diff options
Diffstat (limited to 'config/snort-dev/snort_interfaces_edit.php')
-rw-r--r-- | config/snort-dev/snort_interfaces_edit.php | 1021 |
1 files changed, 620 insertions, 401 deletions
diff --git a/config/snort-dev/snort_interfaces_edit.php b/config/snort-dev/snort_interfaces_edit.php index ade5ade8..aee7bee1 100644 --- a/config/snort-dev/snort_interfaces_edit.php +++ b/config/snort-dev/snort_interfaces_edit.php @@ -1,19 +1,13 @@ <?php -/* $Id$ */ /* - - part of pfSense - All rights reserved. + snort_interfaces_edit.php + part of m0n0wall (http://m0n0.ch/wall) Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>. + Copyright (C) 2008-2009 Robert Zelaya. + Copyright (C) 2011 Ermal Luci All rights reserved. - Pfsense Old snort GUI - Copyright (C) 2006 Scott Ullrich. - - Pfsense snort GUI - Copyright (C) 2008-2012 Robert Zelaya. - Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: @@ -24,10 +18,6 @@ notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - 3. Neither the name of the pfSense nor the names of its contributors - may be used to endorse or promote products derived from this software without - specific prior written permission. - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE @@ -38,499 +28,728 @@ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ require_once("guiconfig.inc"); -require_once("/usr/local/pkg/snort/snort_new.inc"); require_once("/usr/local/pkg/snort/snort_gui.inc"); +require_once("/usr/local/pkg/snort/snort.inc"); -//Set no caching -header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); -header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); -header("Cache-Control: no-store, no-cache, must-revalidate"); -header("Cache-Control: post-check=0, pre-check=0", false); -header("Pragma: no-cache"); +global $g; -// set page vars +if (!is_array($config['installedpackages']['snortglobal']['rule'])) + $config['installedpackages']['snortglobal']['rule'] = array(); -$uuid = $_GET['uuid']; -if (isset($_POST['uuid'])) -$uuid = $_POST['uuid']; +$a_nat = &$config['installedpackages']['snortglobal']['rule']; -if ($uuid == '') { - echo 'error: no uuid'; - exit(0); +$id = $_GET['id']; +if (isset($_POST['id'])) + $id = $_POST['id']; +if (is_null($id)) { + header("Location: /snort/snort_interfaces.php"); + exit; } +if (isset($_GET['dup'])) { + $id = $_GET['dup']; + $after = $_GET['dup']; +} -$a_list = snortSql_fetchAllSettings('snortDB', 'SnortIfaces', 'uuid', $uuid); - -$a_rules = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'All', ''); +/* always have a limit of (65535) numbers only or snort will not start do to id limits */ +/* TODO: When inline gets added make the uuid the port number lisstening */ +$pconfig = array(); -if (!is_array($a_list)) { - $a_list = array(); +/* gen uuid for each iface !inportant */ +if (empty($config['installedpackages']['snortglobal']['rule'][$id]['uuid'])) { + //$snort_uuid = gen_snort_uuid(strrev(uniqid(true))); + $snort_uuid = 0; + while ($snort_uuid > 65535 || $snort_uuid == 0) { + $snort_uuid = mt_rand(1, 65535); + $pconfig['uuid'] = $snort_uuid; + } +} else { + $snort_uuid = $a_nat[$id]['uuid']; + $pconfig['uuid'] = $snort_uuid; } -$a_whitelist = snortSql_fetchAllWhitelistTypes('SnortWhitelist', 'SnortWhitelistips'); +if (isset($id) && $a_nat[$id]) { + + /* old options */ + $pconfig['def_ssl_ports_ignore'] = $a_nat[$id]['def_ssl_ports_ignore']; + $pconfig['flow_depth'] = $a_nat[$id]['flow_depth']; + $pconfig['max_queued_bytes'] = $a_nat[$id]['max_queued_bytes']; + $pconfig['max_queued_segs'] = $a_nat[$id]['max_queued_segs']; + $pconfig['perform_stat'] = $a_nat[$id]['perform_stat']; + $pconfig['http_inspect'] = $a_nat[$id]['http_inspect']; + $pconfig['other_preprocs'] = $a_nat[$id]['other_preprocs']; + $pconfig['ftp_preprocessor'] = $a_nat[$id]['ftp_preprocessor']; + $pconfig['smtp_preprocessor'] = $a_nat[$id]['smtp_preprocessor']; + $pconfig['sf_portscan'] = $a_nat[$id]['sf_portscan']; + $pconfig['dce_rpc_2'] = $a_nat[$id]['dce_rpc_2']; + $pconfig['dns_preprocessor'] = $a_nat[$id]['dns_preprocessor']; + $pconfig['def_dns_servers'] = $a_nat[$id]['def_dns_servers']; + $pconfig['def_dns_ports'] = $a_nat[$id]['def_dns_ports']; + $pconfig['def_smtp_servers'] = $a_nat[$id]['def_smtp_servers']; + $pconfig['def_smtp_ports'] = $a_nat[$id]['def_smtp_ports']; + $pconfig['def_mail_ports'] = $a_nat[$id]['def_mail_ports']; + $pconfig['def_http_servers'] = $a_nat[$id]['def_http_servers']; + $pconfig['def_www_servers'] = $a_nat[$id]['def_www_servers']; + $pconfig['def_http_ports'] = $a_nat[$id]['def_http_ports']; + $pconfig['def_sql_servers'] = $a_nat[$id]['def_sql_servers']; + $pconfig['def_oracle_ports'] = $a_nat[$id]['def_oracle_ports']; + $pconfig['def_mssql_ports'] = $a_nat[$id]['def_mssql_ports']; + $pconfig['def_telnet_servers'] = $a_nat[$id]['def_telnet_servers']; + $pconfig['def_telnet_ports'] = $a_nat[$id]['def_telnet_ports']; + $pconfig['def_snmp_servers'] = $a_nat[$id]['def_snmp_servers']; + $pconfig['def_snmp_ports'] = $a_nat[$id]['def_snmp_ports']; + $pconfig['def_ftp_servers'] = $a_nat[$id]['def_ftp_servers']; + $pconfig['def_ftp_ports'] = $a_nat[$id]['def_ftp_ports']; + $pconfig['def_ssh_servers'] = $a_nat[$id]['def_ssh_servers']; + $pconfig['def_ssh_ports'] = $a_nat[$id]['def_ssh_ports']; + $pconfig['def_pop_servers'] = $a_nat[$id]['def_pop_servers']; + $pconfig['def_pop2_ports'] = $a_nat[$id]['def_pop2_ports']; + $pconfig['def_pop3_ports'] = $a_nat[$id]['def_pop3_ports']; + $pconfig['def_imap_servers'] = $a_nat[$id]['def_imap_servers']; + $pconfig['def_imap_ports'] = $a_nat[$id]['def_imap_ports']; + $pconfig['def_sip_proxy_ip'] = $a_nat[$id]['def_sip_proxy_ip']; + $pconfig['def_sip_servers'] = $a_nat[$id]['def_sip_servers']; + $pconfig['def_sip_ports'] = $a_nat[$id]['def_sip_ports']; + $pconfig['def_sip_proxy_ports'] = $a_nat[$id]['def_sip_proxy_ports']; + $pconfig['def_auth_ports'] = $a_nat[$id]['def_auth_ports']; + $pconfig['def_finger_ports'] = $a_nat[$id]['def_finger_ports']; + $pconfig['def_irc_ports'] = $a_nat[$id]['def_irc_ports']; + $pconfig['def_nntp_ports'] = $a_nat[$id]['def_nntp_ports']; + $pconfig['def_rlogin_ports'] = $a_nat[$id]['def_rlogin_ports']; + $pconfig['def_rsh_ports'] = $a_nat[$id]['def_rsh_ports']; + $pconfig['def_ssl_ports'] = $a_nat[$id]['def_ssl_ports']; + $pconfig['barnyard_enable'] = $a_nat[$id]['barnyard_enable']; + $pconfig['barnyard_mysql'] = $a_nat[$id]['barnyard_mysql']; + $pconfig['enable'] = $a_nat[$id]['enable']; + $pconfig['interface'] = $a_nat[$id]['interface']; + $pconfig['descr'] = $a_nat[$id]['descr']; + $pconfig['performance'] = $a_nat[$id]['performance']; + $pconfig['blockoffenders7'] = $a_nat[$id]['blockoffenders7']; + $pconfig['blockoffenderskill'] = $a_nat[$id]['blockoffenderskill']; + $pconfig['blockoffendersip'] = $a_nat[$id]['blockoffendersip']; + $pconfig['whitelistname'] = $a_nat[$id]['whitelistname']; + $pconfig['homelistname'] = $a_nat[$id]['homelistname']; + $pconfig['externallistname'] = $a_nat[$id]['externallistname']; + $pconfig['suppresslistname'] = $a_nat[$id]['suppresslistname']; + $pconfig['snortalertlogtype'] = $a_nat[$id]['snortalertlogtype']; + $pconfig['alertsystemlog'] = $a_nat[$id]['alertsystemlog']; + $pconfig['tcpdumplog'] = $a_nat[$id]['tcpdumplog']; + $pconfig['snortunifiedlog'] = $a_nat[$id]['snortunifiedlog']; + $pconfig['snortalertcvs'] = $a_nat[$id]['snortalertcvs']; + $pconfig['snortunifiedlogbasic'] = $a_nat[$id]['snortunifiedlogbasic']; + $pconfig['configpassthru'] = base64_decode($a_nat[$id]['configpassthru']); + $pconfig['barnconfigpassthru'] = $a_nat[$id]['barnconfigpassthru']; + $pconfig['rulesets'] = $a_nat[$id]['rulesets']; + $pconfig['rule_sid_off'] = $a_nat[$id]['rule_sid_off']; + $pconfig['rule_sid_on'] = $a_nat[$id]['rule_sid_on']; + + + if (!$pconfig['interface']) + $pconfig['interface'] = "wan"; + } else + $pconfig['interface'] = "wan"; + +/* convert fake interfaces to real */ +$if_real = snort_get_real_interface($pconfig['interface']); + +if (isset($_GET['dup'])) + unset($id); + + /* alert file */ + $d_snortconfdirty_path = "/var/run/snort_conf_{$snort_uuid}_{$if_real}.dirty"; + + if ($_POST["Submit"]) { + + if ($_POST['descr'] == '' && $pconfig['descr'] == '') { + $input_errors[] = "Please enter a description for your reference."; + } + + if ($id == "" && $config['installedpackages']['snortglobal']['rule'][0]['interface'] != "") { -if (!is_array($a_whitelist)) { - $a_whitelist = array(); -} - -$a_suppresslist = snortSql_fetchAllWhitelistTypes('SnortSuppress', ''); + $rule_array = $config['installedpackages']['snortglobal']['rule']; + foreach ($config['installedpackages']['snortglobal']['rule'] as $value) { -if (!is_array($a_suppresslist)) { - $a_suppresslist = array(); -} - + $result_lan = $value['interface']; + $if_real = snort_get_real_interface($result_lan); - $pgtitle = "Services: Snort: Interface Edit:"; - include("/usr/local/pkg/snort/snort_head.inc"); + if ($_POST['interface'] == $result_lan) + $input_errors[] = "Interface $result_lan is in use. Please select another interface."; + } + } -?> + /* XXX: Void code + * check for overlaps + foreach ($a_nat as $natent) { + if (isset($id) && ($a_nat[$id]) && ($a_nat[$id] === $natent)) + continue; + if ($natent['interface'] != $_POST['interface']) + continue; + } + */ + + /* if no errors write to conf */ + if (!$input_errors) { + $natent = array(); + + /* write to conf for 1st time or rewrite the answer */ + if ($_POST['interface']) + $natent['interface'] = $_POST['interface']; + + /* if post write to conf or rewite the answer */ + $natent['enable'] = $_POST['enable'] ? 'on' : 'off'; + $natent['uuid'] = $pconfig['uuid']; + $natent['descr'] = $_POST['descr'] ? $_POST['descr'] : $pconfig['descr']; + $natent['performance'] = $_POST['performance'] ? $_POST['performance'] : $pconfig['performance']; + /* if post = on use on off or rewrite the conf */ + if ($_POST['blockoffenders7'] == "on") + $natent['blockoffenders7'] = 'on'; + else + $natent['blockoffenders7'] = 'off'; + if ($_POST['blockoffenderskill'] == "on") + $natent['blockoffenderskill'] = 'on'; + if ($_POST['blockoffendersip']) + $natent['blockoffendersip'] = $_POST['blockoffendersip']; + + $natent['whitelistname'] = $_POST['whitelistname'] ? $_POST['whitelistname'] : $pconfig['whitelistname']; + $natent['homelistname'] = $_POST['homelistname'] ? $_POST['homelistname'] : $pconfig['homelistname']; + $natent['externallistname'] = $_POST['externallistname'] ? $_POST['externallistname'] : $pconfig['externallistname']; + $natent['suppresslistname'] = $_POST['suppresslistname'] ? $_POST['suppresslistname'] : $pconfig['suppresslistname']; + $natent['snortalertlogtype'] = $_POST['snortalertlogtype'] ? $_POST['snortalertlogtype'] : $pconfig['snortalertlogtype']; + if ($_POST['alertsystemlog'] == "on") { $natent['alertsystemlog'] = 'on'; }else{ $natent['alertsystemlog'] = 'off'; } + if ($_POST['enable']) { $natent['enable'] = 'on'; } else unset($natent['enable']); + if ($_POST['tcpdumplog'] == "on") { $natent['tcpdumplog'] = 'on'; }else{ $natent['tcpdumplog'] = 'off'; } + if ($_POST['snortunifiedlog'] == "on") { $natent['snortunifiedlog'] = 'on'; }else{ $natent['snortunifiedlog'] = 'off'; } + if ($_POST['snortalertcvs'] == "on") { $natent['snortalertcvs'] = 'on'; }else{ $natent['snortalertcvs'] = 'off'; } + if ($_POST['snortunifiedlogbasic'] == "on") { $natent['snortunifiedlogbasic'] = 'on'; }else{ $natent['snortunifiedlogbasic'] = 'off'; } + $natent['configpassthru'] = $_POST['configpassthru'] ? base64_encode($_POST['configpassthru']) : $pconfig['configpassthru']; + /* if optiion = 0 then the old descr way will not work */ + + /* rewrite the options that are not in post */ + /* make shure values are set befor repost or conf.xml will be broken */ + if ($pconfig['def_ssl_ports_ignore'] != "") { $natent['def_ssl_ports_ignore'] = $pconfig['def_ssl_ports_ignore']; } + if ($pconfig['flow_depth'] != "") { $natent['flow_depth'] = $pconfig['flow_depth']; } + if ($pconfig['max_queued_bytes'] != "") { $natent['max_queued_bytes'] = $pconfig['max_queued_bytes']; } + if ($pconfig['max_queued_segs'] != "") { $natent['max_queued_segs'] = $pconfig['max_queued_segs']; } + if ($pconfig['perform_stat'] != "") { $natent['perform_stat'] = $pconfig['perform_stat']; } + if ($pconfig['http_inspect'] != "") { $natent['http_inspect'] = $pconfig['http_inspect']; } + if ($pconfig['other_preprocs'] != "") { $natent['other_preprocs'] = $pconfig['other_preprocs']; } + if ($pconfig['ftp_preprocessor'] != "") { $natent['ftp_preprocessor'] = $pconfig['ftp_preprocessor']; } + if ($pconfig['smtp_preprocessor'] != "") { $natent['smtp_preprocessor'] = $pconfig['smtp_preprocessor']; } + if ($pconfig['sf_portscan'] != "") { $natent['sf_portscan'] = $pconfig['sf_portscan']; } + if ($pconfig['dce_rpc_2'] != "") { $natent['dce_rpc_2'] = $pconfig['dce_rpc_2']; } + if ($pconfig['dns_preprocessor'] != "") { $natent['dns_preprocessor'] = $pconfig['dns_preprocessor']; } + if ($pconfig['def_dns_servers'] != "") { $natent['def_dns_servers'] = $pconfig['def_dns_servers']; } + if ($pconfig['def_dns_ports'] != "") { $natent['def_dns_ports'] = $pconfig['def_dns_ports']; } + if ($pconfig['def_smtp_servers'] != "") { $natent['def_smtp_servers'] = $pconfig['def_smtp_servers']; } + if ($pconfig['def_smtp_ports'] != "") { $natent['def_smtp_ports'] = $pconfig['def_smtp_ports']; } + if ($pconfig['def_mail_ports'] != "") { $natent['def_mail_ports'] = $pconfig['def_mail_ports']; } + if ($pconfig['def_http_servers'] != "") { $natent['def_http_servers'] = $pconfig['def_http_servers']; } + if ($pconfig['def_www_servers'] != "") { $natent['def_www_servers'] = $pconfig['def_www_servers']; } + if ($pconfig['def_http_ports'] != "") { $natent['def_http_ports'] = $pconfig['def_http_ports']; } + if ($pconfig['def_sql_servers'] != "") { $natent['def_sql_servers'] = $pconfig['def_sql_servers']; } + if ($pconfig['def_oracle_ports'] != "") { $natent['def_oracle_ports'] = $pconfig['def_oracle_ports']; } + if ($pconfig['def_mssql_ports'] != "") { $natent['def_mssql_ports'] = $pconfig['def_mssql_ports']; } + if ($pconfig['def_telnet_servers'] != "") { $natent['def_telnet_servers'] = $pconfig['def_telnet_servers']; } + if ($pconfig['def_telnet_ports'] != "") { $natent['def_telnet_ports'] = $pconfig['def_telnet_ports']; } + if ($pconfig['def_snmp_servers'] != "") { $natent['def_snmp_servers'] = $pconfig['def_snmp_servers']; } + if ($pconfig['def_snmp_ports'] != "") { $natent['def_snmp_ports'] = $pconfig['def_snmp_ports']; } + if ($pconfig['def_ftp_servers'] != "") { $natent['def_ftp_servers'] = $pconfig['def_ftp_servers']; } + if ($pconfig['def_ftp_ports'] != "") { $natent['def_ftp_ports'] = $pconfig['def_ftp_ports']; } + if ($pconfig['def_ssh_servers'] != "") { $natent['def_ssh_servers'] = $pconfig['def_ssh_servers']; } + if ($pconfig['def_ssh_ports'] != "") { $natent['def_ssh_ports'] = $pconfig['def_ssh_ports']; } + if ($pconfig['def_pop_servers'] != "") { $natent['def_pop_servers'] = $pconfig['def_pop_servers']; } + if ($pconfig['def_pop2_ports'] != "") { $natent['def_pop2_ports'] = $pconfig['def_pop2_ports']; } + if ($pconfig['def_pop3_ports'] != "") { $natent['def_pop3_ports'] = $pconfig['def_pop3_ports']; } + if ($pconfig['def_imap_servers'] != "") { $natent['def_imap_servers'] = $pconfig['def_imap_servers']; } + if ($pconfig['def_imap_ports'] != "") { $natent['def_imap_ports'] = $pconfig['def_imap_ports']; } + if ($pconfig['def_sip_proxy_ip'] != "") { $natent['def_sip_proxy_ip'] = $pconfig['def_sip_proxy_ip']; } + if ($pconfig['def_sip_servers'] != "") { $natent['def_sip_servers'] = $pconfig['def_sip_servers']; }else{ $natent['def_sip_servers'] = ""; } + if ($pconfig['def_sip_ports'] != "") { $natent['def_sip_ports'] = $pconfig['def_sip_ports']; }else{ $natent['def_sip_ports'] = ""; } + if ($pconfig['def_sip_proxy_ports'] != "") { $natent['def_sip_proxy_ports'] = $pconfig['def_sip_proxy_ports']; } + if ($pconfig['def_auth_ports'] != "") { $natent['def_auth_ports'] = $pconfig['def_auth_ports']; } + if ($pconfig['def_finger_ports'] != "") { $natent['def_finger_ports'] = $pconfig['def_finger_ports']; } + if ($pconfig['def_irc_ports'] != "") { $natent['def_irc_ports'] = $pconfig['def_irc_ports']; } + if ($pconfig['def_nntp_ports'] != "") { $natent['def_nntp_ports'] = $pconfig['def_nntp_ports']; } + if ($pconfig['def_rlogin_ports'] != "") { $natent['def_rlogin_ports'] = $pconfig['def_rlogin_ports']; } + if ($pconfig['def_rsh_ports'] != "") { $natent['def_rsh_ports'] = $pconfig['def_rsh_ports']; } + if ($pconfig['def_ssl_ports'] != "") { $natent['def_ssl_ports'] = $pconfig['def_ssl_ports']; } + if ($pconfig['barnyard_enable'] != "") { $natent['barnyard_enable'] = $pconfig['barnyard_enable']; } + if ($pconfig['barnyard_mysql'] != "") { $natent['barnyard_mysql'] = $pconfig['barnyard_mysql']; } + if ($pconfig['barnconfigpassthru'] != "") { $natent['barnconfigpassthru'] = $pconfig['barnconfigpassthru']; } + if ($pconfig['rulesets'] != "") { $natent['rulesets'] = $pconfig['rulesets']; } + if ($pconfig['rule_sid_off'] != "") { $natent['rule_sid_off'] = $pconfig['rule_sid_off']; } + if ($pconfig['rule_sid_on'] != "") { $natent['rule_sid_on'] = $pconfig['rule_sid_on']; } + + + $if_real = snort_get_real_interface($natent['interface']); + + if (isset($id) && $a_nat[$id]) { + if ($natent['interface'] != $a_nat[$id]['interface']) + Running_Stop($snort_uuid, $if_real, $id); + $a_nat[$id] = $natent; + } else { + if (is_numeric($after)) + array_splice($a_nat, $after+1, 0, array($natent)); + else + $a_nat[] = $natent; + } -<!-- START page custom script --> -<script language="JavaScript"> + write_config(); -// start a jQuery sand box -jQuery(document).ready(function() { - - // misc call after a good save - jQuery.fn.miscTabCall = function () { - jQuery('.hide_newtabmenu').show(); - jQuery('#interface').attr("disabled", true); - }; - - // START disable option for snort_interfaces_edit.php - endis = !