aboutsummaryrefslogtreecommitdiffstats
path: root/config/snort
diff options
context:
space:
mode:
Diffstat (limited to 'config/snort')
-rwxr-xr-xconfig/snort/snort.inc154
-rwxr-xr-xconfig/snort/snort_alerts.php1
-rw-r--r--config/snort/snort_barnyard.php26
-rw-r--r--config/snort/snort_blocked.php1
-rwxr-xr-xconfig/snort/snort_define_servers.php26
-rwxr-xr-xconfig/snort/snort_download_updates.php1
-rwxr-xr-xconfig/snort/snort_interfaces.php45
-rwxr-xr-xconfig/snort/snort_interfaces_edit.php30
-rw-r--r--config/snort/snort_interfaces_global.php1
-rw-r--r--config/snort/snort_interfaces_suppress.php1
-rw-r--r--config/snort/snort_interfaces_suppress_edit.php14
-rw-r--r--config/snort/snort_interfaces_whitelist.php1
-rw-r--r--config/snort/snort_interfaces_whitelist_edit.php15
-rwxr-xr-xconfig/snort/snort_preprocessors.php26
-rwxr-xr-xconfig/snort/snort_rules.php30
-rwxr-xr-xconfig/snort/snort_rulesets.php32
-rwxr-xr-xconfig/snort/snort_sync.xml166
17 files changed, 505 insertions, 65 deletions
diff --git a/config/snort/snort.inc b/config/snort/snort.inc
index 236cb107..430e5a95 100755
--- a/config/snort/snort.inc
+++ b/config/snort/snort.inc
@@ -34,6 +34,7 @@ require_once("pfsense-utils.inc");
require_once("config.inc");
require_once("functions.inc");
require_once("service-utils.inc");
+require_once("pkg-utils.inc");
// Needed on 2.0 because of filter_get_vpns_list()
require_once("filter.inc");
@@ -887,7 +888,9 @@ function sync_snort_package_config() {
snort_rules_up_install_cron($snortglob['autorulesupdate7'] != "never_up" ? true : false);
configure_cron();
-
+
+ snort_sync_on_changes();
+
conf_mount_ro();
}
@@ -3040,4 +3043,153 @@ EOD;
unset($home_net, $external_net, $vardef, $portvardef);
}
+/* Uses XMLRPC to synchronize the changes to a remote node */
+function snort_sync_on_changes() {
+ global $config, $g;
+ if (is_array($config['installedpackages']['snortsync']['config'])){
+ $snort_sync=$config['installedpackages']['snortsync']['config'][0];
+ $synconchanges = $snort_sync['varsynconchanges'];
+ $synctimeout = $snort_sync['varsynctimeout'];
+ switch ($synconchanges){
+ case "manual":
+ if (is_array($snort_sync[row])){
+ $rs=$snort_sync[row];
+ }
+ else{
+ log_error("[snort] xmlrpc sync is enabled but there is no hosts to push snort config.");
+ return;
+ }
+ break;
+ case "auto":
+ if (is_array($config['installedpackages']['carpsettings']) && is_array($config['installedpackages']['carpsettings']['config'])){
+ $system_carp=$config['installedpackages']['carpsettings']['config'][0];
+ $rs[0]['varsyncipaddress']=$system_carp['synchronizetoip'];
+ $rs[0]['varsyncusername']=$system_carp['username'];
+ $rs[0]['varsyncpassword']=$system_carp['password'];
+ if ($system_carp['synchronizetoip'] ==""){
+ log_error("[snort] xmlrpc sync is enabled but there is no system backup hosts to push snort config.");
+ return;
+ }
+ }
+ else{
+ log_error("[snort] xmlrpc sync is enabled but there is no system backup hosts to push snort config.");
+ return;
+ }
+ break;
+ default:
+ return;
+ break;
+ }
+ if (is_array($rs)){
+ log_error("[snort] xmlrpc sync is starting.");
+ foreach($rs as $sh){
+ $sync_to_ip = $sh['varsyncipaddress'];
+ $password = $sh['varsyncpassword'];
+ if($sh['varsyncusername'])
+ $username = $sh['varsyncusername'];
+ else
+ $username = 'admin';
+ if($password && $sync_to_ip)
+ snort_do_xmlrpc_sync($sync_to_ip, $username, $password,$synctimeout);
+ }
+ log_error("[snort] xmlrpc sync is ending.");
+ }
+ }
+}
+/* Do the actual XMLRPC sync */
