aboutsummaryrefslogtreecommitdiffstats
path: root/config/snort-dev/snortsam-package-code/snort_json_post.php
diff options
context:
space:
mode:
Diffstat (limited to 'config/snort-dev/snortsam-package-code/snort_json_post.php')
-rw-r--r--config/snort-dev/snortsam-package-code/snort_json_post.php568
1 files changed, 0 insertions, 568 deletions
diff --git a/config/snort-dev/snortsam-package-code/snort_json_post.php b/config/snort-dev/snortsam-package-code/snort_json_post.php
deleted file mode 100644
index 418a90be..00000000
--- a/config/snort-dev/snortsam-package-code/snort_json_post.php
+++ /dev/null
@@ -1,568 +0,0 @@
-<?php
-/* $Id$ */
-/*
-
- part of pfSense
- All rights reserved.
-
- Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
- All rights reserved.
-
- Pfsense Old snort GUI
- Copyright (C) 2006 Scott Ullrich.
-
- Pfsense snort GUI
- Copyright (C) 2008-2012 Robert Zelaya.
-
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
-
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
-
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
-
- 3. Neither the name of the pfSense nor the names of its contributors
- may be used to endorse or promote products derived from this software without
- specific prior written permission.
-
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
-
-*/
-
-require_once("guiconfig.inc");
-require_once("/usr/local/pkg/snort/snort_new.inc");
-require_once("/usr/local/pkg/snort/snort_build.inc");
-
-//Set no caching
-header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
-header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
-header("Cache-Control: no-store, no-cache, must-revalidate");
-header("Cache-Control: post-check=0, pre-check=0", false);
-header("Pragma: no-cache");
-
-// unset crsf checks
-if(isset($_POST['__csrf_magic'])) {
- unset($_POST['__csrf_magic']);
-}
-
-
-function snortJsonReturnCode($returnStatus)
-{
- if ($returnStatus == true) {
- echo '{"snortgeneralsettings":"success","snortMiscTabCall":"true"}';
- return true;
- }else{
- echo '{"snortgeneralsettings":"fail"}';
- return false;
- }
-}
-
-// row from db by uuid
-if ($_POST['snortSidRuleEdit'] == 1) {
-
- function snortSidRuleEditFunc()
- {
-
- unset($_POST['snortSidRuleEdit']);
- snortSidStringRuleEditGUI();
-
- } snortSidRuleEditFunc();
-
-}
-
-
-// row from db by uuid
-if ($_POST['snortSaveRuleSets'] == 1) {
-
- if ($_POST['ifaceTab'] == 'snort_rules') {
- function snortSaveRuleSetsRulesFunc()
- {
- // unset POSTs that are markers not in db
- unset($_POST['snortSaveRuleSets']);
- unset($_POST['ifaceTab']);
-
- snortJsonReturnCode(snortSql_updateRuleSigList());
-
- } snortSaveRuleSetsRulesFunc();
- }
-
- if ($_POST['ifaceTab'] === 'snort_rules_ips') {
- function snortSamRulesSaveFunc()
- {
- snortJsonReturnCode(snortSql_updateRulesSigsIps());
- buildSnortSamSidBlockMap($_POST['rdbuuid']); //
-
- } snortSamRulesSaveFunc();
- }
-
-
- if ($_POST['ifaceTab'] == 'snort_rulesets' || $_POST['ifaceTab'] == 'snort_rulesets_ips') {
-
- function snortSaveRuleSetsRulesetsFunc()
- {
- // unset POSTs that are markers not in db
- unset($_POST['snortSaveRuleSets']);
- unset($_POST['ifaceTab']);
-
- // save to database
- snortJsonReturnCode(snortSql_updateRuleSetList());
-
