diff options
29 files changed, 694 insertions, 172 deletions
diff --git a/config/mailreport/mail_reports.inc b/config/mailreport/mail_reports.inc index dc8026cc..d94631cc 100644 --- a/config/mailreport/mail_reports.inc +++ b/config/mailreport/mail_reports.inc @@ -301,16 +301,14 @@ function mail_report_generate_graph($database, $style, $graph, $start, $end) { // log_error("start $start, end $end, archivestart $archivestart, average $average, scale $scale, seconds $seconds"); /* Deduce a interface if possible and use the description */ - $curif = split("-", $curdatabase); - $curif = "$curif[0]"; - $friendly = convert_friendly_interface_to_friendly_descr(strtolower($curif)); - if($friendly == "") { - $friendly = $curif; + $curif = explode("-", $curdatabase); + $curif[1] = str_replace(".rrd", "", $curif[1]); + $friendly = convert_friendly_interface_to_friendly_descr(strtolower($curif[0])); + if(!empty($friendly)) { + $curif[0] = $friendly; } - $search = array("-", ".rrd", $curif); - $replace = array(" :: ", "", $friendly); - $prettydb = ucwords(str_replace($search, $replace, $curdatabase)); - + $prettydb = ucwords(implode(" :: ", $curif)); + $curif = $curif[0]; $rrddbpath = "/var/db/rrd/"; $rrdtmppath = "/tmp/"; @@ -1200,4 +1198,4 @@ function timeDiff($time, $opt = array()) { return $str; } -?>
\ No newline at end of file +?> diff --git a/config/mailreport/status_mail_report_add_graph.php b/config/mailreport/status_mail_report_add_graph.php index 17d7731c..c0287367 100644 --- a/config/mailreport/status_mail_report_add_graph.php +++ b/config/mailreport/status_mail_report_add_graph.php @@ -183,12 +183,15 @@ include("head.inc"); <select name="graph" class="formselect" style="z-index: -10;"> <?php foreach ($custom_databases as $db => $database) { - $optionc = split("-", $database); - $search = array("-", ".rrd", $optionc); - $replace = array(" :: ", "", $friendly); + $optionc = explode("-", $database); + $optionc[1] = str_replace(".rrd", "", $optionc[1]); + $friendly = convert_friendly_interface_to_friendly_descr(strtolower($optionc[0])); + if(!empty($friendly)) { + $optionc[0] = $friendly; + } + $prettyprint = ucwords(implode(" :: ", $optionc)); echo "<option value=\"{$database}\""; - $prettyprint = ucwords(str_replace($search, $replace, $database)); - if($pconfig['graph'] == $database) { + if ($pconfig['graph'] == $database) { echo " selected"; } echo ">" . htmlspecialchars($prettyprint) . "</option>\n"; diff --git a/config/mailreport/status_mail_report_edit.php b/config/mailreport/status_mail_report_edit.php index fe9a5194..3102e958 100644 --- a/config/mailreport/status_mail_report_edit.php +++ b/config/mailreport/status_mail_report_edit.php @@ -138,7 +138,6 @@ if ($_POST) { set_mail_report_cron_jobs($a_mailreports); write_config(); configure_cron(); - header("Location: status_mail_report.php"); exit; } @@ -239,10 +238,13 @@ include("head.inc"); <?php endif; ?> </tr> <?php $i = 0; foreach ($a_graphs as $graph): - $optionc = split("-", $graph['graph']); - $search = array("-", ".rrd", $optionc); - $replace = array(" :: ", "", $friendly); - $prettyprint = ucwords(str_replace($search, $replace, $graph['graph'])); + $optionc = explode("-", $graph['graph']); + $optionc[1] = str_replace(".rrd", "", $optionc[1]); + $friendly = convert_friendly_interface_to_friendly_descr(strtolower($optionc[0])); + if(!empty($friendly)) { + $optionc[0] = $friendly; + } + $prettyprint = ucwords(implode(" :: ", $optionc)); ?> <tr ondblclick="document.location='status_mail_report_edit.php?id=<?=$i;?>'"> <td class="listlr"><?php echo $prettyprint; ?></td> diff --git a/config/snort-dev/css/style_snort2.css b/config/snort-dev/css/style_snort2.css index 6b5995cd..56fcb833 100644 --- a/config/snort-dev/css/style_snort2.css +++ b/config/snort-dev/css/style_snort2.css @@ -4,17 +4,16 @@ a { font-size: 11px; } -*/ - +*/ #right { position: relative; top: -10px; left: 0px; - width: 770px; + width: 800px; margin-top: 0px; - margin-left: 5px; + margin-left: 0px; margin-right: 5px; padding-top: 20px; padding-left: 0px; diff --git a/config/snort-dev/javascript/snort_globalsend.js b/config/snort-dev/javascript/snort_globalsend.js index a613dd46..07416a74 100644 --- a/config/snort-dev/javascript/snort_globalsend.js +++ b/config/snort-dev/javascript/snort_globalsend.js @@ -143,7 +143,7 @@ jQuery(document).ready(function() { this.css("top", 70 + "px"); this.css("left", ((jQuery(window).width() - this.outerWidth()) / 2) + jQuery(window).scrollLeft() + "px"); return this; - } + }; //--------------------------- START select all code --------------------------- @@ -372,8 +372,8 @@ jQuery(document).ready(function() { // Clean up Waiting code finnish(); - if (data.snortUnhideTabs === 'true'){ - jQuery('.hide_newtabmenu').show(); + if (data.snortMiscTabCall === 'true'){ + jQuery.fn.miscTabCall(); // call tab misc functions } if (data.snortreset) {location.reload();} // hard refresh diff --git a/config/snort-dev/snort_alerts.php b/config/snort-dev/snort_alerts.php index 1c3acd43..79485350 100644 --- a/config/snort-dev/snort_alerts.php +++ b/config/snort-dev/snort_alerts.php @@ -93,6 +93,7 @@ $arefresh_on = ($generalSettings['arefresh'] == 'on' ? 'checked' : ''); <li><a href="/snort/snort_interfaces.php"><span>Snort Interfaces</span></a></li> <li><a href="/snort/snort_interfaces_global.php"><span>Global Settings</span></a></li> <li><a href="/snort/snort_download_updates.php"><span>Updates</span></a></li> + <li><a href="/snort/snort_interfaces_rules.php"><span>RulesDB</span></a></li> <li class="newtabmenu_active"><a href="/snort/snort_alerts.php"><span>Alerts</span></a></li> <li><a href="/snort/snort_blocked.php"><span>Blocked</span></a></li> <li><a href="/snort/snort_interfaces_whitelist.php"><span>Whitelists</span></a></li> diff --git a/config/snort-dev/snort_blocked.php b/config/snort-dev/snort_blocked.php index b798462d..be2a3835 100644 --- a/config/snort-dev/snort_blocked.php +++ b/config/snort-dev/snort_blocked.php @@ -95,6 +95,7 @@ $brefresh_on = ($generalSettings['brefresh'] == 'on' ? 'checked' : ''); <li><a href="/snort/snort_interfaces.php"><span>Snort Interfaces</span></a></li> <li><a href="/snort/snort_interfaces_global.php"><span>Global Settings</span></a></li> <li><a href="/snort/snort_download_updates.php"><span>Updates</span></a></li> + <li><a href="/snort/snort_interfaces_rules.php"><span>RulesDB</span></a></li> <li><a href="/snort/snort_alerts.php"><span>Alerts</span></a></li> <li class="newtabmenu_active"><a href="/snort/snort_blocked.php"><span>Blocked</span></a></li> <li><a href="/snort/snort_interfaces_whitelist.php"><span>Whitelists</span></a></li> diff --git a/config/snort-dev/snort_download_rules.inc b/config/snort-dev/snort_download_rules.inc index df292a94..8953a65c 100644 --- a/config/snort-dev/snort_download_rules.inc +++ b/config/snort-dev/snort_download_rules.inc @@ -206,6 +206,8 @@ function reapplyRuleSettings_run($sidRule_array) // sed -i '' "s/^# \(.