diff options
Diffstat (limited to 'config/snort-dev')
-rw-r--r-- | config/snort-dev/css/style_snort2.css | 37 | ||||
-rw-r--r-- | config/snort-dev/snort_json_get.php | 2 | ||||
-rw-r--r-- | config/snort-dev/snort_new.inc | 1 | ||||
-rw-r--r-- | config/snort-dev/snort_rules_ips.php (renamed from config/snort-dev/snort_ruleset_ips.php) | 189 |
4 files changed, 167 insertions, 62 deletions
diff --git a/config/snort-dev/css/style_snort2.css b/config/snort-dev/css/style_snort2.css index 56fcb833..942f3723 100644 --- a/config/snort-dev/css/style_snort2.css +++ b/config/snort-dev/css/style_snort2.css @@ -6,6 +6,43 @@ a { } */ +/* ips tab css */ + +.nextClickList { + margin-bottom: 5px; +} + +.nextClickListColorEven { + padding-top: 2px; + padding-bottom: 2px; + padding-left: 10px; + padding-right: 10px; + background-color: #ffffff; + font-size: 11px; + border-bottom-color: #999999; + border-bottom-width: 1px; + border-bottom-style: solid; + border-right-color: #999999; + border-right-width: 1px; + border-right-style: solid; +} + +.nextClickListColorOdd { + padding-top: 2px; + padding-bottom: 2px; + padding-left: 10px; + padding-right: 10px; + background-color: #eeeeee; + font-size: 11px; + border-bottom-color: #999999; + border-bottom-width: 1px; + border-bottom-style: solid; + border-right-color: #999999; + border-right-width: 1px; + border-right-style: solid; +} + + #right { position: relative; diff --git a/config/snort-dev/snort_json_get.php b/config/snort-dev/snort_json_get.php index 965ac4de..701e75ae 100644 --- a/config/snort-dev/snort_json_get.php +++ b/config/snort-dev/snort_json_get.php @@ -49,7 +49,7 @@ session_start(); // alwaya at the very top of a php page or "Cannot send session // get json blocls sids if ($_GET['snortsamjson'] == 1) { - exec('cat /usr/local/etc/snort/sn_6TPXv7a/rules/dbBlockSplit/splitSidblock' . $_GET['fileid'] . '.block', $output); + exec('cat /usr/local/etc/snort/sn_6TPXv7a/rules/dbBlockSplit/splitSidblock_' . $_GET['fileid'] . '.block', $output); echo $output[0]; } diff --git a/config/snort-dev/snort_new.inc b/config/snort-dev/snort_new.inc index bba9b93d..0f6a505f 100644 --- a/config/snort-dev/snort_new.inc +++ b/config/snort-dev/snort_new.inc @@ -51,7 +51,6 @@ if(isset($_POST['__csrf_magic'])) { require_once("config.inc"); require_once("functions.inc"); - // create and cp to tmp db dir if (!file_exists('/var/snort/')) { exec('/bin/mkdir -p /var/snort/'); diff --git a/config/snort-dev/snort_ruleset_ips.php b/config/snort-dev/snort_rules_ips.php index 18c49b35..a7c845da 100644 --- a/config/snort-dev/snort_ruleset_ips.php +++ b/config/snort-dev/snort_rules_ips.php @@ -53,18 +53,17 @@ if (isset($_GET['rdbuuid'])) { $rdbuuid = $ruledbname_pre1['ruledbname']; } -//$a_list = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'uuid', $uuid); - -// create dropdown list -function snortDropDownListJson($list, $setting) { - foreach ($list as $iday => $iday2) { - - echo "\n" . "'<option value=\"{$iday}\""; if($iday == $setting) echo " selected "; echo '>' . htmlspecialchars($iday2) . '</option>\' + "\n" +' . "\r"; - - } +if (empty($rdbuuid)) { + echo 'ERROR: Missing RDBUUID'; + exit; +} + +if (isset($_GET['rulefilename'])) { + $rulefilename = $_GET['rulefilename']; +}else{ + echo 'ERROR: Missing rulefilename'; + exit; } - - $countGetEnableSidArray = count($getEnableSid); $pgtitle = "Services: Snort: Ruleset Ips:"; include("/usr/local/pkg/snort/snort_head.inc"); @@ -116,21 +115,6 @@ function snortDropDownListJson($list, $setting) { <td class="tabnavtbl"> <table width="100%" border="0" cellpadding="6" cellspacing="0"> <!