aboutsummaryrefslogtreecommitdiffstats
path: root/config/snort/snort_rules.php
diff options
context:
space:
mode:
Diffstat (limited to 'config/snort/snort_rules.php')
-rwxr-xr-xconfig/snort/snort_rules.php85
1 files changed, 72 insertions, 13 deletions
diff --git a/config/snort/snort_rules.php b/config/snort/snort_rules.php
index 7457632d..46c3c264 100755
--- a/config/snort/snort_rules.php
+++ b/config/snort/snort_rules.php
@@ -33,7 +33,7 @@
require_once("guiconfig.inc");
require_once("/usr/local/pkg/snort/snort.inc");
-global $g, $flowbit_rules_file;
+global $g, $flowbit_rules_file, $rebuild_rules;
$snortdir = SNORTDIR;
$rules_map = array();
@@ -92,6 +92,11 @@ if (empty($categories[0]) && ($currentruleset != "custom.rules")) {
$currentruleset = "custom.rules";
}
+/* One last sanity check -- if the rules directory is empty, default to loading custom rules */
+$tmp = glob("{$snortdir}/rules/*.rules");
+if (empty($tmp))
+ $currentruleset = "custom.rules";
+
$ruledir = "{$snortdir}/rules";
$rulefile = "{$ruledir}/{$currentruleset}";
if ($currentruleset != 'custom.rules') {
@@ -100,7 +105,7 @@ if ($currentruleset != 'custom.rules') {
if (substr($currentruleset, 0, 10) == "IPS Policy")
$rules_map = snort_load_vrt_policy($a_rule[$id]['ips_policy']);
elseif (!file_exists($rulefile))
- $input_errors[] = "{$currentruleset} seems to be missing!!! Please go to the Category tab and save the rule set again to regenerate it.";
+ $input_errors[] = gettext("{$currentruleset} seems to be missing!!! Please verify rules files have been downloaded, then go to the Categories tab and save the rule set again.");
else
$rules_map = snort_load_rules_map($rulefile);
}
@@ -207,10 +212,22 @@ if ($_GET['act'] == "resetall" && !empty($rules_map)) {
exit;
}
+if ($_POST['clear']) {
+ unset($a_rule[$id]['customrules']);
+ write_config();
+ $rebuild_rules = "on";
+ snort_generate_conf($a_rule[$id]);
+ $rebuild_rules = "off";
+ header("Location: /snort/snort_rules.php?id={$id}&openruleset={$currentruleset}");
+ exit;
+}
+
if ($_POST['customrules']) {
$a_rule[$id]['customrules'] = base64_encode($_POST['customrules']);
write_config();
- sync_snort_package_config();
+ $rebuild_rules = "on";
+ snort_generate_conf($a_rule[$id]);
+ $rebuild_rules = "off";
$output = "";
$retcode = "";
exec("snort -c {$snortdir}/snort_{$snort_uuid}_{$if_real}/snort.conf -T 2>&1", $output, $retcode);
@@ -221,11 +238,31 @@ if ($_POST['customrules']) {
for($i = $start; $i > $end; $i--)
$error .= $output[$i];
$input_errors[] = "Custom rules have errors:\n {$error}";
- } else {
+ }
+ else {
header("Location: /snort/snort_rules.php?id={$id}&openruleset={$currentruleset}");
exit;
}
-} else if ($_POST) {
+}
+
+else if ($_POST['apply']) {
+
+ /* Save new configuration */
+ write_config();
+
+ /*************************************************/
+ /* Update the snort conf file and rebuild the */
+ /* rules for this interface. */
+ /*************************************************/
+ $rebuild_rules = "on";
+ snort_generate_conf($a_rule[$id]);
+ $rebuild_rules = "off";
+
+ /* Return to this same page */
+ header("Location: /snort/snort_rules.php?id={$id}&openruleset={$currentruleset}");
+ exit;
+}
+else if($_POST) {
unset($a_rule[$id]['customrules']);
write_config();
header("Location: /snort/snort_rules.php?id={$id}&openruleset={$currentruleset}");
@@ -274,6 +311,22 @@ function popup(url)
if (window.focus) {newwin.focus()}
return false;
}
+
+function wopen(url, name, w, h)
+{
+// Fudge factors for window decoration space.
+// In my tests these work well on all platforms & browsers.
+w += 32;
+h += 96;
+ var win = window.open(url,
+ name,
+ 'width=' + w + ', height=' + h + ', ' +
+ 'location=no, menubar=no, ' +
+ 'status=no, toolbar=no, scrollbars=yes, resizable=yes');
+ win.resizeTo(w, h);
+ win.focus();
+}
+
</script>
<form action="/snort/snort_rules.php" method="post" name="iform" id="iform">
@@ -346,24 +399,30 @@ function popup(url)
<input type='hidden' name='openruleset' value='custom.rules'>
<input type='hidden' name='id' value='<?=$id;?>'>
- <textarea wrap="on" cols="85" rows="40" name="customrules"><?=$pconfig['customrules'];?></textarea>
+ <textarea wrap="soft" cols="85" rows="40" name="customrules"><?=$pconfig['customrules'];?></textarea>
</td>
<td width="3%" class="list">&nbsp;</td>
</tr>
<tr>
+ <td colspan="9">&nbsp;</td>
+ </tr>
+ <tr>
<td width="3%" class="list">&nbsp;</td>
- <td colspan="7" class="vtable">
- <input name="Submit" type="submit" class="formbtn" value="Save">
- <input type="button" class="formbtn" value="Cancel" onclick="history.back()">
+ <td colspan="7">
+ <input name="Submit" type="submit" class="formbtn" value=" Save ">&nbsp;&nbsp;
+ <input type="button" class="formbtn" value="Cancel" onclick="history.back()">&nbsp;&nbsp;
+ <input name="clear" type="submit" class="formbtn" id="clear" value="Clear" onclick="return confirm('Do you really want to erase all custom rules?')">
</td>
<td width="3%" class="list">&nbsp;</td>
</tr>
<?php else: ?>
<tr>
<td width="3%" class="list">&nbsp;</td>
- <td colspan="7" class="listhdr" >&nbsp;</td>
+ <td colspan="7" class="listhdr" ><input type="submit" name="apply" id="apply" value="Apply Changes" class="formbtn">
+ &nbsp;&nbsp;&nbsp;<?php echo gettext("Click to rebuild the rules with your changes. Snort must be restarted to use the new rules."); ?>
+ <input type='hidden' name='id' value='<?=$id;?>'></td>
<td width="3%" align="center" valign="middle" class="listt"><a href="javascript: void(0)"
- onclick="popup('snort_rules_edit.php?id=<?=$id;?>&openruleset=<?=$currentruleset;?>')">
+ onclick="wopen('snort_rules_edit.php?id=<?=$id;?>&openruleset=<?=$currentruleset;?>','FileViewer',800,600)">
<img src="../themes/<?= $g['theme']; ?>/images/icons/icon_service_restart.gif" <?php
echo "onmouseover='this.src=\"../themes/{$g['theme']}/images/icons/icon_services_restart_mo.gif\"'
onmouseout='this.src=\"../themes/{$g['theme']}/images/icons/icon_service_restart.gif\"' ";?>
@@ -448,8 +507,8 @@ function popup(url)
?>
<td width="3%" align="center" valign="middle" nowrap class="listt">
<a href="javascript: void(0)"
- onclick="popup('snort_rules_edit.php?id=<?=$id;?>&openruleset=<?=$currentruleset;?>&ids=<?=$sid;?>&gid=<?=$gid;?>')"><img
- src="../themes/<?= $g['theme']; ?>/images/icons/icon_right.gif"
+ onclick="wopen('snort_rules_edit.php?id=<?=$id;?>&openruleset=<?=$currentruleset;?>&ids=<?=$sid;?>&gid=<?=$gid;?>','FileViewer',800,600)"><img
+ src="../themes/<?= $g['theme']; ?>/images/icons/icon_right.gif"
title="<?php echo gettext("Click to view rule"); ?>" width="17" height="17" border="0"></a>
<!-- Codes by Quackit.com -->
</td>