removeChild(el);
+ }
+}
+
+function find_unique_field_name(field_name) {
+ // loop through field_name and strip off -NUMBER
+ var last_found_dash = 0;
+ for (var i = 0; i < field_name.length; i++) {
+ // is this a dash, if so, update
+ // last_found_dash
+ if (field_name.substr(i,1) == "-" )
+ last_found_dash = i;
+ }
+ if (last_found_dash < 1)
+ return field_name;
+ return(field_name.substr(0,last_found_dash));
+}
diff --git a/config/snort/snort_check_for_rule_updates.php b/config/snort/snort_check_for_rule_updates.php
index ba953c73..9bc2d5b8 100644
--- a/config/snort/snort_check_for_rule_updates.php
+++ b/config/snort/snort_check_for_rule_updates.php
@@ -211,7 +211,7 @@ if ($snortdownload == "basic" || $snortdownload == "premium")
} else {
echo "Downloading snort.org md5 file...\n";
ini_set('user_agent','Mozilla/4.0 (compatible; MSIE 6.0)');
- $image = @file_get_contents("http://dl.snort.org/{$premium_url}/snortrules-snapshot-2.8{$premium_subscriber}.tar.gz.md5?oink_code={$oinkid}");
+ $image = @file_get_contents("http://dl.snort.org/{$premium_url}/snortrules-snapshot-2860{$premium_subscriber}.tar.gz.md5?oink_code={$oinkid}");
// $image = @file_get_contents("http://www.mtest.local/pub-bin/oinkmaster.cgi/{$oinkid}/snortrules-snapshot-2.8{$premium_subscriber}.tar.gz.md5");
$f = fopen("{$tmpfname}/snortrules-snapshot-2.8.tar.gz.md5", 'w');
fwrite($f, $image);
@@ -381,7 +381,7 @@ if ($snortdownload != "off")
} else {
echo "There is a new set of Snort.org rules posted. Downloading...\n";
echo "May take 4 to 10 min...\n";
- download_file_with_progress_bar2("http://dl.snort.org/{$premium_url}/snortrules-snapshot-2.8{$premium_subscriber}.tar.gz?oink_code={$oinkid}", $tmpfname . "/{$snort_filename}");
+ download_file_with_progress_bar2("http://dl.snort.org/{$premium_url}/snortrules-snapshot-2860{$premium_subscriber}.tar.gz?oink_code={$oinkid}", $tmpfname . "/{$snort_filename}");
echo "Done downloading rules file.\n";
if (150000 > filesize("{$tmpfname}/{$snort_filename}")){
echo "Error with the snort rules download...\n";
@@ -455,6 +455,14 @@ if ($snortdownload != "off")
{
if ($snort_md5_check_ok != on) {
if (file_exists("{$tmpfname}/{$snort_filename}")) {
+
+ if ($pfsense_stable == 'yes')
+ {
+ $freebsd_version_so = 'FreeBSD-7-2';
+ }else{
+ $freebsd_version_so = 'FreeBSD-8-0';
+ }
+
echo "Extracting Snort.org rules...\n";
echo "May take a while...\n";
/* extract snort.org rules and add prefix to all snort.org files*/
@@ -465,9 +473,9 @@ if ($snortdownload != "off")
sleep(2);
exec('/usr/local/bin/perl /usr/local/bin/snort_rename.pl s/^/snort_/ *.rules');
/* extract so rules */
- exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/precompiled/FreeBSD-7.0/i386/2.8.5.3/");
+ exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/precompiled/$freebsd_version_so/i386/2.8.6.0/");
exec('/bin/mkdir -p /usr/local/lib/snort/dynamicrules/');
- exec("/bin/mv -f {$snortdir}/so_rules/precompiled/FreeBSD-7.0/i386/2.8.5.3/* /usr/local/lib/snort/dynamicrules/");
+ exec("/bin/mv -f {$snortdir}/so_rules/precompiled/$freebsd_version_so/i386/2.8.6.0/* /usr/local/lib/snort/dynamicrules/");
/* extract so rules none bin and rename */
exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/bad-traffic.rules/" .
" so_rules/chat.rules/" .
diff --git a/config/snort/snort_download_rules.php b/config/snort/snort_download_rules.php
index 36000827..78334f8e 100644
--- a/config/snort/snort_download_rules.php
+++ b/config/snort/snort_download_rules.php
@@ -391,7 +391,7 @@ if ($snortdownload == "basic" || $snortdownload == "premium")
} else {
update_status(gettext("Downloading snort.org md5 file..."));
ini_set('user_agent','Mozilla/4.0 (compatible; MSIE 6.0)');
- $image = @file_get_contents("http://dl.snort.org/{$premium_url}/snortrules-snapshot-2.8{$premium_subscriber}.tar.gz.md5?oink_code={$oinkid}");
+ $image = @file_get_contents("http://dl.snort.org/{$premium_url}/snortrules-snapshot-2860{$premium_subscriber}.tar.gz.md5?oink_code={$oinkid}");
// $image = @file_get_contents("http://www.mtest.local/pub-bin/oinkmaster.cgi/{$oinkid}/snortrules-snapshot-2.8{$premium_subscriber}.tar.gz.md5");
$f = fopen("{$tmpfname}/snortrules-snapshot-2.8.tar.gz.md5", 'w');
fwrite($f, $image);
@@ -613,7 +613,7 @@ if ($snortdownload != "off")
update_status(gettext("There is a new set of Snort.org rules posted. Downloading..."));
update_output_window(gettext("May take 4 to 10 min..."));
// download_file_with_progress_bar("http://www.mtest.local/pub-bin/oinkmaster.cgi/{$oinkid}/snortrules-snapshot-2.8{$premium_subscriber}.tar.gz", $tmpfname . "/{$snort_filename}", "read_body_firmware");
- download_file_with_progress_bar("http://dl.snort.org/{$premium_url}/snortrules-snapshot-2.8{$premium_subscriber}.tar.gz?oink_code={$oinkid}", $tmpfname . "/{$snort_filename}", "read_body_firmware");
+ download_file_with_progress_bar("http://dl.snort.org/{$premium_url}/snortrules-snapshot-2860{$premium_subscriber}.tar.gz?oink_code={$oinkid}", $tmpfname . "/{$snort_filename}", "read_body_firmware");
update_all_status($static_output);
update_status(gettext("Done downloading rules file."));
if (150000 > filesize("{$tmpfname}/$snort_filename")){
@@ -701,6 +701,14 @@ if ($snortdownload != "off")
{
if ($snort_md5_check_ok != on) {
if (file_exists("{$tmpfname}/{$snort_filename}")) {
+
+ if ($pfsense_stable == 'yes')
+ {
+ $freebsd_version_so = 'FreeBSD-7-2';
+ }else{
+ $freebsd_version_so = 'FreeBSD-8-0';
+ }
+
update_status(gettext("Extracting Snort.org rules..."));
update_output_window(gettext("May take a while..."));
/* extract snort.org rules and add prefix to all snort.org files*/
@@ -711,9 +719,9 @@ if ($snortdownload != "off")
sleep(2);
exec('/usr/local/bin/perl /usr/local/bin/snort_rename.pl s/^/snort_/ *.rules');
/* extract so rules */
- exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/precompiled/FreeBSD-7.0/i386/2.8.5.3/");
+ exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/precompiled/$freebsd_version_so/i386/2.8.6.0/");
exec('/bin/mkdir -p /usr/local/lib/snort/dynamicrules/');
- exec("/bin/mv -f {$snortdir}/so_rules/precompiled/FreeBSD-7.0/i386/2.8.5.3/* /usr/local/lib/snort/dynamicrules/");
+ exec("/bin/mv -f {$snortdir}/so_rules/precompiled/$freebsd_version_so/i386/2.8.6.0/* /usr/local/lib/snort/dynamicrules/");
/* extract so rules none bin and rename */
exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/bad-traffic.rules/" .
" so_rules/chat.rules/" .
diff --git a/config/snort/snort_interfaces.php b/config/snort/snort_interfaces.php
index 9db023a7..b5b05f1d 100644
--- a/config/snort/snort_interfaces.php
+++ b/config/snort/snort_interfaces.php
@@ -240,7 +240,7 @@ if ($_GET['act'] == 'toggle' && $_GET['id'] != '')
-$pgtitle = "Services: Snort 2.8.5.3 pkg v. 1.25";
+$pgtitle = "Services: Snort 2.8.6 pkg v. 1.26";
include("head.inc");
?>
diff --git a/config/snort/snort_interfaces_suppress.php b/config/snort/snort_interfaces_suppress.php
index c2ecf817..65bf1d4c 100644
--- a/config/snort/snort_interfaces_suppress.php
+++ b/config/snort/snort_interfaces_suppress.php
@@ -1,170 +1,170 @@
-<?php
-/* $Id$ */
-/*
- firewall_aliases.php
- Copyright (C) 2004 Scott Ullrich
- All rights reserved.
-
- originially part of m0n0wall (http://m0n0.ch/wall)
- Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
- All rights reserved.
-
- modified for the pfsense snort package
- Copyright (C) 2009-2010 Robert Zelaya.
- All rights reserved.
-
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
-
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
-
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
-
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
-*/
-
-require("guiconfig.inc");
-
-
-if (!is_array($config['installedpackages']['snortglobal']['suppress']['item']))
- $config['installedpackages']['snortglobal']['suppress']['item'] = array();
-
-//aliases_sort(); << what ?
-$a_suppress = &$config['installedpackages']['snortglobal']['suppress']['item'];
-
-if (isset($config['installedpackages']['snortglobal']['suppress']['item'])) {
-$id_gen = count($config['installedpackages']['snortglobal']['suppress']['item']);
-}else{
-$id_gen = '0';
-}
-
-$d_suppresslistdirty_path = '/var/run/snort_suppress.dirty';
-
-if ($_POST) {
-
- $pconfig = $_POST;
-
- if ($_POST['apply']) {
- $retval = 0;
-
- if(stristr($retval, "error") <> true)
- $savemsg = get_std_save_message($retval);
- else
- $savemsg = $retval;
- if ($retval == 0) {
- if (file_exists($d_suppresslistdirty_path))
- unlink($d_suppresslistdirty_path);
- }
- }
-}
-
-if ($_GET['act'] == "del") {
- if ($a_suppress[$_GET['id']]) {
- /* make sure rule is not being referenced by any nat or filter rules */
-
- unset($a_suppress[$_GET['id']]);
- write_config();
- filter_configure();
- touch($d_suppresslistdirty_path);
- header("Location: /snort/snort_interfaces_suppress.php");
- exit;
- }
-}
-
-$pgtitle = "Services: Snort: Suppression";
-include("head.inc");
-
-?>
-
-<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
-<?php include("./snort_fbegin.inc"); ?>
-<p class="pgtitle"><?=$pgtitle?></p>
-<form action="/snort/snort_interfaces_suppress.php" method="post">
-<?php if ($savemsg) print_info_box($savemsg); ?>
-<?php if (file_exists($d_suppresslistdirty_path)): ?><p>
-<?php print_info_box_np("The white list has been changed.<br>You must apply the changes in order for them to take effect.");?>
-<?php endif; ?>
-
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
- <tr><td class="tabnavtbl">
-<?php
- $tab_array = array();
- $tab_array[] = array("Snort Interfaces", false, "/snort/snort_interfaces.php");
- $tab_array[] = array("Global Settings", false, "/snort/snort_interfaces_global.php");
- $tab_array[] = array("Rule Updates", false, "/snort/snort_download_rules.php");
- $tab_array[] = array("Alerts", false, "/snort/snort_alerts.php");
- $tab_array[] = array("Blocked", false, "/snort/snort_blocked.php");
- $tab_array[] = array("Whitelists", false, "/snort/snort_interfaces_whitelist.php");
- $tab_array[] = array("Suppress", true, "/snort/snort_interfaces_suppress.php");
- $tab_array[] = array("Help", false, "/snort/snort_help_info.php");
- display_top_tabs($tab_array);
-?> </td></tr>
-<tr>
-<td class="tabcont">
-
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-
-<tr>
- <td width="30%" class="listhdrr">File Name</td>
- <td width="70%" class="listhdr">Description</td>
-
- <td width="10%" class="list">
- </td>
-</tr>
- <?php $i = 0; foreach ($a_suppress as $list): ?>
-<tr>
- <td class="listlr" ondblclick="document.location='snort_interfaces_suppress_edit.php?id=<?=$i;?>';">
- <?=htmlspecialchars($list['name']);?>
- </td>
- <td class="listbg" ondblclick="document.location='snort_interfaces_suppress_edit.php?id=<?=$i;?>';">
- <font color="#FFFFFF">
- <?=htmlspecialchars($list['descr']);?>&nbsp;
- </td>
-
- <td valign="middle" nowrap class="list">
- <table border="0" cellspacing="0" cellpadding="1">
- <tr>
- <td valign="middle"><a href="snort_interfaces_suppress_edit.php?id=<?=$i;?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0" title="edit whitelist"></a></td>
- <td><a href="/snort/snort_interfaces_whitelist.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this whitelist? All elements that still use it will become invalid (e.g. snort rules will fall back to the default whitelist)!')"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="delete whitelist"></a></td>
- </tr>
- </table>
- </td>
-</tr>
- <?php $i++; endforeach; ?>
-<tr>
- <td class="list" colspan="2"></td>
- <td class="list">
- <table border="0" cellspacing="0" cellpadding="1">
- <tr>
- <td valign="middle" width="17">&nbsp;</td>
- <td valign="middle"><a href="snort_interfaces_suppress_edit.php?id=<?php echo $id_gen;?> "><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="add a new list"></a></td>
- </tr>
- </table>
- </td>
-</tr>
-</table>
- </td>
- </tr>
- </table>
-<br>
-<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
-<td width="100%"><span class="vexpl"><span class="red"><strong>Note:</strong></span>
- <p><span class="vexpl">Here you can create event filtering and suppression for your snort package rules.<br>Please note that you must restart a running rule so that changes can take effect.</span></p>
-</td>
-</table>
-</form>
-<?php include("fend.inc"); ?>
-</body>
-</html>
+<?php
+/* $Id$ */
+/*
+ firewall_aliases.php
+ Copyright (C) 2004 Scott Ullrich
+ All rights reserved.