(jQuery('input[name=enable]:checked').val()); - - disableInputs=new Array( - "descr", - "performance", - "blockoffenders7", - "alertsystemlog", - "externallistname", - "homelistname", - "suppresslistname", - "tcpdumplog", - "snortunifiedlog", - "configpassthru" - ); - <?php - - if ($a_list['interface'] != '') { - echo ' - jQuery(\'[name=interface]\').attr(\'disabled\', \'true\'); - '; - } - - // disable tabs if nothing in database - if ($a_list['uuid'] == '') { - echo ' - jQuery(\'.hide_newtabmenu\').hide(); - '; - } - - ?> - - if (endis) { - for (var i = 0; i < disableInputs.length; i++) - { - jQuery('[name=' + disableInputs[i] + ']').attr('disabled', 'true'); + sync_snort_package_config(); + sleep(1); + + /* if snort.sh crashed this will remove the pid */ + exec('/bin/rm /tmp/snort.sh.pid'); + + header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' ); + header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' ); + header( 'Cache-Control: no-store, no-cache, must-revalidate' ); + header( 'Cache-Control: post-check=0, pre-check=0', false ); + header( 'Pragma: no-cache' ); + header("Location: /snort/snort_interfaces.php"); + + exit; } } - jQuery("input[name=enable]").live('click', function() { + if ($_POST["Submit2"]) { - endis = !(jQuery('input[name=enable]:checked').val()); + sync_snort_package_config(); + sleep(1); - if (endis) { - for (var i = 0; i < disableInputs.length; i++) - { - jQuery('[name=' + disableInputs[i] + ']').attr('disabled', 'true'); - } - }else{ - for (var i = 0; i < disableInputs.length; i++) - { - jQuery('[name=' + disableInputs[i] + ']').removeAttr('disabled'); - } - } + Running_Start($snort_uuid, $if_real, $id); - - }); - // STOP disable option for snort_interfaces_edit.php - - -}); // end of on ready + header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' ); + header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' ); + header( 'Cache-Control: no-store, no-cache, must-revalidate' ); + header( 'Cache-Control: post-check=0, pre-check=0', false ); + header( 'Pragma: no-cache' ); + header("Location: /snort/snort_interfaces_edit.php?id=$id"); + exit; + } -</script> +$pgtitle = "Snort: Interface Edit: $id $snort_uuid $if_real"; +include_once("head.inc"); +?> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> +<?php + include("fbegin.inc"); + echo "{$snort_general_css}\n"; +?> + +<noscript> +<div class="alert" ALIGN=CENTER><img + src="/themes/<?php echo $g['theme']; ?>/images/icons/icon_alert.gif" /><strong>Please +enable JavaScript to view this content</strong></div> +</noscript> +<script language="JavaScript"> +<!-- -<!-- loading msg --> -<div id="loadingWaiting"> - <div class="snortModal" style="top: 200px; left: 700px;"> - <div class="snortModalTop"> - <!-- <div class="snortModalTopClose"><a href="javascript:hideLoading('#loadingWaiting');"><img src="/snort/images/close_9x9.gif" border="0" height="9" width="9"></a></div> --> - </div> - <div class="snortModalTitle"> - <p><img src="./images/loading.gif" /><br><br>Please Wait...</p> - </div> - <div> - <p class="loadingWaitingMessage"></p> - </div> - </div> -</div> - -<?php include("fbegin.inc"); ?> -<!-- hack to fix the hardcoed fbegin link in header --> -<div id="header-left2"> -<a href="../index.php" id="status-link2"> -<img src="./images/transparent.gif" border="0"></img> -</a> -</div> - -<div class="body2"><!-- hack to fix the hardcoed fbegin link in header --> -<div id="header-left2"><a href="../index.php" id="status-link2"><img src="./images/transparent.gif" border="0"></img></a></div> +function enable_blockoffenders() { + var endis = !(document.iform.blockoffenders7.checked); + document.iform.blockoffenderskill.disabled=endis; + document.iform.blockoffendersip.disabled=endis; +} + +function enable_change(enable_change) { + endis = !(document.iform.enable.checked || enable_change); + // make shure a default answer is called if this is envoked. + endis2 = (document.iform.enable); + document.iform.performance.disabled = endis; + document.iform.blockoffenders7.disabled = endis; + document.iform.alertsystemlog.disabled = endis; + document.iform.externallistname.disabled = endis; + document.iform.homelistname.disabled = endis; + document.iform.suppresslistname.disabled = endis; + document.iform.tcpdumplog.disabled = endis; + document.iform.snortunifiedlog.disabled = endis; + document.iform.snortalertcvs.disabled = endis; + document.iform.snortunifiedlogbasic.disabled = endis; + document.iform.configpassthru.disabled = endis; +} +//--> +</script> + +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> + +<form method="post" enctype="multipart/form-data" name="iform" id="iform"> +<?php + /* Display Alert message */ + if ($input_errors) { + print_input_errors($input_errors); // TODO: add checks + } + + if ($savemsg) { + print_info_box2($savemsg); + } + + //if (file_exists($d_snortconfdirty_path)) { + if (file_exists($d_snortconfdirty_path) || file_exists("/var/run/snort_conf_{$snort_uuid}_.dirty")) { + echo '<p>'; + + if($savemsg) + print_info_box_np2("{$savemsg}"); + else { + print_info_box_np2(' + The Snort configuration has changed and snort needs to be restarted on this interface.<br> + You must apply the changes in order for them to take effect.<br> + '); + } + } +?> <table width="100%" border="0" cellpadding="0" cellspacing="0"> +<tr><td> +<?php + $tab_array = array(); + $tabid = 0; + $tab_array[$tabid] = array(gettext("Snort Interfaces"), false, "/snort/snort_interfaces.php"); + $tabid++; + $tab_array[$tabid] = array(gettext("If Settings"), true, "/snort/snort_interfaces_edit.php?id={$id}"); + $tabid++; + $tab_array[$tabid] = array(gettext("Categories"), false, "/snort/snort_rulesets.php?id={$id}"); + $tabid++; + $tab_array[$tabid] = array(gettext("Rules"), false, "/snort/snort_rules.php?id={$id}"); + $tabid++; + $tab_array[$tabid] = array(gettext("Servers"), false, "/snort/snort_define_servers.php?id={$id}"); + $tabid++; + $tab_array[$tabid] = array(gettext("Preprocessors"), false, "/snort/snort_preprocessors.php?id={$id}"); + $tabid++; + $tab_array[$tabid] = array(gettext("Barnyard2"), false, "/snort/snort_barnyard.php?id={$id}"); + display_top_tabs($tab_array); +?