diff options
Diffstat (limited to 'config/snort-dev')
-rw-r--r-- | config/snort-dev/javascript/snort_globalsend.js | 6 | ||||
-rw-r--r-- | config/snort-dev/snort_download_rules.inc | 1 | ||||
-rw-r--r-- | config/snort-dev/snort_interfaces_edit.php | 10 | ||||
-rw-r--r-- | config/snort-dev/snort_interfaces_rules.php | 143 | ||||
-rw-r--r-- | config/snort-dev/snort_interfaces_rules_edit.php | 120 | ||||
-rw-r--r-- | config/snort-dev/snort_json_post.php | 35 | ||||
-rw-r--r-- | config/snort-dev/snort_new.inc | 25 |
7 files changed, 230 insertions, 110 deletions
diff --git a/config/snort-dev/javascript/snort_globalsend.js b/config/snort-dev/javascript/snort_globalsend.js index a613dd46..07416a74 100644 --- a/config/snort-dev/javascript/snort_globalsend.js +++ b/config/snort-dev/javascript/snort_globalsend.js @@ -143,7 +143,7 @@ jQuery(document).ready(function() { this.css("top", 70 + "px"); this.css("left", ((jQuery(window).width() - this.outerWidth()) / 2) + jQuery(window).scrollLeft() + "px"); return this; - } + }; //--------------------------- START select all code --------------------------- @@ -372,8 +372,8 @@ jQuery(document).ready(function() { // Clean up Waiting code finnish(); - if (data.snortUnhideTabs === 'true'){ - jQuery('.hide_newtabmenu').show(); + if (data.snortMiscTabCall === 'true'){ + jQuery.fn.miscTabCall(); // call tab misc functions } if (data.snortreset) {location.reload();} // hard refresh diff --git a/config/snort-dev/snort_download_rules.inc b/config/snort-dev/snort_download_rules.inc index df292a94..e6a22477 100644 --- a/config/snort-dev/snort_download_rules.inc +++ b/config/snort-dev/snort_download_rules.inc @@ -206,6 +206,7 @@ function reapplyRuleSettings_run($sidRule_array) // sed -i '' "s/^# \(.*sid:1225;.*\)/\1/" /usr/local/etc/snort/snortDBrules/DB/RAjFYOrC04D6/rules/snort_x11.rules // disable a sid // sed -i '' "s/^\(alert.*sid:1225;.*\)/# \1/" /usr/local/etc/snort/snortDBrules/DB/RAjFYOrC04D6/rules/snort_x11.rules + // grep "^alert.*sid:.*;" rules/emerging-worm.rules | grep -oh "\w*sid:[0-9][^*;]\w*" | awk -F: '{print $2}' } diff --git a/config/snort-dev/snort_interfaces_edit.php b/config/snort-dev/snort_interfaces_edit.php index a501aa34..7d710fe5 100644 --- a/config/snort-dev/snort_interfaces_edit.php +++ b/config/snort-dev/snort_interfaces_edit.php @@ -90,6 +90,12 @@ if (!is_array($a_suppresslist)) { // start a jQuery sand box jQuery(document).ready(function() { + // misc call after a good save + jQuery.fn.miscTabCall = function () { + jQuery('.hide_newtabmenu').show(); + jQuery('#interface').attr("disabled", true); + }; + // START disable option for snort_interfaces_edit.php endis = !(jQuery('input[name=enable]:checked').val()); @@ -229,7 +235,7 @@ jQuery(document).ready(function() { <tr> <td width="22%" valign="top" class="vncellreq2">Interface</td> <td width="78%" class="vtable"> - <select name="interface" class="formfld"> + <select id="interface" name="interface" class="formfld"> <?php /* add group interfaces */ @@ -316,7 +322,7 @@ jQuery(document).ready(function() { foreach ($a_rules as $value) { $selected = ''; - if ($value['uuid'] == $a_list['ruledbname'] && $value['enable'] !