-- START MAIN AREA --> - - <tr> - <td> - <input id="next" name="next" type="submit" class="formbtn" value=">>" /> - </td> - <td> - <a class="getBlockFileNum" href="#" ><span>1</span></a> - </td> - <td> - <a class="getBlockFileNum" href="#" ><span>2</span></a> - </td> - <td> - <input id="prev" name="prev" type="submit" class="formbtn" value="<<" > - </td> - </tr> <table width="100%" border="0" cellpadding="10px" cellspacing="0"> <input type="hidden" name="snortSamSaveSettings" value="1" /> <!-- what to do, save --> @@ -179,33 +163,116 @@ function snortDropDownListJson($list, $setting) { jQuery(document).ready(function() { - jQuery('.getBlockFileNum').live('click', function(){ - jQuery.getJSON("/snort/snort_json_get.php?snortsamjson=1", { fileid: this.text }, function(data) { - jQuery('.hidemetr').remove(); - makeLargeSidTables(data); - }); - }); + +<?php + + /* + * Builds Json long string from a snort rules file + * Options: $rdbuuid, $rulefilename + * Used in Ips Tab + */ + function createSidTmpBlockSpit($rdbuuid, $rulefilename) + { + + function getCurrentIpsRuleArray($output) + { + + foreach (array_unique($output) as $line) + { + $newOutput = explode(' # ', $line); + $newLine[] = $newOutput; + } + + return $newLine; + } + + function getSidBlockJsonArray($getEnableSid) + { + + if (!empty($getEnableSid)) { + + $i = 0; + + $countSigList = count($getEnableSid); + foreach ($getEnableSid as $val3) + { + + $i++; + + if ($i == 1) { + $main .= '['; + } + + if ( $i == $countSigList ) { + $main .= '{"sid":"' . escapeJsonString($val3['0']) . '","enable":"' . 'on' . '","who":"' . 'src' . '","timeamount":"' . '15' . '","timetype":"' . 'minutes' . '","msg":"' . escapeJsonString($val3['1']) . '"}'; + }else{ + $main .= '{"sid":"' . escapeJsonString($val3['0']) . '","enable":"' . 'on' . '","who":"' . 'src' . '","timeamount":"' . '15' . '","timetype":"' . 'minutes' . '","msg":"' . escapeJsonString($val3['1']) . '"},'; + } + + if ($i == $countSigList) { + $main .= ']'; + } + + } // END foreach + + return $main; + + } // END of jSON build + + return false; + + } + + exec('rm /usr/local/etc/snort/snortDBrules/DB/' . $rdbuuid . '/rules/dbBlockSplit/*.rules'); + exec('cp /usr/local/etc/snort/snortDBrules/DB/' . $rdbuuid . '/rules/' . $rulefilename . ' ' . '/usr/local/etc/snort/snortDBrules/DB/' . $rdbuuid . '/rules/dbBlockSplit/' . $rulefilename); + + //$getEnableSidArray = ''; + exec('perl /usr/local/bin/make_snortsam_map.pl /usr/local/etc/snort/snortDBrules/DB/' . $rdbuuid . '/rules/dbBlockSplit/', $getEnableSidArray); + + return getSidBlockJsonArray(getCurrentIpsRuleArray($getEnableSidArray)); + + } // END of build json rule func + + // Build table from json, anf $_GET + $getJsonRulefile = createSidTmpBlockSpit($rdbuuid, $rulefilename); + + if (!empty($getJsonRulefile)) { + echo 'var getLogJsonRuleFile = ' . $getJsonRulefile . ';'; + } + +?