aboutsummaryrefslogtreecommitdiffstats
path: root/config/snort-dev
diff options
context:
space:
mode:
Diffstat (limited to 'config/snort-dev')
-rw-r--r--config/snort-dev/javascript/snort_globalsend.js6
-rw-r--r--config/snort-dev/snort_download_rules.inc1
-rw-r--r--config/snort-dev/snort_interfaces_edit.php10
-rw-r--r--config/snort-dev/snort_interfaces_rules.php143
-rw-r--r--config/snort-dev/snort_interfaces_rules_edit.php120
-rw-r--r--config/snort-dev/snort_json_post.php35
-rw-r--r--config/snort-dev/snort_new.inc25
7 files changed, 230 insertions, 110 deletions
diff --git a/config/snort-dev/javascript/snort_globalsend.js b/config/snort-dev/javascript/snort_globalsend.js
index a613dd46..07416a74 100644
--- a/config/snort-dev/javascript/snort_globalsend.js
+++ b/config/snort-dev/javascript/snort_globalsend.js
@@ -143,7 +143,7 @@ jQuery(document).ready(function() {
this.css("top", 70 + "px");
this.css("left", ((jQuery(window).width() - this.outerWidth()) / 2) + jQuery(window).scrollLeft() + "px");
return this;
- }
+ };
//--------------------------- START select all code ---------------------------
@@ -372,8 +372,8 @@ jQuery(document).ready(function() {
// Clean up Waiting code
finnish();
- if (data.snortUnhideTabs === 'true'){
- jQuery('.hide_newtabmenu').show();
+ if (data.snortMiscTabCall === 'true'){
+ jQuery.fn.miscTabCall(); // call tab misc functions
}
if (data.snortreset) {location.reload();} // hard refresh
diff --git a/config/snort-dev/snort_download_rules.inc b/config/snort-dev/snort_download_rules.inc
index df292a94..e6a22477 100644
--- a/config/snort-dev/snort_download_rules.inc
+++ b/config/snort-dev/snort_download_rules.inc
@@ -206,6 +206,7 @@ function reapplyRuleSettings_run($sidRule_array)
// sed -i '' "s/^# \(.*sid:1225;.*\)/\1/" /usr/local/etc/snort/snortDBrules/DB/RAjFYOrC04D6/rules/snort_x11.rules
// disable a sid
// sed -i '' "s/^\(alert.*sid:1225;.*\)/# \1/" /usr/local/etc/snort/snortDBrules/DB/RAjFYOrC04D6/rules/snort_x11.rules
+ // grep "^alert.*sid:.*;" rules/emerging-worm.rules | grep -oh "\w*sid:[0-9][^*;]\w*" | awk -F: '{print $2}'
}
diff --git a/config/snort-dev/snort_interfaces_edit.php b/config/snort-dev/snort_interfaces_edit.php
index a501aa34..7d710fe5 100644
--- a/config/snort-dev/snort_interfaces_edit.php
+++ b/config/snort-dev/snort_interfaces_edit.php
@@ -90,6 +90,12 @@ if (!is_array($a_suppresslist)) {
// start a jQuery sand box
jQuery(document).ready(function() {
+ // misc call after a good save
+ jQuery.fn.miscTabCall = function () {
+ jQuery('.hide_newtabmenu').show();
+ jQuery('#interface').attr("disabled", true);
+ };
+
// START disable option for snort_interfaces_edit.php
endis = !(jQuery('input[name=enable]:checked').val());
@@ -229,7 +235,7 @@ jQuery(document).ready(function() {
<tr>
<td width="22%" valign="top" class="vncellreq2">Interface</td>
<td width="78%" class="vtable">
- <select name="interface" class="formfld">
+ <select id="interface" name="interface" class="formfld">
<?php
/* add group interfaces */
@@ -316,7 +322,7 @@ jQuery(document).ready(function() {
foreach ($a_rules as $value)
{
$selected = '';
- if ($value['uuid'] == $a_list['ruledbname'] && $value['enable'] !== 'off') {
+ if ($value['uuid'] == $a_list['ruledbname']) {
$selected = 'selected';
}
diff --git a/config/snort-dev/snort_interfaces_rules.php b/config/snort-dev/snort_interfaces_rules.php
index 0cd75e6e..2e2e7732 100644
--- a/config/snort-dev/snort_interfaces_rules.php
+++ b/config/snort-dev/snort_interfaces_rules.php
@@ -45,6 +45,7 @@ require_once("guiconfig.inc");
require_once("/usr/local/pkg/snort/snort_new.inc");
require_once("/usr/local/pkg/snort/snort_gui.inc");
