aboutsummaryrefslogtreecommitdiffstats
path: root/config/snort-dev
diff options
context:
space:
mode:
Diffstat (limited to 'config/snort-dev')
-rw-r--r--config/snort-dev/snort_download_rules.php114
-rw-r--r--config/snort-dev/snort_rules.php37
2 files changed, 89 insertions, 62 deletions
diff --git a/config/snort-dev/snort_download_rules.php b/config/snort-dev/snort_download_rules.php
index b27d3042..d4862453 100644
--- a/config/snort-dev/snort_download_rules.php
+++ b/config/snort-dev/snort_download_rules.php
@@ -685,9 +685,9 @@ if ($snortdownload != "off")
exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir} so_rules/web-misc.rules/");
/* add prefix to all snort.org files */
/* remove this part and make it all php with the simplst code posible */
- //chdir ("/usr/local/etc/snort/rules_bk/rules");
- //sleep(2);
- //exec('/usr/local/bin/snort_rename.pl s/^/snort_/ *.rules');
+ chdir ("/usr/local/etc/snort/rules_bk/rules");
+ sleep(2);
+ exec('/usr/local/bin/perl /usr/local/bin/snort_rename.pl s/^/snort_/ *.rules');
update_status(gettext("Done extracting Rules."));
}else{
update_status(gettext("The Download rules file missing..."));
@@ -963,31 +963,9 @@ exec("/usr/local/bin/perl /usr/local/bin/create-sidmap.pl /usr/local/etc/snort/r
//////////////////
-/* Start the proccess for every interface rule */
-/* TODO: try to make the code smother */
-
-if (!empty($config['installedpackages']['snortglobal']['rule'])) {
-
-$rule_array = $config['installedpackages']['snortglobal']['rule'];
-$id = -1;
-foreach ($rule_array as $value) {
-
-$id += 1;
-
-$result_lan = $config['installedpackages']['snortglobal']['rule'][$id]['interface'];
-$if_real = convert_friendly_interface_to_real_interface_name($result_lan);
-
- /* make oinkmaster.conf for each interface rule */
- oinkmaster_conf();
-
- /* run oinkmaster for each interface rule */
- oinkmaster_run();
-
- }
-}
-
/* open oinkmaster_conf for writing" function */
-function oinkmaster_conf() {
+function oinkmaster_conf()
+{
global $config, $g, $id, $if_real, $snortdir_wan, $snortdir, $snort_md5_check_ok, $emerg_md5_check_ok, $pfsense_md5_check_ok;
conf_mount_rw();
@@ -1031,7 +1009,7 @@ $selected_sid_off_sections
EOD;
/* open snort's oinkmaster.conf for writing */
- $oinkmasterlist = fopen("/usr/local/etc/snort/oinkmaster_$if_real.conf", "w");
+ $oinkmasterlist = fopen("/usr/local/etc/snort/snort_$id$if_real/oinkmaster_$id$if_real.conf", "w");
fwrite($oinkmasterlist, "$snort_sid_text");
@@ -1044,31 +1022,33 @@ EOD;
/* Run oinkmaster to snort_wan and cp configs */
/* If oinkmaster is not needed cp rules normally */
/* TODO add per interface settings here */
-function oinkmaster_run() {
+function oinkmaster_run()
+{
global $config, $g, $id, $if_real, $snortdir_wan, $snortdir, $snort_md5_check_ok, $emerg_md5_check_ok, $pfsense_md5_check_ok;
conf_mount_rw();
-if ($snort_md5_check_ok != on || $emerg_md5_check_ok != on || $pfsense_md5_check_ok != on) {
-
- if (empty($config['installedpackages']['snortglobal']['rule'][$id]['rule_sid_on']) || empty($config['installedpackages']['snortglobal']['rule'][$id]['rule_sid_off'])) {
- update_status(gettext("Your first set of rules are being copied..."));
- update_output_window(gettext("May take a while..."));
- exec("/bin/echo \"test {$snortdir} {$snortdir_wan} $id$if_real\" > /root/debug");
- exec("/bin/cp {$snortdir}/rules/\* {$snortdir_wan}/snort_$id$if_real/rules/");
- exec("/bin/cp {$snortdir}/classification.config {$snortdir_wan}/snort_$id$if_real");
- exec("/bin/cp {$snortdir}/gen-msg.map {$snortdir_wan}/snort_$id$if_real");
- exec("/bin/cp {$snortdir}/generators {$snortdir_wan}/snort_$id$if_real");
