diff options
Diffstat (limited to 'config/snort-dev/snort_json_post.php')
-rw-r--r-- | config/snort-dev/snort_json_post.php | 568 |
1 files changed, 0 insertions, 568 deletions
diff --git a/config/snort-dev/snort_json_post.php b/config/snort-dev/snort_json_post.php deleted file mode 100644 index 418a90be..00000000 --- a/config/snort-dev/snort_json_post.php +++ /dev/null @@ -1,568 +0,0 @@ -<?php -/* $Id$ */ -/* - - part of pfSense - All rights reserved. - - Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>. - All rights reserved. - - Pfsense Old snort GUI - Copyright (C) 2006 Scott Ullrich. - - Pfsense snort GUI - Copyright (C) 2008-2012 Robert Zelaya. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - 3. Neither the name of the pfSense nor the names of its contributors - may be used to endorse or promote products derived from this software without - specific prior written permission. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - -*/ - -require_once("guiconfig.inc"); -require_once("/usr/local/pkg/snort/snort_new.inc"); -require_once("/usr/local/pkg/snort/snort_build.inc"); - -//Set no caching -header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); -header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); -header("Cache-Control: no-store, no-cache, must-revalidate"); -header("Cache-Control: post-check=0, pre-check=0", false); -header("Pragma: no-cache"); - -// unset crsf checks -if(isset($_POST['__csrf_magic'])) { - unset($_POST['__csrf_magic']); -} - - -function snortJsonReturnCode($returnStatus) -{ - if ($returnStatus == true) { - echo '{"snortgeneralsettings":"success","snortMiscTabCall":"true"}'; - return true; - }else{ - echo '{"snortgeneralsettings":"fail"}'; - return false; - } -} - -// row from db by uuid -if ($_POST['snortSidRuleEdit'] == 1) { - - function snortSidRuleEditFunc() - { - - unset($_POST['snortSidRuleEdit']); - snortSidStringRuleEditGUI(); - - } snortSidRuleEditFunc(); - -} - - -// row from db by uuid -if ($_POST['snortSaveRuleSets'] == 1) { - - if ($_POST['ifaceTab'] == 'snort_rules') { - function snortSaveRuleSetsRulesFunc() - { - // unset POSTs that are markers not in db - unset($_POST['snortSaveRuleSets']); - unset($_POST['ifaceTab']); - - snortJsonReturnCode(snortSql_updateRuleSigList()); - - } snortSaveRuleSetsRulesFunc(); - } - - if ($_POST['ifaceTab'] === 'snort_rules_ips') { - function snortSamRulesSaveFunc() - { - snortJsonReturnCode(snortSql_updateRulesSigsIps()); - buildSnortSamSidBlockMap($_POST['rdbuuid']); // - - } snortSamRulesSaveFunc(); - } - - - if ($_POST['ifaceTab'] == 'snort_rulesets' || $_POST['ifaceTab'] == 'snort_rulesets_ips') { - - function snortSaveRuleSetsRulesetsFunc() - { - // unset POSTs that are markers not in db - unset($_POST['snortSaveRuleSets']); - unset($_POST['ifaceTab']); - - // save to database - snortJsonReturnCode(snortSql_updateRuleSetList()); - - if (!empty($_POST['rdbuuid'])) { - buildSnortSamSidBlockMap($_POST['rdbuuid']); // - } - - // only build if uuid is valid - if (!empty($_POST['uuid'])) { - build_snort_settings($_POST['uuid']); - } - - } snortSaveRuleSetsRulesetsFunc(); - } - - -} // END of rulesSets - -// row from db