+$a_rules = array();
$a_rules = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'All', '');
if (!is_array($a_rules)) {
@@ -55,6 +56,18 @@ $a_rules = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'All', '');
echo 'Error';
exit(0);
}
+
+ // list rules in db that are on in a array
+ $listOnRules = array();
+ $listOnRules = snortSql_fetchAllSettings('snortDB', 'SnortIfaces', 'All', '');
+
+ foreach ($listOnRules as $listOnRule)
+ {
+
+ $listUsedRules[] = $listOnRule['ruledbname'];
+
+ }
+ unset($listOnRules);
$pgtitle = "Services: Snort: Rules";
include("/usr/local/pkg/snort/snort_head.inc");
@@ -112,53 +125,90 @@ $a_rules = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'All', '');
</tr>
<tr>
<td id="tdbggrey">
- <table width="100%" border="0" cellpadding="10px" cellspacing="0">
+ <table width="100%" border="0px" cellpadding="10px" cellspacing="0px">
<tr>
<td class="tabnavtbl">
- <table width="100%" border="0" cellpadding="6" cellspacing="0">
+ <table width="100%" border="0px" cellpadding="0px" cellspacing="0px">
<!-- START MAIN AREA -->
-
- <tr> <!-- db to lookup -->
- <td width="30%" class="listhdrr">File Name</td>
- <td width="70%" class="listhdr">Description</td>
- <td width="10%" class="list"></td>
- </tr>
- <?php foreach ($a_rules as $list): ?>
- <tr id="maintable_<?=$list['uuid']?>" data-options='{"pagetable":"Snortrules", "pagedb":"snortDBrules", "DoPOST":"true"}' >
- <td class="listlr" ondblclick="document.location='snort_interfaces_suppress_edit.php?uuid=<?=$list['uuid'];?>'"><?=$list['ruledbname'];?></td>
- <td class="listbg" ondblclick="document.location='snort_interfaces_suppress_edit.php?uuid=<?=$list['uuid'];?>'">
- <font color="#FFFFFF"> <?=htmlspecialchars($list['description']);?>&nbsp;</font>
- </td>
- <td></td>
- <td valign="middle" nowrap class="list">
- <table border="0" cellspacing="0" cellpadding="1">
- <tr>
- <td valign="middle">
- <a href="snort_interfaces_rules_edit.php?rdbuuid=<?=$list['uuid'];?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif"width="17" height="17" border="0" title="edit suppress list"></a>
- </td>
- <td>
- <img id="icon_x_<?=$list['uuid'];?>" class="icon_click icon_x" src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="delete list" >
- </a>
- </td>
- </tr>
- </table>
- </td>
- </tr>
- <?php $i++; endforeach; ?>
- <tr>
- <td class="list" colspan="3"></td>
- <td class="list">
- <table border="0" cellspacing="0" cellpadding="1">
- <tr>
- <td valign="middle" width="17">&nbsp;</td>
- <td valign="middle"><a href="snort_interfaces_rules_edit.php?rdbuuid=<?=genAlphaNumMixFast(11, 12);?> "><img src="/themes/nervecenter/images/icons/icon_plus.gif" width="17" height="17" border="0" title="add a new list"></a></td>
- </tr>
- </table>
- </td>
+
+ <table width="94%">
+ <tr > <!-- db to lookup -->
+ <td width="32%" class="listhdrr">File Name</td>
+ <td width="68%" class="listhdr">Description</td>
</tr>
- </table>
- </td>
- </tr>
+ </table>
+
+ <table width="100%">
+
+
+
+ <table width="100%" >
+
+
+ <tr id="maintable_default" data-options='{"pagetable":"Snortrules", "pagedb":"snortDBrules", "DoPOST":"true"}' >
+ <td class="listlr" width="32%" ondblclick="document.location='snort_interfaces_rules_edit.php?rdbuuid=default'">Default</td>
+ <td class="listbg" width="68%" ondblclick="document.location='snort_interfaces_rules_edit.php?rdbuuid=default'">
+ <font color="#FFFFFF">Default rule database&nbsp;</font>
+ </td>
+
+ <td valign="middle" nowrap class="list">
+ <table border="0" cellspacing="0" cellpadding="1">
+ <tr>
+ <td valign="middle">