+function snort_do_xmlrpc_sync($sync_to_ip, $username, $password, $synctimeout) {
+ global $config, $g;
+
+ if(!$username)
+ return;
+
+ if(!$password)
+ return;
+
+ if(!$sync_to_ip)
+ return;
+
+ if(!$synctimeout)
+ $synctimeout=150;
+
+
+ $xmlrpc_sync_neighbor = $sync_to_ip;
+ if($config['system']['webgui']['protocol'] != "") {
+ $synchronizetoip = $config['system']['webgui']['protocol'];
+ $synchronizetoip .= "://";
+ }
+ $port = $config['system']['webgui']['port'];
+ /* if port is empty lets rely on the protocol selection */
+ if($port == "") {
+ if($config['system']['webgui']['protocol'] == "http")
+ $port = "80";
+ else
+ $port = "443";
+ }
+ $synchronizetoip .= $sync_to_ip;
+
+ /* xml will hold the sections to sync */
+ $xml = array();
+ $xml['snortglobal'] = $config['installedpackages']['snortglobal'];
+ /* assemble xmlrpc payload */
+ $params = array(
+ XML_RPC_encode($password),
+ XML_RPC_encode($xml)
+ );
+
+ /* set a few variables needed for sync code borrowed from filter.inc */
+ $url = $synchronizetoip;
+ log_error("Beginning snort XMLRPC sync to {$url}:{$port}.");
+ $method = 'pfsense.merge_installedpackages_section_xmlrpc';
+ $msg = new XML_RPC_Message($method, $params);
+ $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port);
+ $cli->setCredentials($username, $password);
+ if($g['debug'])
+ $cli->setDebug(1);
+ /* send our XMLRPC message and timeout after defined sync timeout value*/
+ $resp = $cli->send($msg, $synctimeout);
+ if(!$resp) {
+ $error = "A communications error occurred while attempting snort XMLRPC sync with {$url}:{$port}.";
+ log_error($error);
+ file_notice("sync_settings", $error, "snort Settings Sync", "");
+ } elseif($resp->faultCode()) {
+ $cli->setDebug(1);
+ $resp = $cli->send($msg, $synctimeout);
+ $error = "An error code was received while attempting snort XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString();
+ log_error($error);
+ file_notice("sync_settings", $error, "snort Settings Sync", "");
+ } else {
+ log_error("snort XMLRPC sync successfully completed with {$url}:{$port}.");
+ }
+
+ /* tell squid to reload our settings on the destination sync host. */
+ $method = 'pfsense.exec_php';
+ $execcmd = "require_once('/usr/local/pkg/snort/snort.inc');\n";
+ $execcmd .= "sync_snort_package_config();";
+ /* assemble xmlrpc payload */
+ $params = array(
+ XML_RPC_encode($password),
+ XML_RPC_encode($execcmd)
+ );
+
+ log_error("snort XMLRPC reload data {$url}:{$port}.");
+ $msg = new XML_RPC_Message($method, $params);
+ $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port);
+ $cli->setCredentials($username, $password);
+ $resp = $cli->send($msg, $synctimeout);
+ if(!$resp) {
+ $error = "A communications error occurred while attempting snort XMLRPC sync with {$url}:{$port} (pfsense.exec_php).";
+ log_error($error);
+ file_notice("sync_settings", $error, "snort Settings Sync", "");
+ } elseif($resp->faultCode()) {
+ $cli->setDebug(1);
+ $resp = $cli->send($msg, $synctimeout);
+ $error = "An error code was received while attempting snort XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString();
+ log_error($error);
+ file_notice("sync_settings", $error, "snort Settings Sync", "");
+ } else {
+ log_error("snort XMLRPC reload data success with {$url}:{$port} (pfsense.exec_php).");
+ }
+
+}
?>
diff --git a/config/snort/snort_alerts.php b/config/snort/snort_alerts.php
index eb0912c8..7919b1f2 100755
--- a/config/snort/snort_alerts.php
+++ b/config/snort/snort_alerts.php