> +</td></tr> <tr> - <td> - <div class="newtabmenu" style="margin: 1px 0px; width: 790px;"><!-- Tabbed bar code--> - <ul class="newtabmenu"> - <li><a href="/snort/snort_interfaces.php"><span>Snort Interfaces</span></a></li> - <li class="newtabmenu_active"><a href="/snort/snort_interfaces_edit.php?uuid=<?=$uuid;?>"><span>If Settings</span></a></li> - <li class="hide_newtabmenu"><a href="/snort/snort_rulesets.php?uuid=<?=$uuid;?>"><span>Categories</span></a></li> - <li class="hide_newtabmenu"><a href="/snort/snort_rules.php?uuid=<?=$uuid;?>"><span>Rules</span></a></li> - <li class="hide_newtabmenu"><a href="/snort/snort_rulesets_ips.php?uuid=<?=$uuid;?>"><span>Ruleset Ips</span></a></li> - <li class="hide_newtabmenu"><a href="/snort/snort_define_servers.php?uuid=<?=$uuid;?>"><span>Servers</span></a></li> - <li class="hide_newtabmenu"><a href="/snort/snort_preprocessors.php?uuid=<?=$uuid;?>"><span>Preprocessors</span></a></li> - <li class="hide_newtabmenu"><a href="/snort/snort_barnyard.php?uuid=<?=$uuid;?>"><span>Barnyard2</span></a></li> - </ul> - </div> + <td class="tabnavtbl"> + <?php + if ($a_nat[$id]['interface'] != '') { + /* get the interface name */ + $snortInterfaces = array(); /* -gtm */ + + $if_list = $config['installedpackages']['snortglobal']['rule'][$id]['interface']; + $if_array = split(',', $if_list); + if($if_array) { + foreach($if_array as $iface2) { + /* build a list of user specified interfaces -gtm */ + $if2 = snort_get_real_interface($iface2); + if ($if2) + array_push($snortInterfaces, $if2); + } + + if (count($snortInterfaces) < 1) + log_error("Snort will not start. You must select an interface for it to listen on."); + } + + } + ?> </td> </tr> <tr> - <td id="tdbggrey"> - <table width="100%" border="0" cellpadding="10px" cellspacing="0"> - <tr> - <td class="tabnavtbl"> - <table width="100%" border="0" cellpadding="6" cellspacing="0"> - <!-- START MAIN AREA --> - - <form id="iform" name="iform" > - <input type="hidden" name="snortSaveSettings" value="1" /> <!-- what to do, save --> - <input type="hidden" name="dbName" value="snortDB" /> <!-- what db--> - <input type="hidden" name="dbTable" value="SnortIfaces" /> <!-- what db table--> - <input type="hidden" name="ifaceTab" value="snort_interfaces_edit" /> <!-- what interface tab --> - <input name="uuid" type="hidden" value="<?=$uuid; ?>" > - + <td class="tabcont"> <table width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> <td colspan="2" valign="top" class="listtopic">General Settings</td> </tr> <tr> - <td width="22%" valign="top" class="vncellreq2">Interface</td> - <td width="22%" valign="top" class="vtable"> - - <input name="enable" type="checkbox" value="on" <?=$ifaceEnabled = $a_list['enable'] == 'on' || $a_list['enable'] == '' ? 'checked' : '';?> "> - <span class="vexpl">Enable or Disable</span> - </td> + <td width="22%" valign="top" class="vncellreq2">Enable</td> + <td width="22%" valign="top" class="vtable"> <?php + // <input name="enable" type="checkbox" value="yes" checked onClick="enable_change(false)"> + // care with spaces + if ($pconfig['enable'] == "on") + $checked = checked; + + $onclick_enable = "onClick=\"enable_change(false)\">"; + + echo " + <input name=\"enable\" type=\"checkbox\" value=\"on\" $checked $onclick_enable + Enable or Disable</td>\n\n"; + ?></td> </tr> <tr> <td width="22%" valign="top" class="vncellreq2">Interface</td> <td width="78%" class="vtable"> - <select id="interface" name="interface" class="formfld"> - - <?php - /* add group interfaces */ - /* needs to be watched, dont know if new interfces will work */ - if (is_array($config['ifgroups']['ifgroupentry'])) - foreach($config['ifgroups']['ifgroupentry'] as $ifgen) - if (have_ruleint_access($ifgen['ifname'])) - $interfaces[$ifgen['ifname']] = $ifgen['ifname']; - $ifdescs = get_configured_interface_with_descr(); - foreach ($ifdescs as $ifent => $ifdesc) - if(have_ruleint_access($ifent)) - $interfaces[$ifent] = $ifdesc; - if ($config['l2tp']['mode'] == "server") - if(have_ruleint_access("l2tp")) - $interfaces['l2tp'] = "L2TP VPN"; - if ($config['pptpd']['mode'] == "server") - if(have_ruleint_access("pptp")) - $interfaces['pptp'] = "PPTP VPN"; - - if (is_pppoe_server_enabled() && have_ruleint_access("pppoe")) - $interfaces['pppoe'] = "PPPoE VPN"; - /* add ipsec interfaces */ - if (isset($config['ipsec']['enable']) || isset($config['ipsec']['client']['enable'])) - if(have_ruleint_access("enc0")) - $interfaces["enc0"] = "IPsec"; - /* add openvpn/tun interfaces */ - if ($config['openvpn']["openvpn-server"] || $config['openvpn']["openvpn-client"]) - $interfaces["openvpn"] = "OpenVPN"; - $selected_interfaces = explode(",", $pconfig['interface']); - foreach ($interfaces as $iface => $ifacename) - { - echo "\n" . "<option value=\"$iface\""; - if ($a_list['interface'] == strtolower($ifacename)){echo " selected ";} - echo '>' . $ifacename . '</option>' . "\r"; + <select name="interface" class="formfld"> + <?php + if (function_exists('get_configured_interface_with_descr')) + $interfaces = get_configured_interface_with_descr(); + else { + $interfaces = array('wan' => 'WAN', 'lan' => 'LAN'); + for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) { + $interfaces['opt' . $i] = $config['interfaces']['opt' . $i]['descr']; } - ?> - </select> - <br> - <span class="vexpl">Choose which interface this rule applies to.<br> - Hint: in most cases, you'll want to use WAN here.</span> - </td> + } + foreach ($interfaces as $iface => $ifacename): ?> + <option value="<?=$iface;?>" + <?php if ($iface == $pconfig['interface']) echo "selected"; ?>><?=htmlspecialchars($ifacename);?> + </option> + <?php endforeach; ?