*sid:1225;.*\)/\1/" /usr/local/etc/snort/snortDBrules/DB/RAjFYOrC04D6/rules/snort_x11.rules // disable a sid // sed -i '' "s/^\(alert.*sid:1225;.*\)/# \1/" /usr/local/etc/snort/snortDBrules/DB/RAjFYOrC04D6/rules/snort_x11.rules + // grep "^alert.*sid:.*;" rules/emerging-worm.rules | grep -oh "\w*sid:[0-9][^*;]\w*" | awk -F: '{print $2}' + // sed -n '/^320 || .*/{p;q;}' rules/ ../etc/sid-msg.map | awk -F '|' '{print $3}' | sed -e 's/^[ \t]*//' } diff --git a/config/snort-dev/snort_download_updates.php b/config/snort-dev/snort_download_updates.php index e9ec907b..3cb2716d 100644 --- a/config/snort-dev/snort_download_updates.php +++ b/config/snort-dev/snort_download_updates.php @@ -162,6 +162,7 @@ if (!empty($pfsenseMd5CurrentChk)) { <li><a href="/snort/snort_interfaces.php"><span>Snort Interfaces</span></a></li> <li><a href="/snort/snort_interfaces_global.php"><span>Global Settings</span></a></li> <li class="newtabmenu_active"><a href="/snort/snort_download_updates.php"><span>Updates</span></a></li> + <li><a href="/snort/snort_interfaces_rules.php"><span>RulesDB</span></a></li> <li><a href="/snort/snort_alerts.php"><span>Alerts</span></a></li> <li><a href="/snort/snort_blocked.php"><span>Blocked</span></a></li> <li><a href="/snort/snort_interfaces_whitelist.php"><span>Whitelists</span></a></li> diff --git a/config/snort-dev/snort_help_info.php b/config/snort-dev/snort_help_info.php index 5bc32a1d..e8408209 100644 --- a/config/snort-dev/snort_help_info.php +++ b/config/snort-dev/snort_help_info.php @@ -182,6 +182,7 @@ jQuery(document).ready(function() { <li><a href="/snort/snort_interfaces.php"><span>Snort Interfaces</span></a></li> <li><a href="/snort/snort_interfaces_global.php"><span>Global Settings</span></a></li> <li><a href="/snort/snort_download_updates.php"><span>Updates</span></a></li> + <li><a href="/snort/snort_interfaces_rules.php"><span>RulesDB</span></a></li> <li><a href="/snort/snort_alerts.php"><span>Alerts</span></a></li> <li><a href="/snort/snort_blocked.php"><span>Blocked</span></a></li> <li><a href="/snort/snort_interfaces_whitelist.php"><span>Whitelists</span></a></li> diff --git a/config/snort-dev/snort_install.inc b/config/snort-dev/snort_install.inc index 1fb56780..c805d62c 100644 --- a/config/snort-dev/snort_install.inc +++ b/config/snort-dev/snort_install.inc @@ -252,6 +252,7 @@ function snort_postinstall() exec('/usr/bin/fetch http://www.pfsense.com/packages/config/snort-dev/images/close_9x9.gif'); exec('/usr/bin/fetch http://www.pfsense.com/packages/config/snort-dev/images/new_tab_menu.png'); exec('/usr/bin/fetch http://www.pfsense.com/packages/config/snort-dev/images/progress_bar2.gif'); + exec('/usr/bin/fetch http://www.pfsense.com/packages/config/snort-dev/images/progressbar.gif'); exec('/usr/bin/fetch http://www.pfsense.com/packages/config/snort-dev/images/top_modal_bar_lil.jpg'); chdir ("/usr/local/www/snort/javascript/"); exec('/usr/bin/fetch http://www.pfsense.com/packages/config/snort-dev/javascript/jquery-1.6.2.min.js'); diff --git a/config/snort-dev/snort_interfaces.php b/config/snort-dev/snort_interfaces.php index 7ba282ab..c13a902b 100644 --- a/config/snort-dev/snort_interfaces.php +++ b/config/snort-dev/snort_interfaces.php @@ -96,6 +96,7 @@ $a_interfaces = snortSql_fetchAllInterfaceRules('SnortIfaces', 'snortDB'); <li class="newtabmenu_active"><a href="/snort/snort_interfaces.php"><span>Snort Interfaces</span></a></li> <li><a href="/snort/snort_interfaces_global.php"><span>Global Settings</span></a></li> <li><a href="/snort/snort_download_updates.php"><span>Updates</span></a></li> + <li><a href="/snort/snort_interfaces_rules.php"><span>RulesDB</span></a></li> <li><a href="/snort/snort_alerts.php"><span>Alerts</span></a></li> <li><a href="/snort/snort_blocked.php"><span>Blocked</span></a></li> <li><a href="/snort/snort_interfaces_whitelist.php"><span>Whitelists</span></a></li> diff --git a/config/snort-dev/snort_interfaces_edit.php b/config/snort-dev/snort_interfaces_edit.php index f85c6bb7..7d710fe5 100644 --- a/config/snort-dev/snort_interfaces_edit.php +++ b/config/snort-dev/snort_interfaces_edit.php @@ -90,6 +90,12 @@ if (!is_array($a_suppresslist)) { // start a jQuery sand box jQuery(document).ready(function() { + // misc call after a good save + jQuery.fn.miscTabCall = function () { + jQuery('.hide_newtabmenu').show(); + jQuery('#interface').attr("disabled", true); + }; + // START disable option for snort_interfaces_edit.php endis = !(jQuery('input[name=enable]:checked').val()); @@ -229,7 +235,7 @@ jQuery(document).ready(function() { <tr> <td width="22%" valign="top" class="vncellreq2">Interface</td> <td width="78%" class="vtable"> - <select name="interface" class="formfld"> + <select id="interface" name="interface" class="formfld"> <?php /* add group interfaces */ @@ -316,7 +322,7 @@ jQuery(document).ready(function() { foreach ($a_rules as $value) { $selected = ''; - if ($value['uuid'] == $a_list['ruledbname'] && $value['enable'] !== 'off') { + if ($value['uuid'] == $a_list['ruledbname']) { $selected = 'selected'; } @@ -326,9 +332,9 @@ jQuery(document).ready(function() { </select> <br> - <span class="vexpl">Choose the home net you will like this rule to use. <span class="red">Note:</span> Default homenet adds only local networks. + <span class="vexpl">Choose the rule database to use. <span class="red">Note:</span> Cahnges to this database are global. <br> - <span class="red">Hint:</span> Most users add a list offriendly ips that the firewall cant see.</span> + <span class="red">WARNING:</span> Never change this when snort is running.</span> </td> </tr> diff --git a/config/snort-dev/snort_interfaces_global.php b/config/snort-dev/snort_interfaces_global.php index 5891952b..9af74503 100644 --- a/config/snort-dev/snort_interfaces_global.php +++ b/config/snort-dev/snort_interfaces_global.php @@ -118,6 +118,7 @@ $snortlogCurrentDSKsize = round(exec('df -k /var | grep -v "Filesystem" | awk \' <li><a href="/snort/snort_interfaces.php"><span>Snort Interfaces</span></a></li> <li class="newtabmenu_active"><a href="/snort/snort_interfaces_global.php"><span>Global Settings</span></a></li> <li><a href="/snort/snort_download_updates.php"><span>Updates</span></a></li> + <li><a href="/snort/snort_interfaces_rules.php"><span>RulesDB</span></a></li> <li><a href="/snort/snort_alerts.php"><span>Alerts</span></a></li> <li><a href="/snort/snort_blocked.php"><span>Blocked</span></a></li> <li><a href="/snort/snort_interfaces_whitelist.php"><span>Whitelists</span></a></li> diff --git a/config/snort-dev/snort_interfaces_rules.php b/config/snort-dev/snort_interfaces_rules.php index 1d9da1cb..6c8f5a60 100644 --- a/config/snort-dev/snort_interfaces_rules.php +++ b/config/snort-dev/snort_interfaces_rules.php @@ -45,6 +45,7 @@ require_once("guiconfig.inc"); require_once("/usr/local/pkg/snort/snort_new.inc"); require_once("/usr/local/pkg/snort/snort_gui.inc"); +$a_rules = array(); $a_rules = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'All', ''); if (!is_array($a_rules)) { @@ -55,6 +56,19 @@ $a_rules = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'All', ''); echo 'Error'; exit(0); } + + // list rules in db that are on in a array + $listOnRules = array(); + $listOnRules = snortSql_fetchAllSettings('snortDB', 'SnortIfaces', 'All', ''); + + $listUsedRules = array(); + foreach ($listOnRules as $listOnRule) + { + + $listUsedRules[] = $listOnRule['ruledbname']; + + } + unset($listOnRules); $pgtitle = "Services: Snort: Rules"; include("/usr/local/pkg/snort/snort_head.inc"); @@ -112,53 +126,90 @@ $a_rules = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'All', ''); </tr> <tr> <td id="tdbggrey"> - <table width="100%" border="0" cellpadding="10px" cellspacing="0"> + <table width="100%" border="0px" cellpadding="10px" cellspacing="0px"> <tr> <td class="tabnavtbl"> - <table width="100%" border="0" cellpadding="6" cellspacing="0"> + <table width="100%" border="0px" cellpadding="0px" cellspacing="0px"> <!-- START MAIN AREA --> - - <tr> <!-- db to lookup --> - <td width="30%" class="listhdrr">File Name</td> - <td width="70%" class="listhdr">Description</td> - <td width="10%" class="list"></td> - </tr> - <?php foreach ($a_rules as $list): ?> - <tr id="maintable_<?=$list['uuid']?>" data-options='{"pagetable":"Snortrules", "pagedb":"snortDBrules", "DoPOST":"true"}' > - <td class="listlr" ondblclick="document.location='snort_interfaces_suppress_edit.php?uuid=<?=$list['uuid'];?>'"><?=$list['ruledbname'];?></td> - <td class="listbg" ondblclick="document.location='snort_interfaces_suppress_edit.php?uuid=<?=$list['uuid'];?>'"> - <font color="#FFFFFF"> <?=htmlspecialchars($list['description']);?> </font> - </td> - <td></td> - <td valign="middle" nowrap class="list"> - <table border="0" cellspacing="0" cellpadding="1"> - <tr> - <td valign="middle"> - <a href="snort_interfaces_rules_edit.php?rdbuuid=<?=$list['uuid'];?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif"width="17" height="17" border="0" title="edit suppress list"></a> - </td> - <td> - <img id="icon_x_<?=$list['uuid'];?>" class="icon_click icon_x" src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="delete list" > - </a> - </td> - </tr> - </table> - </td> - </tr> - <?php $i++; endforeach; ?> - <tr> - <td class="list" colspan="3"></td> - <td class="list"> - <table border="0" cellspacing="0" cellpadding="1"> - <tr> - <td valign="middle" width="17"> </td> - <td valign="middle"><a href="snort_interfaces_rules_edit.php?rdbuuid=<?=genAlphaNumMixFast(11, 12);?> "><img src="/themes/nervecenter/images/icons/icon_plus.gif" width="17" height="17" border="0" title="add a new list"></a></td> - </tr> - </table> - </td> + + <table width="94%"> + <tr > <!-- db to lookup --> + <td width="32%" class="listhdrr">File Name</td> + <td width="68%" class="listhdr">Description</td> </tr> - </table> - </td> - </tr> + </table> + + <table width="100%"> + + + + <table width="100%" > + + + <tr id="maintable_default" data-options='{"pagetable":"Snortrules", "pagedb":"snortDBrules", "DoPOST":"true"}' > + <td class="listlr" width="32%" ondblclick="document.location='snort_interfaces_rules_edit.php?rdbuuid=default'">Default</td> + <td class="listbg" width="68%" ondblclick="document.location='snort_interfaces_rules_edit.php?rdbuuid=default'"> + <font color="#FFFFFF">Default rule database </font> + </td> + + <td valign="middle" nowrap class="list"> + <table border="0" cellspacing="0" cellpadding="1"> + <tr> + <td valign="middle"> + <a href="snort_interfaces_rules_edit.php?rdbuuid=default"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif"width="17" height="17" border="0" title="edit database"></a> + </td> + <td> + <img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" border="0" title="delete database" > + </td> + </tr> + </table> + </td> + </tr> + + + <?php foreach ($a_rules as $list): ?> + + <?php + if (in_array($list['uuid'], $listUsedRules)) { + $deleteObject = '<img src="/themes/' . $g['theme'] . '/images/icons/icon_x_d.gif" width="17" height="17" border="0" title="delete database" >'; + }else{ + $deleteObject = '<img id="icon_x_' . $list['uuid'] . '" class="icon_click icon_x" src="/themes/' . $g['theme'] . '/images/icons/icon_x.gif" width="17" height="17" border="0" title="delete database" >'; + } + ?> + + <tr id="maintable_<?=$list['uuid']?>" data-options='{"pagetable":"Snortrules", "pagedb":"snortDBrules", "DoPOST":"true"}' > + <td class="listlr" width="32%" ondblclick="document.location='snort_interfaces_rules_edit.php?rdbuuid=<?=$list['uuid'];?>'"><?=$list['ruledbname'];?></td> + <td class="listbg" width="68%" ondblclick="document.location='snort_interfaces_rules_edit.php?rdbuuid=<?=$list['uuid'];?>'"> + <font color="#FFFFFF"> <?=htmlspecialchars($list['description']);?> </font> + </td> + + <td valign="middle" nowrap class="list"> + <table border="0" cellspacing="0" cellpadding="1"> + <tr> + <td valign="middle"> + <a href="snort_interfaces_rules_edit.php?rdbuuid=<?=$list['uuid'];?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif"width="17" height="17" border="0" title="edit database"></a> + </td> + <td> + <?=$deleteObject; ?> + </td> + </tr> + </table> + </td> + + </tr> + <?php $i++; endforeach; ?> + + </table> + + <table width="100%"> + <tr> + <td class="list" width="97%" valign="middle" width="17"> </td> + <td width="3%" ></td> + <td class="list" valign="middle"><a href="snort_interfaces_rules_edit.php?rdbuuid=<?=genAlphaNumMixFast(11, 12);?> "><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="add a new database"></a></td> + </tr> + </table > + + </table> <!-- STOP MAIN AREA --> </table> @@ -178,8 +229,11 @@ $a_rules = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'All', ''); <span class="vexpl"> <span class="red"><strong>Note:</strong></span> <p><span class="vexpl"> - Here you can create event filtering and suppression for your snort package rules.<br> - Please note that you must restart a running rule so that changes can take effect.<br> + Here you can create rule databases that can be used on multiple interfaces.<br><br> + + Please note that you must restart a running rule so that changes can take effect.<br><br> + + You may only delete rule databases that are not asigned to an interface.<br> </span></p> </td> </table> diff --git a/config/snort-dev/snort_interfaces_rules_edit.php b/config/snort-dev/snort_interfaces_rules_edit.php index 6fa1c60d..6cc7dbb0 100644 --- a/config/snort-dev/snort_interfaces_rules_edit.php +++ b/config/snort-dev/snort_interfaces_rules_edit.php @@ -45,11 +45,6 @@ require_once("guiconfig.inc"); require_once("/usr/local/pkg/snort/snort_new.inc"); require_once("/usr/local/pkg/snort/snort_gui.inc"); -// set page vars -if (isset($_GET['uuid'])) { - $uuid = $_GET['uuid']; -} - if (isset($_GET['rdbuuid'])) { $rdbuuid = $_GET['rdbuuid']; }else{ @@ -57,33 +52,88 @@ if (isset($_GET['rdbuuid'])) { $rdbuuid = $ruledbname_pre1['ruledbname']; } -$a_list = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'uuid', $rdbuuid); +if ($rdbuuid !