+
+ originially part of m0n0wall (http://m0n0.ch/wall)
+ Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ modified for the pfsense snort package
+ Copyright (C) 2009-2010 Robert Zelaya.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+require("guiconfig.inc");
+
+
+if (!is_array($config['installedpackages']['snortglobal']['suppress']['item']))
+ $config['installedpackages']['snortglobal']['suppress']['item'] = array();
+
+//aliases_sort(); << what ?
+$a_suppress = &$config['installedpackages']['snortglobal']['suppress']['item'];
+
+if (isset($config['installedpackages']['snortglobal']['suppress']['item'])) {
+$id_gen = count($config['installedpackages']['snortglobal']['suppress']['item']);
+}else{
+$id_gen = '0';
+}
+
+$d_suppresslistdirty_path = '/var/run/snort_suppress.dirty';
+
+if ($_POST) {
+
+ $pconfig = $_POST;
+
+ if ($_POST['apply']) {
+ $retval = 0;
+
+ if(stristr($retval, "error") <> true)
+ $savemsg = get_std_save_message($retval);
+ else
+ $savemsg = $retval;
+ if ($retval == 0) {
+ if (file_exists($d_suppresslistdirty_path))
+ unlink($d_suppresslistdirty_path);
+ }
+ }
+}
+
+if ($_GET['act'] == "del") {
+ if ($a_suppress[$_GET['id']]) {
+ /* make sure rule is not being referenced by any nat or filter rules */
+
+ unset($a_suppress[$_GET['id']]);
+ write_config();
+ filter_configure();
+ touch($d_suppresslistdirty_path);
+ header("Location: /snort/snort_interfaces_suppress.php");
+ exit;
+ }
+}
+
+$pgtitle = "Services: Snort: Suppression";
+include("head.inc");
+
+?>
+
+<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
+<?php include("./snort_fbegin.inc"); ?>
+<p class="pgtitle"><?=$pgtitle?></p>
+<form action="/snort/snort_interfaces_suppress.php" method="post">
+<?php if ($savemsg) print_info_box($savemsg); ?>
+<?php if (file_exists($d_suppresslistdirty_path)): ?><p>
+<?php print_info_box_np("The white list has been changed.<br>You must apply the changes in order for them to take effect.");?>
+<?php endif; ?>
+
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td class="tabnavtbl">
+<?php
+ $tab_array = array();
+ $tab_array[] = array("Snort Interfaces", false, "/snort/snort_interfaces.php");
+ $tab_array[] = array("Global Settings", false, "/snort/snort_interfaces_global.php");
+ $tab_array[] = array("Rule Updates", false, "/snort/snort_download_rules.php");
+ $tab_array[] = array("Alerts", false, "/snort/snort_alerts.php");
+ $tab_array[] = array("Blocked", false, "/snort/snort_blocked.php");
+ $tab_array[] = array("Whitelists", false, "/snort/snort_interfaces_whitelist.php");
+ $tab_array[] = array("Suppress", true, "/snort/snort_interfaces_suppress.php");
+ $tab_array[] = array("Help", false, "/snort/snort_help_info.php");
+ display_top_tabs($tab_array);
+?> </td></tr>
+<tr>
+<td class="tabcont">
+
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+
+<tr>
+ <td width="30%" class="listhdrr">File Name</td>
+ <td width="70%" class="listhdr">Description</td>
+
+ <td width="10%" class="list">
+ </td>
+</tr>
+ <?php $i = 0; foreach ($a_suppress as $list): ?>
+<tr>
+ <td class="listlr" ondblclick="document.location='snort_interfaces_suppress_edit.php?id=<?=$i;?>';">
+ <?=htmlspecialchars($list['name']);?>
+ </td>
+ <td class="listbg" ondblclick="document.location='snort_interfaces_suppress_edit.php?id=<?=$i;?>';">
+ <font color="#FFFFFF">
+ <?=htmlspecialchars($list['descr']);?>&nbsp;
+ </td>
+
+ <td valign="middle" nowrap class="list">
+ <table border="0" cellspacing="0" cellpadding="1">
+ <tr>
+ <td valign="middle"><a href="snort_interfaces_suppress_edit.php?id=<?=$i;?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0" title="edit whitelist"></a></td>
+ <td><a href="/snort/snort_interfaces_suppress.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this whitelist? All elements that still use it will become invalid (e.g. snort rules will fall back to the default whitelist)!')"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="delete whitelist"></a></td>
+ </tr>
+ </table>
+ </td>
+</tr>
+ <?php $i++; endforeach; ?>
+<tr>
+ <td class="list" colspan="2"></td>
+ <td class="list">
+ <table border="0" cellspacing="0" cellpadding="1">
+ <tr>
+ <td valign="middle" width="17">&nbsp;</td>
+ <td valign="middle"><a href="snort_interfaces_suppress_edit.php?id=<?php echo $id_gen;?> "><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="add a new list"></a></td>
+ </tr>
+ </table>
+ </td>
+</tr>
+</table>
+ </td>
+ </tr>
+ </table>
+<br>
+<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
+<td width="100%"><span class="vexpl"><span class="red"><strong>Note:</strong></span>
+ <p><span class="vexpl">Here you can create event filtering and suppression for your snort package rules.<br>Please note that you must restart a running rule so that changes can take effect.</span></p>
+</td>
+</table>
+</form>
+<?php include("fend.inc"); ?>
+</body>
+</html>
diff --git a/config/snort/snort_interfaces_suppress_edit.php b/config/snort/snort_interfaces_suppress_edit.php
index 13c43b4e..530a7800 100644
--- a/config/snort/snort_interfaces_suppress_edit.php
+++ b/config/snort/snort_interfaces_suppress_edit.php
@@ -1,312 +1,312 @@
-<?php
-/* $Id$ */
-/*
- firewall_aliases_edit.php
- Copyright (C) 2004 Scott Ullrich
- All rights reserved.
-
- originially part of m0n0wall (http://m0n0.ch/wall)
- Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
- All rights reserved.
-
- modified for the pfsense snort package
- Copyright (C) 2009-2010 Robert Zelaya.
- All rights reserved.
-
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
-
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
-
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
-
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
-*/
-
-require_once("guiconfig.inc");
-require_once("/usr/local/pkg/snort/snort.inc");
-require_once("/usr/local/pkg/snort/snort_gui.inc");
-
-if (!is_array($config['installedpackages']['snortglobal']['suppress']['item']))
- $config['installedpackages']['snortglobal']['suppress']['item'] = array();
-
-$a_suppress = &$config['installedpackages']['snortglobal']['suppress']['item'];
-
-$id = $_GET['id'];
-if (isset($_POST['id']))
- $id = $_POST['id'];
-
-
-/* gen uuid for each iface !inportant */
-if ($config['installedpackages']['snortglobal']['suppress']['item'][$id]['uuid'] == '') {
- //$snort_uuid = gen_snort_uuid(strrev(uniqid(true)));
-$suppress_uuid = 0;
-while ($suppress_uuid > 65535 || $suppress_uuid == 0) {
- $suppress_uuid = mt_rand(1, 65535);
- $pconfig['uuid'] = $suppress_uuid;
- }
-}
-
-if ($config['installedpackages']['snortglobal']['suppress']['item'][$id]['uuid'] != '') {
- $suppress_uuid = $config['installedpackages']['snortglobal']['suppress']['item'][$id]['uuid'];
-}
-
-$pgtitle = "Services: Snort: Suppression: Edit $suppress_uuid";
-
-$d_snort_suppress_dirty_path = '/var/run/snort_suppress.dirty';
-
-/* returns true if $name is a valid name for a whitelist file name or ip */
-function is_validwhitelistname($name) {
- if (!is_string($name))
- return false;
-
- if (!preg_match("/[^a-zA-Z0-9\.\/]/", $name))
- return true;
-
- return false;
-}
-
-
-if (isset($id) && $a_suppress[$id]) {
-
- /* old settings */
- $pconfig['name'] = $a_suppress[$id]['name'];
- $pconfig['uuid'] = $a_suppress[$id]['uuid'];
- $pconfig['descr'] = $a_suppress[$id]['descr'];
- $pconfig['suppresspassthru'] = base64_decode($a_suppress[$id]['suppresspassthru']);
-
-
-
-}
-
- /* this will exec when alert says apply */
- if ($_POST['apply']) {
-
- if (file_exists("$d_snort_suppress_dirty_path")) {
-
- write_config();
-
- sync_snort_package_config();
- sync_snort_package();
-
- unlink("$d_snort_suppress_dirty_path");
-
- }
-
- }
-
-if ($_POST['submit']) {
-
- unset($input_errors);
- $pconfig = $_POST;
-
- do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
-
- if(strtolower($_POST['name']) == "defaultwhitelist")
- $input_errors[] = "Whitelist file names may not be named defaultwhitelist.";
-
- $x = is_validwhitelistname($_POST['name']);
- if (!isset($x)) {
- $input_errors[] = "Reserved word used for whitelist file name.";
- } else {
- if (is_validwhitelistname($_POST['name']) == false)
- $input_errors[] = "Whitelist file name may only consist of the characters a-z, A-Z and 0-9 _. Note: No Spaces. Press Cancel to reset.";
- }
-
-
- /* check for name conflicts */
- foreach ($a_suppress as $s_list) {
- if (isset($id) && ($a_suppress[$id]) && ($a_suppress[$id] === $s_list))
- continue;
-
- if ($s_list['name'] == $_POST['name']) {
- $input_errors[] = "A whitelist file name with this name already exists.";
- break;
- }
- }
-
-
- $s_list = array();
- /* post user input */
-
- if (!$input_errors) {
-
- $s_list['name'] = $_POST['name'];
- $s_list['uuid'] = $suppress_uuid;
- $s_list['descr'] = mb_convert_encoding($_POST['descr'],"HTML-ENTITIES","auto");
- $s_list['suppresspassthru'] = base64_encode($_POST['suppresspassthru']);
-
-
- if (isset($id) && $a_suppress[$id])
- $a_suppress[$id] = $s_list;
- else
- $a_suppress[] = $s_list;
-
- touch($d_snort_suppress_dirty_path);
-
- write_config();
-
- header("Location: /snort/snort_interfaces_suppress_edit.php?id=$id");
- exit;
- }
-
-}
-
-include("head.inc");
-
-?>
-
-<body link="#0000CC" vlink="#0000CC" alink="#0000CC" onload="<?= $jsevents["body"]["onload"] ?>">
-
-<style type="text/css">
-.formpre {
-font-family: Tahoma,Verdana,Arial,Helvetica,sans-serif;
-font-size: 1.1em;
-}
-</style>
-
-<?php
- include("./snort_fbegin.inc");
-?>
-<p class="pgtitle"><?=$pgtitle?></p>
-
-<?php if ($input_errors) print_input_errors($input_errors); ?>
-<div id="inputerrors"></div>
-
-<form action="/snort/snort_interfaces_suppress_edit.php?id=<?=$id?>" method="post" name="iform" id="iform">
-
-<?php
- /* Display Alert message */
- if ($input_errors) {
- print_input_errors($input_errors); // TODO: add checks
- }
-
- if ($savemsg) {
- print_info_box2($savemsg);
- }
-
- //if (file_exists($d_snortconfdirty_path)) {
- if (file_exists($d_snort_suppress_dirty_path)) {
- echo '<p>';
-
- if($savemsg) {
- print_info_box_np2("{$savemsg}");
- }else{
- print_info_box_np2('
- The Snort configuration has changed and snort needs to be restarted on this interface.<br>
- You must apply the changes in order for them to take effect.<br>
- ');
- }
- }
-?>
-
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
- <tr><td class="tabnavtbl">
-<?php
- $tab_array = array();
- $tab_array[] = array("Snort Interfaces", false, "/snort/snort_interfaces.php");
- $tab_array[] = array("Global Settings", false, "/snort/snort_interfaces_global.php");
- $tab_array[] = array("Rule Updates", false, "/snort/snort_download_rules.php");
- $tab_array[] = array("Alerts", false, "/snort/snort_alerts.php");
- $tab_array[] = array("Blocked", false, "/snort/snort_blocked.php");
- $tab_array[] = array("Whitelists", false, "/snort/snort_interfaces_whitelist.php");
- $tab_array[] = array("Suppress", true, "/snort/snort_interfaces_suppress.php");
- $tab_array[] = array("Help", false, "/snort/snort_help_info.php");
- display_top_tabs($tab_array);
-?> </td></tr>
-<tr>
-<td class="tabcont">
-<table width="100%" border="0" cellpadding="6" cellspacing="0">
- <tr>
- <td colspan="2" valign="top" class="listtopic">Add the name and description of the file.</td>
- </tr>
- <tr>
- <td valign="top" class="vncellreq">Name</td>
- <td class="vtable">
- <input name="name" type="text" id="name" size="40" value="<?=htmlspecialchars($pconfig['name']);?>" />
- <br />
- <span class="vexpl">
- The list name may only consist of the characters a-z, A-Z and 0-9. <span class="red">Note: </span> No Spaces.