> + </select><br> + <span class="vexpl">Choose which interface this rule applies to.<br> + Hint: in most cases, you'll want to use WAN here.</span></td> </tr> <tr> <td width="22%" valign="top" class="vncellreq2">Description</td> - <td width="78%" class="vtable"> - <input name="descr" type="text" class="formfld" id="descr" size="40" value="<?=$a_list['descr']?>"> - <br> - <span class="vexpl">You may enter a description here for your reference (not parsed).</span> - </td> + <td width="78%" class="vtable"><input name="descr" type="text" + class="formfld" id="descr" size="40" + value="<?=htmlspecialchars($pconfig['descr']);?>"> <br> + <span class="vexpl">You may enter a description here for your + reference (not parsed).</span></td> </tr> <tr> <td width="22%" valign="top" class="vncell2">Memory Performance</td> - <td width="78%" class="vtable"> - <select name="performance" class="formfld" id="performance"> - - <?php - $memoryPerfList = array('ac-bnfa' => 'AC-BNFA', 'lowmem' => 'LOWMEM', 'aclowmem-std' => 'AC-STD', 'ac' => 'AC', 'ac-banded' => 'AC-BANDED', 'ac-sparsebands' => 'AC-SPARSEBANDS', 'acs' => 'ACS'); - snortDropDownList($memoryPerfList, $a_list['performance']); - ?> - - </select> - <br> - <span class="vexpl">Lowmem and ac-bnfa are recommended for low end systems, Ac: high memory, best performance, ac-std: moderate - memory,high performance, acs: small memory, moderateperformance, ac-banded: small memory,moderate performance, ac-sparsebands: small memory, high performance.</span> - <br> - </td> + <td width="78%" class="vtable"><select name="performance" + class="formfld" id="performance"> + <?php + $interfaces2 = array('ac-bnfa' => 'AC-BNFA', 'lowmem' => 'LOWMEM', 'ac-std' => 'AC-STD', 'ac' => 'AC', 'ac-banded' => 'AC-BANDED', 'ac-sparsebands' => 'AC-SPARSEBANDS', 'acs' => 'ACS'); + foreach ($interfaces2 as $iface2 => $ifacename2): ?> + <option value="<?=$iface2;?>" + <?php if ($iface2 == $pconfig['performance']) echo "selected"; ?>> + <?=htmlspecialchars($ifacename2);?></option> + <?php endforeach; ?> + </select><br> + <span class="vexpl">Lowmem and ac-bnfa are recommended for low end + systems, Ac: high memory, best performance, ac-std: moderate + memory,high performance, acs: small memory, moderateperformance, + ac-banded: small memory,moderate performance, ac-sparsebands: small + memory, high performance.<br> + </span></td> </tr> <tr> - <td colspan="2" valign="top" class="listtopic">Choose the rule DB snort should use.</td> + <td colspan="2" valign="top" class="listtopic">Choose the networks + snort should inspect and whitelist.</td> </tr> - <tr> - <td width="22%" valign="top" class="vncell2">Rule DB</td> - <td width="78%" class="vtable"> - <select name="ruledbname" class="formfld" id="ruledbname"> - - <?php - // find ruleDB names and value by uuid - $selected = ''; - if ($a_list['ruledbname'] == 'default') { - $selected = 'selected'; + <td width="22%" valign="top" class="vncell2">Home net</td> + <td width="78%" class="vtable"><select name="homelistname" + class="formfld" id="homelistname"> + <?php + echo "<option value='default' >default</option>"; + /* find whitelist names and filter by type */ + if (is_array($config['installedpackages']['snortglobal']['whitelist']['item'])) { + foreach ($config['installedpackages']['snortglobal']['whitelist']['item'] as $value) { + if ($value['snortlisttype'] == 'netlist') { + $ilistname = $value['name']; + if ($ilistname == $pconfig['homelistname']) + echo "<option value='$ilistname' selected>"; + else + echo "<option value='$ilistname'>"; + echo htmlspecialchars($ilistname) . '</option>'; + } } - echo "\n" . '<option value="default" ' . $selected . ' >DEFAULT</option>' . "\r"; - foreach ($a_rules as $value) - { - $selected = ''; - if ($value['uuid'] == $a_list['ruledbname']) { - $selected = 'selected'; + } + ?> + </select><br> + <span class="vexpl">Choose the home net you will like this rule to + use. </span> <br/><span class="red">Note:</span> Default home + net adds only local networks.<br> + <span class="red">Hint:</span> Most users add a list of + friendly ips that the firewall cant see.</td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell2">External net</td> + <td width="78%" class="vtable"><select name="externallistname" + class="formfld" id="externallistname"> + <?php + echo "<option value='default' >default</option>"; + /* find whitelist names and filter by type */ + if (is_array($config['installedpackages']['snortglobal']['whitelist']['item'])) { + foreach ($config['installedpackages']['snortglobal']['whitelist']['item'] as $value) { + if ($value['snortlisttype'] == 'netlist') { + $ilistname = $value['name']; + if ($ilistname == $pconfig['externallistname']) + echo "<option value='$ilistname' selected>"; + else + echo "<option value='$ilistname'>"; + echo htmlspecialchars($ilistname) . '</option>'; } - - echo "\n" . '<option value="' . $value['uuid'] . '" ' . $selected . ' >' . strtoupper($value['ruledbname']) . '</option>' . "\r"; } - ?> - - </select> - <br> - <span class="vexpl">Choose the rule database to use. <span class="red">Note:</span> Cahnges to this database are global. - <br> - <span class="red">WARNING:</span> Never change this when snort is running.</span> - </td> - </tr> - + } + ?> + </select><br/> + <span class="vexpl">Choose the external net you will like this rule + to use. </span> <br/><span class="red">Note:</span> Default + external net, networks that are not home net.<br> + <span class="red">Hint:</span> Most users should leave this + setting at default.</td> + </tr> <tr> - <td colspan="2" valign="top" class="listtopic">Choose the networks snort should inspect and whitelist.</td> + <td width="22%" valign="top" class="vncell2">Block offenders</td> + <td width="78%" class="vtable"> + <input name="blockoffenders7" id="blockoffenders7" type="checkbox" value="on" + <?php if ($pconfig['blockoffenders7'] == "on") echo "checked"; ?> + onClick="enable_blockoffenders()"><br> + Checking this option will automatically block hosts that generate a + Snort alert.