diff options
Diffstat (limited to 'config/snort-dev/snort_preprocessors.php')
| -rw-r--r-- | config/snort-dev/snort_preprocessors.php | 86 |
1 files changed, 66 insertions, 20 deletions
diff --git a/config/snort-dev/snort_preprocessors.php b/config/snort-dev/snort_preprocessors.php index 8072484d..c522a643 100644 --- a/config/snort-dev/snort_preprocessors.php +++ b/config/snort-dev/snort_preprocessors.php @@ -30,16 +30,10 @@ POSSIBILITY OF SUCH DAMAGE. */ -/* -TODO: Nov 12 09 -Clean this code up its ugly -Important add error checking - -*/ - -require("guiconfig.inc"); -require("/usr/local/pkg/snort/snort.inc"); +require_once("guiconfig.inc"); +require_once("/usr/local/pkg/snort/snort.inc"); +require_once("/usr/local/pkg/snort/snort_gui.inc"); if (!is_array($config['installedpackages']['snortglobal']['rule'])) { $config['installedpackages']['snortglobal']['rule'] = array(); @@ -96,7 +90,7 @@ if (isset($id) && $a_nat[$id]) { $pconfig['def_imap_servers'] = $a_nat[$id]['def_imap_servers']; $pconfig['def_imap_ports'] = $a_nat[$id]['def_imap_ports']; $pconfig['def_sip_proxy_ip'] = $a_nat[$id]['def_sip_proxy_ip']; - $pconfig['ip def_sip_proxy_ports'] = $a_nat[$id]['ip def_sip_proxy_ports']; + $pconfig['def_sip_proxy_ports'] = $a_nat[$id]['def_sip_proxy_ports']; $pconfig['def_auth_ports'] = $a_nat[$id]['def_auth_ports']; $pconfig['def_finger_ports'] = $a_nat[$id]['def_finger_ports']; $pconfig['def_irc_ports'] = $a_nat[$id]['def_irc_ports']; @@ -127,7 +121,29 @@ if (isset($_GET['dup'])) /* convert fake interfaces to real */ $if_real = convert_friendly_interface_to_real_interface_name($pconfig['interface']); -if ($_POST) { + + + /* alert file */ +$d_snortconfdirty_path = "/var/run/snort_conf_{$pconfig['uuid']}_{$if_real}.dirty"; + + /* this will exec when alert says apply */ + if ($_POST['apply']) { + + if (file_exists($d_snortconfdirty_path)) { + + write_config(); + + sync_snort_package_all(); + sync_snort_package(); + + unlink($d_snortconfdirty_path); + + } + + } + + + if ($_POST["Submit"]) { /* check for overlaps */ @@ -171,7 +187,7 @@ if ($_POST) { if ($pconfig['def_imap_servers'] != "") { $natent['def_imap_servers'] = $pconfig['def_imap_servers']; } if ($pconfig['def_imap_ports'] != "") { $natent['def_imap_ports'] = $pconfig['def_imap_ports']; } if ($pconfig['def_sip_proxy_ip'] != "") { $natent['def_sip_proxy_ip'] = $pconfig['def_sip_proxy_ip']; } - if ($pconfig['ip def_sip_proxy_ports'] != "") { $natent['ip def_sip_proxy_ports'] = $pconfig['ip def_sip_proxy_ports']; } + if ($pconfig['def_sip_proxy_ports'] != "") { $natent['def_sip_proxy_ports'] = $pconfig['def_sip_proxy_ports']; } if ($pconfig['def_auth_ports'] != "") { $natent['def_auth_ports'] = $pconfig['def_auth_ports']; } if ($pconfig['def_finger_ports'] != "") { $natent['def_finger_ports'] = $pconfig['def_finger_ports']; } if ($pconfig['def_irc_ports'] != "") { $natent['def_irc_ports'] = $pconfig['def_irc_ports']; } @@ -205,12 +221,16 @@ if ($_POST) { $a_nat[] = $natent; } - /* enable this if you want the user to aprove changes */ - // touch($d_natconfdirty_path); - write_config(); /* after click go to this page */ + touch($d_snortconfdirty_path); + header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' ); + header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' ); + header( 'Cache-Control: no-store, no-cache, must-revalidate' ); + header( 'Cache-Control: post-check=0, pre-check=0', false ); + header( 'Pragma: no-cache' ); + sleep(2); header("Location: snort_preprocessors.php?id=$id"); exit; } @@ -222,7 +242,7 @@ include("head.inc"); ?> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php -include("fbegin.inc"); +include("./snort_fbegin.inc"); ?> <p class="pgtitle"><?if($pfsense_stable == 'yes'){echo $pgtitle;}?></p> <style type="text/css"> @@ -241,9 +261,35 @@ padding: 15px 10px 85% 50px; <noscript><div class="alert" ALIGN=CENTER><img src="../themes/nervecenter/images/icons/icon_alert.gif"/><strong>Please enable JavaScript to view this content</CENTER></div></noscript> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> -<?php if ($input_errors) print_input_errors($input_errors); ?> -<?php if ($savemsg) print_info_box($savemsg); ?> <form action="snort_preprocessors.php" method="post" enctype="multipart/form-data" name="iform" id="iform"> + +<?php + + /* Display Alert message */ + + if ($input_errors) { + print_input_errors($input_errors); // TODO: add checks + } + + if ($savemsg) { + print_info_box2($savemsg); + } + + if (file_exists($d_snortconfdirty_path)) { + echo '<p>'; + + if($savemsg) { + print_info_box_np2("{$savemsg}"); + }else{ + print_info_box_np2(' + The Snort configuration has changed and snort needs to be restarted on this interface.<br> + You must apply the changes in order for them to take effect.<br> + '); + } + } + +?> + <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr><td class="tabnavtbl"> <?php @@ -327,10 +373,10 @@ if($id != "") Normalize/Decode RPC traffic and detects Back Orifice traffic on the network.</td> </tr> <tr> - <td width="22%" valign="top" class="vncell">Enable <br>FTP & Telnet Normalizer</td> + <td width="22%" valign="top" class="vncell">Enable <br>FTP and Telnet Normalizer</td> <td width="78%" class="vtable"> <input name="ftp_preprocessor" type="checkbox" value="on" <?php if ($pconfig['ftp_preprocessor']=="on") echo "checked"; ?> onClick="enable_change(false)"><br> - Normalize/Decode FTP & Telnet traffic and protocol anomalies.</td> + Normalize/Decode FTP and Telnet traffic and protocol anomalies.</td> </tr> <tr> <td width="22%" valign="top" class="vncell">Enable <br>SMTP Normalizer</td> |