- </span>
- </td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Description</td>
- <td width="78%" class="vtable">
- <input name="descr" type="text" id="descr" size="40" value="<?=$pconfig['descr'];?>" />
- <br />
- <span class="vexpl">
- You may enter a description here for your reference (not parsed).
- </span>
- </td>
- </tr>
-</table>
-<table width="100%" border="0" cellpadding="6" cellspacing="0">
- <table height="32" width="100%">
- <tr>
- <td>
- <div style='background-color:#E0E0E0' id='redbox'>
- <table width='100%'>
- <tr>
- <td width='8%'>
- &nbsp;&nbsp;&nbsp;<img style='vertical-align:middle' src="/snort/images/icon_excli.png" width="40" height="32">
- </td>
- <td width='70%'>
- <font size="2" color='#FF850A'><b>NOTE:</b></font>
- <font size="2" color='#000000'>&nbsp;&nbsp;The threshold keyword is deprecated as of version 2.8.5. Use the event_filter keyword instead.</font>
- </td>
- </tr>
- </table>
- </div>
- </td>
- </tr>
- <script type="text/javascript">
- NiftyCheck();
- Rounded("div#redbox","all","#FFF","#E0E0E0","smooth");
- Rounded("td#blackbox","all","#FFF","#000000","smooth");
- </script>
- <tr>
- <td colspan="2" valign="top" class="listtopic">Apply suppression or filters to rules. Valid keywords are 'suppress', 'event_filter' and 'rate_filter'.</td>
- </tr>
- <tr>
- <td colspan="2" valign="top" class="vncell">
- <b>Example 1;</b> suppress gen_id 1, sig_id 1852, track by_src, ip 10.1.1.54<br>
- <b>Example 2;</b> event_filter gen_id 1, sig_id 1851, type limit, track by_src, count 1, seconds 60<br>
- <b>Example 3;</b> rate_filter gen_id 135, sig_id 1, track by_src, count 100, seconds 1, new_action log, timeout 10
- </td>
- </tr>
- <tr>
- <td width="100%" class="vtable">
- <textarea wrap="off" name="suppresspassthru" cols="142" rows="28" id="suppresspassthru" class="formpre"><?=htmlspecialchars($pconfig['suppresspassthru']);?></textarea>
-</td>
- </tr>
- <tr>
- <td width="78%">
- <input id="submit" name="submit" type="submit" class="formbtn" value="Save" />
- <input id="cancelbutton" name="cancelbutton" type="button" class="formbtn" value="Cancel" onclick="history.back()" />
- <?php if (isset($id) && $a_suppress[$id]): ?>
- <input name="id" type="hidden" value="<?=$id;?>" />
- <?php endif; ?>
- </td>
- </tr>
- </table>
- </table>
- </td>
- </tr>
- </table>
-</form>
-<?php include("fend.inc"); ?>
-</body>
+<?php
+/* $Id$ */
+/*
+ firewall_aliases_edit.php
+ Copyright (C) 2004 Scott Ullrich
+ All rights reserved.
+
+ originially part of m0n0wall (http://m0n0.ch/wall)
+ Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ modified for the pfsense snort package
+ Copyright (C) 2009-2010 Robert Zelaya.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+require_once("guiconfig.inc");
+require_once("/usr/local/pkg/snort/snort.inc");
+require_once("/usr/local/pkg/snort/snort_gui.inc");
+
+if (!is_array($config['installedpackages']['snortglobal']['suppress']['item']))
+ $config['installedpackages']['snortglobal']['suppress']['item'] = array();
+
+$a_suppress = &$config['installedpackages']['snortglobal']['suppress']['item'];
+
+$id = $_GET['id'];
+if (isset($_POST['id']))
+ $id = $_POST['id'];
+
+
+/* gen uuid for each iface !inportant */
+if ($config['installedpackages']['snortglobal']['suppress']['item'][$id]['uuid'] == '') {
+ //$snort_uuid = gen_snort_uuid(strrev(uniqid(true)));
+$suppress_uuid = 0;
+while ($suppress_uuid > 65535 || $suppress_uuid == 0) {
+ $suppress_uuid = mt_rand(1, 65535);
+ $pconfig['uuid'] = $suppress_uuid;
+ }
+}
+
+if ($config['installedpackages']['snortglobal']['suppress']['item'][$id]['uuid'] != '') {
+ $suppress_uuid = $config['installedpackages']['snortglobal']['suppress']['item'][$id]['uuid'];
+}
+
+$pgtitle = "Services: Snort: Suppression: Edit $suppress_uuid";
+
+$d_snort_suppress_dirty_path = '/var/run/snort_suppress.dirty';
+
+/* returns true if $name is a valid name for a whitelist file name or ip */
+function is_validwhitelistname($name) {
+ if (!is_string($name))
+ return false;
+
+ if (!preg_match("/[^a-zA-Z0-9\.\/]/", $name))
+ return true;
+
+ return false;
+}
+
+
+if (isset($id) && $a_suppress[$id]) {
+
+ /* old settings */
+ $pconfig['name'] = $a_suppress[$id]['name'];
+ $pconfig['uuid'] = $a_suppress[$id]['uuid'];
+ $pconfig['descr'] = $a_suppress[$id]['descr'];
+ $pconfig['suppresspassthru'] = base64_decode($a_suppress[$id]['suppresspassthru']);
+
+
+
+}
+
+ /* this will exec when alert says apply */
+ if ($_POST['apply']) {
+
+ if (file_exists("$d_snort_suppress_dirty_path")) {
+
+ write_config();
+
+ sync_snort_package_config();
+ sync_snort_package();
+
+ unlink("$d_snort_suppress_dirty_path");
+
+ }
+
+ }
+
+if ($_POST['submit']) {
+
+ unset($input_errors);
+ $pconfig = $_POST;
+
+ do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
+
+ if(strtolower($_POST['name']) == "defaultwhitelist")
+ $input_errors[] = "Whitelist file names may not be named defaultwhitelist.";
+
+ $x = is_validwhitelistname($_POST['name']);
+ if (!isset($x)) {
+ $input_errors[] = "Reserved word used for whitelist file name.";
+ } else {
+ if (is_validwhitelistname($_POST['name']) == false)
+ $input_errors[] = "Whitelist file name may only consist of the characters a-z, A-Z and 0-9 _. Note: No Spaces. Press Cancel to reset.";
+ }
+
+
+ /* check for name conflicts */
+ foreach ($a_suppress as $s_list) {
+ if (isset($id) && ($a_suppress[$id]) && ($a_suppress[$id] === $s_list))
+ continue;
+
+ if ($s_list['name'] == $_POST['name']) {
+ $input_errors[] = "A whitelist file name with this name already exists.";
+ break;
+ }
+ }
+
+
+ $s_list = array();
+ /* post user input */
+
+ if (!$input_errors) {
+
+ $s_list['name'] = $_POST['name'];
+ $s_list['uuid'] = $suppress_uuid;
+ $s_list['descr'] = mb_convert_encoding($_POST['descr'],"HTML-ENTITIES","auto");
+ $s_list['suppresspassthru'] = base64_encode($_POST['suppresspassthru']);
+
+
+ if (isset($id) && $a_suppress[$id])
+ $a_suppress[$id] = $s_list;
+ else
+ $a_suppress[] = $s_list;
+
+ touch($d_snort_suppress_dirty_path);
+
+ write_config();
+
+ header("Location: /snort/snort_interfaces_suppress_edit.php?id=$id");
+ exit;
+ }
+
+}
+
+include("head.inc");
+
+?>
+
+<body link="#0000CC" vlink="#0000CC" alink="#0000CC" onload="<?= $jsevents["body"]["onload"] ?>">
+
+<style type="text/css">
+.formpre {
+font-family: Tahoma,Verdana,Arial,Helvetica,sans-serif;
+font-size: 1.1em;
+}
+</style>
+
+<?php
+ include("./snort_fbegin.inc");
+?>
+<p class="pgtitle"><?=$pgtitle?></p>
+
+<?php if ($input_errors) print_input_errors($input_errors); ?>
+<div id="inputerrors"></div>
+
+<form action="/snort/snort_interfaces_suppress_edit.php?id=<?=$id?>" method="post" name="iform" id="iform">
+
+<?php
+ /* Display Alert message */
+ if ($input_errors) {
+ print_input_errors($input_errors); // TODO: add checks
+ }
+
+ if ($savemsg) {
+ print_info_box2($savemsg);
+ }
+
+ //if (file_exists($d_snortconfdirty_path)) {
+ if (file_exists($d_snort_suppress_dirty_path)) {
+ echo '<p>';
+
+ if($savemsg) {
+ print_info_box_np2("{$savemsg}");
+ }else{
+ print_info_box_np2('
+ The Snort configuration has changed and snort needs to be restarted on this interface.<br>
+ You must apply the changes in order for them to take effect.<br>
+ ');
+ }
+ }
+?>
+
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td class="tabnavtbl">
+<?php
+ $tab_array = array();
+ $tab_array[] = array("Snort Interfaces", false, "/snort/snort_interfaces.php");
+ $tab_array[] = array("Global Settings", false, "/snort/snort_interfaces_global.php");
+ $tab_array[] = array("Rule Updates", false, "/snort/snort_download_rules.php");
+ $tab_array[] = array("Alerts", false, "/snort/snort_alerts.php");
+ $tab_array[] = array("Blocked", false, "/snort/snort_blocked.php");
+ $tab_array[] = array("Whitelists", false, "/snort/snort_interfaces_whitelist.php");
+ $tab_array[] = array("Suppress", true, "/snort/snort_interfaces_suppress.php");
+ $tab_array[] = array("Help", false, "/snort/snort_help_info.php");
+ display_top_tabs($tab_array);
+?> </td></tr>
+<tr>
+<td class="tabcont">
+<table width="100%" border="0" cellpadding="6" cellspacing="0">
+ <tr>
+ <td colspan="2" valign="top" class="listtopic">Add the name and description of the file.</td>
+ </tr>
+ <tr>
+ <td valign="top" class="vncellreq">Name</td>
+ <td class="vtable">
+ <input name="name" type="text" id="name" size="40" value="<?=htmlspecialchars($pconfig['name']);?>" />
+ <br />
+ <span class="vexpl">
+ The list name may only consist of the characters a-z, A-Z and 0-9. <span class="red">Note: </span> No Spaces.