- if (!empty($_POST['rdbuuid'])) {
- buildSnortSamSidBlockMap($_POST['rdbuuid']); //
- }
-
- // only build if uuid is valid
- if (!empty($_POST['uuid'])) {
- build_snort_settings($_POST['uuid']);
- }
-
- } snortSaveRuleSetsRulesetsFunc();
- }
-
-
-} // END of rulesSets
-
-// row from db by uuid
-if ( $_POST['RMlistDelRow'] == 1 || $_POST['RSTlistRow'] == 1 ) {
-
-
- function RMlistDelRowFunc()
- {
-
- $rm_row_list = snortSql_fetchAllSettings($_POST['RMlistDB'], $_POST['RMlistTable'], 'uuid', $_POST['RMlistUuid']);
-
- // list rules in the default dir
- if ($_POST['RMlistTable'] == 'SnortIfaces') {
-
- $snortRuleDir = '/usr/local/etc/snort/sn_' . $_POST['RMlistUuid'];
-
- exec('/bin/rm -r ' . $snortRuleDir);
- }
-
- // rm ruledb and files
- if ($_POST['RMlistTable'] == 'Snortrules') {
-
- // remove db tables vals
- snortSql_updatelistDelete($_POST['RMlistDB'], 'SnortruleSets', 'rdbuuid', $_POST['RMlistUuid']);
- snortSql_updatelistDelete($_POST['RMlistDB'], 'SnortruleSigs', 'rdbuuid', $_POST['RMlistUuid']);
- snortSql_updatelistDelete($_POST['RMlistDB'], 'SnortruleSigsIps', 'rdbuuid', $_POST['RMlistUuid']);
- snortSql_updatelistDelete($_POST['RMlistDB'], 'SnortruleSetsIps', 'rdbuuid', $_POST['RMlistUuid']);
- snortSql_updatelistDelete($_POST['RMlistDB'], 'SnortruleGenIps', 'rdbuuid', $_POST['RMlistUuid']);
-
- // remove dir
- $snortRuleDir = "/usr/local/etc/snort/snortDBrules/DB/{$_POST['RMlistUuid']}";
- exec('/bin/rm -r ' . $snortRuleDir);
- }
-
- if ($_POST['RMlistTable'] == 'SnortWhitelist') {
- snortSql_updatelistDelete($_POST['RMlistDB'], 'SnortWhitelistips', 'filename', $rm_row_list['filename']);
- }
-
- snortJsonReturnCode(snortSql_updatelistDelete($_POST['RMlistDB'], $_POST['RMlistTable'], 'uuid', $_POST['RMlistUuid']));
-
- } if ( $_POST['RMlistDelRow'] == 1 ) { RMlistDelRowFunc(); }
-
- function RSTlistDelRowFunc()
- {
-
- // rm ruledb and files
- if ($_POST['RSTlistTable'] == 'Snortrules') {
-
- // remove dir
- $snortRuleDir = "/usr/local/etc/snort/snortDBrules/DB/{$_POST['RSTlistUuid']}";
- exec('/bin/rm -r ' . $snortRuleDir . '/rules/*.rules');
-
- // remove db tables vals
- snortSql_updatelistDelete($_POST['RSTlistDB'], 'SnortruleSets', 'rdbuuid', $_POST['RSTlistUuid']);
- snortSql_updatelistDelete($_POST['RSTlistDB'], 'SnortruleSigs', 'rdbuuid', $_POST['RSTlistUuid']);
- snortSql_updatelistDelete($_POST['RSTlistDB'], 'SnortruleSigsIps', 'rdbuuid', $_POST['RSTlistUuid']);
- snortSql_updatelistDelete($_POST['RSTlistDB'], 'SnortruleSetsIps', 'rdbuuid', $_POST['RSTlistUuid']);
- snortSql_updatelistDelete($_POST['RSTlistDB'], 'SnortruleGenIps', 'rdbuuid', $_POST['RSTlistUuid']);
-
- // NOTE: code only works on php5
- $listSnortRulesDir = snortScanDirFilter('/usr/local/etc/snort/snortDBrules/snort_rules/rules', '\.rules');
- $listEmergingRulesDir = snortScanDirFilter('/usr/local/etc/snort/snortDBrules/emerging_rules/rules', '\.rules');
- $listPfsenseRulesDir = snortScanDirFilter('/usr/local/etc/snort/snortDBrules/pfsense_rules/rules', '\.rules');
-
- if (!empty($listSnortRulesDir)) {
- exec("/bin/cp -R /usr/local/etc/snort/snortDBrules/snort_rules/rules/*.rules /usr/local/etc/snort/snortDBrules/DB/{$_POST['RSTlistUuid']}/rules");
- }
- if (!empty($listEmergingRulesDir)) {