== 'off') { + if ($value['uuid'] == $a_list['ruledbname']) { $selected = 'selected'; } diff --git a/config/snort-dev/snort_interfaces_rules.php b/config/snort-dev/snort_interfaces_rules.php index 0cd75e6e..2e2e7732 100644 --- a/config/snort-dev/snort_interfaces_rules.php +++ b/config/snort-dev/snort_interfaces_rules.php @@ -45,6 +45,7 @@ require_once("guiconfig.inc"); require_once("/usr/local/pkg/snort/snort_new.inc"); require_once("/usr/local/pkg/snort/snort_gui.inc"); +$a_rules = array(); $a_rules = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'All', ''); if (!is_array($a_rules)) { @@ -55,6 +56,18 @@ $a_rules = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'All', ''); echo 'Error'; exit(0); } + + // list rules in db that are on in a array + $listOnRules = array(); + $listOnRules = snortSql_fetchAllSettings('snortDB', 'SnortIfaces', 'All', ''); + + foreach ($listOnRules as $listOnRule) + { + + $listUsedRules[] = $listOnRule['ruledbname']; + + } + unset($listOnRules); $pgtitle = "Services: Snort: Rules"; include("/usr/local/pkg/snort/snort_head.inc"); @@ -112,53 +125,90 @@ $a_rules = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'All', ''); </tr> <tr> <td id="tdbggrey"> - <table width="100%" border="0" cellpadding="10px" cellspacing="0"> + <table width="100%" border="0px" cellpadding="10px" cellspacing="0px"> <tr> <td class="tabnavtbl"> - <table width="100%" border="0" cellpadding="6" cellspacing="0"> + <table width="100%" border="0px" cellpadding="0px" cellspacing="0px"> <!-- START MAIN AREA --> - - <tr> <!-- db to lookup --> - <td width="30%" class="listhdrr">File Name</td> - <td width="70%" class="listhdr">Description</td> - <td width="10%" class="list"></td> - </tr> - <?php foreach ($a_rules as $list): ?> - <tr id="maintable_<?=$list['uuid']?>" data-options='{"pagetable":"Snortrules", "pagedb":"snortDBrules", "DoPOST":"true"}' > - <td class="listlr" ondblclick="document.location='snort_interfaces_suppress_edit.php?uuid=<?=$list['uuid'];?>'"><?=$list['ruledbname'];?></td> - <td class="listbg" ondblclick="document.location='snort_interfaces_suppress_edit.php?uuid=<?=$list['uuid'];?>'"> - <font color="#FFFFFF"> <?=htmlspecialchars($list['description']);?> </font> - </td> - <td></td> - <td valign="middle" nowrap class="list"> - <table border="0" cellspacing="0" cellpadding="1"> - <tr> - <td valign="middle"> - <a href="snort_interfaces_rules_edit.php?rdbuuid=<?=$list['uuid'];?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif"width="17" height="17" border="0" title="edit suppress list"></a> - </td> - <td> - <img id="icon_x_<?=$list['uuid'];?>" class="icon_click icon_x" src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="delete list" > - </a> - </td> - </tr> - </table> - </td> - </tr> - <?php $i++; endforeach; ?> - <tr> - <td class="list" colspan="3"></td> - <td class="list"> - <table border="0" cellspacing="0" cellpadding="1"> - <tr> - <td valign="middle" width="17"> </td> - <td valign="middle"><a href="snort_interfaces_rules_edit.php?rdbuuid=<?=genAlphaNumMixFast(11, 12);?> "><img src="/themes/nervecenter/images/icons/icon_plus.gif" width="17" height="17" border="0" title="add a new list"></a></td> - </tr> - </table> - </td> + + <table width="94%"> + <tr > <!-- db to lookup --> + <td width="32%" class="listhdrr">File Name</td> + <td width="68%" class="listhdr">Description</td> </tr> - </table> - </td> - </tr> + </table> + + <table width="100%"> + + + + <table width="100%" > + + + <tr id="maintable_default" data-options='{"pagetable":"Snortrules", "pagedb":"snortDBrules", "DoPOST":"true"}' > + <td class="listlr" width="32%" ondblclick="document.location='snort_interfaces_rules_edit.php?rdbuuid=default'">Default</td> + <td class="listbg" width="68%" ondblclick="document.location='snort_interfaces_rules_edit.php?rdbuuid=default'"> + <font color="#FFFFFF">Default rule database </font> + </td> + + <td valign="middle" nowrap class="list"> + <table border="0" cellspacing="0" cellpadding="1"> + <tr> + <td valign="middle"> + <a href="snort_interfaces_rules_edit.php?rdbuuid=default"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif"width="17" height="17" border="0" title="edit database"></a> + </td> + <td> + <img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" border="0" title="delete database" > + </td> + </tr> + </table> + </td> + </tr> + + + <?php foreach ($a_rules as $list): ?