+ </span>
+ </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">Description</td>
+ <td width="78%" class="vtable">
+ <input name="descr" type="text" id="descr" size="40" value="<?=$pconfig['descr'];?>" />
+ <br />
+ <span class="vexpl">
+ You may enter a description here for your reference (not parsed).
+ </span>
+ </td>
+ </tr>
+</table>
+<table width="100%" border="0" cellpadding="6" cellspacing="0">
+ <table height="32" width="100%">
+ <tr>
+ <td>
+ <div style='background-color:#E0E0E0' id='redbox'>
+ <table width='100%'>
+ <tr>
+ <td width='8%'>
+ &nbsp;&nbsp;&nbsp;<img style='vertical-align:middle' src="/snort/images/icon_excli.png" width="40" height="32">
+ </td>
+ <td width='70%'>
+ <font size="2" color='#FF850A'><b>NOTE:</b></font>
+ <font size="2" color='#000000'>&nbsp;&nbsp;The threshold keyword is deprecated as of version 2.8.5. Use the event_filter keyword instead.</font>
+ </td>
+ </tr>
+ </table>
+ </div>
+ </td>
+ </tr>
+ <script type="text/javascript">
+ NiftyCheck();
+ Rounded("div#redbox","all","#FFF","#E0E0E0","smooth");
+ Rounded("td#blackbox","all","#FFF","#000000","smooth");
+ </script>
+ <tr>
+ <td colspan="2" valign="top" class="listtopic">Apply suppression or filters to rules. Valid keywords are 'suppress', 'event_filter' and 'rate_filter'.</td>
+ </tr>
+ <tr>
+ <td colspan="2" valign="top" class="vncell">
+ <b>Example 1;</b> suppress gen_id 1, sig_id 1852, track by_src, ip 10.1.1.54<br>
+ <b>Example 2;</b> event_filter gen_id 1, sig_id 1851, type limit, track by_src, count 1, seconds 60<br>
+ <b>Example 3;</b> rate_filter gen_id 135, sig_id 1, track by_src, count 100, seconds 1, new_action log, timeout 10
+ </td>
+ </tr>
+ <tr>
+ <td width="100%" class="vtable">
+ <textarea wrap="off" name="suppresspassthru" cols="142" rows="28" id="suppresspassthru" class="formpre"><?=htmlspecialchars($pconfig['suppresspassthru']);?></textarea>
+</td>
+ </tr>
+ <tr>
+ <td width="78%">
+ <input id="submit" name="submit" type="submit" class="formbtn" value="Save" />
+ <input id="cancelbutton" name="cancelbutton" type="button" class="formbtn" value="Cancel" onclick="history.back()" />
+ <?php if (isset($id) && $a_suppress[$id]): ?>
+ <input name="id" type="hidden" value="<?=$id;?>" />
+ <?php endif; ?>
+ </td>
+ </tr>
+ </table>
+ </table>
+ </td>
+ </tr>
+ </table>
+</form>
+<?php include("fend.inc"); ?>
+</body>
</html> \ No newline at end of file
diff --git a/config/snort/snort_interfaces_whitelist.php b/config/snort/snort_interfaces_whitelist.php
index 3dd8f4dc..87da2f57 100644
--- a/config/snort/snort_interfaces_whitelist.php
+++ b/config/snort/snort_interfaces_whitelist.php
@@ -1,180 +1,180 @@
-<?php
-/* $Id$ */
-/*
- firewall_aliases.php
- Copyright (C) 2004 Scott Ullrich
- All rights reserved.
-
- originially part of m0n0wall (http://m0n0.ch/wall)
- Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
- All rights reserved.
-
- modified for the pfsense snort package
- Copyright (C) 2009-2010 Robert Zelaya.
- All rights reserved.
-
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
-
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
-
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
-
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
-*/
-
-require("guiconfig.inc");
-
-
-if (!is_array($config['installedpackages']['snortglobal']['whitelist']['item']))
- $config['installedpackages']['snortglobal']['whitelist']['item'] = array();
-
-//aliases_sort(); << what ?
-$a_whitelist = &$config['installedpackages']['snortglobal']['whitelist']['item'];
-
-if (isset($config['installedpackages']['snortglobal']['whitelist']['item'])) {
-$id_gen = count($config['installedpackages']['snortglobal']['whitelist']['item']);
-}else{
-$id_gen = '0';
-}
-
-$d_whitelistdirty_path = '/var/run/snort_whitelist.dirty';
-
-if ($_POST) {
-
- $pconfig = $_POST;
-
- if ($_POST['apply']) {
- $retval = 0;
-
- if(stristr($retval, "error") <> true)
- $savemsg = get_std_save_message($retval);
- else
- $savemsg = $retval;
- if ($retval == 0) {
- if (file_exists($d_whitelistdirty_path))
- unlink($d_whitelistdirty_path);
- }
- }
-}
-
-if ($_GET['act'] == "del") {
- if ($a_whitelist[$_GET['id']]) {
- /* make sure rule is not being referenced by any nat or filter rules */
-
- unset($a_whitelist[$_GET['id']]);
- write_config();
- filter_configure();
- touch($d_whitelistdirty_path);
- header("Location: /snort/snort_interfaces_whitelist.php");
- exit;
- }
-}
-
-$pgtitle = "Services: Snort: Whitelist";
-include("head.inc");
-
-?>
-
-<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
-<?php include("./snort_fbegin.inc"); ?>
-<p class="pgtitle"><?=$pgtitle?></p>
-<form action="/snort/snort_interfaces_whitelist.php" method="post">
-<?php if ($savemsg) print_info_box($savemsg); ?>
-<?php if (file_exists($d_whitelistdirty_path)): ?><p>
-<?php print_info_box_np("The white list has been changed.<br>You must apply the changes in order for them to take effect.");?>
-<?php endif; ?>
-
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
- <tr><td class="tabnavtbl">
-<?php
- $tab_array = array();
- $tab_array[] = array("Snort Interfaces", false, "/snort/snort_interfaces.php");
- $tab_array[] = array("Global Settings", false, "/snort/snort_interfaces_global.php");
- $tab_array[] = array("Rule Updates", false, "/snort/snort_download_rules.php");
- $tab_array[] = array("Alerts", false, "/snort/snort_alerts.php");
- $tab_array[] = array("Blocked", false, "/snort/snort_blocked.php");
- $tab_array[] = array("Whitelists", true, "/snort/snort_interfaces_whitelist.php");
- $tab_array[] = array("Suppress", false, "/snort/snort_interfaces_suppress.php");
- $tab_array[] = array("Help", false, "/snort/snort_help_info.php");
- display_top_tabs($tab_array);
-?> </td></tr>
-<tr>
-<td class="tabcont">
-
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
-
-<tr>
- <td width="20%" class="listhdrr">File Name</td>
- <td width="40%" class="listhdrr">Values</td>
- <td width="40%" class="listhdr">Description</td>
- <td width="10%" class="list">
- </td>
-</tr>
- <?php $i = 0; foreach ($a_whitelist as $list): ?>
-<tr>
- <td class="listlr" ondblclick="document.location='snort_interfaces_whitelist_edit.php?id=<?=$i;?>';">
- <?=htmlspecialchars($list['name']);?>
- </td>
- <td class="listr" ondblclick="document.location='snort_interfaces_whitelist_edit.php?id=<?=$i;?>';">
- <?php
- $addresses = implode(", ", array_slice(explode(" ", $list['address']), 0, 10));
- echo $addresses;
- if(count($addresses) < 10) {
- echo " ";
- } else {
- echo "...";
- }
- ?>
- </td>
- <td class="listbg" ondblclick="document.location='snort_interfaces_whitelist_edit.php?id=<?=$i;?>';">
- <font color="#FFFFFF">
- <?=htmlspecialchars($list['descr']);?>&nbsp;
- </td>
- <td valign="middle" nowrap class="list">
- <table border="0" cellspacing="0" cellpadding="1">
- <tr>
- <td valign="middle"><a href="snort_interfaces_whitelist_edit.php?id=<?=$i;?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0" title="edit whitelist"></a></td>
- <td><a href="/snort/snort_interfaces_whitelist.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this whitelist? All elements that still use it will become invalid (e.g. snort rules will fall back to the default whitelist)!')"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="delete whitelist"></a></td>
- </tr>
- </table>
- </td>
-</tr>
- <?php $i++; endforeach; ?>
-<tr>
- <td class="list" colspan="3"></td>
- <td class="list">
- <table border="0" cellspacing="0" cellpadding="1">
- <tr>
- <td valign="middle" width="17">&nbsp;</td>
- <td valign="middle"><a href="snort_interfaces_whitelist_edit.php?id=<?php echo $id_gen;?> "><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="add a new list"></a></td>
- </tr>
- </table>
- </td>
-</tr>
-</table>
- </td>
- </tr>
- </table>
-<br>
-<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
-<td width="100%"><span class="vexpl"><span class="red"><strong>Note:</strong></span>
- <p><span class="vexpl">Here you can create whitelist files for your snort package rules.<br>Please add all the ips or networks you want to protect against snort block decisions.<br>Remember that the default whitelist only includes local networks.<br>Be careful, it is very easy to get locked out of you system.</span></p>
-</td>
-</table>
-</form>
-<?php include("fend.inc"); ?>
-</body>
-</html>
+<?php
+/* $Id$ */
+/*
+ firewall_aliases.php
+ Copyright (C) 2004 Scott Ullrich
+ All rights reserved.
+
+ originially part of m0n0wall (http://m0n0.ch/wall)
+ Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ modified for the pfsense snort package
+ Copyright (C) 2009-2010 Robert Zelaya.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+require("guiconfig.inc");
+
+
+if (!is_array($config['installedpackages']['snortglobal']['whitelist']['item']))
+ $config['installedpackages']['snortglobal']['whitelist']['item'] = array();
+
+//aliases_sort(); << what ?