== 'default') { + $a_list = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'uuid', $rdbuuid); + + // $a_list returns empty use defaults + if ($a_list == '') { + + $a_list = array( + 'id' => '', + 'date' => date(U), + 'uuid' => $rdbuuid, + 'ruledbname' => '', + 'description' => '' + + ); + + } -// $a_list returns empty use defaults -if ($a_list == '') -{ - - $a_list = array( - 'id' => '', - 'date' => date(U), - 'uuid' => $rdbuuid, - 'ruledbnamename' => '', - 'description' => '' +} + +if ($rdbuuid === 'default') { + + // $a_list returns empty use defaults + if ($a_list == '') { + + $a_list = array( + 'id' => '1', + 'date' => date(U), + 'uuid' => $rdbuuid, + 'ruledbname' => 'default', + 'description' => 'Default database' + + ); + + } - ); - } +if ( !empty($a_list['id']) ) { + $disabled = 'disabled="disabled"'; +}else{ + $disabled = ''; +} +if ( $rdbuuid === 'default' ) { + $disabled_ckbox = 'disabled="disabled"'; +}else{ + $disabled_ckbox = ''; +} $pgtitle = 'Services: Snort: Rules: Edit: ' . $rdbuuid; include('/usr/local/pkg/snort/snort_head.inc'); ?> - - + +<!-- START page custom script --> +<script language="JavaScript"> + +// start a jQuery sand box +jQuery(document).ready(function() { + + // misc call after a good save + jQuery.fn.miscTabCall = function () { + jQuery('.hide_newtabmenu').show(); + jQuery('#ruledbname').attr("disabled", true); + }; + + <?php + // disable tabs if nothing in database + if ($a_list['id'] == '') { + echo ' + jQuery(\'.hide_newtabmenu\').hide(); + '; + } + ?> + + +}); // end of on ready + +</script> + <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <!-- loading msg --> @@ -134,7 +184,7 @@ if ($a_list == '') <td> <div class="newtabmenu" style="margin: 1px 0px; width: 775px;"><!-- Tabbed bar code--> <ul class="newtabmenu"> - <li class="hide_newtabmenu newtabmenu_active"><a href="/snort/snort_interfaces_rules.php?rdbuuid=<?=$rdbuuid;?>"><span>Rules DB Edit</span></a></li> + <li class="newtabmenu_active"><a href="/snort/snort_interfaces_rules_edit.php?rdbuuid=<?=$rdbuuid;?>"><span>Rules DB Edit</span></a></li> <li class="hide_newtabmenu"><a href="/snort/snort_rulesets.php?rdbuuid=<?=$rdbuuid;?>"><span>Categories</span></a></li> <li class="hide_newtabmenu"><a href="/snort/snort_rules.php?rdbuuid=<?=$rdbuuid;?>"><span>Rules</span></a></li> </ul> @@ -162,26 +212,18 @@ if ($a_list == '') <table width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> <td colspan="2" valign="top" class="listtopic">Add the name and description of the rule DB</td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq2">RuleDB</td> - <td width="22%" valign="top" class="vtable"> - - <input name="enable" type="checkbox" value="on" <?=$ifaceEnabled = $a_list['enable'] == 'on' || $a_list['enable'] == '' ? 'checked' : '';?> "> - <span class="vexpl">Enable or Disable</span> - </td> - </tr> + </tr> <tr> <td valign="top" class="vncellreq2">Name</td> <td class="vtable"> - <input class="formfld2" name="ruledbname" type="text" id="ruledbname" size="40" value="<?=$a_list['ruledbname'] ?>" /> <br /> + <input class="formfld2" name="ruledbname" type="text" id="ruledbname" size="40" value="<?=$a_list['ruledbname'] ?>" <?=$disabled?> /> <br /> <span class="vexpl"> The list name may only consist of the characters a-z, A-Z and 0-9. <span class="red">Note: </span> No Spaces. </span> </td> </tr> <tr> <td width="22%" valign="top" class="vncell2">Description</td> <td width="78%" class="vtable"> - <input class="formfld2" name="description" type="text" id="description" size="40" value="<?=$a_list['description'] ?>" /> <br /> + <input class="formfld2" name="description" type="text" id="description" size="40" value="<?=$a_list['description'] ?>" <?=$disabled_ckbox?> /> <br /> <span class="vexpl"> You may enter a description here for your reference (not parsed). </span> </td> </tr> @@ -197,10 +239,16 @@ if ($a_list == '') </tr> </table> <tr> - <td style="padding-left: 10px;"> - <input name="Submit" type="submit" class="formbtn" value="Save"> - <input id="cancel" type="button" class="formbtn" value="Cancel"> - </td> + <?php + if ($rdbuuid !== 'default') { + echo ' + <td style="padding-left: 10px;"> + <input name="Submit" type="submit" class="formbtn" value="Save" > + <input id="cancel" type="button" class="formbtn" value="Cancel" > + </td> + '; + } + ?> </tr> </form> diff --git a/config/snort-dev/snort_interfaces_suppress.php b/config/snort-dev/snort_interfaces_suppress.php index f53173a1..4ee5ea8f 100644 --- a/config/snort-dev/snort_interfaces_suppress.php +++ b/config/snort-dev/snort_interfaces_suppress.php @@ -103,6 +103,7 @@ $a_suppress = snortSql_fetchAllWhitelistTypes('SnortSuppress', ''); <li><a href="/snort/snort_interfaces.php"><span>Snort Interfaces</span></a></li> <li><a href="/snort/snort_interfaces_global.php"><span>Global Settings</span></a></li> <li><a href="/snort/snort_download_updates.php"><span>Updates</span></a></li> + <li><a href="/snort/snort_interfaces_rules.php"><span>RulesDB</span></a></li> <li><a href="/snort/snort_alerts.php"><span>Alerts</span></a></li> <li><a href="/snort/snort_blocked.php"><span>Blocked</span></a></li> <li><a href="/snort/snort_interfaces_whitelist.php"><span>Whitelists</span></a></li> diff --git a/config/snort-dev/snort_interfaces_suppress_edit.php b/config/snort-dev/snort_interfaces_suppress_edit.php index 195cd178..15878d6a 100644 --- a/config/snort-dev/snort_interfaces_suppress_edit.php +++ b/config/snort-dev/snort_interfaces_suppress_edit.php @@ -123,6 +123,7 @@ if ($a_list == '') <li><a href="/snort/snort_interfaces.php"><span>Snort Interfaces</span></a></li> <li><a href="/snort/snort_interfaces_global.php"><span>Global Settings</span></a></li> <li><a href="/snort/snort_download_updates.php"><span>Updates</span></a></li> + <li><a href="/snort/snort_interfaces_rules.php"><span>RulesDB</span></a></li> <li><a href="/snort/snort_alerts.php"><span>Alerts</span></a></li> <li><a href="/snort/snort_blocked.php"><span>Blocked</span></a></li> <li><a href="/snort/snort_interfaces_whitelist.php"><span>Whitelists</span></a></li> diff --git a/config/snort-dev/snort_interfaces_whitelist.php b/config/snort-dev/snort_interfaces_whitelist.php index 24b50165..42f6e788 100644 --- a/config/snort-dev/snort_interfaces_whitelist.php +++ b/config/snort-dev/snort_interfaces_whitelist.php @@ -102,6 +102,7 @@ $a_whitelist = snortSql_fetchAllWhitelistTypes('SnortWhitelist', 'SnortWhitelist <li><a href="/snort/snort_interfaces.php"><span>Snort Interfaces</span></a></li> <li><a href="/snort/snort_interfaces_global.php"><span>Global Settings</span></a></li> <li><a href="/snort/snort_download_updates.php"><span>Updates</span></a></li> + <li><a href="/snort/snort_interfaces_rules.php"><span>RulesDB</span></a></li> <li><a href="/snort/snort_alerts.php"><span>Alerts</span></a></li> <li><a href="/snort/snort_blocked.php"><span>Blocked</span></a></li> <li class="newtabmenu_active"><a href="/snort/snort_interfaces_whitelist.php"><span>Whitelists</span></a></li> diff --git a/config/snort-dev/snort_interfaces_whitelist_edit.php b/config/snort-dev/snort_interfaces_whitelist_edit.php index bcde7847..0055624f 100644 --- a/config/snort-dev/snort_interfaces_whitelist_edit.php +++ b/config/snort-dev/snort_interfaces_whitelist_edit.php @@ -144,6 +144,7 @@ $vpnips_on = ($vpnips_chk == 'on' ? 