> - //showLoading('#loadingWaiting'); +// create option list through js +function createDropdownOptionList(list, opselected) { - // NOTE: needs to be watched - // change url on selected dropdown rule - jQuery('select[name=selectbox]').change(function() { - window.location.replace(jQuery(this).val()); - }); + var strOut = ''; + var selectedOptionON = ''; + for (var key in list) { + + if (opselected.toUpperCase() == list[key]) { + selectedOptionON = 'selected="selected"'; + } + + strOut = strOut + '<option value="' + list[key] + '" ' + selectedOptionON + '>' + list[key] + '</option>' + "\n"; + selectedOptionON = ''; + } + return strOut; +} function makeLargeSidTables(snortObjlist) { - - // disable Row Append if row count is less than 0 + + //disable Row Append if row count is less than 0 var countRowAppend = snortObjlist.length; + var timeValuePerfList = {"src":"SRC", "dst":"DST", "both":"BOTH"}; + var timeTypePerfList = {"minutes":"MINUTES", "seconds":"SECONDS", "hours":"HOURS", "days":"DAYS", "weeks":"WEEKS", "months":"MONTHS", "ALWAYS":"ALWAYS"}; + // if rowcount is not empty do this if (countRowAppend > 0){ // Break up append row adds by chunks of 300 // NOTE: ie9 is still giving me issues on deleted.rules 6000 sigs. I should break up the json code above into smaller parts. incrementallyProcess(function (i){ - // loop code goes in here if (isEven(i) === true){ var rowIsEvenOdd = 'odd_ruleset2'; @@ -227,10 +294,7 @@ function makeLargeSidTables(snortObjlist) { '<td class="' + rowIsEvenOdd + '" id="sid_' + snortObjlist[i].sid + '" >' + snortObjlist[i].sid + '</td>' + "\n" + '<td class="' + rowIsEvenOdd + '">' + "\n" + '<select class="formfld2" id="who_' + snortObjlist[i].sid + '" name="snortsam[db][' + snortObjlist[i].sid + '][who]">' + "\n" + - <?php - $memoryPerfList = array('src' => 'SRC', 'dst' => 'DST', 'both' => 'BOTH'); - snortDropDownListJson($memoryPerfList, 'src'); - ?> + createDropdownOptionList(timeValuePerfList, snortObjlist[i].who) + '</select>' + "\n" + '</td>' + "\n" + '<td class="' + rowIsEvenOdd + '">' + "\n" + @@ -238,11 +302,7 @@ function makeLargeSidTables(snortObjlist) { '</td>' + "\n" + '<td class="' + rowIsEvenOdd + '">' + "\n" + '<select class="formfld2" id="timetype_' + snortObjlist[i].sid + '" name="snortsam[db][' + snortObjlist[i].sid + '][timetype]" >' + "\n" + - <?php - // 'days', 'months', 'weeks', 'years', 'minutes', 'seconds', 'hours' ALWAYS - $memoryPerfList = array('minutes' => 'MINUTES', 'seconds' => 'SECONDS', 'hours' => 'HOURS', 'days' => 'DAYS', 'weeks' => 'WEEKS', 'months' => 'MONTHS', 'ALWAYS' => 'ALWAYS', ); - snortDropDownListJson($memoryPerfList, 'days'); - ?> + createDropdownOptionList(timeTypePerfList, snortObjlist[i].timetype) + '</select>' + "\n" + '</td>' + "\n" + '<td class="listbg" id="msg_' + snortObjlist[i].sid + '"><font color="white">' + snortObjlist[i].msg + '</font></td>' + "\n" + @@ -251,27 +311,36 @@ function makeLargeSidTables(snortObjlist) { }, snortObjlist, // Object to work with the case Json object - 500, // chunk size - 200, // how many secs to wait + 300, // chunk size + 25, // how many secs to wait function (){ - // if rowcount is more than 300 - if (countRowAppend > 200){ - // call to please wait hideLoading('#loadingWaiting'); - } }); // end incrament } // end of if stopRowAppend }; // END make table func + + // Build table call + function startTableBuild() { -jQuery.getJSON("/snort/snort_json_get.php?snortsamjson=1", { fileid: "1" }, function(data) { - jQuery('.hidemetr').remove(); - makeLargeSidTables(data); -}); + showLoading('#loadingWaiting'); + lastTableBuild(); + } + function lastTableBuild() { + + makeLargeSidTables(getLogJsonRuleFile); + + } + <?php + if (!empty($getJsonRulefile)) { + echo 'startTableBuild();'; + } + ?> + }); // end of document ready |