by uuid -if ( $_POST['RMlistDelRow'] == 1 || $_POST['RSTlistRow'] == 1 ) { - - - function RMlistDelRowFunc() - { - - $rm_row_list = snortSql_fetchAllSettings($_POST['RMlistDB'], $_POST['RMlistTable'], 'uuid', $_POST['RMlistUuid']); - - // list rules in the default dir - if ($_POST['RMlistTable'] == 'SnortIfaces') { - - $snortRuleDir = '/usr/local/etc/snort/sn_' . $_POST['RMlistUuid']; - - exec('/bin/rm -r ' . $snortRuleDir); - } - - // rm ruledb and files - if ($_POST['RMlistTable'] == 'Snortrules') { - - // remove db tables vals - snortSql_updatelistDelete($_POST['RMlistDB'], 'SnortruleSets', 'rdbuuid', $_POST['RMlistUuid']); - snortSql_updatelistDelete($_POST['RMlistDB'], 'SnortruleSigs', 'rdbuuid', $_POST['RMlistUuid']); - snortSql_updatelistDelete($_POST['RMlistDB'], 'SnortruleSigsIps', 'rdbuuid', $_POST['RMlistUuid']); - snortSql_updatelistDelete($_POST['RMlistDB'], 'SnortruleSetsIps', 'rdbuuid', $_POST['RMlistUuid']); - snortSql_updatelistDelete($_POST['RMlistDB'], 'SnortruleGenIps', 'rdbuuid', $_POST['RMlistUuid']); - - // remove dir - $snortRuleDir = "/usr/local/etc/snort/snortDBrules/DB/{$_POST['RMlistUuid']}"; - exec('/bin/rm -r ' . $snortRuleDir); - } - - if ($_POST['RMlistTable'] == 'SnortWhitelist') { - snortSql_updatelistDelete($_POST['RMlistDB'], 'SnortWhitelistips', 'filename', $rm_row_list['filename']); - } - - snortJsonReturnCode(snortSql_updatelistDelete($_POST['RMlistDB'], $_POST['RMlistTable'], 'uuid', $_POST['RMlistUuid'])); - - } if ( $_POST['RMlistDelRow'] == 1 ) { RMlistDelRowFunc(); } - - function RSTlistDelRowFunc() - { - - // rm ruledb and files - if ($_POST['RSTlistTable'] == 'Snortrules') { - - // remove dir - $snortRuleDir = "/usr/local/etc/snort/snortDBrules/DB/{$_POST['RSTlistUuid']}"; - exec('/bin/rm -r ' . $snortRuleDir . '/rules/*.rules'); - - // remove db tables vals - snortSql_updatelistDelete($_POST['RSTlistDB'], 'SnortruleSets', 'rdbuuid', $_POST['RSTlistUuid']); - snortSql_updatelistDelete($_POST['RSTlistDB'], 'SnortruleSigs', 'rdbuuid', $_POST['RSTlistUuid']); - snortSql_updatelistDelete($_POST['RSTlistDB'], 'SnortruleSigsIps', 'rdbuuid', $_POST['RSTlistUuid']); - snortSql_updatelistDelete($_POST['RSTlistDB'], 'SnortruleSetsIps', 'rdbuuid', $_POST['RSTlistUuid']); - snortSql_updatelistDelete($_POST['RSTlistDB'], 'SnortruleGenIps', 'rdbuuid', $_POST['RSTlistUuid']); - - // NOTE: code only works on php5 - $listSnortRulesDir = snortScanDirFilter('/usr/local/etc/snort/snortDBrules/snort_rules/rules', '\.rules'); - $listEmergingRulesDir = snortScanDirFilter('/usr/local/etc/snort/snortDBrules/emerging_rules/rules', '\.rules'); - $listPfsenseRulesDir = snortScanDirFilter('/usr/local/etc/snort/snortDBrules/pfsense_rules/rules', '\.rules'); - - if (!empty($listSnortRulesDir)) { - exec("/bin/cp -R /usr/local/etc/snort/snortDBrules/snort_rules/rules/*.rules /usr/local/etc/snort/snortDBrules/DB/{$_POST['RSTlistUuid']}/rules"); - } - if (!empty($listEmergingRulesDir)) { - exec("/bin/cp -R /usr/local/etc/snort/snortDBrules/emerging_rules/rules/*.rules /usr/local/etc/snort/snortDBrules/DB/{$_POST['RSTlistUuid']}/rules"); - } - if (!empty($listPfsenseRulesDir)) { - exec("/bin/cp -R /usr/local/etc/snort/snortDBrules/pfsense_rules/rules/*.rules /usr/local/etc/snort/snortDBrules/DB/{$_POST['RSTlistUuid']}/rules"); - } - - - } - - } if ( $_POST['RSTlistRow'] == 1 ) { RSTlistDelRowFunc(); } - - -} - - -// general settings save -if ($_POST['snortSaveSettings'] == 1) { - - function snortSaveSettingsFunc() - { - - // Save ruleDB settings - if ($_POST['dbTable'] == 'Snortrules') { - - function saveSnortrules() - { - - unset($_POST['snortSaveSettings']); - unset($_POST['ifaceTab']); - - if (!is_dir("/usr/local/etc/snort/snortDBrules/DB/{$_POST['uuid']}/rules")) { - - // creat iface dir and ifcae rules dir - exec("/bin/mkdir -p /usr/local/etc/snort/snortDBrules/DB/{$_POST['uuid']}/rules"); - - // create at least one file - if (!file_exists("/usr/local/etc/snort/snortDBrules/DB/{$_POST['uuid']}/rules/local.rules")) { - exec("/usr/bin/touch /usr/local/etc/snort/snortDBrules/DB/{$_POST['uuid']}/rules/local.rules"); - } - - // NOTE: code only works on php5 - $listSnortRulesDir = snortScanDirFilter('/usr/local/etc/snort/snortDBrules/snort_rules/rules', '\.rules'); - $listEmergingRulesDir = snortScanDirFilter('/usr/local/etc/snort/snortDBrules/emerging_rules/rules', '\.rules'); - $listPfsenseRulesDir = snortScanDirFilter('/usr/local/etc/snort/snortDBrules/pfsense_rules/rules', '\.rules'); - - if (!empty($listSnortRulesDir)) { - exec("/bin/cp -R /usr/local/etc/snort/snortDBrules/snort_rules/rules/*.rules /usr/local/etc/snort/snortDBrules/DB/{$_POST['uuid']}/rules"); - } - if (!empty($listEmergingRulesDir)) { - exec("/bin/cp -R /usr/local/etc/snort/snortDBrules/emerging_rules/rules/*.rules /usr/local/etc/snort/snortDBrules/DB/{$_POST['uuid']}/rules"); - } - if (!empty($listPfsenseRulesDir)) { - exec("/bin/cp -R /usr/local/etc/snort/snortDBrules/pfsense_rules/rules/*.rules /usr/local/etc/snort/snortDBrules/DB/{$_POST['uuid']}/rules"); - } - - - } //end of mkdir - - } saveSnortrules(); - - snortJsonReturnCode(snortSql_updateSettings('uuid', $_POST['uuid'])); - - } // END if Snortrules - - // Save general settings - if ($_POST['dbTable'] == 'SnortSettings') { - - function saveSnortSettings() - { - - if ($_POST['ifaceTab'] == 'snort_interfaces_global') { - // checkboxes when set to off never get included in POST thus this code - $_POST['forcekeepsettings'] = ($_POST['forcekeepsettings'] == '' ? off : $_POST['forcekeepsettings']); - } - - if ($_POST['ifaceTab'] == 'snort_alerts') { - - if (!isset($_POST['arefresh'])) - $_POST['arefresh'] = ($_POST['arefresh'] == '' ? off : $_POST['arefresh']); - - } - - if ($_POST['ifaceTab'] == 'snort_blocked') { - - if (!isset($_POST['brefresh'])) - $_POST['brefresh'] = ($_POST['brefresh'] == '' ? off : $_POST['brefresh']); - - } - - // unset POSTs that are markers not in db - unset($_POST['snortSaveSettings']); - unset($_POST['ifaceTab']); - - } saveSnortSettings(); - - snortJsonReturnCode(snortSql_updateSettings('id', '1')); - - } // END IF SnortSettings - - // Save rule settings on the interface edit tab - if ($_POST['dbTable'] == 'SnortIfaces') { - - function saveSnortIfaces() - { - - // snort interface edit - if ($_POST['ifaceTab'] == 'snort_interfaces_edit') { - - function