aboutsummaryrefslogtreecommitdiffstats
path: root/config/snort/snort_rules.php
diff options
context:
space:
mode:
Diffstat (limited to 'config/snort/snort_rules.php')
-rwxr-xr-xconfig/snort/snort_rules.php60
1 files changed, 45 insertions, 15 deletions
diff --git a/config/snort/snort_rules.php b/config/snort/snort_rules.php
index df17efc0..8d9aa6ba 100755
--- a/config/snort/snort_rules.php
+++ b/config/snort/snort_rules.php
@@ -157,12 +157,16 @@ if ($_POST['toggle'] && is_numeric($_POST['sid']) && is_numeric($_POST['gid']) &
$sid = $_POST['sid'];
// See if the target SID is in our list of modified SIDs,
- // and toggle it back to default if present; otherwise,
- // add it to the appropriate modified SID list.
- if (isset($enablesid[$gid][$sid]))
+ // and toggle if present; otherwise, add it to the
+ // appropriate modified SID list.
+ if (isset($enablesid[$gid][$sid])) {
unset($enablesid[$gid][$sid]);
- elseif (isset($disablesid[$gid][$sid]))
+ $disablesid[$gid][$sid] = "disablesid";
+ }
+ elseif (isset($disablesid[$gid][$sid])) {
unset($disablesid[$gid][$sid]);
+ $enablesid[$gid][$sid] = "enablesid";
+ }
else {
if ($rules_map[$gid][$sid]['disabled'] == 1)
$enablesid[$gid][$sid] = "enablesid";
@@ -198,6 +202,10 @@ if ($_POST['toggle'] && is_numeric($_POST['sid']) && is_numeric($_POST['gid']) &
/* Update the config.xml file. */
write_config("Snort pkg: modified state for rule {$gid}:{$sid} on {$a_rule[$id]['interface']}.");
+ // We changed a rule state, remind user to apply the changes
+ mark_subsystem_dirty('snort_rules');
+
+ // Set a scroll-to anchor location
$anchor = "rule_{$gid}_{$sid}";
}
elseif ($_POST['disable_all'] && !empty($rules_map)) {
@@ -237,6 +245,9 @@ elseif ($_POST['disable_all'] && !empty($rules_map)) {
unset($a_rule[$id]['rule_sid_off']);
write_config("Snort pkg: disabled all rules in category {$currentruleset} for {$a_rule[$id]['interface']}.");
+
+ // We changed a rule state, remind user to apply the changes
+ mark_subsystem_dirty('snort_rules');
}
elseif ($_POST['enable_all'] && !empty($rules_map)) {
@@ -274,6 +285,9 @@ elseif ($_POST['enable_all'] && !empty($rules_map)) {
unset($a_rule[$id]['rule_sid_off']);
write_config("Snort pkg: enable all rules in category {$currentruleset} for {$a_rule[$id]['interface']}.");
+
+ // We changed a rule state, remind user to apply the changes
+ mark_subsystem_dirty('snort_rules');
}
elseif ($_POST['resetcategory'] && !empty($rules_map)) {
@@ -313,6 +327,9 @@ elseif ($_POST['resetcategory'] && !empty($rules_map)) {
unset($a_rule[$id]['rule_sid_off']);
write_config("Snort pkg: remove enablesid/disablesid changes for category {$currentruleset} on {$a_rule[$id]['interface']}.");
+
+ // We changed a rule state, remind user to apply the changes
+ mark_subsystem_dirty('snort_rules');
}
elseif ($_POST['resetall'] && !empty($rules_map)) {
@@ -322,9 +339,13 @@ elseif ($_POST['resetall'] && !empty($rules_map)) {
/* Update the config.xml file. */
write_config("Snort pkg: remove all enablesid/disablesid changes for {$a_rule[$id]['interface']}.");
+
+ // We changed a rule state, remind user to apply the changes
+ mark_subsystem_dirty('snort_rules');
}
else if ($_POST['cancel']) {
$pconfig['customrules'] = base64_decode($a_rule[$id]['customrules']);
+ clear_subsystem_dirty('snort_rules');
}
elseif ($_POST['clear']) {
unset($a_rule[$id]['customrules']);
@@ -365,6 +386,8 @@ elseif ($_POST['save']) {
$savemsg = gettext("Custom rules validated successfully and have been saved to the Snort configuration files. ");
$savemsg .= gettext("Any active Snort process on this interface has been signalled to live-load the new rules.");
}
+
+ clear_subsystem_dirty('snort_rules');
}
else if ($_POST['apply']) {
/* Save new configuration */
@@ -382,9 +405,11 @@ else if ($_POST['apply']) {
/* Soft-restart Snort to live-load new rules */
snort_reload_config($a_rule[$id]);
+