- exec("/bin/cp {$snortdir}/reference.config {$snortdir_wan}/snort_$id$if_real");
- exec("/bin/cp {$snortdir}/sid {$snortdir_wan}/snort_$id$if_real");
- exec("/bin/cp {$snortdir}/sid-msg.map {$snortdir_wan}/snort_$id$if_real");
- exec("/bin/cp {$snortdir}/unicode.map {$snortdir_wan}/snort_$id$if_real");
+ if ($snort_md5_check_ok != on || $emerg_md5_check_ok != on || $pfsense_md5_check_ok != on)
+ {
-} else {
+ if ($config['installedpackages']['snortglobal']['rule'][$id]['rule_sid_on'] == '' && $config['installedpackages']['snortglobal']['rule'][$id]['rule_sid_off'] == '')
+ {
+ update_status(gettext("Your first set of rules are being copied..."));
+ update_output_window(gettext("May take a while..."));
+ exec("/bin/echo \"test {$snortdir} {$snortdir_wan} $id$if_real\" > /root/debug");
+ exec("/bin/cp {$snortdir}/rules/* {$snortdir_wan}/snort_$id$if_real/rules/");
+ exec("/bin/cp {$snortdir}/classification.config {$snortdir_wan}/snort_$id$if_real");
+ exec("/bin/cp {$snortdir}/gen-msg.map {$snortdir_wan}/snort_$id$if_real");
+ exec("/bin/cp {$snortdir}/generators {$snortdir_wan}/snort_$id$if_real");
+ exec("/bin/cp {$snortdir}/reference.config {$snortdir_wan}/snort_$id$if_real");
+ exec("/bin/cp {$snortdir}/sid {$snortdir_wan}/snort_$id$if_real");
+ exec("/bin/cp {$snortdir}/sid-msg.map {$snortdir_wan}/snort_$id$if_real");
+ exec("/bin/cp {$snortdir}/unicode.map {$snortdir_wan}/snort_$id$if_real");
+ }else{
update_status(gettext("Your enable and disable changes are being applied to your fresh set of rules..."));
update_output_window(gettext("May take a while..."));
exec("/bin/echo \"test2 {$snortdir} {$snortdir_wan} $id$if_real\" > /root/debug");
- exec("/bin/cp {$snortdir}/rules/\* {$snortdir_wan}/snort_$id$if_real/rules/");
+ exec("/bin/cp {$snortdir}/rules/* {$snortdir_wan}/snort_$id$if_real/rules/");
exec("/bin/cp {$snortdir}/classification.config {$snortdir_wan}/snort_$id$if_real");
exec("/bin/cp {$snortdir}/gen-msg.map {$snortdir_wan}/snort_$id$if_real");
exec("/bin/cp {$snortdir}/generators {$snortdir_wan}/snort_$id$if_real");
@@ -1077,23 +1057,46 @@ if ($snort_md5_check_ok != on || $emerg_md5_check_ok != on || $pfsense_md5_check
exec("/bin/cp {$snortdir}/sid-msg.map {$snortdir_wan}/snort_$id$if_real");
exec("/bin/cp {$snortdir}/unicode.map {$snortdir_wan}/snort_$id$if_real");
- /* oinkmaster.pl will convert saved changes for the new updates then we have to change #alert to # alert for the gui */
/* might have to add a sleep for 3sec for flash drives or old drives */
- exec("/usr/local/bin/perl /usr/local/bin/oinkmaster.pl -C /usr/local/etc/snort/oinkmaster_$id$if_real.conf -o /usr/local/etc/snort/snort_$id$if_real/rules > /usr/local/etc/snort/oinkmaster_$id$if_real.log");
-
+ exec("/usr/local/bin/perl /usr/local/bin/oinkmaster.pl -C /usr/local/etc/snort/snort_$id$if_real/oinkmaster_$id$if_real.conf -o /usr/local/etc/snort/snort_$id$if_real/rules > /usr/local/etc/snort/oinkmaster_$id$if_real.log");
}
}
}
+/* Start the proccess for every interface rule */
+/* TODO: try to make the code smother */
+
+if (!empty($config['installedpackages']['snortglobal']['rule']))
+{
+
+ $rule_array = $config['installedpackages']['snortglobal']['rule'];
+ $id = -1;
+ foreach ($rule_array as $value) {
+
+ $id += 1;
+
+ $result_lan = $config['installedpackages']['snortglobal']['rule'][$id]['interface'];
+ $if_real = convert_friendly_interface_to_real_interface_name($result_lan);
+
+ /* make oinkmaster.conf for each interface rule */
+ oinkmaster_conf();
+
+ /* run oinkmaster for each interface rule */
+ oinkmaster_run();
+
+ }
+}
+
//////////////
/* mark the time update finnished */