> + + <?php + if (in_array($list['uuid'], $listUsedRules)) { + $deleteObject = '<img src="/themes/' . $g['theme'] . '/images/icons/icon_x_d.gif" width="17" height="17" border="0" title="delete database" >'; + }else{ + $deleteObject = '<img id="icon_x_' . $list['uuid'] . '" class="icon_click icon_x" src="/themes/' . $g['theme'] . '/images/icons/icon_x.gif" width="17" height="17" border="0" title="delete database" >'; + } + ?> + + <tr id="maintable_<?=$list['uuid']?>" data-options='{"pagetable":"Snortrules", "pagedb":"snortDBrules", "DoPOST":"true"}' > + <td class="listlr" width="32%" ondblclick="document.location='snort_interfaces_rules_edit.php?rdbuuid=<?=$list['uuid'];?>'"><?=$list['ruledbname'];?></td> + <td class="listbg" width="68%" ondblclick="document.location='snort_interfaces_rules_edit.php?rdbuuid=<?=$list['uuid'];?>'"> + <font color="#FFFFFF"> <?=htmlspecialchars($list['description']);?> </font> + </td> + + <td valign="middle" nowrap class="list"> + <table border="0" cellspacing="0" cellpadding="1"> + <tr> + <td valign="middle"> + <a href="snort_interfaces_rules_edit.php?rdbuuid=<?=$list['uuid'];?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif"width="17" height="17" border="0" title="edit database"></a> + </td> + <td> + <?=$deleteObject; ?> + </td> + </tr> + </table> + </td> + + </tr> + <?php $i++; endforeach; ?> + + </table> + + <table width="100%"> + <tr> + <td class="list" width="97%" valign="middle" width="17"> </td> + <td width="3%" ></td> + <td class="list" valign="middle"><a href="snort_interfaces_rules_edit.php?rdbuuid=<?=genAlphaNumMixFast(11, 12);?> "><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="add a new database"></a></td> + </tr> + </table > + + </table> <!-- STOP MAIN AREA --> </table> @@ -178,8 +228,11 @@ $a_rules = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'All', ''); <span class="vexpl"> <span class="red"><strong>Note:</strong></span> <p><span class="vexpl"> - Here you can create rule databases that can be used on multiple interfaces.<br> - Please note that you must restart a running rule so that changes can take effect.<br> + Here you can create rule databases that can be used on multiple interfaces.<br><br> + + Please note that you must restart a running rule so that changes can take effect.<br><br> + + You may only delete rule databases that are not asigned to an interface.<br> </span></p> </td> </table> diff --git a/config/snort-dev/snort_interfaces_rules_edit.php b/config/snort-dev/snort_interfaces_rules_edit.php index 6fa1c60d..6cc7dbb0 100644 --- a/config/snort-dev/snort_interfaces_rules_edit.php +++ b/config/snort-dev/snort_interfaces_rules_edit.php @@ -45,11 +45,6 @@ require_once("guiconfig.inc"); require_once("/usr/local/pkg/snort/snort_new.inc"); require_once("/usr/local/pkg/snort/snort_gui.inc"); -// set page vars -if (isset($_GET['uuid'])) { - $uuid = $_GET['uuid']; -} - if (isset($_GET['rdbuuid'])) { $rdbuuid = $_GET['rdbuuid']; }else{ @@ -57,33 +52,88 @@ if (isset($_GET['rdbuuid'])) { $rdbuuid = $ruledbname_pre1['ruledbname']; } -$a_list = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'uuid', $rdbuuid); +if ($rdbuuid !