@@ -200,6 +200,7 @@ if ($pconfig['arefresh'] == 'on')
$tab_array[4] = array(gettext("Blocked"), false, "/snort/snort_blocked.php");
$tab_array[5] = array(gettext("Whitelists"), false, "/snort/snort_interfaces_whitelist.php");
$tab_array[6] = array(gettext("Suppress"), false, "/snort/snort_interfaces_suppress.php");
+ $tab_array[7] = array(gettext("Sync"), false, "/pkg_edit.php?xml=snort/snort_sync.xml");
display_top_tabs($tab_array);
?>
</td></tr>
diff --git a/config/snort/snort_barnyard.php b/config/snort/snort_barnyard.php
index e1de3efd..cf9fb4bd 100644
--- a/config/snort/snort_barnyard.php
+++ b/config/snort/snort_barnyard.php
@@ -150,14 +150,26 @@ function enable_change(enable_change) {
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr><td>
<?php
+ $tab_array = array();
+ $tab_array[0] = array(gettext("Snort Interfaces"), true, "/snort/snort_interfaces.php");
+ $tab_array[1] = array(gettext("Global Settings"), false, "/snort/snort_interfaces_global.php");
+ $tab_array[2] = array(gettext("Updates"), false, "/snort/snort_download_updates.php");
+ $tab_array[3] = array(gettext("Alerts"), false, "/snort/snort_alerts.php");
+ $tab_array[4] = array(gettext("Blocked"), false, "/snort/snort_blocked.php");
+ $tab_array[5] = array(gettext("Whitelists"), false, "/snort/snort_interfaces_whitelist.php");
+ $tab_array[6] = array(gettext("Suppress"), false, "/snort/snort_interfaces_suppress.php");
+ $tab_array[7] = array(gettext("Sync"), false, "/pkg_edit.php?xml=snort/snort_sync.xml");
+ display_top_tabs($tab_array);
+ echo '</td></tr>';
+ echo '<tr><td class="tabnavtbl">';
+ $menu_iface=($if_friendly?substr($if_friendly,0,5)." ":"Iface ");
$tab_array = array();
- $tab_array[] = array(gettext("Snort Interfaces"), false, "/snort/snort_interfaces.php");
- $tab_array[] = array(gettext("If Settings"), false, "/snort/snort_interfaces_edit.php?id={$id}");
- $tab_array[] = array(gettext("Categories"), false, "/snort/snort_rulesets.php?id={$id}");
- $tab_array[] = array(gettext("Rules"), false, "/snort/snort_rules.php?id={$id}");
- $tab_array[] = array(gettext("Variables"), false, "/snort/snort_define_servers.php?id={$id}");
- $tab_array[] = array(gettext("Preprocessors"), false, "/snort/snort_preprocessors.php?id={$id}");
- $tab_array[] = array(gettext("Barnyard2"), true, "/snort/snort_barnyard.php?id={$id}");
+ $tab_array[] = array($menu_iface . gettext("Settings"), false, "/snort/snort_interfaces_edit.php?id={$id}");
+ $tab_array[] = array($menu_iface . gettext("Categories"), false, "/snort/snort_rulesets.php?id={$id}");
+ $tab_array[] = array($menu_iface . gettext("Rules"), false, "/snort/snort_rules.php?id={$id}");
+ $tab_array[] = array($menu_iface . gettext("Variables"), false, "/snort/snort_define_servers.php?id={$id}");
+ $tab_array[] = array($menu_iface . gettext("Preprocessors"), false, "/snort/snort_preprocessors.php?id={$id}");
+ $tab_array[] = array($menu_iface . gettext("Barnyard2"), true, "/snort/snort_barnyard.php?id={$id}");
display_top_tabs($tab_array);
?>
</td></tr>
diff --git a/config/snort/snort_blocked.php b/config/snort/snort_blocked.php
index bd7cabbc..40ef61a1 100644
--- a/config/snort/snort_blocked.php
+++ b/config/snort/snort_blocked.php
@@ -146,6 +146,7 @@ if ($pconfig['brefresh'] == 'on')
$tab_array[4] = array(gettext("Blocked"), true, "/snort/snort_blocked.php");
$tab_array[5] = array(gettext("Whitelists"), false, "/snort/snort_interfaces_whitelist.php");
$tab_array[6] = array(gettext("Suppress"), false, "/snort/snort_interfaces_suppress.php");