</td> </tr> <tr> - <td width="22%" valign="top" class="vncell2">Home net</td> + <td width="22%" valign="top" class="vncell2">Kill states</td> <td width="78%" class="vtable"> - <select name="homelistname" class="formfld" id="homelistname"> - - <?php - /* find homelist names and filter by type */ - $selected = ''; - if ($a_list['homelistname'] == 'default'){$selected = 'selected';} - echo "\n" . '<option value="default" ' . $selected . ' >DEFAULT</option>' . "\r"; - foreach ($a_whitelist as $value) - { - $selected = ''; - if ($value['filename'] == $a_list['homelistname']){$selected = 'selected';}; - if ($value['snortlisttype'] == 'netlist') // filter - { - - echo "\n" . '<option value="' . $value['filename'] . '" ' . $selected . ' >' . strtoupper($value['filename']) . '</option>' . "\r"; - - } - } - ?> - - </select> - <br> - <span class="vexpl">Choose the home net you will like this rule to use. <span class="red">Note:</span> Default homenet adds only local networks. - <br> - <span class="red">Hint:</span> Most users add a list offriendly ips that the firewall cant see.</span> + <input name="blockoffenderskill" id="blockoffenderskill" type="checkbox" value="on" <?php if ($pconfig['blockoffenderskill'] == "on") echo "checked"; ?>> + <br/>Should firewall states be killed for the blocked ip </td> </tr> <tr> - <td width="22%" valign="top" class="vncell2">External net</td> + <td width="22%" valign="top" class="vncell2">Which ip to block</td> <td width="78%" class="vtable"> - <select name="externallistname" class="formfld" id="externallistname"> - - <?php - /* find externallist names and filter by type */ - $selected = ''; - if ($a_list['externallistname'] == 'default'){$selected = 'selected';} - echo "\n" . '<option value="default" ' . $selected . ' >DEFAULT</option>' . "\r"; - foreach ($a_whitelist as $value) - { - $selected = ''; - if ($value['filename'] == $a_list['externallistname']){$selected = 'selected';} - if ($value['snortlisttype'] == 'netlist') // filter - { - - echo "\n" . '<option value="' . $value['filename'] . '" ' . $selected . ' >' . strtoupper($value['filename']) . '</option>' . "\r"; - - } - } - ?> - + <select name="blockoffendersip" class="formfld" id="blockoffendersip"> + <?php + foreach (array("src", "dst", "both") as $btype) { + if ($btype == $pconfig['blockoffendersip']) + echo "<option value='{$btype}' selected>"; + else + echo "<option value='{$btype}'>"; + echo htmlspecialchars($btype) . '</option>'; + } + ?> </select> - <br> - <span class="vexpl">Choose the external net you will like this rule to use. <span class="red">Note:</span> Default external net, networks that are not home net. - <br> - <span class="red">Hint:</span> Most users should leave this setting at default.</span> + <br/> Which ip extracted from the packet you want to block </td> </tr> <tr> - <td width="22%" valign="top" class="vncell2">Block offenders</td> + <td width="22%" valign="top" class="vncell2">Whitelist</td> <td width="78%" class="vtable"> - <input name="blockoffenders7" type="checkbox" value="on" <?=$ifaceEnabled = $a_list['blockoffenders7'] == 'on' ? 'checked' : '';?> > - <br> - <span class="vexpl">Checking this option will automatically block hosts that generate a Snort alerts with SnortSam.</span> + <select name="whitelistname" class="formfld" id="whitelistname"> + <?php + /* find whitelist names and filter by type, make sure to track by uuid */ + echo "<option value='default' >default</option>\n"; + if (is_array($config['installedpackages']['snortglobal']['whitelist']['item'])) { + foreach ($config['installedpackages']['snortglobal']['whitelist']['item'] as $value) { + if ($value['snortlisttype'] == 'whitelist') { + if ($value['name'] == $pconfig['whitelistname']) + echo "<option value='{$value['name']}' selected>"; + else + echo "<option value='{$value['name']}'>"; + echo htmlspecialchars($value['name']) . '</option>'; + } + } + } + ?> + </select><br> + <span class="vexpl">Choose the whitelist you will like this rule to + use. </span> <br/><span class="red">Note:</span> Default + whitelist adds only local networks.<br/> + <span class="red">Note:</span> This option will only be used when block offenders is on. </td> </tr> <tr> - <td width="22%" valign="top" class="vncell2">Suppression and filtering</td> + <td width="22%" valign="top" class="vncell2">Suppression and + filtering</td> <td width="78%" class="vtable"> <select name="suppresslistname" class="formfld" id="suppresslistname"> - - <?php - /* find suppresslist names and filter by type */ - $selected = ''; - if ($a_list['suppresslistname'] == 'default'){$selected = 'selected';} - - echo "\n" . '<option value="default" ' . $selected . ' >DEFAULT</option>' . "\r"; - - foreach ($a_suppresslist as $value) - { - $selected = ''; - if ($value['filename'] == $a_list['suppresslistname']){$selected = 'selected';} - - echo "\n" . '<option value="' . $value['filename'] . '" ' . $selected . ' >' . strtoupper($value['filename']) . '</option>' . "\r"; + <?php + echo "<option value='default' >default</option>\n"; + if (is_array($config['installedpackages']['snortglobal']['suppress']['item'])) { + $slist_select = $config['installedpackages']['snortglobal']['suppress']['item']; + foreach ($slist_select as $value) { + $ilistname = $value['name']; + if ($ilistname == $pconfig['suppresslistname']) + echo "<option value='$ilistname' selected>"; + else + echo "<option value='$ilistname'>"; + echo htmlspecialchars($ilistname) . '</option>'; } - ?> - - </select> - <br> - <span class="vexpl">Choose the suppression or filtering file you will like this rule to use. <span class="red"> - Note:</span> Default option disables suppression and filtering.</span> - </td> - </tr> - <tr> - <td colspan="2" valign="top" class="listtopic">Choose the types of logs snort should create.</td> + } + ?