diff options
Diffstat (limited to 'config/snort/snort_rules_edit.php')
-rw-r--r-- | config/snort/snort_rules_edit.php | 138 |
1 files changed, 72 insertions, 66 deletions
diff --git a/config/snort/snort_rules_edit.php b/config/snort/snort_rules_edit.php index bac04f68..330630f4 100644 --- a/config/snort/snort_rules_edit.php +++ b/config/snort/snort_rules_edit.php @@ -1,6 +1,6 @@ <?php /* - system_edit.php + snort_rules_edit.php Copyright (C) 2004, 2005 Scott Ullrich Copyright (C) 2011 Ermal Luci All rights reserved. @@ -44,8 +44,6 @@ require_once("/usr/local/pkg/snort/snort_gui.inc"); if (!is_array($config['installedpackages']['snortglobal']['rule'])) { $config['installedpackages']['snortglobal']['rule'] = array(); } - -//nat_rules_sort(); $a_nat = &$config['installedpackages']['snortglobal']['rule']; $id = $_GET['id']; @@ -64,55 +62,69 @@ if (isset($id) && $a_nat[$id]) { //get rule id $lineid = $_GET['ids']; +if (isset($_POST['ids'])) + $lineid = $_POST['ids']; $file = $_GET['openruleset']; +if (isset($_POST['openruleset'])) + $file = $_POST['openruleset']; + //read file into string, and get filesize also chk for empty files -if (filesize($file) > 0 ) { - $contents2 = file_get_contents($file); -}else{ - $contents2 = ''; -} +$contents = ''; +if (filesize($file) > 0 ) + $contents = file_get_contents($file); //delimiter for each new rule is a new line $delimiter = "\n"; //split the contents of the string file into an array using the delimiter -$splitcontents = explode($delimiter, $contents2); - -if ($_POST) { - if($_POST['highlight'] <> "") { - if($_POST['highlight'] == "yes" or - $_POST['highlight'] == "enabled") { - $highlight = "yes"; - } else { - $highlight = "no"; - } - } else { - $highlight = "no"; +$splitcontents = explode($delimiter, $contents); +$findme = "# alert"; //find string for disabled alerts +$highlight = "yes"; +if (strstr($splitcontents[$lineid], $findme)) + $highlight = "no"; +if ($highlight == "no") + $splitcontents[$lineid] = substr($splitcontents[$lineid], 2); + +if (!function_exists('get_middle')) { + function get_middle($source, $beginning, $ending, $init_pos) { + $beginning_pos = strpos($source, $beginning, $init_pos); + $middle_pos = $beginning_pos + strlen($beginning); + $ending_pos = strpos($source, $ending, $beginning_pos); + $middle = substr($source, $middle_pos, $ending_pos - $middle_pos); + return $middle; } +} - if($_POST['rows'] <> "") - $rows = $_POST['rows']; - else - $rows = 1; - - if($_POST['cols'] <> "") - $cols = $_POST['cols']; - else - $cols = 66; - +if ($_POST) { if ($_POST['save']) { - /* get the changes */ - $rule_content2 = $_POST['code']; - //copy string into file array for writing - $splitcontents[$lineid] = $rule_content2; + if ($_POST['highlight'] == "yes") + $splitcontents[$lineid] = $_POST['code']; + else + $splitcontents[$lineid] = "# " . $_POST['code']; + + //write disable/enable sid to config.xml + $sid = get_middle($splitcontents[$lineid], 'sid:', ';', 0); + if (is_numeric($sid)) { + // rule_sid_on registers + if (!empty($a_nat[$id]['rule_sid_on'])) + $a_nat[$id]['rule_sid_on'] = str_replace("||enablesid $sid", "", $a_nat[$id]['rule_sid_on']); + if (!empty($a_nat[$id]['rule_sid_on'])) + $a_nat[$id]['rule_sid_off'] = str_replace("||disablesid $sid", "", $a_nat[$id]['rule_sid_off']); + if ($_POST['highlight'] == "yes") + $a_nat[$id]['rule_sid_on'] = "||enablesid $sid" . $a_nat[$id]['rule_sid_on']; + else + $a_nat[$id]['rule_sid_off'] = "||disablesid $sid" . $a_nat[$id]['rule_sid_off']; + } //write the new .rules file @file_put_contents($file, implode($delimiter, $splitcontents)); - echo "<script> window.close(); </script>"; + write_config(); + + echo "<script> opener.window.location.reload(); window.close(); </script>"; exit; } } @@ -124,18 +136,20 @@ $pgtitle = array(gettext("Advanced"), gettext("File Editor")); <?php include("head.inc");?> <body link="#000000" vlink="#000000" alink="#000000"> +<form action="snort_rules_edit.php" method="post"> + <?php if ($savemsg) print_info_box($savemsg); ?> <table width="100%" border="0" cellpadding="0" cellspacing="0"> - <tr> - <td class="tabcont"> - <form action="snort_rules_edit.php?id=<?=$id; ?>&openruleset=<?=$file; ?>&ids=<?=$ids; ?>" method="post"> +<tr> + <td class="tabcont"> + - <?php if ($savemsg) print_info_box($savemsg); - if ($file != '/usr/local/etc/snort/snort_update.log'): - ?> <table width="100%" cellpadding="9" cellspacing="9" bgcolor="#eeeeee"> <tr> <td> <input name="save" type="submit" class="formbtn" id="save" value="save" /> + <input type='hidden' name='id' value='<?=$id;?>' /> + <input type='hidden' name='ids' value='<?=$ids;?>' /> + <input type='hidden' name='openruleset' value='<?=$file;?>' /> <input type="button" class="formbtn" value="Cancel" onclick="window.close()"> <hr noshade="noshade" /> Disable original rule :<br/> @@ -146,37 +160,29 @@ $pgtitle = array(gettext("Advanced"), gettext("File Editor")); <label for="highlighting_disabled"> <?=gettext("Disabled");?></label> </td> </tr> - </table> - <table width="100%"> + <tr> + <td valign="top" class="label"> + <textarea wrap="off" style="width: 98%; margin: 7px;" + class="<?php echo $language; ?>:showcolumns" rows="3" + cols="66" name="code"><?=$splitcontents[$lineid];?></textarea> + </div> + </td> + </tr> <tr> <td valign="top" class="label"> - <div style="background: #eeeeee;" id="textareaitem"> - <!-- NOTE: The opening *and* the closing textarea tag must be on the same line. --> - <textarea wrap="off" style="width: 98%; margin: 7px;" class="<?=$language;?>:showcolumns" rows="<?=$rows;?>" cols="<?=$cols;?>" name="code"> - <?=$tempstring;?> </textarea> - </div> + <div style="background: #eeeeee;" id="textareaitem"><!-- NOTE: The opening *and* the closing textarea tag must be on the same line. --> + <textarea disabled + wrap="off" style="width: 98%; margin: 7px;" + class="<?php echo $language; ?>:showcolumns" rows="33" + cols="66" name="code2"><?=$contents;?></textarea> + </div> </td> </tr> </table> - <?php endif; ?> - <table width='100%'> - <tr> - <td valign="top" class="label"> - <div style="background: #eeeeee;" id="textareaitem"><!-- NOTE: The opening *and* the closing textarea tag must be on the same line. --> - <textarea - <? if ($file != '/usr/local/etc/snort/snort_update.log') { echo 'disabled'; } ?> - wrap="off" style="width: 98%; margin: 7px;" - class="<?php echo $language; ?>:showcolumns" rows="33" - cols="<?=$cols;?>" name="code2"><?=$contents2;?></textarea> - </div> - </td> - </tr> - </table> - <? echo "$file\n"; ?></td> - </tr> + </td> +</tr> </table> - +</form> <?php include("fend.inc");?> - </body> </html> |