- exec("/bin/cp -R /usr/local/etc/snort/snortDBrules/emerging_rules/rules/*.rules /usr/local/etc/snort/snortDBrules/DB/{$_POST['RSTlistUuid']}/rules");
- }
- if (!empty($listPfsenseRulesDir)) {
- exec("/bin/cp -R /usr/local/etc/snort/snortDBrules/pfsense_rules/rules/*.rules /usr/local/etc/snort/snortDBrules/DB/{$_POST['RSTlistUuid']}/rules");
- }
-
-
- }
-
- } if ( $_POST['RSTlistRow'] == 1 ) { RSTlistDelRowFunc(); }
-
-
-}
-
-
-// general settings save
-if ($_POST['snortSaveSettings'] == 1) {
-
- function snortSaveSettingsFunc()
- {
-
- // Save ruleDB settings
- if ($_POST['dbTable'] == 'Snortrules') {
-
- function saveSnortrules()
- {
-
- unset($_POST['snortSaveSettings']);
- unset($_POST['ifaceTab']);
-
- if (!is_dir("/usr/local/etc/snort/snortDBrules/DB/{$_POST['uuid']}/rules")) {
-
- // creat iface dir and ifcae rules dir
- exec("/bin/mkdir -p /usr/local/etc/snort/snortDBrules/DB/{$_POST['uuid']}/rules");
-
- // create at least one file
- if (!file_exists("/usr/local/etc/snort/snortDBrules/DB/{$_POST['uuid']}/rules/local.rules")) {
- exec("/usr/bin/touch /usr/local/etc/snort/snortDBrules/DB/{$_POST['uuid']}/rules/local.rules");
- }
-
- // NOTE: code only works on php5
- $listSnortRulesDir = snortScanDirFilter('/usr/local/etc/snort/snortDBrules/snort_rules/rules', '\.rules');
- $listEmergingRulesDir = snortScanDirFilter('/usr/local/etc/snort/snortDBrules/emerging_rules/rules', '\.rules');
- $listPfsenseRulesDir = snortScanDirFilter('/usr/local/etc/snort/snortDBrules/pfsense_rules/rules', '\.rules');
-
- if (!empty($listSnortRulesDir)) {
- exec("/bin/cp -R /usr/local/etc/snort/snortDBrules/snort_rules/rules/*.rules /usr/local/etc/snort/snortDBrules/DB/{$_POST['uuid']}/rules");
- }
- if (!empty($listEmergingRulesDir)) {
- exec("/bin/cp -R /usr/local/etc/snort/snortDBrules/emerging_rules/rules/*.rules /usr/local/etc/snort/snortDBrules/DB/{$_POST['uuid']}/rules");
- }
- if (!empty($listPfsenseRulesDir)) {
- exec("/bin/cp -R /usr/local/etc/snort/snortDBrules/pfsense_rules/rules/*.rules /usr/local/etc/snort/snortDBrules/DB/{$_POST['uuid']}/rules");
- }
-
-
- } //end of mkdir
-
- } saveSnortrules();
-
- snortJsonReturnCode(snortSql_updateSettings('uuid', $_POST['uuid']));
-
- } // END if Snortrules
-
- // Save general settings
- if ($_POST['dbTable'] == 'SnortSettings') {
-
- function saveSnortSettings()
- {
-
- if ($_POST['ifaceTab'] == 'snort_interfaces_global') {
- // checkboxes when set to off never get included in POST thus this code
- $_POST['forcekeepsettings'] = ($_POST['forcekeepsettings'] == '' ? off : $_POST['forcekeepsettings']);
- }
-
- if ($_POST['ifaceTab'] == 'snort_alerts') {
-
- if (!isset($_POST['arefresh']))
- $_POST['arefresh'] = ($_POST['arefresh'] == '' ? off : $_POST['arefresh']);
-
- }
-
- if ($_POST['ifaceTab'] == 'snort_blocked') {
-
- if (!isset($_POST['brefresh']))
- $_POST['brefresh'] = ($_POST['brefresh'] == '' ? off : $_POST['brefresh']);
-
- }
-
- // unset POSTs that are markers not in db
- unset($_POST['snortSaveSettings']);
- unset($_POST['ifaceTab']);
-
- } saveSnortSettings();
-
- snortJsonReturnCode(snortSql_updateSettings('id', '1'));
-
- } // END IF SnortSettings
-
- // Save rule settings on the interface edit tab
- if ($_POST['dbTable'] == 'SnortIfaces') {