$config['installedpackages']['snortglobal']['last_rules_install'] = date("Y-M-jS-h:i-A");
/* remove old $tmpfname files */
-if (file_exists("{$tmpfname}")) {
- update_status(gettext("Cleaning up..."));
- exec("/bin/rm -r /tmp/snort_rules_up");
+if (file_exists("{$tmpfname}"))
+{
+ update_status(gettext("Cleaning up..."));
+ exec("/bin/rm -r /tmp/snort_rules_up");
sleep(2);
exec("/bin/rm -r {$snortdir}/rules_bk/rules/");
apc_clear_cache();
@@ -1104,6 +1107,15 @@ sleep(2);
apc_clear_cache();
exec("/bin/sync ;/bin/sync ;/bin/sync ;/bin/sync ;/bin/sync ;/bin/sync ;/bin/sync ;/bin/sync");
+/* make all dirs snorts */
+exec("/usr/sbin/chown -R snort:snort /var/log/snort");
+exec("/usr/sbin/chown -R snort:snort /usr/local/etc/snort");
+exec("/usr/sbin/chown -R snort:snort /usr/local/lib/snort");
+exec("/bin/chmod -R 755 /var/log/snort");
+exec("/bin/chmod -R 755 /usr/local/etc/snort");
+exec("/bin/chmod -R 755 /usr/local/lib/snort");
+
+
/* if snort is running hardrestart, if snort is not running do nothing */
if (file_exists("/tmp/snort_download_halt.pid")) {
start_service("snort");
diff --git a/config/snort-dev/snort_rules.php b/config/snort-dev/snort_rules.php
index b77e6224..2a9d4f2f 100644
--- a/config/snort-dev/snort_rules.php
+++ b/config/snort-dev/snort_rules.php
@@ -167,7 +167,10 @@ function load_rule_file($incoming_file)
$ruledir = "/usr/local/etc/snort/snort_{$id}{$if_real}/rules/";
$dh = opendir($ruledir);
-$message_reload = "The Snort rule configuration has been changed.<br>You must apply the changes in order for them to take effect.";
+if ($_GET['openruleset'] != '' && $_GET['ids'] != '')
+{
+ header("Location: /snort/snort_rules.php?id=$id&openruleset={$_GET['openruleset']}&saved=yes");
+}
while (false !== ($filename = readdir($dh)))
{
@@ -196,6 +199,9 @@ $splitcontents = load_rule_file($file);
if ($_POST)
{
+
+ conf_mount_rw();
+
if (!$_POST['apply']) {
//retrieve POST data
$post_lineid = $_POST['lineid'];
@@ -279,18 +285,12 @@ if ($_POST)
$stopMsg = true;
}
-
- if ($_POST['apply']) {
-// stop_service("snort");
-// sleep(2);
-// start_service("snort");
- $savemsg = "The snort rules selections have been saved. Please restart snort by clicking save on the settings tab.";
- $stopMsg = false;
- }
-
}
else if ($_GET['act'] == "toggle")
{
+
+ conf_mount_rw();
+
$toggleid = $_GET['ids'];
//copy rule contents from array into string
@@ -354,6 +354,8 @@ else if ($_GET['act'] == "toggle")
// add sid off registers to new off sid
$a_nat[$id]['rule_sid_off'] = "||disablesid $sid_off" . $a_nat[$id]['rule_sid_off'];
write_config();
+ conf_mount_rw();
+
}
else
{
@@ -377,10 +379,23 @@ else if ($_GET['act'] == "toggle")
// add sid on registers to new on sid
$a_nat[$id]['rule_sid_on'] = "||enablesid $sid_on" . $a_nat[$id]['rule_sid_on'];
write_config();
+ conf_mount_rw();
}
}
+//if ($GET['saved'] == 'yes')
+//{
+ $message = "The Snort rule configuration has been changed.<br>You must apply the changes in order for them to take effect.";
+ echo "please work";
+// stop_service("snort");
+// sleep(2);
+// start_service("snort");
+// $savemsg = "";
+// $stopMsg = false;
+
+//}
+
$currentruleset = basename($file);
$pgtitle = "Snort: Interface $id$if_real Rule File $currentruleset";
@@ -394,7 +409,7 @@ include("head.inc");
<?php
echo "<form action=\"snort_rules.php?id={$id}\" method=\"post\" name=\"iform\" id=\"iform\">";
?>
-<?php if ($savemsg){print_info_box($savemsg);} else if ($stopMsg){print_info_box_np($message_reload);}?>
+<?php // print_info_box($message);?>
</form>
<script type="text/javascript" language="javascript" src="row_toggle.js">
<script src="/javascript/sorttable.js" type="text/javascript">