'checked' : ''); <li><a href="/snort/snort_interfaces.php"><span>Snort Interfaces</span></a></li> <li><a href="/snort/snort_interfaces_global.php"><span>Global Settings</span></a></li> <li><a href="/snort/snort_download_updates.php"><span>Updates</span></a></li> + <li><a href="/snort/snort_interfaces_rules.php"><span>RulesDB</span></a></li> <li><a href="/snort/snort_alerts.php"><span>Alerts</span></a></li> <li><a href="/snort/snort_blocked.php"><span>Blocked</span></a></li> <li class="newtabmenu_active"><a href="/snort/snort_interfaces_whitelist.php"><span>Whitelists</span></a></li> diff --git a/config/snort-dev/snort_json_get.php b/config/snort-dev/snort_json_get.php index 84cc8ed7..965ac4de 100644 --- a/config/snort-dev/snort_json_get.php +++ b/config/snort-dev/snort_json_get.php @@ -46,6 +46,15 @@ require_once("/usr/local/pkg/snort/snort_new.inc"); session_start(); // alwaya at the very top of a php page or "Cannot send session cache limiter - headers already sent" +// get json blocls sids +if ($_GET['snortsamjson'] == 1) { + + exec('cat /usr/local/etc/snort/sn_6TPXv7a/rules/dbBlockSplit/splitSidblock' . $_GET['fileid'] . '.block', $output); + echo $output[0]; + +} + + // upload created log tar to user if ($_GET['snortGetUpdate'] == 1) { diff --git a/config/snort-dev/snort_json_post.php b/config/snort-dev/snort_json_post.php index 986493b5..ee9d9ead 100644 --- a/config/snort-dev/snort_json_post.php +++ b/config/snort-dev/snort_json_post.php @@ -54,7 +54,7 @@ if(isset($_POST['__csrf_magic'])) { function snortJsonReturnCode($returnStatus) { if ($returnStatus == true) { - echo '{"snortgeneralsettings":"success","snortUnhideTabs":"true"}'; + echo '{"snortgeneralsettings":"success","snortMiscTabCall":"true"}'; return true; }else{ echo '{"snortgeneralsettings":"fail"}'; @@ -62,6 +62,19 @@ function snortJsonReturnCode($returnStatus) } } +// snortsam save settings +if ($_POST['snortSamSaveSettings'] == 1) { + + unset($_POST['snortSamSaveSettings']); + + function snortSamSaveFunc() + { + print_r($_POST[snortsam][db]); + } + snortSamSaveFunc(); + +} + // row from db by uuid if ($_POST['snortSidRuleEdit'] == 1) { @@ -250,29 +263,16 @@ if ($_POST['snortSaveSettings'] == 1) { * make dir for the new iface, if iface exists or rule dir has changed redo soft link * may need to move this as a func to new_snort.inc */ - - $newSnortDir = 'sn_' . $_POST['uuid']; - $pathToSnortDir = '/usr/local/etc/snort'; - - // creat iface dir and ifcae rules dir - if (!is_dir("{$pathToSnortDir}/{$newSnortDir}")) { - createNewIfaceDir($pathToSnortDir, $newSnortDir); - } //end of mkdir - - // change the rule path - if (is_dir("{$pathToSnortDir}/{$newSnortDir}")) { - - $snortCurrentRuleDbName = snortSql_fetchAllSettings('snortDB', 'snortIfaces', 'uuid', $_POST['uuid']); - - if ($_POST['ruledbname'] !== $snortCurrentRuleDbName['ruledbname'] || !file_exists("{$pathToSnortDir}/{$newSnortDir}/rules")) { - - // NOTE: use full paths or link rm will not work, Freebsd love - exec("/bin/rm {$pathToSnortDir}/{$newSnortDir}/rules"); - exec("/bin/ln -s /usr/local/etc/snort/snortDBrules/DB/{$_POST['ruledbname']}/rules {$pathToSnortDir}/{$newSnortDir}/rules"); - - } - - } + $newSnortDir = 'sn_' . $_POST['uuid']; + $pathToSnortDir = '/usr/local/etc/snort'; + + // creat iface dir and ifcae rules dir + if (!is_dir("{$pathToSnortDir}/{$newSnortDir}")) { + createNewIfaceDir($pathToSnortDir, $newSnortDir); + } //end of mkdir + + snortRulesCreateSoftlink(); + } SnortIfaces_Snort_Interfaces_edit(); diff --git a/config/snort-dev/snort_new.inc b/config/snort-dev/snort_new.inc index ffc88348..bba9b93d 100644 --- a/config/snort-dev/snort_new.inc +++ b/config/snort-dev/snort_new.inc @@ -61,6 +61,31 @@ if (file_exists('/usr/local/pkg/snort/snortDBtemp')) { exec('/bin/cp /usr/local/pkg/snort/snortDBtemp /var/snort/snortDBtemp'); } +/* +* make dir for the new iface, if iface exists or rule dir has changed redo soft link +*/ +function snortRulesCreateSoftlink() +{ + $newSnortDir = 'sn_' . $_POST['uuid']; + $pathToSnortDir = '/usr/local/etc/snort'; + + // change the rule path + if (is_dir("{$pathToSnortDir}/{$newSnortDir}")) { + + $snortCurrentRuleDbName = snortSql_fetchAllSettings('snortDB', 'snortIfaces', 'uuid', $_POST['uuid']); + + if ($_POST['ruledbname'] !== $snortCurrentRuleDbName['ruledbname'] || !file_exists("{$pathToSnortDir}/{$newSnortDir}/rules")) { + + // NOTE: use full paths or link rm will not work, Freebsd love + exec("/bin/rm {$pathToSnortDir}/{$newSnortDir}/rules"); + exec("/bin/ln -s /usr/local/etc/snort/snortDBrules/DB/{$_POST['ruledbname']}/rules {$pathToSnortDir}/{$newSnortDir}/rules"); + + } + + } +} + + // Wites selected sig to file function snortSidStringRuleEditGUI() { diff --git a/config/snort-dev/snort_ruleset_ips.php b/config/snort-dev/snort_ruleset_ips.php new file mode 100644 index 00000000..18c49b35 --- /dev/null +++ b/config/snort-dev/snort_ruleset_ips.php @@ -0,0 +1,291 @@ +<?php +/* $Id$ */ +/* + snort_interfaces.php + part of m0n0wall (http://m0n0.ch/wall) + + Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>. + Copyright (C) 2008-2009 Robert Zelaya. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ + +require_once("guiconfig.inc"); +require_once("/usr/local/pkg/snort/snort_new.inc"); +require_once("/usr/local/pkg/snort/snort_gui.inc"); + +// set page vars + +if (isset($_GET['uuid']) && isset($_GET['rdbuuid'])) { + echo 'Error: more than one uuid'; + exit(0); +} + +// set page vars +if (isset($_GET['uuid'])) { + $uuid = $_GET['uuid']; +} + +if (isset($_GET['rdbuuid'])) { + $rdbuuid = $_GET['rdbuuid']; +}else{ + $ruledbname_pre1 = snortSql_fetchAllSettings('snortDB', 'SnortIfaces', 'uuid', $uuid); + $rdbuuid = $ruledbname_pre1['ruledbname']; +} + +//$a_list = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'uuid', $uuid); + +// create dropdown list +function snortDropDownListJson($list, $setting) { + foreach ($list as $iday => $iday2) { + + echo "\n" . "'<option value=\"{$iday}\""; if($iday == $setting) echo " selected "; echo '>' . htmlspecialchars($iday2) . '</option>\' + "\n" +' . "\r"; + + } +} + + $countGetEnableSidArray = count($getEnableSid); + + $pgtitle = "Services: Snort: Ruleset Ips:"; + include("/usr/local/pkg/snort/snort_head.inc"); + +?