+$a_whitelist = &$config['installedpackages']['snortglobal']['whitelist']['item'];
+
+if (isset($config['installedpackages']['snortglobal']['whitelist']['item'])) {
+$id_gen = count($config['installedpackages']['snortglobal']['whitelist']['item']);
+}else{
+$id_gen = '0';
+}
+
+$d_whitelistdirty_path = '/var/run/snort_whitelist.dirty';
+
+if ($_POST) {
+
+ $pconfig = $_POST;
+
+ if ($_POST['apply']) {
+ $retval = 0;
+
+ if(stristr($retval, "error") <> true)
+ $savemsg = get_std_save_message($retval);
+ else
+ $savemsg = $retval;
+ if ($retval == 0) {
+ if (file_exists($d_whitelistdirty_path))
+ unlink($d_whitelistdirty_path);
+ }
+ }
+}
+
+if ($_GET['act'] == "del") {
+ if ($a_whitelist[$_GET['id']]) {
+ /* make sure rule is not being referenced by any nat or filter rules */
+
+ unset($a_whitelist[$_GET['id']]);
+ write_config();
+ filter_configure();
+ touch($d_whitelistdirty_path);
+ header("Location: /snort/snort_interfaces_whitelist.php");
+ exit;
+ }
+}
+
+$pgtitle = "Services: Snort: Whitelist";
+include("head.inc");
+
+?>
+
+<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
+<?php include("./snort_fbegin.inc"); ?>
+<p class="pgtitle"><?=$pgtitle?></p>
+<form action="/snort/snort_interfaces_whitelist.php" method="post">
+<?php if ($savemsg) print_info_box($savemsg); ?>
+<?php if (file_exists($d_whitelistdirty_path)): ?><p>
+<?php print_info_box_np("The white list has been changed.<br>You must apply the changes in order for them to take effect.");?>
+<?php endif; ?>
+
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td class="tabnavtbl">
+<?php
+ $tab_array = array();
+ $tab_array[] = array("Snort Interfaces", false, "/snort/snort_interfaces.php");
+ $tab_array[] = array("Global Settings", false, "/snort/snort_interfaces_global.php");
+ $tab_array[] = array("Rule Updates", false, "/snort/snort_download_rules.php");
+ $tab_array[] = array("Alerts", false, "/snort/snort_alerts.php");
+ $tab_array[] = array("Blocked", false, "/snort/snort_blocked.php");
+ $tab_array[] = array("Whitelists", true, "/snort/snort_interfaces_whitelist.php");
+ $tab_array[] = array("Suppress", false, "/snort/snort_interfaces_suppress.php");
+ $tab_array[] = array("Help", false, "/snort/snort_help_info.php");
+ display_top_tabs($tab_array);
+?> </td></tr>
+<tr>
+<td class="tabcont">
+
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+
+<tr>
+ <td width="20%" class="listhdrr">File Name</td>
+ <td width="40%" class="listhdrr">Values</td>
+ <td width="40%" class="listhdr">Description</td>
+ <td width="10%" class="list">
+ </td>
+</tr>
+ <?php $i = 0; foreach ($a_whitelist as $list): ?>
+<tr>
+ <td class="listlr" ondblclick="document.location='snort_interfaces_whitelist_edit.php?id=<?=$i;?>';">
+ <?=htmlspecialchars($list['name']);?>
+ </td>
+ <td class="listr" ondblclick="document.location='snort_interfaces_whitelist_edit.php?id=<?=$i;?>';">
+ <?php
+ $addresses = implode(", ", array_slice(explode(" ", $list['address']), 0, 10));
+ echo $addresses;
+ if(count($addresses) < 10) {
+ echo " ";
+ } else {
+ echo "...";
+ }
+ ?>
+ </td>
+ <td class="listbg" ondblclick="document.location='snort_interfaces_whitelist_edit.php?id=<?=$i;?>';">
+ <font color="#FFFFFF">
+ <?=htmlspecialchars($list['descr']);?>&nbsp;
+ </td>
+ <td valign="middle" nowrap class="list">
+ <table border="0" cellspacing="0" cellpadding="1">
+ <tr>
+ <td valign="middle"><a href="snort_interfaces_whitelist_edit.php?id=<?=$i;?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0" title="edit whitelist"></a></td>
+ <td><a href="/snort/snort_interfaces_whitelist.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this whitelist? All elements that still use it will become invalid (e.g. snort rules will fall back to the default whitelist)!')"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="delete whitelist"></a></td>
+ </tr>
+ </table>
+ </td>
+</tr>
+ <?php $i++; endforeach; ?>
+<tr>
+ <td class="list" colspan="3"></td>
+ <td class="list">
+ <table border="0" cellspacing="0" cellpadding="1">
+ <tr>
+ <td valign="middle" width="17">&nbsp;</td>
+ <td valign="middle"><a href="snort_interfaces_whitelist_edit.php?id=<?php echo $id_gen;?> "><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="add a new list"></a></td>
+ </tr>
+ </table>
+ </td>
+</tr>
+</table>
+ </td>
+ </tr>
+ </table>
+<br>
+<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
+<td width="100%"><span class="vexpl"><span class="red"><strong>Note:</strong></span>
+ <p><span class="vexpl">Here you can create whitelist files for your snort package rules.<br>Please add all the ips or networks you want to protect against snort block decisions.<br>Remember that the default whitelist only includes local networks.<br>Be careful, it is very easy to get locked out of you system.</span></p>
+</td>
+</table>
+</form>
+<?php include("fend.inc"); ?>
+</body>
+</html>
diff --git a/config/snort/snort_interfaces_whitelist_edit.php b/config/snort/snort_interfaces_whitelist_edit.php
index 4f2d027b..c147ca7f 100644
--- a/config/snort/snort_interfaces_whitelist_edit.php
+++ b/config/snort/snort_interfaces_whitelist_edit.php
@@ -1,477 +1,477 @@
-<?php
-/* $Id$ */
-/*
- firewall_aliases_edit.php
- Copyright (C) 2004 Scott Ullrich
- All rights reserved.
-
- originially part of m0n0wall (http://m0n0.ch/wall)
- Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
- All rights reserved.
-
- modified for the pfsense snort package
- Copyright (C) 2009-2010 Robert Zelaya.
- All rights reserved.
-
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
-
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
-
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
-
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
-*/
-
-require_once("guiconfig.inc");
-require_once("/usr/local/pkg/snort/snort.inc");
-require_once("/usr/local/pkg/snort/snort_gui.inc");
-
-if (!is_array($config['installedpackages']['snortglobal']['whitelist']['item']))
- $config['installedpackages']['snortglobal']['whitelist']['item'] = array();
-
-$a_whitelist = &$config['installedpackages']['snortglobal']['whitelist']['item'];
-
-$id = $_GET['id'];
-if (isset($_POST['id']))
- $id = $_POST['id'];
-
-
-/* gen uuid for each iface !inportant */
-if ($config['installedpackages']['snortglobal']['whitelist']['item'][$id]['uuid'] == '') {
- //$snort_uuid = gen_snort_uuid(strrev(uniqid(true)));
-$whitelist_uuid = 0;
-while ($whitelist_uuid > 65535 || $whitelist_uuid == 0) {
- $whitelist_uuid = mt_rand(1, 65535);
- $pconfig['uuid'] = $whitelist_uuid;
- }
-}
-
-if ($config['installedpackages']['snortglobal']['whitelist']['item'][$id]['uuid'] != '') {
- $whitelist_uuid = $config['installedpackages']['snortglobal']['whitelist']['item'][$id]['uuid'];
-}
-
-$pgtitle = "Services: Snort: Whitelist: Edit $whitelist_uuid";
-
-$d_snort_whitelist_dirty_path = '/var/run/snort_whitelist.dirty';
-
-/* returns true if $name is a valid name for a whitelist file name or ip */
-function is_validwhitelistname($name) {
- if (!is_string($name))
- return false;
-
- if (!preg_match("/[^a-zA-Z0-9\.\/]/", $name))
- return true;
-
- return false;
-}
-
-
-if (isset($id) && $a_whitelist[$id]) {
-
- /* old settings */
- $pconfig['name'] = $a_whitelist[$id]['name'];
- $pconfig['uuid'] = $a_whitelist[$id]['uuid'];
- $pconfig['detail'] = $a_whitelist[$id]['detail'];
- $pconfig['snortlisttype'] = $a_whitelist[$id]['snortlisttype'];
- $pconfig['address'] = $a_whitelist[$id]['address'];
- $pconfig['descr'] = html_entity_decode($a_whitelist[$id]['descr']);
- $pconfig['wanips'] = $a_whitelist[$id]['wanips'];
- $pconfig['wangateips'] = $a_whitelist[$id]['wangateips'];
- $pconfig['wandnsips'] = $a_whitelist[$id]['wandnsips'];
- $pconfig['vips'] = $a_whitelist[$id]['vips'];
- $pconfig['vpnips'] = $a_whitelist[$id]['vpnips'];
-
-
- $addresses = explode(' ', $pconfig['address']);
- $address = explode(" ", $addresses[0]);
- if ($address[1])
- $addresssubnettest = true;
- else
- $addresssubnettest = false;
-}
-
- /* this will exec when alert says apply */
- if ($_POST['apply']) {
-
- if (file_exists("$d_snort_whitelist_dirty_path")) {
-
- write_config();
-
- sync_snort_package_config();
- sync_snort_package();
-
- unlink("$d_snort_whitelist_dirty_path");
-
- }
-
- }
-
-if ($_POST['submit']) {
-
- unset($input_errors);
- $pconfig = $_POST;
-
- /* input validation */
- $reqdfields = explode(" ", "name address");
- $reqdfieldsn = explode(",", "Name,Address");
-
- do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
-
- if(strtolower($_POST['name']) == "defaultwhitelist")
- $input_errors[] = "Whitelist file names may not be named defaultwhitelist.";
-
- $x = is_validwhitelistname($_POST['name']);
- if (!isset($x)) {
- $input_errors[] = "Reserved word used for whitelist file name.";
- } else {
- if (is_validwhitelistname($_POST['name']) == false)
- $input_errors[] = "Whitelist file name may only consist of the characters a-z, A-Z and 0-9 _. Note: No Spaces. Press Cancel to reset.";
- }
-
- if (is_validwhitelistname($_POST['address']) == false)
- $input_errors[] = "Whitelist address may only consist of the characters 0-9 and /. Note: No Spaces. Press Cancel to reset.";
-
-
- /* check for name conflicts */
- foreach ($a_whitelist as $w_list) {
- if (isset($id) && ($a_whitelist[$id]) && ($a_whitelist[$id] === $w_list))
- continue;
-
- if ($w_list['name'] == $_POST['name']) {
- $input_errors[] = "A whitelist file name with this name already exists.";
- break;
- }
- }
-
-
- $w_list = array();
- /* post user input */
- $w_list['name'] = $_POST['name'];
- $w_list['uuid'] = $whitelist_uuid;
- $w_list['snortlisttype'] = $_POST['snortlisttype'];
- $w_list['address'] = $_POST['address'];
- $w_list['wanips'] = $_POST['wanips']? yes : no;
- $w_list['wangateips'] = $_POST['wangateips']? yes : no;
- $w_list['wandnsips'] = $_POST['wandnsips']? yes : no;
- $w_list['vips'] = $_POST['vips']? yes : no;
- $w_list['vpnips'] = $_POST['vpnips']? yes : no;
-
-
- $address = $w_list['address'];
- $final_address_detail = mb_convert_encoding($_POST['detail'],"HTML-ENTITIES","auto");
- if($final_address_detail <> "") {
- $final_address_details .= $final_address_detail;
- } else {
- $final_address_details .= "Entry added" . " ";
- $final_address_details .= date('r');
- }
- $final_address_details .= "||";
- $isfirst = 0;
-
-
- /* add another entry code */
- for($x=0; $x<299; $x++) {
- $comd = "\$subnet = \$_POST['address" . $x . "'];";
- eval($comd);
- $comd = "\$subnet_address = \$_POST['address_subnet" . $x . "'];";
- eval($comd);
- if($subnet <> "") {
- $address .= " ";
- $address .= $subnet;
- if($subnet_address <> "") $address .= "" . $subnet_address;
-
- /* Compress in details to a single key, data separated by pipes.