+ $tab_array[7] = array(gettext("Sync"), false, "/pkg_edit.php?xml=snort/snort_sync.xml");
display_top_tabs($tab_array);
?>
</td>
diff --git a/config/snort/snort_define_servers.php b/config/snort/snort_define_servers.php
index b1d71631..307dd8a8 100755
--- a/config/snort/snort_define_servers.php
+++ b/config/snort/snort_define_servers.php
@@ -166,14 +166,26 @@ if ($savemsg)
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr><td>
<?php
+ $tab_array = array();
+ $tab_array[0] = array(gettext("Snort Interfaces"), true, "/snort/snort_interfaces.php");
+ $tab_array[1] = array(gettext("Global Settings"), false, "/snort/snort_interfaces_global.php");
+ $tab_array[2] = array(gettext("Updates"), false, "/snort/snort_download_updates.php");
+ $tab_array[3] = array(gettext("Alerts"), false, "/snort/snort_alerts.php");
+ $tab_array[4] = array(gettext("Blocked"), false, "/snort/snort_blocked.php");
+ $tab_array[5] = array(gettext("Whitelists"), false, "/snort/snort_interfaces_whitelist.php");
+ $tab_array[6] = array(gettext("Suppress"), false, "/snort/snort_interfaces_suppress.php");
+ $tab_array[7] = array(gettext("Sync"), false, "/pkg_edit.php?xml=snort/snort_sync.xml");
+ display_top_tabs($tab_array);
+ echo '</td></tr>';
+ echo '<tr><td class="tabnavtbl">';
+ $menu_iface=($if_friendly?substr($if_friendly,0,5)." ":"Iface ");
$tab_array = array();
- $tab_array[] = array(gettext("Snort Interfaces"), false, "/snort/snort_interfaces.php");
- $tab_array[] = array(gettext("If Settings"), false, "/snort/snort_interfaces_edit.php?id={$id}");
- $tab_array[] = array(gettext("Categories"), false, "/snort/snort_rulesets.php?id={$id}");
- $tab_array[] = array(gettext("Rules"), false, "/snort/snort_rules.php?id={$id}");
- $tab_array[] = array(gettext("Variables"), true, "/snort/snort_define_servers.php?id={$id}");
- $tab_array[] = array(gettext("Preprocessors"), false, "/snort/snort_preprocessors.php?id={$id}");
- $tab_array[] = array(gettext("Barnyard2"), false, "/snort/snort_barnyard.php?id={$id}");
+ $tab_array[] = array($menu_iface . gettext(" Settings"), false, "/snort/snort_interfaces_edit.php?id={$id}");
+ $tab_array[] = array($menu_iface . gettext("Categories"), false, "/snort/snort_rulesets.php?id={$id}");
+ $tab_array[] = array($menu_iface . gettext("Rules"), false, "/snort/snort_rules.php?id={$id}");
+ $tab_array[] = array($menu_iface . gettext("Variables"), true, "/snort/snort_define_servers.php?id={$id}");
+ $tab_array[] = array($menu_iface . gettext("Preprocessors"), false, "/snort/snort_preprocessors.php?id={$id}");
+ $tab_array[] = array($menu_iface . gettext("Barnyard2"), false, "/snort/snort_barnyard.php?id={$id}");
display_top_tabs($tab_array);
?>
</td></tr>
diff --git a/config/snort/snort_download_updates.php b/config/snort/snort_download_updates.php
index f2250236..4e312f22 100755
--- a/config/snort/snort_download_updates.php
+++ b/config/snort/snort_download_updates.php
@@ -118,6 +118,7 @@ h += 96;
$tab_array[4] = array(gettext("Blocked"), false, "/snort/snort_blocked.php");
$tab_array[5] = array(gettext("Whitelists"), false, "/snort/snort_interfaces_whitelist.php");
$tab_array[6] = array(gettext("Suppress"), false, "/snort/snort_interfaces_suppress.php");
+ $tab_array[7] = array(gettext("Sync"), false, "/pkg_edit.php?xml=snort/snort_sync.xml");
display_top_tabs($tab_array);
?>
</td></tr>
diff --git a/config/snort/snort_interfaces.php b/config/snort/snort_interfaces.php
index 4c21cdd9..c2a66f98 100755
