diff options
| -rw-r--r-- | config/suricata/suricata_check_for_rule_updates.php | 16 | ||||
| -rw-r--r-- | config/suricata/suricata_download_updates.php | 28 |
2 files changed, 41 insertions, 3 deletions
diff --git a/config/suricata/suricata_check_for_rule_updates.php b/config/suricata/suricata_check_for_rule_updates.php index 3cf6b84b..4d159cdb 100644 --- a/config/suricata/suricata_check_for_rule_updates.php +++ b/config/suricata/suricata_check_for_rule_updates.php @@ -239,7 +239,7 @@ function suricata_check_rule_md5($file_url, $file_dst, $desc = "") { /* error occurred. */ /**********************************************************/ - global $pkg_interface, $suricata_rules_upd_log, $last_curl_error; + global $pkg_interface, $suricata_rules_upd_log, $last_curl_error, $update_errors; $suricatadir = SURICATADIR; $filename_md5 = basename($file_dst); @@ -284,6 +284,7 @@ function suricata_check_rule_md5($file_url, $file_dst, $desc = "") { if ($pkg_interface == "console") error_log(gettext("\tServer error message was: {$last_curl_error}\n"), 3, $suricata_rules_upd_log); error_log(gettext("\t{$desc} will not be updated.\n"), 3, $suricata_rules_upd_log); + $update_errors = true; return false; } } @@ -307,7 +308,7 @@ function suricata_fetch_new_rules($file_url, $file_dst, $file_md5, $desc = "") { /* FALSE if download was not successful. */ /**********************************************************/ - global $pkg_interface, $suricata_rules_upd_log, $last_curl_error; + global $pkg_interface, $suricata_rules_upd_log, $last_curl_error, $update_errors; $suricatadir = SURICATADIR; $filename = basename($file_dst); @@ -337,6 +338,7 @@ function suricata_fetch_new_rules($file_url, $file_dst, $file_md5, $desc = "") { error_log(gettext("\tDownloaded {$desc} file MD5: " . md5_file($file_dst) . "\n"), 3, $suricata_rules_upd_log); error_log(gettext("\tExpected {$desc} file MD5: {$file_md5}\n"), 3, $suricata_rules_upd_log); error_log(gettext("\t{$desc} file download failed. {$desc} will not be updated.\n"), 3, $suricata_rules_upd_log); + $update_errors = true; return false; } return true; @@ -349,6 +351,7 @@ function suricata_fetch_new_rules($file_url, $file_dst, $file_md5, $desc = "") { if ($pkg_interface == "console") error_log(gettext("\tThe error text was: {$last_curl_error}\n"), 3, $suricata_rules_upd_log); error_log(gettext("\t{$desc} will not be updated.\n"), 3, $suricata_rules_upd_log); + $update_errors = true; return false; } @@ -375,6 +378,7 @@ if (file_exists($suricata_rules_upd_log)) { /* Log start time for this rules update */ error_log(gettext("Starting rules update... Time: " . date("Y-m-d H:i:s") . "\n"), 3, $suricata_rules_upd_log); $last_curl_error = ""; +$update_errors = false; /* Check for and download any new Emerging Threats Rules sigs */ if ($emergingthreats == 'on') { @@ -715,4 +719,12 @@ conf_mount_ro(); // Restore the state of $pkg_interface $pkg_interface = $pkg_interface_orig; +/* Save this update status to the configuration file */ +if ($update_errors) + $config['installedpackages']['suricata']['config'][0]['last_rule_upd_status'] = gettext("failed"); +else + $config['installedpackages']['suricata']['config'][0]['last_rule_upd_status'] = gettext("success"); +$config['installedpackages']['suricata']['config'][0]['last_rule_upd_time'] = gettext(date("M-d Y H:i")); +write_config(); + ?> diff --git a/config/suricata/suricata_download_updates.php b/config/suricata/suricata_download_updates.php index 46030bd0..a353b054 100644 --- a/config/suricata/suricata_download_updates.php +++ b/config/suricata/suricata_download_updates.php @@ -40,6 +40,16 @@ $emergingthreats = $config['installedpackages']['suricata']['config'][0]['enable $etpro = $config['installedpackages']['suricata']['config'][0]['enable_etpro_rules']; $snortcommunityrules = $config['installedpackages']['suricata']['config'][0]['snortcommunityrules']; +/* Get last update information if available */ +if (!empty($config['installedpackages']['suricata']['config'][0]['last_rule_upd_time'])) + $last_rule_upd_time = htmlspecialchars($config['installedpackages']['suricata']['config'][0]['last_rule_upd_time']); +else + $last_rule_upd_time = gettext("Unknown"); +if (!empty($config['installedpackages']['suricata']['config'][0]['last_rule_upd_status'])) + $last_rule_upd_status = htmlspecialchars($config['installedpackages']['suricata']['config'][0]['last_rule_upd_status']); +else + $last_rule_upd_status = gettext("Unknown"); + $snort_rules_file = VRT_DNLD_FILENAME; $snort_community_rules_filename = GPLV2_DNLD_FILENAME; @@ -211,6 +221,22 @@ include_once("head.inc"); </tr> <tr> <td align="center"> + <table width="45%" border="0" cellpadding="0" cellspacing="0"> + <tbody> + <tr> + <td class="list" align="right"><strong><?php echo gettext("Last Update:");?></strong></td> + <td class="list" align="left"><?php echo $last_rule_upd_time;?></td> + </tr> + <tr> + <td class="list" align="right"><strong><?php echo gettext("Result:");?></strong></td> + <td class="list" align="left"><?php echo $last_rule_upd_status;?></td> + </tr> + </tbody> + </table> + </td> + </tr> + <tr> + <td align="center"> <?php if ($snortdownload != 'on' && $emergingthreats != 'on' && $etpro != 'on'): ?> <br/><button disabled="disabled"><?=gettext("Check");?></button> <button disabled="disabled"><?=gettext("Force");?></button> @@ -226,7 +252,7 @@ include_once("head.inc"); title="<?php echo gettext("Check for new updates to enabled rule sets"); ?>"/> <input type="submit" value="<?=gettext("Force");?>" name="force" id="force" class="formbtn" title="<?=gettext("Force an update of all enabled rule sets");?>" - onclick="return confirm('<?=gettext("This will zero-out the MD5 hashes to force a fresh download of enabled rule sets. Click OK to continue or CANCEL to quit");?>');"/> + onclick="return confirm('<?=gettext("This will zero-out the MD5 hashes to force a fresh download of all enabled rule sets. Click OK to continue or CANCEL to quit");?>');"/> <br/><br/> <?php endif; ?> </td> |