- Pulling details here lets us only pull in details for valid
- address entries, saving us from having to track which ones to
- process later. */
- $comd = "\$final_address_detail = mb_convert_encoding(\$_POST['detail" . $x . "'],'HTML-ENTITIES','auto');";
- eval($comd);
- if($final_address_detail <> "") {
- $final_address_details .= $final_address_detail;
- } else {
- $final_address_details .= "Entry added" . " ";
- $final_address_details .= date('r');
- }
- $final_address_details .= "||";
- }
- }
-
- if (!$input_errors) {
- $w_list['address'] = $address;
- $w_list['descr'] = mb_convert_encoding($_POST['descr'],"HTML-ENTITIES","auto");
- $w_list['detail'] = $final_address_details;
-
- if (isset($id) && $a_whitelist[$id])
- $a_whitelist[$id] = $w_list;
- else
- $a_whitelist[] = $w_list;
-
- touch($d_snort_whitelist_dirty_path);
-
- write_config();
-
- header("Location: /snort/snort_interfaces_whitelist_edit.php?id=$id");
- exit;
- }
- //we received input errors, copy data to prevent retype
- else
- {
- $pconfig['descr'] = mb_convert_encoding($_POST['descr'],"HTML-ENTITIES","auto");
- $pconfig['address'] = $address;
- $pconfig['detail'] = $final_address_details;
- }
-}
-
-include("head.inc");
-
-?>
-
-<body link="#0000CC" vlink="#0000CC" alink="#0000CC" onload="<?= $jsevents["body"]["onload"] ?>">
-<?php
- include("./snort_fbegin.inc");
- echo $jscriptstr;
-?>
-
-<script type="text/javascript" src="/snort/javascript/row_helper.js"></script>
-<input type='hidden' name='address_type' value='textbox' />
-<script type="text/javascript">
- rowname[0] = "address";
- rowtype[0] = "textbox";
- rowsize[0] = "30";
-
- rowname[1] = "detail";
- rowtype[1] = "textbox";
- rowsize[1] = "50";
-</script>
-
-<p class="pgtitle"><?=$pgtitle?></p>
-
-<?php if ($input_errors) print_input_errors($input_errors); ?>
-<div id="inputerrors"></div>
-
-<form action="snort_interfaces_whitelist_edit.php?id=<?=$id?>" method="post" name="iform" id="iform">
-
-<?php
- /* Display Alert message */
- if ($input_errors) {
- print_input_errors($input_errors); // TODO: add checks
- }
-
- if ($savemsg) {
- print_info_box2($savemsg);
- }
-
- //if (file_exists($d_snortconfdirty_path)) {
- if (file_exists($d_snort_whitelist_dirty_path)) {
- echo '<p>';
-
- if($savemsg) {
- print_info_box_np2("{$savemsg}");
- }else{
- print_info_box_np2('
- The Snort configuration has changed and snort needs to be restarted on this interface.<br>
- You must apply the changes in order for them to take effect.<br>
- ');
- }
- }
-?>
-
-<table width="100%" border="0" cellpadding="0" cellspacing="0">
- <tr><td class="tabnavtbl">
-<?php
- $tab_array = array();
- $tab_array[] = array("Snort Interfaces", false, "/snort/snort_interfaces.php");
- $tab_array[] = array("Global Settings", false, "/snort/snort_interfaces_global.php");
- $tab_array[] = array("Rule Updates", false, "/snort/snort_download_rules.php");
- $tab_array[] = array("Alerts", false, "/snort/snort_alerts.php");
- $tab_array[] = array("Blocked", false, "/snort/snort_blocked.php");
- $tab_array[] = array("Whitelists", true, "/snort/snort_interfaces_whitelist.php");
- $tab_array[] = array("Suppress", false, "/snort/snort_interfaces_suppress.php");
- $tab_array[] = array("Help", false, "/snort/snort_help_info.php");
- display_top_tabs($tab_array);
-?> </td></tr>
-<tr>
-<td class="tabcont">
-
-<table width="100%" border="0" cellpadding="6" cellspacing="0">
- <tr>
- <td colspan="2" valign="top" class="listtopic">Add the name and description of the file.</td>
- </tr>
- <tr>
- <td valign="top" class="vncellreq">Name</td>
- <td class="vtable">
- <input name="name" type="text" id="name" size="40" value="<?=htmlspecialchars($pconfig['name']);?>" />
- <br />
- <span class="vexpl">
- The list name may only consist of the characters a-z, A-Z and 0-9. <span class="red">Note: </span> No Spaces.
- </span>
- </td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Description</td>
- <td width="78%" class="vtable">
- <input name="descr" type="text" id="descr" size="40" value="<?=$pconfig['descr'];?>" />
- <br />
- <span class="vexpl">
- You may enter a description here for your reference (not parsed).
- </span>
- </td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">List Type</td>
- <td width="78%" class="vtable">
- <select name="snortlisttype" class="formfld" id="snortlisttype">
- <?php
- $interfaces4 = array('whitelist' => 'WHITELIST', 'netlist' => 'NETLIST');
- foreach ($interfaces4 as $iface4 => $ifacename4): ?>
- <option value="<?=$iface4;?>" <?php if ($iface4 == $pconfig['snortlisttype']) echo "selected"; ?>>
- <?=htmlspecialchars($ifacename4);?>
- </option>
- <?php endforeach; ?>
- </select><br>
- <span class="vexpl">Choose the type of list you will like see in your Interface Edit Tab.&nbsp;Hint: Best pratice is to test every list you make.
- </span>&nbsp;<span class="red">Note:</span>&nbsp;NETLIST's are only for defining snort.conf's external or home NETS.</td>
- </tr>
- <tr>
- <td colspan="2" valign="top" class="listtopic">Add auto generated ips.</td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">WAN IPs</td>
- <td width="78%" class="vtable">
- <input name="wanips" type="checkbox" id="wanips" size="40" value="yes" <?php if($pconfig['wanips'] == 'yes'){ echo "checked";} if($pconfig['wanips'] == ''){ echo "checked";} ?>/>
- <span class="vexpl">
- Add WAN IPs to the list.
- </span>
- </td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Wan Gateways</td>
- <td width="78%" class="vtable">
- <input name="wangateips" type="checkbox" id="wangateips" size="40" value="yes" <?php if($pconfig['wangateips'] == 'yes'){ echo "checked";} if($pconfig['wangateips'] == ''){ echo "checked";} ?>/>
- <span class="vexpl">
- Add WAN Gateways to the list.
- </span>
- </td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Wan DNS servers</td>
- <td width="78%" class="vtable">
- <input name="wandnsips" type="checkbox" id="wandnsips" size="40" value="yes" <?php if($pconfig['wandnsips'] == 'yes'){ echo "checked";} if($pconfig['wandnsips'] == ''){ echo "checked";} ?>/>
- <span class="vexpl">
- Add WAN DNS servers to the list.
- </span>
- </td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">Virtual IP Addresses</td>
- <td width="78%" class="vtable">
- <input name="vips" type="checkbox" id="vips" size="40" value="yes" <?php if($pconfig['vips'] == 'yes'){ echo "checked";} if($pconfig['vips'] == ''){ echo "checked";} ?>/>
- <span class="vexpl">
- Add Virtual IP Addresses to the list.
- </span>
- </td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncell">VPNs</td>
- <td width="78%" class="vtable">
- <input name="vpnips" type="checkbox" id="vpnips" size="40" value="yes" <?php if($pconfig['vpnips'] == 'yes'){ echo "checked";} if($pconfig['vpnips'] == ''){ echo "checked";} ?>/>
- <span class="vexpl">
- Add VPN Addresses to the list.
- </span>
- </td>
- </tr>
- <tr>
- <td colspan="2" valign="top" class="listtopic">Add your own custom ips.</td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncellreq"><div id="addressnetworkport">IP or CIDR items</div></td>
- <td width="78%" class="vtable">
- <table id="maintable">
- <tbody>
- <tr>
- <td colspan="4">
- <div style="padding:5px; margin-top: 16px; margin-bottom: 16px; border:1px dashed #000066; background-color: #ffffff; color: #000000; font-size: 8pt;" id="itemhelp">
- Enter only ips or CIDR notations. Example: 192.168.4.1 or 192.168.1.0/24</div>
- </td>
- </tr>
- <tr>
- <td><div id="onecolumn">IP or CIDR</div></td>
- <td><div id="threecolumn">Add a Description or leave blank and a date will be added.</div></td>
- </tr>
-
- <?php
- /* cleanup code */
- $counter = 0;
- $address = $pconfig['address'];
- $item = explode(" ", $address);
- $item3 = explode("||", $pconfig['detail']);
- foreach($item as $ww) {
- $address = $item[$counter];
- $item4 = $item3[$counter];
- if($counter > 0) $tracker = $counter + 1;
- ?>
- <tr>
- <td>
- <input name="address<?php echo $tracker; ?>" type="text" id="address<?php echo $tracker; ?>" size="30" value="<?=htmlspecialchars($address);?>" />
- </td>
- <td>
- <input name="detail<?php echo $tracker; ?>" type="text" id="detail<?php echo $tracker; ?>" size="50" value="<?=$item4;?>" />
- </td>
- <td>
- <?php
- if($counter > 0)
- echo "<input type=\"image\" src=\"/themes/".$g['theme']."/images/icons/icon_x.gif\" onclick=\"removeRow(this); return false;\" value=\"Delete\" />";
- ?>
- </td>
- </tr>
- <?php
- $counter++;
-
- } // end foreach
- ?>
- </tbody>
- </table>
- <a onclick="javascript:addRowTo('maintable'); return false;" href="#"><img border="0" src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" alt="" title="add another entry" />
- </a>
- </td>
- </tr>
- <tr>
- <td width="22%" valign="top">&nbsp;</td>
- <td width="78%">
- <input id="submit" name="submit" type="submit" class="formbtn" value="Save" />
- <input id="cancelbutton" name="cancelbutton" type="button" class="formbtn" value="Cancel" onclick="history.back()" />
- <?php if (isset($id) && $a_whitelist[$id]): ?>
- <input name="id" type="hidden" value="<?=$id;?>" />
- <?php endif; ?>
- </td>
- </tr>
-</table>
- </td>
- </tr>
- </table>
-</form>
-
-<script type="text/javascript">
- /* row and col adjust when you add extra entries */
- field_counter_js = 2;
- rows = 1;
- totalrows = <?php echo $counter; ?>;
- loaded = <?php echo $counter; ?>;
-</script>
-
-<?php include("fend.inc"); ?>
-</body>
+<?php
+/* $Id$ */
+/*
+ firewall_aliases_edit.php
+ Copyright (C) 2004 Scott Ullrich
+ All rights reserved.
