diff options
-rw-r--r-- | config/snort-dev/snortDBrules | bin | 8192 -> 18432 bytes | |||
-rw-r--r-- | config/snort-dev/snort_json_post.php | 10 | ||||
-rw-r--r-- | config/snort-dev/snort_new.inc | 78 | ||||
-rw-r--r-- | config/snort-dev/snort_rules_ips.php | 17 | ||||
-rw-r--r-- | config/snort-dev/snort_rulesets_ips.php | 20 |
5 files changed, 110 insertions, 15 deletions
diff --git a/config/snort-dev/snortDBrules b/config/snort-dev/snortDBrules Binary files differindex 9d4e33a3..9723d664 100644 --- a/config/snort-dev/snortDBrules +++ b/config/snort-dev/snortDBrules diff --git a/config/snort-dev/snort_json_post.php b/config/snort-dev/snort_json_post.php index 11b055c1..1b10ba3b 100644 --- a/config/snort-dev/snort_json_post.php +++ b/config/snort-dev/snort_json_post.php @@ -68,19 +68,19 @@ if ($_POST['snortSamSaveSettings'] == 1) { unset($_POST['snortSamSaveSettings']); if ($_POST['ifaceTab'] === 'snort_rulesets_ips') { - function snortSamSaveFunc() + function snortSamRulesetSaveFunc() { print_r($_POST); } - snortSamSaveFunc(); + snortSamRulesetSaveFunc(); } if ($_POST['ifaceTab'] === 'snort_rules_ips') { - function snortSamSaveFunc() + function snortSamRulesSaveFunc() { - print_r($_POST); + snortSql_updateRulesSigsIps(); } - snortSamSaveFunc(); + snortSamRulesSaveFunc(); } } diff --git a/config/snort-dev/snort_new.inc b/config/snort-dev/snort_new.inc index 510185b4..ed58d42e 100644 --- a/config/snort-dev/snort_new.inc +++ b/config/snort-dev/snort_new.inc @@ -396,6 +396,74 @@ function snortSql_updateRuleSigList() } // END Save ruleSets settings + +// Save rulessigs settings for snort_rules_ips +function snortSql_updateRulesSigsIps() +{ + + // get default settings + $listGenRules = array(); + $listGenRules = snortSql_fetchAllSettings('snortDBrules', 'SnortruleGenIps', 'rdbuuid', $_POST['rdbuuid']); + + + $addDate = date(U); + + // dont let user pick the DB path + $db = sqlite_open("/usr/local/pkg/snort/{$_POST['dbName']}"); + + // checkbox off catch + $listGenRulesEnable = $listGenRules[0]['enable']; + if ( empty($listGenRules[0]['enable']) || $listGenRules[0]['enable'] === 'off' ) { + + $listGenRulesEnable = 'off'; + } + + foreach ($_POST['snortsam']['db'] as $singleSig) + { + + $resultid = sqlite_query($db, + "SELECT id FROM {$_POST['dbTable']} WHERE signatureid = '{$singleSig['sig']}' and rdbuuid = '{$_POST['rdbuuid']}'; + "); + + $chktable = sqlite_fetch_all($resultid, SQLITE_ASSOC); + + // checkbox off catch + $singleSigEnable = $singleSig['enable']; + if ( empty($singleSig['enable']) ) { + + $singleSigEnable = 'off'; + } + + // only do this if something change from defauts settings + $somthingChanged = FALSE; + if ( $singleSigEnable !== $listGenRulesEnable || $singleSig['who'] !== $listGenRules[0]['who'] || $singleSig['timeamount'] !== $listGenRules[0]['timeamount'] || $singleSig['timetype'] !== $listGenRules[0]['timetype'] ) { + $somthingChanged = TRUE; + } + + if ( empty($chktable) && $somthingChanged ) { + + $rulesetUuid = genAlphaNumMixFast(11, 14); + + $query_ck = sqlite_query($db, // @ supress warnings usonly in production + "INSERT INTO {$_POST['dbTable']} (date, uuid, rdbuuid, enable, who, timeamount, timetype) VALUES ('{$addDate}', '{$rulesetUuid}', '{$_POST['rdbuuid']}', '{$singleSigEnable}', '{$singleSig['who']}', '{$singleSig['timeamount']}', '{$singleSig['timetype']}'); + "); + + } + + if ( !empty($chktable) && $somthingChanged ) { + + echo $singleSig['sig']; + + } + + } // END foreach + + sqlite_close($db); + +} + + + // Save ruleSets settings function