SnortIfaces_Snort_Interfaces_edit() - { - if (!isset($_POST['enable'])) - $_POST['enable'] = ($_POST['enable'] == '' ? off : $_POST['enable']); - - if (!isset($_POST['blockoffenders7'])) - $_POST['blockoffenders7'] = ($_POST['blockoffenders7'] == '' ? off : $_POST['blockoffenders7']); - - if (!isset($_POST['alertsystemlog'])) - $_POST['alertsystemlog'] = ($_POST['alertsystemlog'] == '' ? off : $_POST['alertsystemlog']); - - if (!isset($_POST['tcpdumplog'])) - $_POST['tcpdumplog'] = ($_POST['tcpdumplog'] == '' ? off : $_POST['tcpdumplog']); - - if (!isset($_POST['snortunifiedlog'])) - $_POST['snortunifiedlog'] = ($_POST['snortunifiedlog'] == '' ? off : $_POST['snortunifiedlog']); - - // convert textbox to base64 - $_POST['configpassthru'] = base64_encode($_POST['configpassthru']); - - /* - * make dir for the new iface, if iface exists or rule dir has changed redo soft link - * may need to move this as a func to new_snort.inc - */ - $newSnortDir = 'sn_' . $_POST['uuid']; - $pathToSnortDir = '/usr/local/etc/snort'; - - // creat iface dir and ifcae rules dir - if (!is_dir("{$pathToSnortDir}/{$newSnortDir}")) { - createNewIfaceDir($pathToSnortDir, $newSnortDir); - } //end of mkdir - - snortRulesCreateSoftlink(); - - } SnortIfaces_Snort_Interfaces_edit(); - - } // end of snort_interfaces_edit - - // snort preprocessor edit - if ($_POST['ifaceTab'] == 'snort_preprocessors') { - - function SnortIfaces_Snort_PreprocessorsFunc() - { - if (!isset($_POST['dce_rpc_2'])) { - $_POST['dce_rpc_2'] = ($_POST['dce_rpc_2'] == '' ? off : $_POST['dce_rpc_2']); - } - - if (!isset($_POST['dns_preprocessor'])) { - $_POST['dns_preprocessor'] = ($_POST['dns_preprocessor'] == '' ? off : $_POST['dns_preprocessor']); - } - - if (!isset($_POST['ftp_preprocessor'])) { - $_POST['ftp_preprocessor'] = ($_POST['ftp_preprocessor'] == '' ? off : $_POST['ftp_preprocessor']); - } - - if (!isset($_POST['http_inspect'])) { - $_POST['http_inspect'] = ($_POST['http_inspect'] == '' ? off : $_POST['http_inspect']); - } - - if (!isset($_POST['other_preprocs'])) { - $_POST['other_preprocs'] = ($_POST['other_preprocs'] == '' ? off : $_POST['other_preprocs']); - } - - if (!isset($_POST['perform_stat'])) { - $_POST['perform_stat'] = ($_POST['perform_stat'] == '' ? off : $_POST['perform_stat']); - } - - if (!isset($_POST['sf_portscan'])) { - $_POST['sf_portscan'] = ($_POST['sf_portscan'] == '' ? off : $_POST['sf_portscan']); - } - - if (!isset($_POST['smtp_preprocessor'])) { - $_POST['smtp_preprocessor'] = ($_POST['smtp_preprocessor'] == '' ? off : $_POST['smtp_preprocessor']); - } - - } SnortIfaces_Snort_PreprocessorsFunc(); - - } - - // snort barnyard edit - if ($_POST['ifaceTab'] == 'snort_barnyard') { - function SnortIfaces_Snort_Barnyard() - { - // make shure iface is lower case - $_POST['interface'] = strtolower($_POST['interface']); - - if (!isset($_POST['barnyard_enable'])) { - $_POST['barnyard_enable'] = ($_POST['barnyard_enable'] == '' ? off : $_POST['barnyard_enable']); - } - } SnortIfaces_Snort_Barnyard(); - } - - - // unset POSTs that are markers not in db - unset($_POST['snortSaveSettings']); - unset($_POST['ifaceTab']); - - snortJsonReturnCode(snortSql_updateSettings('uuid', $_POST['uuid'])); - build_snort_settings($_POST['uuid']); - - } saveSnortIfaces(); - - } // END