+
+ originially part of m0n0wall (http://m0n0.ch/wall)
+ Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+
+ modified for the pfsense snort package
+ Copyright (C) 2009-2010 Robert Zelaya.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+require_once("guiconfig.inc");
+require_once("/usr/local/pkg/snort/snort.inc");
+require_once("/usr/local/pkg/snort/snort_gui.inc");
+
+if (!is_array($config['installedpackages']['snortglobal']['whitelist']['item']))
+ $config['installedpackages']['snortglobal']['whitelist']['item'] = array();
+
+$a_whitelist = &$config['installedpackages']['snortglobal']['whitelist']['item'];
+
+$id = $_GET['id'];
+if (isset($_POST['id']))
+ $id = $_POST['id'];
+
+
+/* gen uuid for each iface !inportant */
+if ($config['installedpackages']['snortglobal']['whitelist']['item'][$id]['uuid'] == '') {
+ //$snort_uuid = gen_snort_uuid(strrev(uniqid(true)));
+$whitelist_uuid = 0;
+while ($whitelist_uuid > 65535 || $whitelist_uuid == 0) {
+ $whitelist_uuid = mt_rand(1, 65535);
+ $pconfig['uuid'] = $whitelist_uuid;
+ }
+}
+
+if ($config['installedpackages']['snortglobal']['whitelist']['item'][$id]['uuid'] != '') {
+ $whitelist_uuid = $config['installedpackages']['snortglobal']['whitelist']['item'][$id]['uuid'];
+}
+
+$pgtitle = "Services: Snort: Whitelist: Edit $whitelist_uuid";
+
+$d_snort_whitelist_dirty_path = '/var/run/snort_whitelist.dirty';
+
+/* returns true if $name is a valid name for a whitelist file name or ip */
+function is_validwhitelistname($name) {
+ if (!is_string($name))
+ return false;
+
+ if (!preg_match("/[^a-zA-Z0-9\.\/]/", $name))
+ return true;
+
+ return false;
+}
+
+
+if (isset($id) && $a_whitelist[$id]) {
+
+ /* old settings */
+ $pconfig['name'] = $a_whitelist[$id]['name'];
+ $pconfig['uuid'] = $a_whitelist[$id]['uuid'];
+ $pconfig['detail'] = $a_whitelist[$id]['detail'];
+ $pconfig['snortlisttype'] = $a_whitelist[$id]['snortlisttype'];
+ $pconfig['address'] = $a_whitelist[$id]['address'];
+ $pconfig['descr'] = html_entity_decode($a_whitelist[$id]['descr']);
+ $pconfig['wanips'] = $a_whitelist[$id]['wanips'];
+ $pconfig['wangateips'] = $a_whitelist[$id]['wangateips'];
+ $pconfig['wandnsips'] = $a_whitelist[$id]['wandnsips'];
+ $pconfig['vips'] = $a_whitelist[$id]['vips'];
+ $pconfig['vpnips'] = $a_whitelist[$id]['vpnips'];
+
+
+ $addresses = explode(' ', $pconfig['address']);
+ $address = explode(" ", $addresses[0]);
+ if ($address[1])
+ $addresssubnettest = true;
+ else
+ $addresssubnettest = false;
+}
+
+ /* this will exec when alert says apply */
+ if ($_POST['apply']) {
+
+ if (file_exists("$d_snort_whitelist_dirty_path")) {
+
+ write_config();
+
+ sync_snort_package_config();
+ sync_snort_package();
+
+ unlink("$d_snort_whitelist_dirty_path");
+
+ }
+
+ }
+
+if ($_POST['submit']) {
+
+ unset($input_errors);
+ $pconfig = $_POST;
+
+ /* input validation */
+ $reqdfields = explode(" ", "name address");
+ $reqdfieldsn = explode(",", "Name,Address");
+
+ do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
+
+ if(strtolower($_POST['name']) == "defaultwhitelist")
+ $input_errors[] = "Whitelist file names may not be named defaultwhitelist.";
+
+ $x = is_validwhitelistname($_POST['name']);
+ if (!isset($x)) {
+ $input_errors[] = "Reserved word used for whitelist file name.";
+ } else {
+ if (is_validwhitelistname($_POST['name']) == false)
+ $input_errors[] = "Whitelist file name may only consist of the characters a-z, A-Z and 0-9 _. Note: No Spaces. Press Cancel to reset.";
+ }
+
+ if (is_validwhitelistname($_POST['address']) == false)
+ $input_errors[] = "Whitelist address may only consist of the characters 0-9 and /. Note: No Spaces. Press Cancel to reset.";
+
+
+ /* check for name conflicts */
+ foreach ($a_whitelist as $w_list) {
+ if (isset($id) && ($a_whitelist[$id]) && ($a_whitelist[$id] === $w_list))
+ continue;
+
+ if ($w_list['name'] == $_POST['name']) {
+ $input_errors[] = "A whitelist file name with this name already exists.";
+ break;
+ }
+ }
+
+
+ $w_list = array();
+ /* post user input */
+ $w_list['name'] = $_POST['name'];
+ $w_list['uuid'] = $whitelist_uuid;
+ $w_list['snortlisttype'] = $_POST['snortlisttype'];
+ $w_list['address'] = $_POST['address'];
+ $w_list['wanips'] = $_POST['wanips']? yes : no;
+ $w_list['wangateips'] = $_POST['wangateips']? yes : no;
+ $w_list['wandnsips'] = $_POST['wandnsips']? yes : no;
+ $w_list['vips'] = $_POST['vips']? yes : no;
+ $w_list['vpnips'] = $_POST['vpnips']? yes : no;
+
+
+ $address = $w_list['address'];
+ $final_address_detail = mb_convert_encoding($_POST['detail'],"HTML-ENTITIES","auto");
+ if($final_address_detail <> "") {
+ $final_address_details .= $final_address_detail;
+ } else {
+ $final_address_details .= "Entry added" . " ";
+ $final_address_details .= date('r');
+ }
+ $final_address_details .= "||";
+ $isfirst = 0;
+
+
+ /* add another entry code */
+ for($x=0; $x<299; $x++) {
+ $comd = "\$subnet = \$_POST['address" . $x . "'];";
+ eval($comd);
+ $comd = "\$subnet_address = \$_POST['address_subnet" . $x . "'];";
+ eval($comd);
+ if($subnet <> "") {
+ $address .= " ";
+ $address .= $subnet;
+ if($subnet_address <> "") $address .= "" . $subnet_address;
+
+ /* Compress in details to a single key, data separated by pipes.
+ Pulling details here lets us only pull in details for valid
+ address entries, saving us from having to track which ones to
+ process later. */
+ $comd = "\$final_address_detail = mb_convert_encoding(\$_POST['detail" . $x . "'],'HTML-ENTITIES','auto');";
+ eval($comd);
+ if($final_address_detail <> "") {
+ $final_address_details .= $final_address_detail;
+ } else {
+ $final_address_details .= "Entry added" . " ";
+ $final_address_details .= date('r');
+ }
+ $final_address_details .= "||";
+ }
+ }
+
+ if (!$input_errors) {
+ $w_list['address'] = $address;
+ $w_list['descr'] = mb_convert_encoding($_POST['descr'],"HTML-ENTITIES","auto");
+ $w_list['detail'] = $final_address_details;
+
+ if (isset($id) && $a_whitelist[$id])
+ $a_whitelist[$id] = $w_list;
+ else
+ $a_whitelist[] = $w_list;
+
+ touch($d_snort_whitelist_dirty_path);
+
+ write_config();
+
+ header("Location: /snort/snort_interfaces_whitelist_edit.php?id=$id");
+ exit;
+ }
+ //we received input errors, copy data to prevent retype
+ else
+ {
+ $pconfig['descr'] = mb_convert_encoding($_POST['descr'],"HTML-ENTITIES","auto");
+ $pconfig['address'] = $address;
+ $pconfig['detail'] = $final_address_details;
+ }
+}
+
+include("head.inc");
+
+?>
+
+<body link="#0000CC" vlink="#0000CC" alink="#0000CC" onload="<?= $jsevents["body"]["onload"] ?>">
+<?php
+ include("./snort_fbegin.inc");
+ echo $jscriptstr;
+?>
+
+<script type="text/javascript" src="/snort/javascript/row_helper.js"></script>
+<input type='hidden' name='address_type' value='textbox' />
+<script type="text/javascript">
+ rowname[0] = "address";
+ rowtype[0] = "textbox";
+ rowsize[0] = "30";
+
+ rowname[1] = "detail";
+ rowtype[1] = "textbox";
+ rowsize[1] = "50";
+</script>
+
+<p class="pgtitle"><?=$pgtitle?></p>
+
+<?php if ($input_errors) print_input_errors($input_errors); ?>
+<div id="inputerrors"></div>
+
+<form action="snort_interfaces_whitelist_edit.php?id=<?=$id?>" method="post" name="iform" id="iform">
+
+<?php
+ /* Display Alert message */
+ if ($input_errors) {
+ print_input_errors($input_errors); // TODO: add checks
+ }
+
+ if ($savemsg) {
+ print_info_box2($savemsg);
+ }
+
+ //if (file_exists($d_snortconfdirty_path)) {
+ if (file_exists($d_snort_whitelist_dirty_path)) {
+ echo '<p>';
+
+ if($savemsg) {
+ print_info_box_np2("{$savemsg}");
+ }else{
+ print_info_box_np2('
+ The Snort configuration has changed and snort needs to be restarted on this interface.<br>
+ You must apply the changes in order for them to take effect.<br>
+ ');
+ }
+ }
+?>
+
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+ <tr><td class="tabnavtbl">
+<?php
+ $tab_array = array();
+ $tab_array[] = array("Snort Interfaces", false, "/snort/snort_interfaces.php");
+ $tab_array[] = array("Global Settings", false, "/snort/snort_interfaces_global.php");
+ $tab_array[] = array("Rule Updates", false, "/snort/snort_download_rules.php");
+ $tab_array[] = array("Alerts", false, "/snort/snort_alerts.php");
+ $tab_array[] = array("Blocked", false, "/snort/snort_blocked.php");
+ $tab_array[] = array("Whitelists", true, "/snort/snort_interfaces_whitelist.php");
+ $tab_array[] = array("Suppress", false, "/snort/snort_interfaces_suppress.php");
+ $tab_array[] = array("Help", false, "/snort/snort_help_info.php");
+ display_top_tabs($tab_array);
+?> </td></tr>
+<tr>
+<td class="tabcont">
+
+<table width="100%" border="0" cellpadding="6" cellspacing="0">
+ <tr>
+ <td colspan="2" valign="top" class="listtopic">Add the name and description of the file.</td>
+ </tr>
+ <tr>
+ <td valign="top" class="vncellreq">Name</td>
+ <td class="vtable">
+ <input name="name" type="text" id="name" size="40" value="<?=htmlspecialchars($pconfig['name']);?>" />
+ <br />
+ <span class="vexpl">
+ The list name may only consist of the characters a-z, A-Z and 0-9. <span class="red">Note: </span> No Spaces.
+ </span>
+ </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">Description</td>
+ <td width="78%" class="vtable">
+ <input name="descr" type="text" id="descr" size="40" value="<?=$pconfig['descr'];?>" />
+ <br />
+ <span class="vexpl">
+ You may enter a description here for your reference (not parsed).
+ </span>
+ </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">List Type</td>
+ <td width="78%" class="vtable">
+ <select name="snortlisttype" class="formfld" id="snortlisttype">
+ <?php
+ $interfaces4 = array('whitelist' => 'WHITELIST', 'netlist' => 'NETLIST');
+ foreach ($interfaces4 as $iface4 => $ifacename4): ?>
+ <option value="<?=$iface4;?>" <?php if ($iface4 == $pconfig['snortlisttype']) echo "selected"; ?>>
+ <?=htmlspecialchars($ifacename4);?>
+ </option>
+ <?php endforeach; ?>
+ </select><br>
+ <span class="vexpl">Choose the type of list you will like see in your Interface Edit Tab.&nbsp;Hint: Best pratice is to test every list you make.
+ </span>&nbsp;<span class="red">Note:</span>&nbsp;NETLIST's are only for defining snort.conf's external or home NETS.</td>
+ </tr>
+ <tr>
+ <td colspan="2" valign="top" class="listtopic">Add auto generated ips.</td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">WAN IPs</td>
+ <td width="78%" class="vtable">
+ <input name="wanips" type="checkbox" id="wanips" size="40" value="yes" <?php if($pconfig['wanips'] == 'yes'){ echo "checked";} if($pconfig['wanips'] == ''){ echo "checked";} ?>/>
+ <span class="vexpl">
+ Add WAN IPs to the list.
+ </span>
+ </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">Wan Gateways</td>
+ <td width="78%" class="vtable">
+ <input name="wangateips" type="checkbox" id="wangateips" size="40" value="yes" <?php if($pconfig['wangateips'] == 'yes'){ echo "checked";} if($pconfig['wangateips'] == ''){ echo "checked";} ?>/>
+ <span class="vexpl">
+ Add WAN Gateways to the list.
+ </span>
+ </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">Wan DNS servers</td>
+ <td width="78%" class="vtable">
+ <input name="wandnsips" type="checkbox" id="wandnsips" size="40" value="yes" <?php if($pconfig['wandnsips'] == 'yes'){ echo "checked";} if($pconfig['wandnsips'] == ''){ echo "checked";} ?>/>
+ <span class="vexpl">
+ Add WAN DNS servers to the list.
+ </span>
+ </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">Virtual IP Addresses</td>
+ <td width="78%" class="vtable">
+ <input name="vips" type="checkbox" id="vips" size="40" value="yes" <?php if($pconfig['vips'] == 'yes'){ echo "checked";} if($pconfig['vips'] == ''){ echo "checked";} ?>/>
+ <span class="vexpl">
+ Add Virtual IP Addresses to the list.
+ </span>
+ </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">VPNs</td>
+ <td width="78%" class="vtable">
+ <input name="vpnips" type="checkbox" id="vpnips" size="40" value="yes" <?php if($pconfig['vpnips'] == 'yes'){ echo "checked";} if($pconfig['vpnips'] == ''){ echo "checked";} ?>/>
+ <span class="vexpl">
+ Add VPN Addresses to the list.