snortSql_updateRuleSetList() { @@ -481,6 +549,12 @@ function snortSql_updateRuleSetList() $table = 'SnortruleGenIps'; $rulesetUuid = genAlphaNumMixFast(11, 14); $addDate = date(U); + + // if enable is empty then set to off + if (empty($_POST['snortsam']['db']['gensettings']['enable'])) { + + $_POST['snortsam']['db']['gensettings']['enable'] = 'off'; + } // dont let user pick the DB path $db = sqlite_open("/usr/local/pkg/snort/{$_POST['dbName']}"); @@ -494,13 +568,13 @@ function snortSql_updateRuleSetList() if (!empty($chktable)) { $query_ck = sqlite_query($db, // @ supress warnings usonly in production - "UPDATE {$table} SET who = '{$_POST['snortsam']['db']['gensettings']['who']}', timeamount = '{$_POST['snortsam']['db']['gensettings']['timeamount']}', timetype = '{$_POST['snortsam']['db']['gensettings']['timetype']}' WHERE rdbuuid = '{$_POST['rdbuuid']}'; + "UPDATE {$table} SET enable = '{$_POST['snortsam']['db']['gensettings']['enable']}', who = '{$_POST['snortsam']['db']['gensettings']['who']}', timeamount = '{$_POST['snortsam']['db']['gensettings']['timeamount']}', timetype = '{$_POST['snortsam']['db']['gensettings']['timetype']}' WHERE rdbuuid = '{$_POST['rdbuuid']}'; "); }else{ $query_ck = sqlite_query($db, // @ supress warnings usonly in production - "INSERT INTO {$table} (date, uuid, rdbuuid, who, timeamount, timetype) VALUES ('{$addDate}', '{$rulesetUuid}', '{$_POST['rdbuuid']}', '{$_POST['snortsam']['db']['gensettings']['who']}', '{$_POST['snortsam']['db']['gensettings']['timeamount']}', '{$_POST['snortsam']['db']['gensettings']['timetype']}'); + "INSERT INTO {$table} (date, uuid, rdbuuid, enable, who, timeamount, timetype) VALUES ('{$addDate}', '{$rulesetUuid}', '{$_POST['rdbuuid']}', '{$_POST['snortsam']['db']['gensettings']['enable']}', '{$_POST['snortsam']['db']['gensettings']['who']}', '{$_POST['snortsam']['db']['gensettings']['timeamount']}', '{$_POST['snortsam']['db']['gensettings']['timetype']}'); "); } diff --git a/config/snort-dev/snort_rules_ips.php b/config/snort-dev/snort_rules_ips.php index ce14bf30..3e39501d 100644 --- a/config/snort-dev/snort_rules_ips.php +++ b/config/snort-dev/snort_rules_ips.php @@ -156,7 +156,9 @@ if (isset($_GET['rulefilename'])) { <input type="hidden" name="snortSamSaveSettings" value="1" /> <!-- what to do, save --> <input type="hidden" name="dbName" value="snortDBrules" /> <!-- what db--> <input type="hidden" name="dbTable" value="SnortruleSigsIps" /> <!-- what db table--> - <input type="hidden" name="ifaceTab" value="snort_ruleset_ips" /> <!-- what interface tab --> + <input type="hidden" name="ifaceTab" value="snort_rules_ips" /> <!-- what interface tab --> + <input type="hidden" name="rdbuuid" value="<?=$rdbuuid;?>" /> <!-- what interface to save for --> + <input type="hidden" name="uuid" value="<?=$uuid;?>" /> <!-- create snort.conf --> <tr id="frheader" > <td width="1%" class="listhdrr2"> On</td> @@ -292,7 +294,7 @@ function createDropdownOptionList(list, opselected) { selectedOptionON = 'selected="selected"'; } - strOut = strOut + '<option value="' + list[key] + '" ' + selectedOptionON + '>' + list[key] + '</option>' + "\n"; + strOut = strOut + '<option value="' + list[key].toLowerCase() + '" ' + selectedOptionON + '>' + list[key] + '</option>' + "\n"; selectedOptionON = ''; } return strOut; @@ -328,24 +330,25 @@ function makeLargeSidTables(snortObjlist) { jQuery('.rulesetloopblock').append( "\n" + '<tr class="hidemetr" id="ipstable_' + snortObjlist[i].sid + '" valign="top">' + "\n" + '<td class="' + rowIsEvenOdd + '">' + "\n" + - '<input