IF SnortIfaces - - } snortSaveSettingsFunc(); - - -} // STOP General Settings Save - -// Suppress settings save -if ($_POST['snortSaveSuppresslist'] == 1) { - - function snortSaveSuppresslistFunc() - { - - // post for supress_edit - if ($_POST['ifaceTab'] == 'snort_interfaces_suppress_edit') { - - // make sure filename is valid - if (!is_validFileName($_POST['filename'])) { - echo 'Error: FileName'; - return false; - } - - // unset POSTs that are markers not in db - unset($_POST['snortSaveSuppresslist']); - unset($_POST['ifaceTab']); - - // convert textbox to base64 - $_POST['suppresspassthru'] = base64_encode($_POST['suppresspassthru']); - - // Write to database - snortJsonReturnCode(snortSql_updateSettings('uuid', $_POST['uuid'])); - - } - - } - snortSaveSuppresslistFunc(); - -} - -// Whitelist settings save -if ($_POST['snortSaveWhitelist'] == 1) { - - function snortSaveWhitelistFunc() - { - - if ($_POST['ifaceTab'] == 'snort_interfaces_whitelist_edit') { - - if (!is_validFileName($_POST['filename'])) { - echo 'Error: FileName'; - return false; - } - - $_POST['wanips'] = ($_POST['wanips'] == '' ? off : $_POST['wanips']); - $_POST['wangateips'] = ($_POST['wangateips'] == '' ? off : $_POST['wangateips']); - $_POST['wandnsips'] = ($_POST['wandnsips'] == '' ? off : $_POST['wandnsips']); - $_POST['vips'] = ($_POST['vips'] == '' ? off : $_POST['vips']); - $_POST['vpnips'] = ($_POST['vpnips'] == '' ? off : $_POST['vpnips']); - - } - - // unset POSTs that are markers not in db - unset($_POST['snortSaveWhitelist']); - unset($_POST['ifaceTab']); - - // Split the POST for 2 arraus - $whitelistIPs = $_POST['list']; - unset($_POST['list']); - - - if (snortSql_updateSettings('uuid', $_POST['uuid']) && snortSql_updateWhitelistIps($whitelistIPs)) { - snortJsonReturnCode(true); - }else{ - snortJsonReturnCode(false); - } - - } - snortSaveWhitelistFunc(); - -} - -// download code for alerts page -if ($_POST['snortlogsdownload'] == 1) { - - function snortlogsdownloadFunc() - { - conf_mount_rw(); - snort_downloadAllLogs(); - conf_mount_ro(); - } - snortlogsdownloadFunc(); - -} - -// download code for alerts page -if ($_POST['snortblockedlogsdownload'] == 1) { - - function snortblockedlogsdownloadFunc() - { - conf_mount_rw(); - snort_downloadBlockedIPs(); - conf_mount_ro(); - } - snortblockedlogsdownloadFunc(); - -} - - -// code neeed to be worked on when finnished rules code -if ($_POST['snortlogsdelete'] == 1) { - - function snortlogsdeleteFunc() - { - conf_mount_rw(); - snortDeleteLogs(); - conf_mount_ro(); - } - snortlogsdeleteFunc(); -} - -// flushes snort2c table -if ($_POST['snortflushpftable'] == 1) { - - function snortflushpftableFunc() - { - conf_mount_rw(); - snortRemoveBlockedIPs(); - conf_mount_ro(); - } - snortflushpftableFunc(); -} - -// reset db reset_snortgeneralsettings -if ($_POST['reset_snortgeneralsettings'] == 1) { - - function reset_snortgeneralsettingsFunc() - { - conf_mount_rw(); - reset_snortgeneralsettings(); - conf_mount_ro(); - } - reset_snortgeneralsettingsFunc(); - -} - - -?> - - - - - - - - - - |