+ </span>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="2" valign="top" class="listtopic">Add your own custom ips.</td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncellreq"><div id="addressnetworkport">IP or CIDR items</div></td>
+ <td width="78%" class="vtable">
+ <table id="maintable">
+ <tbody>
+ <tr>
+ <td colspan="4">
+ <div style="padding:5px; margin-top: 16px; margin-bottom: 16px; border:1px dashed #000066; background-color: #ffffff; color: #000000; font-size: 8pt;" id="itemhelp">
+ Enter only ips or CIDR notations. Example: 192.168.4.1 or 192.168.1.0/24</div>
+ </td>
+ </tr>
+ <tr>
+ <td><div id="onecolumn">IP or CIDR</div></td>
+ <td><div id="threecolumn">Add a Description or leave blank and a date will be added.</div></td>
+ </tr>
+
+ <?php
+ /* cleanup code */
+ $counter = 0;
+ $address = $pconfig['address'];
+ $item = explode(" ", $address);
+ $item3 = explode("||", $pconfig['detail']);
+ foreach($item as $ww) {
+ $address = $item[$counter];
+ $item4 = $item3[$counter];
+ if($counter > 0) $tracker = $counter + 1;
+ ?>
+ <tr>
+ <td>
+ <input name="address<?php echo $tracker; ?>" type="text" id="address<?php echo $tracker; ?>" size="30" value="<?=htmlspecialchars($address);?>" />
+ </td>
+ <td>
+ <input name="detail<?php echo $tracker; ?>" type="text" id="detail<?php echo $tracker; ?>" size="50" value="<?=$item4;?>" />
+ </td>
+ <td>
+ <?php
+ if($counter > 0)
+ echo "<input type=\"image\" src=\"/themes/".$g['theme']."/images/icons/icon_x.gif\" onclick=\"removeRow(this); return false;\" value=\"Delete\" />";
+ ?>
+ </td>
+ </tr>
+ <?php
+ $counter++;
+
+ } // end foreach
+ ?>
+ </tbody>
+ </table>
+ <a onclick="javascript:addRowTo('maintable'); return false;" href="#"><img border="0" src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" alt="" title="add another entry" />
+ </a>
+ </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top">&nbsp;</td>
+ <td width="78%">
+ <input id="submit" name="submit" type="submit" class="formbtn" value="Save" />
+ <input id="cancelbutton" name="cancelbutton" type="button" class="formbtn" value="Cancel" onclick="history.back()" />
+ <?php if (isset($id) && $a_whitelist[$id]): ?>
+ <input name="id" type="hidden" value="<?=$id;?>" />
+ <?php endif; ?>
+ </td>
+ </tr>
+</table>
+ </td>
+ </tr>
+ </table>
+</form>
+
+<script type="text/javascript">
+ /* row and col adjust when you add extra entries */
+ field_counter_js = 2;
+ rows = 1;
+ totalrows = <?php echo $counter; ?>;
+ loaded = <?php echo $counter; ?>;
+</script>
+
+<?php include("fend.inc"); ?>
+</body>
</html> \ No newline at end of file
diff --git a/config/varnish64/varnish_backends.xml b/config/varnish64/varnish_backends.xml
index 6d404e80..24b38a2f 100644
--- a/config/varnish64/varnish_backends.xml
+++ b/config/varnish64/varnish_backends.xml
@@ -65,6 +65,11 @@
<item>http://www.pfsense.com/packages/config/varnish64/varnish.inc</item>
</additional_files_needed>
<additional_files_needed>
+ <prefix>/usr/local/pkg/</prefix>
+ <chmod>0755</chmod>
+ <item>http://www.pfsense.com/packages/config/varnish64/varnish_sync</item>
+ </additional_files_needed>
+ <additional_files_needed>
<prefix>/usr/local/www/</prefix>
<chmod>0755</chmod>
<item>http://www.pfsense.com/packages/config/varnish64/varnish_view_config.php</item>
diff --git a/pkg_config.7.xml b/pkg_config.7.xml
index 0fb9c6eb..9c9df036 100755
--- a/pkg_config.7.xml
+++ b/pkg_config.7.xml
@@ -2,6 +2,20 @@
<!-- pfSense packages -->
<pfsensepkgs>
<packages>
+ <package>
+ <name>IP-Blocklist</name>
+ <website/>
+ <descr>IP-Blocklist is like PeerGuardian2. IP lists are used to add deny/allow rules to the firewall for in &amp; out traffic.</descr>
+ <category>Firewall</category>
+ <pkginfolink>http://forum.pfsense.org/index.php/topic,24769.0.html</pkginfolink>
+ <config_file>http://pfsense.org/packages/config/ipblocklist/ipblocklist.xml</config_file>
+ <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url>
+ <version>0.2.0</version>
+ <status>Beta</status>
+ <required_version>1.2.2</required_version>
+ <maintainer>tom@tomschaefer.org</maintainer>
+ <configurationfile>ipblocklist.xml</configurationfile>
+ </package>
<package>
<name>anyterm</name>
<descr>Ajax Interactive Shell - Have you ever wanted SSH or telnet access to your system from an internet desert - from behind a strict firewall, from an internet cafe, or even from a mobile phone? Anyterm is a combination of a web page and a process that runs on your web server that provides this access. WARNING! We suggest using Stunnel in combination with this package!</descr>
@@ -354,12 +368,12 @@
<descr>Used by fortune 500 companies and goverments Snort is the most widely deployed IDS/IPS technology worldwide. It features rules based logging and can perform content searching/matching in addition to being used to detect a variety of other attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, and much more.</descr>
<category>Security</category>
<depends_on_package_base_url>http://www.pfsense.com/packages/config/snort/bin/7.2.x86/</depends_on_package_base_url>
- <depends_on_package>pcre-8.00.tbz</depends_on_package>
+ <depends_on_package>pcre-8.02.tbz</depends_on_package>
<depends_on_package>perl-5.10.1.tbz</depends_on_package>
<depends_on_package>mysql-client-5.1.44_1.tbz</depends_on_package>
- <depends_on_package>snort-2.8.5.3.tbz</depends_on_package>
+ <depends_on_package>snort-2.8.6_1.tbz</depends_on_package>
<config_file>http://www.pfsense.com/packages/config/snort/snort.xml</config_file>
- <version>2.8.5.3 pkg v. 1.25</version>
+ <version>2.8.6 pkg v. 1.26</version>
<required_version>1.2.3</required_version>
<status>Stable</status>
<configurationfile>/snort.xml</configurationfile>
@@ -996,5 +1010,15 @@
<required_version>1.2.3</required_version>
<maximum_version>1.2.3</maximum_version>
</package>
+ <package>
+ <name>Packet Capture Fix</name>
+ <descr>Patch to fix packet capture on 1.2.3 embedded (NanoBSD)</descr>
+ <category>System</category>
+ <config_file>http://www.pfsense.com/packages/config/packetcapturefix/packetcapturefix.xml</config_file>
+ <version>0.1</version>
+ <status>BETA</status>
+ <required_version>1.2.3</required_version>
+ <maximum_version>1.2.3</maximum_version>
+ </package>
</packages>
</pfsensepkgs>
diff --git a/pkg_config.8.xml b/pkg_config.8.xml
index 8653ffb2..1f05446b 100755
--- a/pkg_config.8.xml
+++ b/pkg_config.8.xml
@@ -2,6 +2,20 @@
<!-- pfSense packages -->
<pfsensepkgs>
<packages>
+ <package>
+ <name>IP-Blocklist</name>
+ <website/>
+ <descr>IP-Blocklist is like PeerGuardian2. IP lists are used to add deny/allow rules to the firewall for in &amp; out traffic.</descr>
+ <category>Firewall</category>
+ <pkginfolink>http://forum.pfsense.org/index.php/topic,24769.0.html</pkginfolink>
+ <config_file>http://pfsense.org/packages/config/ipblocklist/ipblocklist.xml</config_file>
+ <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url>
+ <version>0.2.0</version>
+ <status>Beta</status>
+ <required_version>1.2.2</required_version>
+ <maintainer>tom@tomschaefer.org</maintainer>
+ <configurationfile>ipblocklist.xml</configurationfile>
+ </package>
<package>
<name>anyterm</name>
<descr>Ajax Interactive Shell - Have you ever wanted SSH or telnet access to your system from an internet desert - from behind a strict firewall, from an internet cafe, or even from a mobile phone? Anyterm is a combination of a web page and a process that runs on your web server that provides this access. WARNING! We suggest using Stunnel in combination with this package!</descr>
@@ -240,12 +254,12 @@
<descr>Used by fortune 500 companies and goverments Snort is the most widely deployed IDS/IPS technology worldwide. It features rules based logging and can perform content searching/matching in addition to being used to detect a variety of other attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, and much more.</descr>
<category>Security</category>
<depends_on_package_base_url>http://www.pfsense.com/packages/config/snort/bin/8.0.x86/</depends_on_package_base_url>
- <depends_on_package>pcre-8.00.tbz</depends_on_package>
+ <depends_on_package>pcre-8.02.tbz</depends_on_package>
<depends_on_package>perl-5.10.1.tbz</depends_on_package>
<depends_on_package>mysql-client-5.1.45.tbz</depends_on_package>
- <depends_on_package>snort-2.8.5.3.tbz</depends_on_package>
+ <depends_on_package>snort-2.8.6_1.tbz</depends_on_package>
<config_file>http://www.pfsense.com/packages/config/snort/snort.xml</config_file>
- <version>2.8.5.3 pkg v. 1.25</version>
+ <version>2.8.6 pkg v. 1.26</version>
<required_version>2.0</required_version>
<status>Stable</status>
<configurationfile>/snort.xml</configurationfile>
@@ -333,7 +347,7 @@
<descr>A console-based network traffic monitor + vnstat PHP frontend</descr>
<pkginfolink>http://forum.pfsense.org/index.php/topic,14179.0.html</pkginfolink>
<category>Network Management</category>
- <depends_on_package_base_url>http://pfsense.comuf.com/packages/All/</depends_on_package_base_url>
+ <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url>
<depends_on_package>vnstat-1.10_2.tbz</depends_on_package>
<version>1.10_2</version>
<status>test</status>
@@ -364,13 +378,13 @@
<version>1.0.6.6</version>
<status>Beta</status>
<pkginfolink>http://doc.pfsense.org/index.php/Tinydns_package</pkginfolink>
- <required_version>1.2</required_version>
+ <required_version>2.0</required_version>
<config_file>http://www.pfsense.com/packages/config/tinydns/tinydns.xml</config_file>
<configurationfile>tinydns.xml</configurationfile>
<depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url>
<depends_on_package>ucspi-tcp-0.88_2.tbz</depends_on_package>
- <depends_on_package>daemontools-0.76_12.tbz</depends_on_package>
- <depends_on_package>djbdns-1.05_12.tbz</depends_on_package>
+ <depends_on_package>daemontools-0.76_14.tbz</depends_on_package>
+ <depends_on_package>djbdns-1.05_13.tbz</depends_on_package>
</package>
<package>
<name>Open-VM-Tools</name>
diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64
index 30a68d4d..58d97756 100755
--- a/pkg_config.8.xml.amd64
+++ b/pkg_config.8.xml.amd64
@@ -2,6 +2,20 @@
<!-- pfSense packages -->
<pfsensepkgs>
<packages>
+ <package>
+ <name>IP-Blocklist</name>
+ <website/>
+ <descr>IP-Blocklist is like PeerGuardian2. IP lists are used to add deny/allow rules to the firewall for in &amp; out traffic.</descr>
+ <category>Firewall</category>
+ <pkginfolink>http://forum.pfsense.org/index.php/topic,24769.0.html</pkginfolink>
+ <config_file>http://pfsense.org/packages/config/ipblocklist/ipblocklist.xml</config_file>
+ <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url>
+ <version>0.2.0</version>
+ <status>Beta</status>
+ <required_version>1.2.2</required_version>
+ <maintainer>tom@tomschaefer.org</maintainer>
+ <configurationfile>ipblocklist.xml</configurationfile>
+ </package>
<package>
<name>Varnish</name>
<descr>Varnish is a state-of-the-art, high-performance HTTP accelerator. It uses the advanced features in FreeBSD 6/7/8 to achieve its high performance.</descr>