> + +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> + +<div id="loadingWaiting"> + <p class="loadingWaitingMessage"><img src="./images/loading.gif" /> <br>Please Wait...</p> +</div> + +<?php include("fbegin.inc"); ?> +<!-- hack to fix the hardcoed fbegin link in header --> +<div id="header-left2"> +<a href="../index.php" id="status-link2"> +<img src="./images/transparent.gif" border="0"></img> +</a> +</div> + +<div class="body2"><!-- hack to fix the hardcoed fbegin link in header --> +<div id="header-left2"><a href="../index.php" id="status-link2"><img src="./images/transparent.gif" border="0"></img></a></div> + +<form id="iform" > + +<table width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr> + <td> + + <div class="newtabmenu" style="margin: 1px 0px; width: 775px;"><!-- Tabbed bar code--> + <ul class="newtabmenu"> + <li><a href="/snort/snort_interfaces.php"><span>Snort Interfaces</span></a></li> + <li><a href="/snort/snort_interfaces_edit.php?uuid=<?=$uuid;?>"><span>If Settings</span></a></li> + <li><a href="/snort/snort_rulesets.php?uuid=<?=$uuid;?>"><span>Categories</span></a></li> + <li><a href="/snort/snort_rules.php?uuid=<?=$uuid;?>"><span>Rules</span></a></li> + <li class="newtabmenu_active"><a href="/snort/snort_ruleset_ips.php?uuid=<?=$uuid;?>"><span>Ruleset Ips</span></a></li> + <li><a href="/snort/snort_define_servers.php?uuid=<?=$uuid;?>"><span>Servers</span></a></li> + <li><a href="/snort/snort_preprocessors.php?uuid=<?=$uuid;?>"><span>Preprocessors</span></a></li> + <li><a href="/snort/snort_barnyard.php?uuid=<?=$uuid;?>"><span>Barnyard2</span></a></li> + </ul> + </div> + + </td> + </tr> + <tr> + <td id="tdbggrey"> + <table width="100%" border="0" cellpadding="10px" cellspacing="0"> + <tr> + <td class="tabnavtbl"> + <table width="100%" border="0" cellpadding="6" cellspacing="0"> + <!-- START MAIN AREA --> + + <tr> + <td> + <input id="next" name="next" type="submit" class="formbtn" value=">>" /> + </td> + <td> + <a class="getBlockFileNum" href="#" ><span>1</span></a> + </td> + <td> + <a class="getBlockFileNum" href="#" ><span>2</span></a> + </td> + <td> + <input id="prev" name="prev" type="submit" class="formbtn" value="<<" > + </td> + </tr> + +<table width="100%" border="0" cellpadding="10px" cellspacing="0"> + <input type="hidden" name="snortSamSaveSettings" value="1" /> <!-- what to do, save --> + <input type="hidden" name="dbName" value="snortDBrules" /> <!-- what db--> + <input type="hidden" name="dbTable" value="SnortruleSigsIps" /> <!-- what db table--> + <input type="hidden" name="ifaceTab" value="snort_ruleset_ips" /> <!-- what interface tab --> + + <tr id="frheader" > + <td width="1%" class="listhdrr2"> On</td> + <td width="1%" class="listhdrr2"> Sid</td> + <td width="1%" class="listhdrr2"> Source</td> + <td width="1%" class="listhdrr2"> Amount</td> + <td width="1%" class="listhdrr2"> Duration</td> + <td width="20%" class="listhdrr2">Message</td> + </tr> + + <tbody class="rulesetloopblock"> + + </tbody> + +</table> +<br> +<table> +<tr> + <td> + <input name="Submit" type="submit" class="formbtn" value="Save"> + <input id="cancel" type="button" class="formbtn" value="Cancel"> + </td> +</tr> +</table> + + </form > + <!-- STOP MAIN AREA --> + </table> + </td> + </tr> + </table> + </td> + </tr> +</table> +</div> + +<script type="text/javascript"> + +//prepare the form when the DOM is ready +jQuery(document).ready(function() { + + + jQuery('.getBlockFileNum').live('click', function(){ + jQuery.getJSON("/snort/snort_json_get.php?snortsamjson=1", { fileid: this.text }, function(data) { + jQuery('.hidemetr').remove(); + makeLargeSidTables(data); + }); + }); + + //showLoading('#loadingWaiting'); + + // NOTE: needs to be watched + // change url on selected dropdown rule + jQuery('select[name=selectbox]').change(function() { + window.location.replace(jQuery(this).val()); + }); + +function makeLargeSidTables(snortObjlist) { + + // disable Row Append if row count is less than 0 + var countRowAppend = snortObjlist.length; + + // if rowcount is not empty do this + if (countRowAppend > 0){ + + // Break up append row adds by chunks of 300 + // NOTE: ie9 is still giving me issues on deleted.rules 6000 sigs. I should break up the json code above into smaller parts. + incrementallyProcess(function (i){ + // loop code goes in here + + if (isEven(i) === true){ + var rowIsEvenOdd = 'odd_ruleset2'; + }else{ + var rowIsEvenOdd = 'even_ruleset2'; + } + + if (snortObjlist[i].enable === 'on'){ + var rulesetChecked = 'checked'; + }else{ + var rulesetChecked = ''; + } + + jQuery('.rulesetloopblock').append( + "\n" + '<tr class="hidemetr" id="ipstable_' + snortObjlist[i].sid + '" valign="top">' + "\n" + + '<td class="' + rowIsEvenOdd + '">' + "\n" + + '<input class="domecheck" id="checkbox_' + snortObjlist[i].sid + '" name="snortsam[db][' + snortObjlist[i].sid + '][enable]" value="' + snortObjlist[i].enable + '" checked="' + rulesetChecked + '" type="checkbox">' + "\n" + + '</td>' + "\n" + + '<td class="' + rowIsEvenOdd + '" id="sid_' + snortObjlist[i].sid + '" >' + snortObjlist[i].sid + '</td>' + "\n" + + '<td class="' + rowIsEvenOdd + '">' + "\n" + + '<select class="formfld2" id="who_' + snortObjlist[i].sid + '" name="snortsam[db][' + snortObjlist[i].sid + '][who]">' + "\n" + + <?php + $memoryPerfList = array('src' => 'SRC', 'dst' => 'DST', 'both' => 'BOTH'); + snortDropDownListJson($memoryPerfList, 'src'); + ?> + '</select>' + "\n" + + '</td>' + "\n" + + '<td class="' + rowIsEvenOdd + '">' + "\n" + + '<input class="formfld2" id="timeamount_' + snortObjlist[i].sid + '" name="snortsam[db][' + snortObjlist[i].sid + '][timeamount]" type="text" size="7" value="' + snortObjlist[i].timeamount + '">' + "\n" + + '</td>' + "\n" + + '<td class="' + rowIsEvenOdd + '">' + "\n" + + '<select class="formfld2" id="timetype_' + snortObjlist[i].sid + '" name="snortsam[db][' + snortObjlist[i].sid + '][timetype]" >' + "\n" + + <?php + // 'days', 'months', 'weeks', 'years', 'minutes', 'seconds', 'hours' ALWAYS + $memoryPerfList = array('minutes' => 'MINUTES', 'seconds' => 'SECONDS', 'hours' => 'HOURS', 'days' => 'DAYS', 'weeks' => 'WEEKS', 'months' => 'MONTHS', 'ALWAYS' => 'ALWAYS', ); + snortDropDownListJson($memoryPerfList, 'days'); + ?> + '</select>' + "\n" + + '</td>' + "\n" + + '<td class="listbg" id="msg_' + snortObjlist[i].sid + '"><font color="white">' + snortObjlist[i].msg + '</font></td>' + "\n" + + '</tr>' + "\n" + ); + + }, + snortObjlist, // Object to work with the case Json object + 500, // chunk size + 200, // how many secs to wait + function (){ + + // if rowcount is more than 300 + if (countRowAppend > 200){ + // call to please wait + hideLoading('#loadingWaiting'); + } + + }); // end incrament + } // end of if stopRowAppend + +}; // END make table func + + +jQuery.getJSON("/snort/snort_json_get.php?snortsamjson=1", { fileid: "1" }, function(data) { + jQuery('.hidemetr').remove(); + makeLargeSidTables(data); +}); + +}); // end of document ready + + + + +</script> + + +<!