-
- function saveSnortIfaces()
- {
-
- // snort interface edit
- if ($_POST['ifaceTab'] == 'snort_interfaces_edit') {
-
- function SnortIfaces_Snort_Interfaces_edit()
- {
- if (!isset($_POST['enable']))
- $_POST['enable'] = ($_POST['enable'] == '' ? off : $_POST['enable']);
-
- if (!isset($_POST['blockoffenders7']))
- $_POST['blockoffenders7'] = ($_POST['blockoffenders7'] == '' ? off : $_POST['blockoffenders7']);
-
- if (!isset($_POST['alertsystemlog']))
- $_POST['alertsystemlog'] = ($_POST['alertsystemlog'] == '' ? off : $_POST['alertsystemlog']);
-
- if (!isset($_POST['tcpdumplog']))
- $_POST['tcpdumplog'] = ($_POST['tcpdumplog'] == '' ? off : $_POST['tcpdumplog']);
-
- if (!isset($_POST['snortunifiedlog']))
- $_POST['snortunifiedlog'] = ($_POST['snortunifiedlog'] == '' ? off : $_POST['snortunifiedlog']);
-
- // convert textbox to base64
- $_POST['configpassthru'] = base64_encode($_POST['configpassthru']);
-
- /*
- * make dir for the new iface, if iface exists or rule dir has changed redo soft link
- * may need to move this as a func to new_snort.inc
- */
- $newSnortDir = 'sn_' . $_POST['uuid'];
- $pathToSnortDir = '/usr/local/etc/snort';
-
- // creat iface dir and ifcae rules dir
- if (!is_dir("{$pathToSnortDir}/{$newSnortDir}")) {
- createNewIfaceDir($pathToSnortDir, $newSnortDir);
- } //end of mkdir
-
- snortRulesCreateSoftlink();
-
- } SnortIfaces_Snort_Interfaces_edit();
-
- } // end of snort_interfaces_edit
-
- // snort preprocessor edit
- if ($_POST['ifaceTab'] == 'snort_preprocessors') {
-
- function SnortIfaces_Snort_PreprocessorsFunc()
- {
- if (!isset($_POST['dce_rpc_2'])) {
- $_POST['dce_rpc_2'] = ($_POST['dce_rpc_2'] == '' ? off : $_POST['dce_rpc_2']);
- }
-
- if (!isset($_POST['dns_preprocessor'])) {
- $_POST['dns_preprocessor'] = ($_POST['dns_preprocessor'] == '' ? off : $_POST['dns_preprocessor']);
- }
-
- if (!isset($_POST['ftp_preprocessor'])) {
- $_POST['ftp_preprocessor'] = ($_POST['ftp_preprocessor'] == '' ? off : $_POST['ftp_preprocessor']);
- }
-
- if (!isset($_POST['http_inspect'])) {
- $_POST['http_inspect'] = ($_POST['http_inspect'] == '' ? off : $_POST['http_inspect']);
- }
-
- if (!isset($_POST['other_preprocs'])) {
- $_POST['other_preprocs'] = ($_POST['other_preprocs'] == '' ? off : $_POST['other_preprocs']);
- }
-
- if (!isset($_POST['perform_stat'])) {
- $_POST['perform_stat'] = ($_POST['perform_stat'] == '' ? off : $_POST['perform_stat']);
- }
-
- if (!isset($_POST['sf_portscan'])) {
- $_POST['sf_portscan'] = ($_POST['sf_portscan'] == '' ? off : $_POST['sf_portscan']);
- }
-
- if (!isset($_POST['smtp_preprocessor'])) {
- $_POST['smtp_preprocessor'] = ($_POST['smtp_preprocessor'] == '' ? off : $_POST['smtp_preprocessor']);
- }
-
- } SnortIfaces_Snort_PreprocessorsFunc();
-
- }
-
- // snort barnyard edit
- if ($_POST['ifaceTab'] == 'snort_barnyard') {
- function SnortIfaces_Snort_Barnyard()
- {
- // make shure iface is lower case
- $_POST['interface'] = strtolower($_POST['interface']);
-
- if (!isset($_POST['barnyard_enable'])) {
- $_POST['barnyard_enable'] = ($_POST['barnyard_enable'] == '' ? off : $_POST['barnyard_enable']);
- }
- } SnortIfaces_Snort_Barnyard();
- }
-
-
- // unset POSTs that are markers not in db
- unset($_POST['snortSaveSettings']);