== 'default') { + $a_list = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'uuid', $rdbuuid); + + // $a_list returns empty use defaults + if ($a_list == '') { + + $a_list = array( + 'id' => '', + 'date' => date(U), + 'uuid' => $rdbuuid, + 'ruledbname' => '', + 'description' => '' + + ); + + } -// $a_list returns empty use defaults -if ($a_list == '') -{ - - $a_list = array( - 'id' => '', - 'date' => date(U), - 'uuid' => $rdbuuid, - 'ruledbnamename' => '', - 'description' => '' +} + +if ($rdbuuid === 'default') { + + // $a_list returns empty use defaults + if ($a_list == '') { + + $a_list = array( + 'id' => '1', + 'date' => date(U), + 'uuid' => $rdbuuid, + 'ruledbname' => 'default', + 'description' => 'Default database' + + ); + + } - ); - } +if ( !empty($a_list['id']) ) { + $disabled = 'disabled="disabled"'; +}else{ + $disabled = ''; +} +if ( $rdbuuid === 'default' ) { + $disabled_ckbox = 'disabled="disabled"'; +}else{ + $disabled_ckbox = ''; +} $pgtitle = 'Services: Snort: Rules: Edit: ' . $rdbuuid; include('/usr/local/pkg/snort/snort_head.inc'); ?> - - + +<!-- START page custom script --> +<script language="JavaScript"> + +// start a jQuery sand box +jQuery(document).ready(function() { + + // misc call after a good save + jQuery.fn.miscTabCall = function () { + jQuery('.hide_newtabmenu').show(); + jQuery('#ruledbname').attr("disabled", true); + }; + + <?php + // disable tabs if nothing in database + if ($a_list['id'] == '') { + echo ' + jQuery(\'.hide_newtabmenu\').hide(); + '; + } + ?> + + +}); // end of on ready + +</script> + <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <!-- loading msg --> @@ -134,7 +184,7 @@ if ($a_list == '') <td> <div class="newtabmenu" style="margin: 1px 0px; width: 775px;"><!-- Tabbed bar code--> <ul class="newtabmenu"> - <li class="hide_newtabmenu newtabmenu_active"><a href="/snort/snort_interfaces_rules.php?rdbuuid=<?=$rdbuuid;?>"><span>Rules DB Edit</span></a></li> + <li class="newtabmenu_active"><a href="/snort/snort_interfaces_rules_edit.php?rdbuuid=<?=$rdbuuid;?>"><span>Rules DB Edit</span></a></li> <li class="hide_newtabmenu"><a href="/snort/snort_rulesets.php?rdbuuid=<?=$rdbuuid;?>"><span>Categories</span></a></li> <li class="hide_newtabmenu"><a href="/snort/snort_rules.php?rdbuuid=<?=$rdbuuid;?>"><span>Rules</span></a></li> </ul> @@ -162,26 +212,18 @@ if ($a_list == '') <table width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> <td colspan="2" valign="top" class="listtopic">Add the name and description of the rule DB</td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq2">RuleDB</td> - <td width="22%" valign="top" class="vtable"> - - <input name="enable" type="checkbox" value="on" <?=$ifaceEnabled = $a_list['enable'] == 'on' || $a_list['enable'] == '' ? 'checked' : '';?> "> - <span class="vexpl">Enable or Disable</span> - </td> - </tr> + </tr> <tr> <td valign="top" class="vncellreq2">Name</td> <td class="vtable"> - <input class="formfld2" name="ruledbname" type="text" id="ruledbname" size="40" value="<?=$a_list['ruledbname'] ?>" /> <br /> + <input class="formfld2" name="ruledbname" type="text" id="ruledbname" size="40" value="<?=$a_list['ruledbname'] ?>" <?=$disabled?> /> <br /> <span class="vexpl"> The list name may only consist of the characters a-z, A-Z and 0-9. <span class="red">Note: </span> No Spaces. </span> </td> </tr> <tr> <td width="22%" valign="top" class="vncell2">Description</td> <td width="78%" class="vtable"> - <input class="formfld2" name="description" type="text" id="description" size="40" value="<?=$a_list['description'] ?>" /> <br /> + <input class="formfld2" name="description" type="text" id="description" size="40" value="<?=$a_list['description'] ?>" <?=$disabled_ckbox?