aboutsummaryrefslogtreecommitdiffstats
path: root/config/snort-dev
diff options
context:
space:
mode:
Diffstat (limited to 'config/snort-dev')
-rw-r--r--config/snort-dev/css/style_snort2.css37
-rw-r--r--config/snort-dev/snort_json_get.php2
-rw-r--r--config/snort-dev/snort_new.inc1
-rw-r--r--config/snort-dev/snort_rules_ips.php (renamed from config/snort-dev/snort_ruleset_ips.php)189
4 files changed, 167 insertions, 62 deletions
diff --git a/config/snort-dev/css/style_snort2.css b/config/snort-dev/css/style_snort2.css
index 56fcb833..942f3723 100644
--- a/config/snort-dev/css/style_snort2.css
+++ b/config/snort-dev/css/style_snort2.css
@@ -6,6 +6,43 @@ a {
}
*/
+/* ips tab css */
+
+.nextClickList {
+ margin-bottom: 5px;
+}
+
+.nextClickListColorEven {
+ padding-top: 2px;
+ padding-bottom: 2px;
+ padding-left: 10px;
+ padding-right: 10px;
+ background-color: #ffffff;
+ font-size: 11px;
+ border-bottom-color: #999999;
+ border-bottom-width: 1px;
+ border-bottom-style: solid;
+ border-right-color: #999999;
+ border-right-width: 1px;
+ border-right-style: solid;
+}
+
+.nextClickListColorOdd {
+ padding-top: 2px;
+ padding-bottom: 2px;
+ padding-left: 10px;
+ padding-right: 10px;
+ background-color: #eeeeee;
+ font-size: 11px;
+ border-bottom-color: #999999;
+ border-bottom-width: 1px;
+ border-bottom-style: solid;
+ border-right-color: #999999;
+ border-right-width: 1px;
+ border-right-style: solid;
+}
+
+
#right {
position: relative;
diff --git a/config/snort-dev/snort_json_get.php b/config/snort-dev/snort_json_get.php
index 965ac4de..701e75ae 100644
--- a/config/snort-dev/snort_json_get.php
+++ b/config/snort-dev/snort_json_get.php
@@ -49,7 +49,7 @@ session_start(); // alwaya at the very top of a php page or "Cannot send session
// get json blocls sids
if ($_GET['snortsamjson'] == 1) {
- exec('cat /usr/local/etc/snort/sn_6TPXv7a/rules/dbBlockSplit/splitSidblock' . $_GET['fileid'] . '.block', $output);
+ exec('cat /usr/local/etc/snort/sn_6TPXv7a/rules/dbBlockSplit/splitSidblock_' . $_GET['fileid'] . '.block', $output);
echo $output[0];
}
diff --git a/config/snort-dev/snort_new.inc b/config/snort-dev/snort_new.inc
index bba9b93d..0f6a505f 100644
--- a/config/snort-dev/snort_new.inc
+++ b/config/snort-dev/snort_new.inc
@@ -51,7 +51,6 @@ if(isset($_POST['__csrf_magic'])) {
require_once("config.inc");
require_once("functions.inc");
-
// create and cp to tmp db dir
if (!file_exists('/var/snort/')) {
exec('/bin/mkdir -p /var/snort/');
diff --git a/config/snort-dev/snort_ruleset_ips.php b/config/snort-dev/snort_rules_ips.php
index 18c49b35..a7c845da 100644
--- a/config/snort-dev/snort_ruleset_ips.php
+++ b/config/snort-dev/snort_rules_ips.php
@@ -53,18 +53,17 @@ if (isset($_GET['rdbuuid'])) {
$rdbuuid = $ruledbname_pre1['ruledbname'];
}
-//$a_list = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'uuid', $uuid);
-
-// create dropdown list
-function snortDropDownListJson($list, $setting) {
- foreach ($list as $iday => $iday2) {
-
- echo "\n" . "'<option value=\"{$iday}\""; if($iday == $setting) echo " selected "; echo '>' . htmlspecialchars($iday2) . '</option>\' + "\n" +' . "\r";
-
- }
+if (empty($rdbuuid)) {
+ echo 'ERROR: Missing RDBUUID';
+ exit;
+}
+
+if (isset($_GET['rulefilename'])) {
+ $rulefilename = $_GET['rulefilename'];
+}else{
+ echo 'ERROR: Missing rulefilename';
+ exit;
}
-
- $countGetEnableSidArray = count($getEnableSid);
$pgtitle = "Services: Snort: Ruleset Ips:";
include("/usr/local/pkg/snort/snort_head.inc");
@@ -116,21 +115,6 @@ function snortDropDownListJson($list, $setting) {
<td class="tabnavtbl">
<table width="100%" border="0" cellpadding="6" cellspacing="0">
<!-- START MAIN AREA -->
-
- <tr>
- <td>
- <input id="next" name="next" type="submit" class="formbtn" value=">>" />
- </td>
- <td>
- <a class="getBlockFileNum" href="#" ><span>1</span></a>
- </td>
- <td>
- <a class="getBlockFileNum" href="#" ><span>2</span></a>