class="domecheck" id="checkbox_' + snortObjlist[i].sid + '" name="snortsam[db][' + snortObjlist[i].sid + '][enable]" value="' + snortObjlist[i].enable + '" checked="' + rulesetChecked + '" type="checkbox">' + "\n" + + '<input class="domecheck" id="checkbox_' + snortObjlist[i].sid + '" name="snortsam[db][' + i + '][enable]" value="' + snortObjlist[i].enable + '" checked="' + rulesetChecked + '" type="checkbox">' + "\n" + '</td>' + "\n" + '<td class="' + rowIsEvenOdd + '" id="sid_' + snortObjlist[i].sid + '" >' + snortObjlist[i].sid + '</td>' + "\n" + '<td class="' + rowIsEvenOdd + '">' + "\n" + - '<select class="formfld2" id="who_' + snortObjlist[i].sid + '" name="snortsam[db][' + snortObjlist[i].sid + '][who]">' + "\n" + + '<select class="formfld2" id="who_' + snortObjlist[i].sid + '" name="snortsam[db][' + i + '][who]">' + "\n" + createDropdownOptionList(timeValuePerfList, snortObjlist[i].who) + '</select>' + "\n" + '</td>' + "\n" + '<td class="' + rowIsEvenOdd + '">' + "\n" + - '<input class="formfld2" id="timeamount_' + snortObjlist[i].sid + '" name="snortsam[db][' + snortObjlist[i].sid + '][timeamount]" type="text" size="7" value="' + snortObjlist[i].timeamount + '">' + "\n" + + '<input class="formfld2" id="timeamount_' + snortObjlist[i].sid + '" name="snortsam[db][' + i + '][timeamount]" type="text" size="7" value="' + snortObjlist[i].timeamount + '">' + "\n" + '</td>' + "\n" + '<td class="' + rowIsEvenOdd + '">' + "\n" + - '<select class="formfld2" id="timetype_' + snortObjlist[i].sid + '" name="snortsam[db][' + snortObjlist[i].sid + '][timetype]" >' + "\n" + + '<select class="formfld2" id="timetype_' + snortObjlist[i].sid + '" name="snortsam[db][' + i + '][timetype]" >' + "\n" + createDropdownOptionList(timeTypePerfList, snortObjlist[i].timetype) + '</select>' + "\n" + '</td>' + "\n" + '<td class="listbg" id="msg_' + snortObjlist[i].sid + '"><font color="white">' + snortObjlist[i].msg + '</font></td>' + "\n" + - '</tr>' + "\n" + '</tr>' + "\n" + + '<input type="hidden" name="snortsam[db][' + i + '][sig]" value="' + snortObjlist[i].sid + '" />' + "\n" ); }, diff --git a/config/snort-dev/snort_rulesets_ips.php b/config/snort-dev/snort_rulesets_ips.php index b5c18523..459f2868 100644 --- a/config/snort-dev/snort_rulesets_ips.php +++ b/config/snort-dev/snort_rulesets_ips.php @@ -295,9 +295,27 @@ jQuery(document).ready(function() { <tr> <td> <table width="100%" border="0" cellpadding="0" cellspacing="0" > - <tr class="hidemetr" id="ipstable_gensettings" valign="top"> + + <tr class="hidemetr" id="ipstitle_gensettings" valign="top"> + <td class="listhdrr2" width="20%"></td> + <td class="listhdrr2" width="1%"> On</td> + <td class="listhdrr2" width="1%"> Source</td> + <td class="listhdrr2" width="1%"> Amount</td> + <td class="listhdrr2" width="1%"> Duration</td> + </tr> + + <tr class="hidemetr" id="ipstable_gensettings" valign="top"> <td class="vncell2" id="infotext_ips"><font color="#000000">Default settings for all block rules</font></td> <td class="odd_ruleset2"> + <?php + $enableGenRuleSidChkBox = ''; + if ( $listGenRules[0]['enable'] === 'on' || empty($listGenRules[0]['enable'])) { + $enableGenRuleSidChkBox = 'checked="checked"'; + } + ?> + <input class="domecheck" id="checkbox_253" name="snortsam[db][gensettings][enable]" value="on" <?=$enableGenRuleSidChkBox; ?> type="checkbox"> + </td> + <td class="odd_ruleset2"> <select class="formfld2" id="who_gensettings" name="snortsam[db][gensettings][who]"> <?php $whoList = array('src' => 'SRC', 'dst' => 'DST', 'both' => 'BOTH'); |