-- footer do not touch below --> +<?php +include("fend.inc"); +echo $snort_custom_rnd_box; +?> + + +</body> +</html> diff --git a/config/varnish64/varnish.inc b/config/varnish64/varnish.inc index b203b041..61704fb4 100644 --- a/config/varnish64/varnish.inc +++ b/config/varnish64/varnish.inc @@ -308,6 +308,69 @@ function sync_package_varnish() { if($vcl['vcl_pipe_late']) $vcl_pipe_late = $vcl['vcl_pipe_late']; } + $vcl_recv_basic='#BASIC VCL RULES'."\n"; + foreach($config['installedpackages']['varnishsettings']['config'] as $vcl) { + if($vcl['sessioncache']){ + $vcl_recv_basic.="\t#Disable session cache\n"; + $vcl_recv_basic.="\t".'if (req.http.Cookie && req.http.Cookie ~ "(JSESSION|PHPSESSID)"){return(pass);}'."\n"; + $vcl_recv_basic.="\t".'if (req.http.X-Requested-With == "XMLHttpRequest" || req.url ~ "nocache"){return(pass);}'."\n\n"; + } + if($vcl['postcache']){ + $vcl_recv_basic.="\t#Disable post cache\n"; + $vcl_recv_basic.="\t".'if (req.request == "POST"){return(pass);}'."\n\n"; + } + if($vcl['imagecache']){ + $vcl_recv_basic.="\t#Enable image cache\n"; + $vcl_recv_basic.="\t".'if (req.request=="GET" && req.url ~ "\.(css|js|gif|jpg|jpeg|bmp|png|ico|img|tga|wmf)$") {remove req.http.cookie;return(lookup);}' ."\n\n"; + } + if($vcl['fixgzip']){ + $vcl_recv_basic.="\t#Fix gzip compression\n"; + $vcl_recv_basic.="\t".'if (req.http.Accept-Encoding) {'."\n"; + $vcl_recv_basic.="\t".'if (req.url ~ "\.(gif|jpg|jpeg|bmp|png|ico|img|tga|wmf|gz|tgz|bz2|tbz|mp3|ogg)$") {remove req.http.Accept-Encoding;}'."\n"; + $vcl_recv_basic.="\t".'else if (req.http.Accept-Encoding ~ "gzip") {set req.http.Accept-Encoding = "gzip";}'."\n"; + $vcl_recv_basic.="\t".'else if (req.http.Accept-Encoding ~ "deflate") {set req.http.Accept-Encoding = "deflate";}'."\n"; + $vcl_recv_basic.="\t".'else {remove req.http.Accept-Encoding;}}'."\n\n"; + } + if($vcl['rfc2616']){ + $vcl_recv_basic.="\t#Be rfc2616 compliant\n"; + $vcl_recv_basic.="\t".'if (req.request != "GET" && req.request != "HEAD" && req.request != "PUT" && req.request != "POST" &&'."\n"; + $vcl_recv_basic.="\t".' req.request != "TRACE" && req.request != "OPTIONS" && req.request != "DELETE") {return(pipe);}'."\n\n"; + } +if($vcl['xforward']){ + $vcl_recv_basic.="\t#set X-forward\n"; + switch ($vcl['xforward']){ + case 'set': + $vcl_recv_basic.="\t".'set req.http.X-Forwarded-For = client.ip;'."\n\n"; + break; + case 'append': + $vcl_recv_basic.="\t".'set req.http.X-Forwarded-For = req.http.X-Forwarded-For "," client.ip;'."\n\n"; + break; + case 'create': + $vcl_recv_basic.="\t".'set req.http.X-Forwarded-Varnish = client.ip;'."\n\n"; + break; + case 'unset': + $vcl_recv_basic.="\t".'unset req.http.X-Forwarded-For;'."\n\n"; + break; + } + } + if($vcl['clientbalance']){ + $vcl_recv_basic.="\t#set client balance identity\n"; + switch ($vcl['clientbalance']){ + case 'url': + $vcl_recv_basic.="\t".'set client.identity = req.url;'."\n\n"; + break; + case 'ip': + $vcl_recv_basic.="\t".'set client.identity = client.ip;'."\n\n"; + break; + case 'agent': + $vcl_recv_basic.="\t".'set client.identity = req.http.user-agent;'."\n\n"; + break; + } + } + if($vcl['htmlerror'] && !$errorvcl){ + $errorvcl=$vcl['htmlerror']; + } + } } if(!$errorvcl) @@ -369,28 +432,7 @@ sub vcl_error { sub vcl_recv { {$vcl_recv_early} - # If the client sent an X-Forwarded-For header, remove it. - # It cannot betrusted. - unset req.http.X-Forwarded-For; - # Note that we don't need to add the client ip to the X-Forwarded-For - # header, varnish will do that for us - if (req.http.Accept-Encoding) { - # Handle compression correctly. Varnish treats headers literally - # not semantically. So it is very well possible that there are - # cache misses because the headers sent by different browsers - # aren't the same. - # @see: http:// varnish.projects.linpro.no/wiki/FAQ/Compression - if (req.http.Accept-Encoding ~ "gzip") { - # if the browser supports it, we'll use gzip - set req.http.Accept-Encoding = "gzip"; - } elsif (req.http.Accept-Encoding ~ "deflate") { - # next, try deflate if it is supported - set req.http.Accept-Encoding = "deflate"; - } else { - # unknown algorithm. Probably junk, remove it - unset req.http.Accept-Encoding; - } - } + {$vcl_recv_basic} {$urlmappings} {$vcl_recv_late} if (req.request != "GET" && req.request != "HEAD") { diff --git a/config/widescreen/bin/fbegin.inc_ b/config/widescreen/bin/fbegin.inc_ index b1d94df8..a7a96e0f 100644 --- a/config/widescreen/bin/fbegin.inc_ +++ b/config/widescreen/bin/fbegin.inc_ @@ -1,4 +1,3 @@ - <script src="/javascript/sorttable.js"></script> <?php @@ -186,8 +185,10 @@ $diagnostics_menu[] = array("DNS Lookup", "/diag_dns.php"); $diagnostics_menu[] = array("Edit File", "/edit.php"); $diagnostics_menu[] = array("Factory Defaults", "/diag_defaults.php"); $diagnostics_menu[] = array("Halt System", "/halt.php" ); -$diagnostics_menu[] = array("Tables", "/diag_tables.php"); +$diagnostics_menu[] = array("Limiter Info", "/diag_limiter_info.php"); +$diagnostics_menu[] = array("NDP Table", "/diag_ndp.php"); $diagnostics_menu[] = array("Ping", "/diag_ping.php"); +$diagnostics_menu[] = array("pfInfo", "/diag_pf_info.php"); $diagnostics_menu[] = array("pfTOP", "/diag_system_pftop.php"); $diagnostics_menu[] = array("Reboot", "/reboot.php"); $diagnostics_menu[] = array("Routes", "/diag_routes.php"); @@ -195,6 +196,7 @@ $diagnostics_menu[] = array("SMART Status", "/diag_smart.php"); $diagnostics_menu[] = array("States", "/diag_dump_states.php"); $diagnostics_menu[] = array("States Summary", "/diag_states_summary.php"); $diagnostics_menu[] = array("System Activity", "/diag_system_activity.php"); +$diagnostics_menu[] = array("Tables", "/diag_tables.php"); $diagnostics_menu[] = array("Traceroute", "/diag_traceroute.php"); $diagnostics_menu[] = array("Packet Capture", "/diag_packet_capture.php"); if($g['platform'] == "nanobsd") diff --git a/config/widget-antivirus/antivirus_status.widget.php b/config/widget-antivirus/antivirus_status.widget.php index 650c0f95..fee10ea8 100644 --- a/config/widget-antivirus/antivirus_status.widget.php +++ b/config/widget-antivirus/antivirus_status.widget.php @@ -39,6 +39,11 @@ define('PATH_CLAMDB', '/var/db/clamav'); define('PATH_HAVPLOG', '/var/log/havp/access.log'); define('PATH_AVSTATUS', '/var/tmp/havp.status'); + +if (file_exists("/usr/local/pkg/havp.inc")) + require_once("/usr/local/pkg/havp.inc"); +else echo "No havp.inc found"; + function havp_avdb_info($filename) { $stl = "style='padding-top: 0px; padding-bottom: 0px; padding-left: 4px; padding-right: 4px; border-left: 1px solid #999999;'"; @@ -52,7 +57,7 @@ function havp_avdb_info($filename) # datetime $dt = explode(" ", $s[1]); - $s[1] = strftime("%d.%m.%Y", strtotime("{$dt[0]} {$dt[1]} {$dt[2]}")); + $s[1] = strftime("%m.