--- a/config/snort/snort_interfaces.php
+++ b/config/snort/snort_interfaces.php
@@ -184,6 +184,7 @@ if ($pfsense_stable == 'yes')
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr><td>
<?php
+
$tab_array = array();
$tab_array[0] = array(gettext("Snort Interfaces"), true, "/snort/snort_interfaces.php");
$tab_array[1] = array(gettext("Global Settings"), false, "/snort/snort_interfaces_global.php");
@@ -192,6 +193,7 @@ if ($pfsense_stable == 'yes')
$tab_array[4] = array(gettext("Blocked"), false, "/snort/snort_blocked.php");
$tab_array[5] = array(gettext("Whitelists"), false, "/snort/snort_interfaces_whitelist.php");
$tab_array[6] = array(gettext("Suppress"), false, "/snort/snort_interfaces_suppress.php");
+ $tab_array[7] = array(gettext("Sync"), false, "/pkg_edit.php?xml=snort/snort_sync.xml");
display_top_tabs($tab_array);
?>
</td></tr>
@@ -240,15 +242,28 @@ foreach ($a_nat as $natent): ?>
/* convert fake interfaces to real and check if iface is up */
/* There has to be a smarter way to do this */
$if_real = snort_get_real_interface($natent['interface']);
+ $natend_friendly= snort_get_friendly_interface($natent['interface']);
$snort_uuid = $natent['uuid'];
- if (snort_is_running($snort_uuid, $if_real) == 'no')
- $iconfn = 'pass';
- else
+ if (snort_is_running($snort_uuid, $if_real) == 'no'){
$iconfn = 'block';
- if (snort_is_running($snort_uuid, $if_real, 'barnyard2') == 'no')
- $biconfn = 'pass';
- else
+ $iconfn_msg1 = 'Snort is not running on ';
+ $iconfn_msg2 = '. Click to start.';
+ }
+ else{
+ $iconfn = 'pass';
+ $iconfn_msg1 = 'Snort is running on ';
+ $iconfn_msg2 = '. Click to stop.';
+ }
+ if (snort_is_running($snort_uuid, $if_real, 'barnyard2') == 'no'){
$biconfn = 'block';
+ $biconfn_msg1 = 'Barnyard2 is not running on ';
+ $biconfn_msg2 = '. Click to start.';
+ }
+ else{
+ $biconfn = 'pass';
+ $biconfn_msg1 = 'Barnyard2 is running on ';
+ $biconfn_msg2 = '. Click to stop.';
+ }
/* See if interface has any rules defined and set boolean flag */
$no_rules = true;
@@ -271,7 +286,7 @@ foreach ($a_nat as $natent): ?>
id="frd<?=$nnats;?>"
ondblclick="document.location='snort_interfaces_edit.php?id=<?=$nnats;?>';">
<?php
- echo snort_get_friendly_interface($natent['interface']);
+ echo $natend_friendly;
?>
</td>
<td class="listr"
@@ -284,7 +299,7 @@ foreach ($a_nat as $natent): ?>
echo "<a href='?act=toggle&id={$i}'>
<img src='../themes/{$g['theme']}/images/icons/icon_{$iconfn}.gif'
width='13' height='13' border='0'
- title='" . gettext('click to toggle start/stop snort') . "'></a>";
+ title='" . gettext($iconfn_msg1.$natend_friendly.$iconfn_msg2) . "'></a>";
echo ($no_rules) ? "&nbsp;<img src=\"../themes/{$g['theme']}/images/icons/icon_frmfld_imp.png\" width=\"15\" height=\"15\" border=\"0\">" : "";
} else
echo strtoupper("disabled");
@@ -325,7 +340,7 @@ foreach ($a_nat as $natent): ?>
echo "<a href='?act=bartoggle&id={$i}'>
<img src='../themes/{$g['theme']}/images/icons/icon_{$biconfn}.gif'
width='13' height='13' border='0'
- title='" . gettext('click to toggle start/stop barnyard') . "'></a>";
+ title='" . gettext($biconfn_msg1.$natend_friendly.$biconfn_msg2) . "'></a>";
} else
echo strtoupper("disabled");
?>
@@ -406,9 +421,11 @@ foreach ($a_nat as $natent): ?>
</td>
<td width="3%">&nbsp;
</td>
- <td><strong>Click</strong> on the <img src="../themes/<?= $g['theme']; ?>/images/icons/icon_pass.gif"
- width="13" height="13" border="0" title="<?php echo gettext("Start Icon"); ?>"> icon to <strong>start</strong>
- snort and barnyard2.