+ // We have saved changes and done a soft restart, so clear "dirty" flag
+ clear_subsystem_dirty('snort_rules');
}
-require_once("guiconfig.inc");
include_once("head.inc");
$if_friendly = convert_friendly_interface_to_friendly_descr($a_rule[$id]['interface']);
@@ -411,6 +436,11 @@ if ($savemsg) {
<input type='hidden' name='openruleset' id='openruleset' value='<?=$currentruleset;?>'/>
<input type='hidden' name='sid' id='sid' value=''/>
<input type='hidden' name='gid' id='gid' value=''/>
+
+<?php if (is_subsystem_dirty('snort_rules')): ?><p>
+<?php print_info_box_np(gettext("A change has been made to a rule state.") . "<br/>" . gettext("Click APPLY when finished to send the changes to the running configuration."));?>
+<?php endif; ?>
+
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr><td>
<?php
@@ -570,8 +600,8 @@ if ($savemsg) {
<col axis="string">
</colgroup>
<thead>
- <tr>
- <th class="list">&nbsp;</th>
+ <tr class="sortableHeaderRowIdentifier">
+ <th class="list sorttable_nosort">&nbsp;</th>
<th class="listhdrr"><?php echo gettext("GID"); ?></th>
<th class="listhdrr"><?php echo gettext("SID"); ?></th>
<th class="listhdrr"><?php echo gettext("Proto"); ?></th>
@@ -595,7 +625,7 @@ if ($savemsg) {
$textse = "</span>";
$iconb = "icon_reject_d.gif";
$disable_cnt++;
- $title = gettext("Disabled by user. Click to toggle to default state");
+ $title = gettext("Disabled by user. Click to toggle to enabled state");
}
elseif (($v['disabled'] == 1) && (!isset($enablesid[$gid][$sid]))) {
$textss = "<span class=\"gray\">";
@@ -608,7 +638,7 @@ if ($savemsg) {
$textss = $textse = "";
$iconb = "icon_reject.gif";
$enable_cnt++;
- $title = gettext("Enabled by user. Click to toggle to default state");
+ $title = gettext("Enabled by user. Click to toggle to disabled state");
}
else {
$textss = $textse = "";
@@ -638,7 +668,7 @@ if ($savemsg) {
$message = snort_get_msg($v['rule']); // description field
$sid_tooltip = gettext("View the raw text for this rule");
- echo "<tr><td class=\"listt\" align=\"left\" valign=\"middle\" sorttable_customkey=\"\">{$textss}
+ echo "<tr><td class=\"listt\" align=\"left\" valign=\"middle\">{$textss}
<a id=\"rule_{$gid}_{$sid}\" href=''><input type=\"image\" onClick=\"document.getElementById('sid').value='{$sid}';
document.getElementById('gid').value='{$gid}';\"
src=\"../themes/{$g['theme']}/images/icons/{$iconb}\" width=\"11\" height=\"11\" border=\"0\"
@@ -693,8 +723,8 @@ if ($savemsg) {
<col align="left" axis="string">
</colgroup>
<thead>
- <tr>
- <th class="list">&nbsp;</th>
+ <tr class="sortableHeaderRowIdentifier">
+ <th class="list" sorttable_nosort>&nbsp;</th>
<th class="listhdrr"><?php echo gettext("GID"); ?></th>
<th class="listhdrr"><?php echo gettext("SID"); ?></th>
<th class="listhdrr"><?php echo gettext("Classification"); ?></th>
@@ -714,7 +744,7 @@ if ($savemsg) {
$textse = "</span>";
$iconb = "icon_reject_d.gif";
$disable_cnt++;
- $title = gettext("Disabled by user. Click to toggle to default state");
+ $title = gettext("Disabled by user. Click to toggle to enabled state");
}
elseif (($v['disabled'] == 1) && (!isset($enablesid[$gid][$sid]))) {
$textss = "<span class=\"gray\">";
@@ -727,7 +757,7 @@ if ($savemsg) {
$textss = $textse = "";
$iconb = "icon_reject.gif";
$enable_cnt++;
- $title = gettext("Enabled by user. Click to toggle to default state");
+ $title = gettext("Enabled by user. Click to toggle to disabled state");
}
else {
$textss = $textse = "";
@@ -747,7 +777,7 @@ if ($savemsg) {
else
$policy = "none";
- echo "<tr><td class=\"listt\" align=\"left\" valign=\"middle\" sorttable_customkey=\"\">{$textss}
+ echo "<tr><td class=\"listt\" align=\"left\" valign=\"middle\">{$textss}
<input type=\"image\" onClick=\"document.getElementById('sid').value='{$sid}';
document.getElementById('gid').value='{$gid}';\"
src=\"../themes/{$g['theme']}/images/icons/{$iconb}\" width=\"11\" height=\"11\" border=\"0\"