+ <a href="snort_interfaces_rules_edit.php?rdbuuid=default"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif"width="17" height="17" border="0" title="edit database"></a>
+ </td>
+ <td>
+ <img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" border="0" title="delete database" >
+ </td>
+ </tr>
+ </table>
+ </td>
+ </tr>
+
+
+ <?php foreach ($a_rules as $list): ?>
+
+ <?php
+ if (in_array($list['uuid'], $listUsedRules)) {
+ $deleteObject = '<img src="/themes/' . $g['theme'] . '/images/icons/icon_x_d.gif" width="17" height="17" border="0" title="delete database" >';
+ }else{
+ $deleteObject = '<img id="icon_x_' . $list['uuid'] . '" class="icon_click icon_x" src="/themes/' . $g['theme'] . '/images/icons/icon_x.gif" width="17" height="17" border="0" title="delete database" >';
+ }
+ ?>
+
+ <tr id="maintable_<?=$list['uuid']?>" data-options='{"pagetable":"Snortrules", "pagedb":"snortDBrules", "DoPOST":"true"}' >
+ <td class="listlr" width="32%" ondblclick="document.location='snort_interfaces_rules_edit.php?rdbuuid=<?=$list['uuid'];?>'"><?=$list['ruledbname'];?></td>
+ <td class="listbg" width="68%" ondblclick="document.location='snort_interfaces_rules_edit.php?rdbuuid=<?=$list['uuid'];?>'">
+ <font color="#FFFFFF"> <?=htmlspecialchars($list['description']);?>&nbsp;</font>
+ </td>
+
+ <td valign="middle" nowrap class="list">
+ <table border="0" cellspacing="0" cellpadding="1">
+ <tr>
+ <td valign="middle">
+ <a href="snort_interfaces_rules_edit.php?rdbuuid=<?=$list['uuid'];?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif"width="17" height="17" border="0" title="edit database"></a>
+ </td>
+ <td>
+ <?=$deleteObject; ?>
+ </td>
+ </tr>
+ </table>
+ </td>
+
+ </tr>
+ <?php $i++; endforeach; ?>
+
+ </table>
+
+ <table width="100%">
+ <tr>
+ <td class="list" width="97%" valign="middle" width="17">&nbsp;</td>
+ <td width="3%" ></td>
+ <td class="list" valign="middle"><a href="snort_interfaces_rules_edit.php?rdbuuid=<?=genAlphaNumMixFast(11, 12);?> "><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="add a new database"></a></td>
+ </tr>
+ </table >
+
+ </table>
<!-- STOP MAIN AREA -->
</table>
@@ -178,8 +228,11 @@ $a_rules = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'All', '');
<span class="vexpl">
<span class="red"><strong>Note:</strong></span>
<p><span class="vexpl">
- Here you can create rule databases that can be used on multiple interfaces.<br>
- Please note that you must restart a running rule so that changes can take effect.<br>
+ Here you can create rule databases that can be used on multiple interfaces.<br><br>
+
+ Please note that you must restart a running rule so that changes can take effect.<br><br>
+
+ You may only delete rule databases that are not asigned to an interface.<br>
</span></p>
</td>
</table>
diff --git a/config/snort-dev/snort_interfaces_rules_edit.php b/config/snort-dev/snort_interfaces_rules_edit.php
index 6fa1c60d..6cc7dbb0 100644
--- a/config/snort-dev/snort_interfaces_rules_edit.php
+++ b/config/snort-dev/snort_interfaces_rules_edit.php
@@ -45,11 +45,6 @@ require_once("guiconfig.inc");
require_once("/usr/local/pkg/snort/snort_new.inc");
require_once("/usr/local/pkg/snort/snort_gui.inc");
-// set page vars
-if (isset($_GET['uuid'])) {
- $uuid = $_GET['uuid'];
-}
-
if (isset($_GET['rdbuuid'])) {
$rdbuuid = $_GET['rdbuuid'];
}else{
@@ -57,33 +52,88 @@ if (isset($_GET['rdbuuid'])) {
$rdbuuid = $ruledbname_pre1['ruledbname'];
}
-$a_list = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'uuid', $rdbuuid);
+if ($rdbuuid !== 'default') {
+ $a_list = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'uuid', $rdbuuid);
+
+ // $a_list returns empty use defaults
+ if ($a_list == '') {
+
+ $a_list = array(