+ <td><img src="../themes/<?= $g['theme']; ?>/images/icons/icon_pass.gif"
+ width="13" height="13" border="0" title="<?php echo gettext("Running"); ?>">
+ <img src="../themes/<?= $g['theme']; ?>/images/icons/icon_block.gif"
+ width="13" height="13" border="0" title="<?php echo gettext("Not Running"); ?>"> icons will show current
+ snort and barnyard2 status.
</td>
</tr>
<tr>
@@ -417,9 +434,7 @@ foreach ($a_nat as $natent): ?>
an interface and settings.
<td width="3%">&nbsp;
</td>
- <td><strong>Click</strong> on the <img src="../themes/<?= $g['theme']; ?>/images/icons/icon_block.gif"
- width="13" height="13" border="0" title="<?php echo gettext("Stop Icon"); ?>"> icon to <strong>stop</strong>
- snort and barnyard2.
+ <td><strong>Click</strong> on the status icons to <strong>toggle</strong> snort and barnyard2 status.
</td>
</tr>
<tr>
diff --git a/config/snort/snort_interfaces_edit.php b/config/snort/snort_interfaces_edit.php
index 71cdc185..36bc628d 100755
--- a/config/snort/snort_interfaces_edit.php
+++ b/config/snort/snort_interfaces_edit.php
@@ -182,15 +182,27 @@ include_once("head.inc");
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr><td class="tabnavtbl">
<?php
- $tab_array = array();
- $tab_array[] = array(gettext("Snort Interfaces"), false, "/snort/snort_interfaces.php");
- $tab_array[] = array(gettext("If Settings"), true, "/snort/snort_interfaces_edit.php?id={$id}");
- $tab_array[] = array(gettext("Categories"), false, "/snort/snort_rulesets.php?id={$id}");
- $tab_array[] = array(gettext("Rules"), false, "/snort/snort_rules.php?id={$id}");
- $tab_array[] = array(gettext("Variables"), false, "/snort/snort_define_servers.php?id={$id}");
- $tab_array[] = array(gettext("Preprocessors"), false, "/snort/snort_preprocessors.php?id={$id}");
- $tab_array[] = array(gettext("Barnyard2"), false, "/snort/snort_barnyard.php?id={$id}");
- display_top_tabs($tab_array);
+ $tab_array = array();
+ $tab_array[0] = array(gettext("Snort Interfaces"), true, "/snort/snort_interfaces.php");
+ $tab_array[1] = array(gettext("Global Settings"), false, "/snort/snort_interfaces_global.php");
+ $tab_array[2] = array(gettext("Updates"), false, "/snort/snort_download_updates.php");
+ $tab_array[3] = array(gettext("Alerts"), false, "/snort/snort_alerts.php");
+ $tab_array[4] = array(gettext("Blocked"), false, "/snort/snort_blocked.php");
+ $tab_array[5] = array(gettext("Whitelists"), false, "/snort/snort_interfaces_whitelist.php");
+ $tab_array[6] = array(gettext("Suppress"), false, "/snort/snort_interfaces_suppress.php");
+ $tab_array[7] = array(gettext("Sync"), false, "/pkg_edit.php?xml=snort/snort_sync.xml");
+ display_top_tabs($tab_array);
+ echo '</td></tr>';
+ echo '<tr><td class="tabnavtbl">';
+ $tab_array = array();
+ $menu_iface=($if_friendly?substr($if_friendly,0,5)." ":"Iface ");
+ $tab_array[] = array($menu_iface . gettext("Settings"), true, "/snort/snort_interfaces_edit.php?id={$id}");
+ $tab_array[] = array($menu_iface . gettext("Categories"), false, "/snort/snort_rulesets.php?id={$id}");
+ $tab_array[] = array($menu_iface . gettext("Rules"), false, "/snort/snort_rules.php?id={$id}");
+ $tab_array[] = array($menu_iface . gettext("Variables"), false, "/snort/snort_define_servers.php?id={$id}");
+ $tab_array[] = array($menu_iface . gettext("Preprocessors"), false, "/snort/snort_preprocessors.php?id={$id}");
+ $tab_array[] = array($menu_iface . gettext("Barnyard2"), false, "/snort/snort_barnyard.php?id={$id}");
+ display_top_tabs($tab_array);
?>
</td></tr>
<tr><td class="tabcont">
diff --git a/config/snort/snort_interfaces_global.php b/config/snort/snort_interfaces_global.php