- </td>
- <td>
- <input id="prev" name="prev" type="submit" class="formbtn" value="<<" >
- </td>
- </tr>
<table width="100%" border="0" cellpadding="10px" cellspacing="0">
<input type="hidden" name="snortSamSaveSettings" value="1" /> <!-- what to do, save -->
@@ -179,33 +163,116 @@ function snortDropDownListJson($list, $setting) {
jQuery(document).ready(function() {
- jQuery('.getBlockFileNum').live('click', function(){
- jQuery.getJSON("/snort/snort_json_get.php?snortsamjson=1", { fileid: this.text }, function(data) {
- jQuery('.hidemetr').remove();
- makeLargeSidTables(data);
- });
- });
+
+<?php
+
+ /*
+ * Builds Json long string from a snort rules file
+ * Options: $rdbuuid, $rulefilename
+ * Used in Ips Tab
+ */
+ function createSidTmpBlockSpit($rdbuuid, $rulefilename)
+ {
+
+ function getCurrentIpsRuleArray($output)
+ {
+
+ foreach (array_unique($output) as $line)
+ {
+ $newOutput = explode(' # ', $line);
+ $newLine[] = $newOutput;
+ }
+
+ return $newLine;
+ }
+
+ function getSidBlockJsonArray($getEnableSid)
+ {
+
+ if (!empty($getEnableSid)) {
+
+ $i = 0;
+
+ $countSigList = count($getEnableSid);
+ foreach ($getEnableSid as $val3)
+ {
+
+ $i++;
+
+ if ($i == 1) {
+ $main .= '[';
+ }
+
+ if ( $i == $countSigList ) {
+ $main .= '{"sid":"' . escapeJsonString($val3['0']) . '","enable":"' . 'on' . '","who":"' . 'src' . '","timeamount":"' . '15' . '","timetype":"' . 'minutes' . '","msg":"' . escapeJsonString($val3['1']) . '"}';
+ }else{
+ $main .= '{"sid":"' . escapeJsonString($val3['0']) . '","enable":"' . 'on' . '","who":"' . 'src' . '","timeamount":"' . '15' . '","timetype":"' . 'minutes' . '","msg":"' . escapeJsonString($val3['1']) . '"},';
+ }
+
+ if ($i == $countSigList) {
+ $main .= ']';
+ }
+
+ } // END foreach
+
+ return $main;
+
+ } // END of jSON build
+
+ return false;
+
+ }
+
+ exec('rm /usr/local/etc/snort/snortDBrules/DB/' . $rdbuuid . '/rules/dbBlockSplit/*.rules');
+ exec('cp /usr/local/etc/snort/snortDBrules/DB/' . $rdbuuid . '/rules/' . $rulefilename . ' ' . '/usr/local/etc/snort/snortDBrules/DB/' . $rdbuuid . '/rules/dbBlockSplit/' . $rulefilename);
+
+ //$getEnableSidArray = '';
+ exec('perl /usr/local/bin/make_snortsam_map.pl /usr/local/etc/snort/snortDBrules/DB/' . $rdbuuid . '/rules/dbBlockSplit/', $getEnableSidArray);
+
+ return getSidBlockJsonArray(getCurrentIpsRuleArray($getEnableSidArray));
+
+ } // END of build json rule func
+
+ // Build table from json, anf $_GET
+ $getJsonRulefile = createSidTmpBlockSpit($rdbuuid, $rulefilename);
+
+ if (!empty($getJsonRulefile)) {
+ echo 'var getLogJsonRuleFile = ' . $getJsonRulefile . ';';
+ }
+
+?>
- //showLoading('#loadingWaiting');
+// create option list through js
+function createDropdownOptionList(list, opselected) {
- // NOTE: needs to be watched
- // change url on selected dropdown rule
- jQuery('select[name=selectbox]').change(function() {
- window.location.replace(jQuery(this).val());
- });
+ var strOut = '';
+ var selectedOptionON = '';
+ for (var key in list) {
+
+ if (opselected.toUpperCase() == list[key]) {
+ selectedOptionON = 'selected="selected"';
+ }
+
+ strOut = strOut + '<option value="' + list[key] + '" ' + selectedOptionON + '>' + list[key] + '</option>' + "\n";
+ selectedOptionON = '';
+ }
+ return strOut;
+}
function makeLargeSidTables(snortObjlist) {
-
- // disable Row Append if row count is less than 0
+
+ //disable Row Append if row count is less than 0
var countRowAppend = snortObjlist.length;
+ var timeValuePerfList = {"src":"SRC", "dst":"DST", "both":"BOTH"};
+ var timeTypePerfList = {"minutes":"MINUTES", "seconds":"SECONDS", "hours":"HOURS", "days":"DAYS", "weeks":"WEEKS", "months":"MONTHS", "ALWAYS":"ALWAYS"};
+
// if rowcount is not empty do this
if (countRowAppend > 0){
// Break up append row adds by chunks of 300
// NOTE: ie9 is still giving me issues on deleted.rules 6000 sigs. I should break up the json code above into smaller parts.