+ 'id' => '',
+ 'date' => date(U),
+ 'uuid' => $rdbuuid,
+ 'ruledbname' => '',
+ 'description' => ''
+
+ );
+
+ }
-// $a_list returns empty use defaults
-if ($a_list == '')
-{
-
- $a_list = array(
- 'id' => '',
- 'date' => date(U),
- 'uuid' => $rdbuuid,
- 'ruledbnamename' => '',
- 'description' => ''
+}
+
+if ($rdbuuid === 'default') {
+
+ // $a_list returns empty use defaults
+ if ($a_list == '') {
+
+ $a_list = array(
+ 'id' => '1',
+ 'date' => date(U),
+ 'uuid' => $rdbuuid,
+ 'ruledbname' => 'default',
+ 'description' => 'Default database'
+
+ );
+
+ }
- );
-
}
+if ( !empty($a_list['id']) ) {
+ $disabled = 'disabled="disabled"';
+}else{
+ $disabled = '';
+}
+if ( $rdbuuid === 'default' ) {
+ $disabled_ckbox = 'disabled="disabled"';
+}else{
+ $disabled_ckbox = '';
+}
$pgtitle = 'Services: Snort: Rules: Edit: ' . $rdbuuid;
include('/usr/local/pkg/snort/snort_head.inc');
?>
-
-
+
+<!-- START page custom script -->
+<script language="JavaScript">
+
+// start a jQuery sand box
+jQuery(document).ready(function() {
+
+ // misc call after a good save
+ jQuery.fn.miscTabCall = function () {
+ jQuery('.hide_newtabmenu').show();
+ jQuery('#ruledbname').attr("disabled", true);
+ };
+
+ <?php
+ // disable tabs if nothing in database
+ if ($a_list['id'] == '') {
+ echo '
+ jQuery(\'.hide_newtabmenu\').hide();
+ ';
+ }
+ ?>
+
+
+}); // end of on ready
+
+</script>
+
<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
<!-- loading msg -->
@@ -134,7 +184,7 @@ if ($a_list == '')
<td>
<div class="newtabmenu" style="margin: 1px 0px; width: 775px;"><!-- Tabbed bar code-->
<ul class="newtabmenu">
- <li class="hide_newtabmenu newtabmenu_active"><a href="/snort/snort_interfaces_rules.php?rdbuuid=<?=$rdbuuid;?>"><span>Rules DB Edit</span></a></li>
+ <li class="newtabmenu_active"><a href="/snort/snort_interfaces_rules_edit.php?rdbuuid=<?=$rdbuuid;?>"><span>Rules DB Edit</span></a></li>
<li class="hide_newtabmenu"><a href="/snort/snort_rulesets.php?rdbuuid=<?=$rdbuuid;?>"><span>Categories</span></a></li>
<li class="hide_newtabmenu"><a href="/snort/snort_rules.php?rdbuuid=<?=$rdbuuid;?>"><span>Rules</span></a></li>
</ul>
@@ -162,26 +212,18 @@ if ($a_list == '')
<table width="100%" border="0" cellpadding="6" cellspacing="0">
<tr>
<td colspan="2" valign="top" class="listtopic">Add the name and description of the rule DB</td>
- </tr>
- <tr>
- <td width="22%" valign="top" class="vncellreq2">RuleDB</td>
- <td width="22%" valign="top" class="vtable">
- &nbsp;
- <input name="enable" type="checkbox" value="on" <?=$ifaceEnabled = $a_list['enable'] == 'on' || $a_list['enable'] == '' ? 'checked' : '';?> ">
- &nbsp;&nbsp;<span class="vexpl">Enable or Disable</span>
- </td>
- </tr>
+ </tr>
<tr>
<td valign="top" class="vncellreq2">Name</td>
<td class="vtable">
- <input class="formfld2" name="ruledbname" type="text" id="ruledbname" size="40" value="<?=$a_list['ruledbname'] ?>" /> <br />
+ <input class="formfld2" name="ruledbname" type="text" id="ruledbname" size="40" value="<?=$a_list['ruledbname'] ?>" <?=$disabled?> /> <br />
<span class="vexpl"> The list name may only consist of the characters a-z, A-Z and 0-9. <span class="red">Note: </span> No Spaces. </span>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncell2">Description</td>
<td width="78%" class="vtable">
- <input class="formfld2" name="description" type="text" id="description" size="40" value="<?=$a_list['description'] ?>" /> <br />
+ <input class="formfld2" name="description" type="text" id="description" size="40" value="<?=$a_list['description'] ?>" <?=$disabled_ckbox?> /> <br />
<span class="vexpl"> You may enter a description here for your reference (not parsed). </span>
