diff options
-rwxr-xr-x | config/snort/snort_define_servers.php | 8 | ||||
-rw-r--r-- | config/snort/snort_passlist_edit.php | 7 | ||||
-rwxr-xr-x | config/snort/snort_preprocessors.php | 6 |
3 files changed, 17 insertions, 4 deletions
diff --git a/config/snort/snort_define_servers.php b/config/snort/snort_define_servers.php index b72a3d4e..0d24f197 100755 --- a/config/snort/snort_define_servers.php +++ b/config/snort/snort_define_servers.php @@ -107,11 +107,15 @@ if ($_POST['save']) { foreach ($snort_servers as $key => $server) { if ($_POST["def_{$key}"] && !is_alias($_POST["def_{$key}"])) - $input_errors[] = "Only aliases are allowed"; + $input_errors[] = "Only aliases are allowed."; + if ($_POST["def_{$key}"] && is_alias($_POST["def_{$key}"]) && trim(filter_expand_alias($_POST["def_{$key}"])) == "") + $input_errors[] = "FQDN aliases are not allowed in Snort."; } foreach ($snort_ports as $key => $server) { if ($_POST["def_{$key}"] && !is_alias($_POST["def_{$key}"])) - $input_errors[] = "Only aliases are allowed"; + $input_errors[] = "Only aliases are allowed."; + if ($_POST["def_{$key}"] && is_alias($_POST["def_{$key}"]) && trim(filter_expand_alias($_POST["def_{$key}"])) == "") + $input_errors[] = "FQDN aliases are not allowed in Snort."; } /* if no errors write to conf */ if (!$input_errors) { diff --git a/config/snort/snort_passlist_edit.php b/config/snort/snort_passlist_edit.php index 9f95adb4..75724344 100644 --- a/config/snort/snort_passlist_edit.php +++ b/config/snort/snort_passlist_edit.php @@ -155,9 +155,12 @@ if ($_POST['save']) { } } - if ($_POST['address']) + if ($_POST['address']) { if (!is_alias($_POST['address'])) - $input_errors[] = gettext("A valid alias must be provided"); + $input_errors[] = gettext("A valid alias must be provided."); + if (is_alias($_POST['address']) && trim(filter_expand_alias($_POST['address'])) == "") + $input_errors[] = gettext("FQDN aliases are not supported in Snort."); + } if (!$input_errors) { $p_list = array(); diff --git a/config/snort/snort_preprocessors.php b/config/snort/snort_preprocessors.php index de680886..d5eadfd9 100755 --- a/config/snort/snort_preprocessors.php +++ b/config/snort/snort_preprocessors.php @@ -451,6 +451,12 @@ if ($_POST['save']) { $input_errors[] = gettext("The value for Application ID Stats Period must be between 60 and 3600."); } + // Validate Portscan Ignore_Scanners parameter + if ($_POST['sf_portscan'] == 'on' && is_alias($_POST['pscan_ignore_scanners'])) { + if (trim(filter_expand_alias($_POST["def_{$key}"])) == "") + $input_errors[] = gettext("FQDN aliases are not supported in Snort for the PORTSCAN IGNORE_SCANNERS parameter."); + } + /* if no errors write to conf */ if (!$input_errors) { /* post new options */ |