incrementallyProcess(function (i){
- // loop code goes in here
if (isEven(i) === true){
var rowIsEvenOdd = 'odd_ruleset2';
@@ -227,10 +294,7 @@ function makeLargeSidTables(snortObjlist) {
'<td class="' + rowIsEvenOdd + '" id="sid_' + snortObjlist[i].sid + '" >' + snortObjlist[i].sid + '</td>' + "\n" +
'<td class="' + rowIsEvenOdd + '">' + "\n" +
'<select class="formfld2" id="who_' + snortObjlist[i].sid + '" name="snortsam[db][' + snortObjlist[i].sid + '][who]">' + "\n" +
- <?php
- $memoryPerfList = array('src' => 'SRC', 'dst' => 'DST', 'both' => 'BOTH');
- snortDropDownListJson($memoryPerfList, 'src');
- ?>
+ createDropdownOptionList(timeValuePerfList, snortObjlist[i].who) +
'</select>' + "\n" +
'</td>' + "\n" +
'<td class="' + rowIsEvenOdd + '">' + "\n" +
@@ -238,11 +302,7 @@ function makeLargeSidTables(snortObjlist) {
'</td>' + "\n" +
'<td class="' + rowIsEvenOdd + '">' + "\n" +
'<select class="formfld2" id="timetype_' + snortObjlist[i].sid + '" name="snortsam[db][' + snortObjlist[i].sid + '][timetype]" >' + "\n" +
- <?php
- // 'days', 'months', 'weeks', 'years', 'minutes', 'seconds', 'hours' ALWAYS
- $memoryPerfList = array('minutes' => 'MINUTES', 'seconds' => 'SECONDS', 'hours' => 'HOURS', 'days' => 'DAYS', 'weeks' => 'WEEKS', 'months' => 'MONTHS', 'ALWAYS' => 'ALWAYS', );
- snortDropDownListJson($memoryPerfList, 'days');
- ?>
+ createDropdownOptionList(timeTypePerfList, snortObjlist[i].timetype) +
'</select>' + "\n" +
'</td>' + "\n" +
'<td class="listbg" id="msg_' + snortObjlist[i].sid + '"><font color="white">' + snortObjlist[i].msg + '</font></td>' + "\n" +
@@ -251,27 +311,36 @@ function makeLargeSidTables(snortObjlist) {
},
snortObjlist, // Object to work with the case Json object
- 500, // chunk size
- 200, // how many secs to wait
+ 300, // chunk size
+ 25, // how many secs to wait
function (){
- // if rowcount is more than 300
- if (countRowAppend > 200){
- // call to please wait
hideLoading('#loadingWaiting');
- }
}); // end incrament
} // end of if stopRowAppend
}; // END make table func
+
+ // Build table call
+ function startTableBuild() {
-jQuery.getJSON("/snort/snort_json_get.php?snortsamjson=1", { fileid: "1" }, function(data) {
- jQuery('.hidemetr').remove();
- makeLargeSidTables(data);
-});
+ showLoading('#loadingWaiting');
+ lastTableBuild();
+ }
+ function lastTableBuild() {
+
+ makeLargeSidTables(getLogJsonRuleFile);
+
+ }
+ <?php
+ if (!empty($getJsonRulefile)) {
+ echo 'startTableBuild();';
+ }
+ ?>
+
}); // end of document ready