</td>
</tr>
@@ -197,10 +239,16 @@ if ($a_list == '')
</tr>
</table>
<tr>
- <td style="padding-left: 10px;">
- <input name="Submit" type="submit" class="formbtn" value="Save">
- <input id="cancel" type="button" class="formbtn" value="Cancel">
- </td>
+ <?php
+ if ($rdbuuid !== 'default') {
+ echo '
+ <td style="padding-left: 10px;">
+ <input name="Submit" type="submit" class="formbtn" value="Save" >
+ <input id="cancel" type="button" class="formbtn" value="Cancel" >
+ </td>
+ ';
+ }
+ ?>
</tr>
</form>
diff --git a/config/snort-dev/snort_json_post.php b/config/snort-dev/snort_json_post.php
index 986493b5..359dd23a 100644
--- a/config/snort-dev/snort_json_post.php
+++ b/config/snort-dev/snort_json_post.php
@@ -54,7 +54,7 @@ if(isset($_POST['__csrf_magic'])) {
function snortJsonReturnCode($returnStatus)
{
if ($returnStatus == true) {
- echo '{"snortgeneralsettings":"success","snortUnhideTabs":"true"}';
+ echo '{"snortgeneralsettings":"success","snortMiscTabCall":"true"}';
return true;
}else{
echo '{"snortgeneralsettings":"fail"}';
@@ -250,29 +250,16 @@ if ($_POST['snortSaveSettings'] == 1) {
* make dir for the new iface, if iface exists or rule dir has changed redo soft link
* may need to move this as a func to new_snort.inc
*/
-
- $newSnortDir = 'sn_' . $_POST['uuid'];
- $pathToSnortDir = '/usr/local/etc/snort';
-
- // creat iface dir and ifcae rules dir
- if (!is_dir("{$pathToSnortDir}/{$newSnortDir}")) {
- createNewIfaceDir($pathToSnortDir, $newSnortDir);
- } //end of mkdir
-
- // change the rule path
- if (is_dir("{$pathToSnortDir}/{$newSnortDir}")) {
-
- $snortCurrentRuleDbName = snortSql_fetchAllSettings('snortDB', 'snortIfaces', 'uuid', $_POST['uuid']);
-
- if ($_POST['ruledbname'] !== $snortCurrentRuleDbName['ruledbname'] || !file_exists("{$pathToSnortDir}/{$newSnortDir}/rules")) {
-
- // NOTE: use full paths or link rm will not work, Freebsd love
- exec("/bin/rm {$pathToSnortDir}/{$newSnortDir}/rules");
- exec("/bin/ln -s /usr/local/etc/snort/snortDBrules/DB/{$_POST['ruledbname']}/rules {$pathToSnortDir}/{$newSnortDir}/rules");
-
- }
-
- }
+ $newSnortDir = 'sn_' . $_POST['uuid'];
+ $pathToSnortDir = '/usr/local/etc/snort';
+
+ // creat iface dir and ifcae rules dir
+ if (!is_dir("{$pathToSnortDir}/{$newSnortDir}")) {
+ createNewIfaceDir($pathToSnortDir, $newSnortDir);
+ } //end of mkdir
+
+ snortRulesCreateSoftlink();
+
}
SnortIfaces_Snort_Interfaces_edit();
diff --git a/config/snort-dev/snort_new.inc b/config/snort-dev/snort_new.inc
index ffc88348..bba9b93d 100644
--- a/config/snort-dev/snort_new.inc
+++ b/config/snort-dev/snort_new.inc
@@ -61,6 +61,31 @@ if (file_exists('/usr/local/pkg/snort/snortDBtemp')) {
exec('/bin/cp /usr/local/pkg/snort/snortDBtemp /var/snort/snortDBtemp');
}
+/*
+* make dir for the new iface, if iface exists or rule dir has changed redo soft link
+*/
+function snortRulesCreateSoftlink()
+{
+ $newSnortDir = 'sn_' . $_POST['uuid'];
+ $pathToSnortDir = '/usr/local/etc/snort';
+
+ // change the rule path
+ if (is_dir("{$pathToSnortDir}/{$newSnortDir}")) {
+
+ $snortCurrentRuleDbName = snortSql_fetchAllSettings('snortDB', 'snortIfaces', 'uuid', $_POST['uuid']);
+
+ if ($_POST['ruledbname'] !== $snortCurrentRuleDbName['ruledbname'] || !file_exists("{$pathToSnortDir}/{$newSnortDir}/rules")) {
+
+ // NOTE: use full paths or link rm will not work, Freebsd love
+ exec("/bin/rm {$pathToSnortDir}/{$newSnortDir}/rules");
+ exec("/bin/ln -s /usr/local/etc/snort/snortDBrules/DB/{$_POST['ruledbname']}/rules {$pathToSnortDir}/{$newSnortDir}/rules");
+
+ }
+
+ }
+}
+
+
// Wites selected sig to file
function snortSidStringRuleEditGUI()
{