- unset($_POST['ifaceTab']);
-
- snortJsonReturnCode(snortSql_updateSettings('uuid', $_POST['uuid']));
- build_snort_settings($_POST['uuid']);
-
- } saveSnortIfaces();
-
- } // END IF SnortIfaces
-
- } snortSaveSettingsFunc();
-
-
-} // STOP General Settings Save
-
-// Suppress settings save
-if ($_POST['snortSaveSuppresslist'] == 1) {
-
- function snortSaveSuppresslistFunc()
- {
-
- // post for supress_edit
- if ($_POST['ifaceTab'] == 'snort_interfaces_suppress_edit') {
-
- // make sure filename is valid
- if (!is_validFileName($_POST['filename'])) {
- echo 'Error: FileName';
- return false;
- }
-
- // unset POSTs that are markers not in db
- unset($_POST['snortSaveSuppresslist']);
- unset($_POST['ifaceTab']);
-
- // convert textbox to base64
- $_POST['suppresspassthru'] = base64_encode($_POST['suppresspassthru']);
-
- // Write to database
- snortJsonReturnCode(snortSql_updateSettings('uuid', $_POST['uuid']));
-
- }
-
- }
- snortSaveSuppresslistFunc();
-
-}
-
-// Whitelist settings save
-if ($_POST['snortSaveWhitelist'] == 1) {
-
- function snortSaveWhitelistFunc()
- {
-
- if ($_POST['ifaceTab'] == 'snort_interfaces_whitelist_edit') {
-
- if (!is_validFileName($_POST['filename'])) {
- echo 'Error: FileName';
- return false;
- }
-
- $_POST['wanips'] = ($_POST['wanips'] == '' ? off : $_POST['wanips']);
- $_POST['wangateips'] = ($_POST['wangateips'] == '' ? off : $_POST['wangateips']);
- $_POST['wandnsips'] = ($_POST['wandnsips'] == '' ? off : $_POST['wandnsips']);
- $_POST['vips'] = ($_POST['vips'] == '' ? off : $_POST['vips']);
- $_POST['vpnips'] = ($_POST['vpnips'] == '' ? off : $_POST['vpnips']);
-
- }
-
- // unset POSTs that are markers not in db
- unset($_POST['snortSaveWhitelist']);
- unset($_POST['ifaceTab']);
-
- // Split the POST for 2 arraus
- $whitelistIPs = $_POST['list'];
- unset($_POST['list']);
-
-
- if (snortSql_updateSettings('uuid', $_POST['uuid']) && snortSql_updateWhitelistIps($whitelistIPs)) {
- snortJsonReturnCode(true);
- }else{
- snortJsonReturnCode(false);
- }
-
- }
- snortSaveWhitelistFunc();
-
-}
-
-// download code for alerts page
-if ($_POST['snortlogsdownload'] == 1) {
-
- function snortlogsdownloadFunc()
- {
- conf_mount_rw();
- snort_downloadAllLogs();
- conf_mount_ro();
- }
- snortlogsdownloadFunc();
-
-}
-
-// download code for alerts page
-if ($_POST['snortblockedlogsdownload'] == 1) {
-
- function snortblockedlogsdownloadFunc()
- {
- conf_mount_rw();
- snort_downloadBlockedIPs();
- conf_mount_ro();
- }
- snortblockedlogsdownloadFunc();
-
-}
-
-
-// code neeed to be worked on when finnished rules code
-if ($_POST['snortlogsdelete'] == 1) {
-
- function snortlogsdeleteFunc()
- {
- conf_mount_rw();
- snortDeleteLogs();
- conf_mount_ro();
- }
- snortlogsdeleteFunc();
-}
-
-// flushes snort2c table
-if ($_POST['snortflushpftable'] == 1) {
-
- function snortflushpftableFunc()
- {
- conf_mount_rw();
- snortRemoveBlockedIPs();
- conf_mount_ro();
- }
- snortflushpftableFunc();
-}
-
-// reset db reset_snortgeneralsettings
-if ($_POST['reset_snortgeneralsettings'] == 1) {
-
- function reset_snortgeneralsettingsFunc()
- {
- conf_mount_rw();
- reset_snortgeneralsettings();
- conf_mount_ro();
- }
- reset_snortgeneralsettingsFunc();
-
-}
-
-
-?>
-
-
-
-
-
-
-
-
-
-