> + </select><br> + <span class="vexpl">Choose the suppression or filtering file you + will like this rule to use. </span> <br/><span class="red">Note:</span> Default + option disables suppression and filtering.</td> </tr> + <tr> - <td width="22%" valign="top" class="vncell2">Type of Unified Logging</td> - <td width="78%" class="vtable"> - <select name="snortalertlogtype" class="formfld" id="snortalertlogtype"> - - <?php - $snortalertlogtypePerfList = array('full' => 'FULL', 'fast' => 'FAST', 'disable' => 'DISABLE'); - snortDropDownList($snortalertlogtypePerfList, $a_list['snortalertlogtype']); - ?> - - </select> - <br> - <span class="vexpl">Snort will log Alerts to a file in the UNIFIED format. Full is a requirement for the snort wigdet.</span> - </td> - </tr> + <td colspan="2" valign="top" class="listtopic">Choose the types of + logs snort should create.</td> + </tr> <tr> - <td width="22%" valign="top" class="vncell2">Send alerts to mainSystem logs</td> - <td width="78%" class="vtable"> - <input name="alertsystemlog" type="checkbox" value="on" <?=$ifaceEnabled = $a_list['alertsystemlog'] == 'on' ? 'checked' : '';?> > - <br> - <span class="vexpl">Snort will send Alerts to the Pfsense system logs.</span> - </td> + <td width="22%" valign="top" class="vncell2">Send alerts to main + System logs</td> + <td width="78%" class="vtable"><input name="alertsystemlog" + type="checkbox" value="on" + <?php if ($pconfig['alertsystemlog'] == "on") echo "checked"; ?> + onClick="enable_change(false)"><br> + Snort will send Alerts to the firewall's system logs.</td> </tr> <tr> <td width="22%" valign="top" class="vncell2">Log to a Tcpdump file</td> + <td width="78%" class="vtable"><input name="tcpdumplog" + type="checkbox" value="on" + <?php if ($pconfig['tcpdumplog'] == "on") echo "checked"; ?> + onClick="enable_change(false)"><br> + Snort will log packets to a tcpdump-formatted file. The file then + can be analyzed by an application such as Wireshark which + understands pcap file formats. <span class="red"><strong>WARNING:</strong></span> + File may become large.</td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell2">Log Alerts to a snort unified file</td> <td width="78%" class="vtable"> - <input name="tcpdumplog" type="checkbox" value="on" <?=$ifaceEnabled = $a_list['tcpdumplog'] == 'on' ? 'checked' : '';?> > - <br> - <span class="vexpl">Snort will log packets to a tcpdump-formatted file. The file then can be analyzed by an application such as Wireshark which understands pcap file formats. - <span class="red"><strong>WARNING:</strong></span> File may become large.</span> + <input name="snortunifiedlogbasic" type="checkbox" value="on" <?php if ($pconfig['snortunifiedlogbasic'] == "on") echo "checked"; ?> onClick="enable_change(false)"> + <br> + Snort will log Alerts to a file in the UNIFIED format. </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell2">Log Alerts to a snort + unified2 file</td> + <td width="78%" class="vtable"><input name="snortunifiedlog" + type="checkbox" value="on" + <?php if ($pconfig['snortunifiedlog'] == "on") echo "checked"; ?> + onClick="enable_change(false)"><br> + Snort will log Alerts to a file in the UNIFIED2 format. This is a + requirement for barnyard2.</td> </tr> <tr> - <td width="22%" valign="top" class="vncell2">Log Alerts to a snort unified2 file</td> + <td width="22%" valign="top" class="vncell2">Log Alerts to a snort cvs file</td> <td width="78%" class="vtable"> - <input name="snortunifiedlog" type="checkbox" value="on" <?=$ifaceEnabled = $a_list['snortunifiedlog'] == 'on' ? 'checked' : '';?> > - <br> - <span class="vexpl">Snort will log Alerts to a file in the UNIFIED2 format. This is a requirement for barnyard2.</span> + <input name="snortalertcvs" type="checkbox" value="on" <?php if ($pconfig['snortalertcvs'] == "on") echo "checked"; ?> onClick="enable_change(false)"> + <br> + Snort will log Alerts to a file in the CVS format. </td> - </tr> + </tr> <tr> - <td colspan="2" valign="top" class="listtopic">Arguments here will be automatically inserted into the snort configuration.</td> + <td colspan="2" valign="top" class="listtopic">Arguments here will + be automatically inserted into the snort configuration.</td> </tr> <tr> - <td width="22%" valign="top" class="vncell2">Advanced configuration pass through</td> - <td width="78%" class="vtable"> - <textarea wrap="off" name="configpassthru" cols="75" rows="12" id="configpassthru" class="formpre2"><?=base64_decode($a_list['configpassthru']); ?></textarea> + <td width="22%" valign="top" class="vncell2">Advanced configuration + pass through</td> + <td width="78%" class="vtable"><textarea wrap="off" + name="configpassthru" cols="75" rows="12" id="configpassthru" + class="formpre2"><?=htmlspecialchars($pconfig['configpassthru']);?></textarea> </td> </tr> <tr> <td width="22%" valign="top"></td> - <td width="78%"> - <input name="Submit" type="submit" class="formbtn" value="Save"> - <input name="Submit2" type="submit" class="formbtn" value="Start"> - <input id="cancel" type="button" class="formbtn" value="Cancel"> - </td> + <td width="78%"><input name="Submit" type="submit" class="formbtn" value="Save"> + <?php if (isset($id) && $a_nat[$id]): ?> + <input name="id" type="hidden" value="<?=$id;?>"> + <?php endif; ?></td> </tr> <tr> <td width="22%" valign="top"> </td> - <td width="78%"> - <span class="vexpl"><span class="red"><strong>Note:</strong></span> - Please save your settings before you click start.</span> - </td> + <td width="78%"><span class="vexpl"><span class="red"><strong>Note:</strong></span> + <br> + Please save your settings before you click start. </td> </tr> </table> - </form> - - <!-- STOP MAIN AREA --> - </table> - </td> - </tr> - </table> - </td> - </tr> -</table> -</div> +</table> +</form> -<!-- footer do not touch below --> -<?php -include("fend.inc"); -echo $snort_custom_rnd_box; -?> - +<script language="JavaScript"> +<!-- +enable_change(false); +enable_blockoffenders(); +//--> +</script> +<?php include("fend.inc"); ?> </body> </html> |