%d.%Y", strtotime("{$dt[0]} {$dt[1]} {$dt[2]}")); if ($s[0] == 'ClamAV-VDB') $r .= "<tr class='listr'><td>{$filename}</td><td $stl>{$s[1]}</td><td $stl>{$s[2]}</td><td $stl>{$s[7]}</td></tr>"; } @@ -66,12 +71,21 @@ function dwg_avbases_info() $db = '<table width="100%" border="0" cellspacing="0" cellpadding="1" ><tbody>'; $db .= '<tr class="vncellt" ><td>Database</td><td>Date</td><td>Ver.</td><td>Builder</td></tr>'; $db .= havp_avdb_info("daily.cld"); + $db .= havp_avdb_info("bytecode.cld"); $db .= havp_avdb_info("main.cvd"); $db .= havp_avdb_info("safebrowsing.cld"); $db .= '</tbody></table>'; return $db; } +function avupdate_status() +{ + $s = "Not found."; + if (HVDEF_UPD_STATUS_FILE && file_exists(HVDEF_UPD_STATUS_FILE)) + $s = file_get_contents(HVDEF_UPD_STATUS_FILE); + return str_replace( "\n", "<br>", $s ); +} + function dwg_av_statistic() { $s = "Unknown."; @@ -141,9 +155,7 @@ $s = "Found $count viruses (total)."; <td class="vncellt">Last Update</td> <td class="listr" width=75%> <?php - if (file_exists(PATH_AVSTATUS)) - echo file_get_contents(PATH_AVSTATUS); - else echo "Unknown." + echo avupdate_status(); ?> </td> </tr> diff --git a/pkg_config.8.xml b/pkg_config.8.xml index 151cd409..2faf706a 100755 --- a/pkg_config.8.xml +++ b/pkg_config.8.xml @@ -172,10 +172,11 @@ <depends_on_package>gdbm-1.8.3_3.tbz</depends_on_package> <depends_on_package>perl-5.12.3.tbz</depends_on_package> <depends_on_package>libpcap-1.1.1_1.tbz</depends_on_package> - <depends_on_package>GeoIP-1.4.7.tbz</depends_on_package> + <depends_on_package>GeoIP-1.4.8_1.tbz</depends_on_package> <depends_on_package>font-util-1.2.0.tbz</depends_on_package> <depends_on_package>webfonts-0.30_6.tbz</depends_on_package> <depends_on_package>ntop-4.0.1_1.tbz</depends_on_package> + <build_port_path>/usr/ports/net/GeoIP</build_port_path> <build_port_path>/usr/ports/databases/gdbm</build_port_path> <build_port_path>/usr/ports/databases/rrdtool12</build_port_path> <build_port_path>/usr/ports/x11-fonts/font-util</build_port_path> @@ -572,6 +573,22 @@ <build_port_path>/usr/home/pfsense/tools/pfPorts/imspector</build_port_path> </package> <package> + <name>imspector-wip</name> + <descr>Work in progress package, incompatible with the 0.8 IMSpector package, do not install if the imspector package is installed - IMSpector is an Instant Messenger transparent proxy with logging capabilities. Currently it supports MSN, AIM, ICQ, Yahoo and IRC to different degrees.</descr> + <website>http://www.imspector.org/</website> + <category>Network Management</category> + <maintainer>billm@pfsense.org</maintainer> + <version>0.9-3</version> + <required_version>2.0</required_version> + <status>BETA</status> + <pkginfolink>http://doc.pfsense.org/index.php/IMSpector_package</pkginfolink> + <config_file>http://www.pfsense.com/packages/config/imspector-wip/imspector.xml</config_file> + <configurationfile>imspector.xml</configurationfile> + <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package>imspector-0.9.tbz</depends_on_package> + <build_port_path>/usr/home/pfsense/tools/pfPorts/imspector</build_port_path> + </package> + <package> <name>nut</name> <descr>Network UPS Tools</descr> <website>http://www.networkupstools.org/</website> @@ -750,7 +767,7 @@ <required_version>2</required_version> <maintainer>fernando@netfilter.com.br seth.mos@xs4all.nl mfuchs77@googlemail.com jimp@pfsense.org</maintainer> <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> - <depends_on_package>squid-2.7.9.tbz</depends_on_package> + <depends_on_package>squid-2.7.9_1.tbz</depends_on_package> <depends_on_package>squid_radius_auth-1.10.tbz</depends_on_package> <depends_on_package>libwww-5.4.0_4.tbz</depends_on_package> <build_port_path>/usr/ports/www/squid</build_port_path> @@ -1059,7 +1076,7 @@ <name>mailreport</name> <descr>Allows you to setup periodic e-mail reports containing RRD graphs.</descr> <category>Network Management</category> - <version>1.0</version> + <version>1.1</version> <status>BETA</status> <required_version>2.0</required_version> <config_file>http://www.pfsense.com/packages/config/mailreport/mailreport.xml</config_file> diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64 index 07479f29..7d6be717 100755 --- a/pkg_config.8.xml.amd64 +++ b/pkg_config.8.xml.amd64 @@ -41,7 +41,7 @@ <required_version>2</required_version> <maintainer>fernando@netfilter.com.br seth.mos@xs4all.nl mfuchs77@googlemail.com jimp@pfsense.org</maintainer> <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> - <depends_on_package>squid-2.7.9.tbz</depends_on_package> + <depends_on_package>squid-2.7.9_1.tbz</depends_on_package> <depends_on_package>squid_radius_auth-1.10.tbz</depends_on_package> <depends_on_package>libwww-5.4.0_4.tbz</depends_on_package> <build_port_path>/usr/ports/www/squid</build_port_path> @@ -210,10 +210,11 @@ <depends_on_package>gdbm-1.8.3_3.tbz</depends_on_package> <depends_on_package>perl-5.12.3.tbz</depends_on_package> <depends_on_package>libpcap-1.1.1_1.tbz</depends_on_package> - <depends_on_package>GeoIP-1.4.7.tbz</depends_on_package> + <depends_on_package>GeoIP-1.4.8_1.tbz</depends_on_package> <depends_on_package>font-util-1.2.0.tbz</depends_on_package> <depends_on_package>webfonts-0.30_6.tbz</depends_on_package> <depends_on_package>ntop-4.0.1_1.tbz</depends_on_package> + <build_port_path>/usr/ports/net/GeoIP</build_port_path> <build_port_path>/usr/ports/databases/gdbm</build_port_path> <build_port_path>/usr/ports/databases/rrdtool12</build_port_path> <build_port_path>/usr/ports/x11-fonts/font-util</build_port_path> @@ -610,11 +611,11 @@ </package> <package> <name>imspector-wip</name> - <descr>Work in progress package, incompatible with the 0.8 IMSpector package, do not install - IMSpector is an Instant Messenger transparent proxy with logging capabilities. Currently it supports MSN, AIM, ICQ, Yahoo and IRC to different degrees.</descr> + <descr>Work in progress package, incompatible with the 0.8 IMSpector package, do not install if the imspector package is installed - IMSpector is an Instant Messenger transparent proxy with logging capabilities. Currently it supports MSN, AIM, ICQ, Yahoo and IRC to different degrees.</descr> <website>http://www.imspector.org/</website> <category>Network Management</category> <maintainer>billm@pfsense.org</maintainer> - <version>0.9-2</version> + <version>0.9-3</version> <required_version>2.0</required_version> <status>BETA</status> <pkginfolink>http://doc.pfsense.org/index.php/IMSpector_package</pkginfolink> @@ -1076,7 +1077,7 @@ <name>mailreport</name> <descr>Allows you to setup periodic e-mail reports containing RRD graphs.</descr> <category>Network Management</category> - <version>1.0</version> + <version>1.1</version> <status>BETA</status> <required_version>2.0</required_version> <config_file>http://www.pfsense.com/packages/config/mailreport/mailreport.xml</config_file> |