> /> <br /> <span class="vexpl"> You may enter a description here for your reference (not parsed). </span> </td> </tr> @@ -197,10 +239,16 @@ if ($a_list == '') </tr> </table> <tr> - <td style="padding-left: 10px;"> - <input name="Submit" type="submit" class="formbtn" value="Save"> - <input id="cancel" type="button" class="formbtn" value="Cancel"> - </td> + <?php + if ($rdbuuid !== 'default') { + echo ' + <td style="padding-left: 10px;"> + <input name="Submit" type="submit" class="formbtn" value="Save" > + <input id="cancel" type="button" class="formbtn" value="Cancel" > + </td> + '; + } + ?> </tr> </form> diff --git a/config/snort-dev/snort_json_post.php b/config/snort-dev/snort_json_post.php index 986493b5..359dd23a 100644 --- a/config/snort-dev/snort_json_post.php +++ b/config/snort-dev/snort_json_post.php @@ -54,7 +54,7 @@ if(isset($_POST['__csrf_magic'])) { function snortJsonReturnCode($returnStatus) { if ($returnStatus == true) { - echo '{"snortgeneralsettings":"success","snortUnhideTabs":"true"}'; + echo '{"snortgeneralsettings":"success","snortMiscTabCall":"true"}'; return true; }else{ echo '{"snortgeneralsettings":"fail"}'; @@ -250,29 +250,16 @@ if ($_POST['snortSaveSettings'] == 1) { * make dir for the new iface, if iface exists or rule dir has changed redo soft link * may need to move this as a func to new_snort.inc */ - - $newSnortDir = 'sn_' . $_POST['uuid']; - $pathToSnortDir = '/usr/local/etc/snort'; - - // creat iface dir and ifcae rules dir - if (!is_dir("{$pathToSnortDir}/{$newSnortDir}")) { - createNewIfaceDir($pathToSnortDir, $newSnortDir); - } //end of mkdir - - // change the rule path - if (is_dir("{$pathToSnortDir}/{$newSnortDir}")) { - - $snortCurrentRuleDbName = snortSql_fetchAllSettings('snortDB', 'snortIfaces', 'uuid', $_POST['uuid']); - - if ($_POST['ruledbname'] !== $snortCurrentRuleDbName['ruledbname'] || !file_exists("{$pathToSnortDir}/{$newSnortDir}/rules")) { - - // NOTE: use full paths or link rm will not work, Freebsd love - exec("/bin/rm {$pathToSnortDir}/{$newSnortDir}/rules"); - exec("/bin/ln -s /usr/local/etc/snort/snortDBrules/DB/{$_POST['ruledbname']}/rules {$pathToSnortDir}/{$newSnortDir}/rules"); - - } - - } + $newSnortDir = 'sn_' . $_POST['uuid']; + $pathToSnortDir = '/usr/local/etc/snort'; + + // creat iface dir and ifcae rules dir + if (!is_dir("{$pathToSnortDir}/{$newSnortDir}")) { + createNewIfaceDir($pathToSnortDir, $newSnortDir); + } //end of mkdir + + snortRulesCreateSoftlink(); + } SnortIfaces_Snort_Interfaces_edit(); diff --git a/config/snort-dev/snort_new.inc b/config/snort-dev/snort_new.inc index ffc88348..bba9b93d 100644 --- a/config/snort-dev/snort_new.inc +++ b/config/snort-dev/snort_new.inc @@ -61,6 +61,31 @@ if (file_exists('/usr/local/pkg/snort/snortDBtemp')) { exec('/bin/cp /usr/local/pkg/snort/snortDBtemp /var/snort/snortDBtemp'); } +/* +* make dir for the new iface, if iface exists or rule dir has changed redo soft link +*/ +function snortRulesCreateSoftlink() +{ + $newSnortDir = 'sn_' . $_POST['uuid']; + $pathToSnortDir = '/usr/local/etc/snort'; + + // change the rule path + if (is_dir("{$pathToSnortDir}/{$newSnortDir}")) { + + $snortCurrentRuleDbName = snortSql_fetchAllSettings('snortDB', 'snortIfaces', 'uuid', $_POST['uuid']); + + if ($_POST['ruledbname'] !== $snortCurrentRuleDbName['ruledbname'] || !file_exists("{$pathToSnortDir}/{$newSnortDir}/rules")) { + + // NOTE: use full paths or link rm will not work, Freebsd love + exec("/bin/rm {$pathToSnortDir}/{$newSnortDir}/rules"); + exec("/bin/ln -s /usr/local/etc/snort/snortDBrules/DB/{$_POST['ruledbname']}/rules {$pathToSnortDir}/{$newSnortDir}/rules"); + + } + + } +} + + // Wites selected sig to file function snortSidStringRuleEditGUI() { |