index 3c544436..29217604 100644
--- a/config/snort/snort_interfaces_global.php
+++ b/config/snort/snort_interfaces_global.php
@@ -142,6 +142,7 @@ function enable_snort_vrt(btn) {
$tab_array[4] = array(gettext("Blocked"), false, "/snort/snort_blocked.php");
$tab_array[5] = array(gettext("Whitelists"), false, "/snort/snort_interfaces_whitelist.php");
$tab_array[6] = array(gettext("Suppress"), false, "/snort/snort_interfaces_suppress.php");
+ $tab_array[7] = array(gettext("Sync"), false, "/pkg_edit.php?xml=snort/snort_sync.xml");
display_top_tabs($tab_array);
?>
</td>
diff --git a/config/snort/snort_interfaces_suppress.php b/config/snort/snort_interfaces_suppress.php
index 32f2f6ba..30c5c2c0 100644
--- a/config/snort/snort_interfaces_suppress.php
+++ b/config/snort/snort_interfaces_suppress.php
@@ -79,6 +79,7 @@ if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}
$tab_array[4] = array(gettext("Blocked"), false, "/snort/snort_blocked.php");
$tab_array[5] = array(gettext("Whitelists"), false, "/snort/snort_interfaces_whitelist.php");
$tab_array[6] = array(gettext("Suppress"), true, "/snort/snort_interfaces_suppress.php");
+ $tab_array[7] = array(gettext("Sync"), false, "/pkg_edit.php?xml=snort/snort_sync.xml");
display_top_tabs($tab_array);
?>
</td>
diff --git a/config/snort/snort_interfaces_suppress_edit.php b/config/snort/snort_interfaces_suppress_edit.php
index 1d2ad225..0042863c 100644
--- a/config/snort/snort_interfaces_suppress_edit.php
+++ b/config/snort/snort_interfaces_suppress_edit.php
@@ -141,6 +141,20 @@ if ($savemsg)
?>
<form action="/snort/snort_interfaces_suppress_edit.php" name="iform" id="iform" method="post">
<table width="100%" border="0" cellpadding="0" cellspacing="0">
+<tr><td>
+<?php
+ $tab_array = array();
+ $tab_array[0] = array(gettext("Snort Interfaces"), false, "/snort/snort_interfaces.php");
+ $tab_array[1] = array(gettext("Global Settings"), false, "/snort/snort_interfaces_global.php");
+ $tab_array[2] = array(gettext("Updates"), false, "/snort/snort_download_updates.php");
+ $tab_array[3] = array(gettext("Alerts"), false, "/snort/snort_alerts.php");
+ $tab_array[4] = array(gettext("Blocked"), false, "/snort/snort_blocked.php");
+ $tab_array[5] = array(gettext("Whitelists"), false, "/snort/snort_interfaces_whitelist.php");
+ $tab_array[6] = array(gettext("Suppress"), true, "/snort/snort_interfaces_suppress.php");
+ $tab_array[7] = array(gettext("Sync"), false, "/pkg_edit.php?xml=/snort/snort_sync.xml");
+ display_top_tabs($tab_array);
+?>
+</td></tr>
<tr><td class="tabcont">
<table width="100%" border="0" cellpadding="6" cellspacing="0">
<tr>
diff --git a/config/snort/snort_interfaces_whitelist.php b/config/snort/snort_interfaces_whitelist.php
index a925ad45..27f48e16 100644
--- a/config/snort/snort_interfaces_whitelist.php
+++ b/config/snort/snort_interfaces_whitelist.php
@@ -85,6 +85,7 @@ if ($savemsg) print_info_box($savemsg);
$tab_array[4] = array(gettext("Blocked"), false, "/snort/snort_blocked.php");
$tab_array[5] = array(gettext("Whitelists"), true, "/snort/snort_interfaces_whitelist.php");
$tab_array[6] = array(gettext("Suppress"), false, "/snort/snort_interfaces_suppress.php");
+ $tab_array[7] = array(gettext("Sync"), false, "/pkg_edit.php?xml=snort/snort_sync.xml");
display_top_tabs($tab_array);
?>
</td>
diff --git a/config/snort/snort_interfaces_whitelist_edit.php b/config/snort/snort_interfaces_whitelist_edit.php
index 2f2afdad..4559f1b5 100644
--- a/config/snort/snort_interfaces_whitelist_edit.php
+++ b/config/snort/snort_interfaces_whitelist_edit.php
@@ -170,6 +170,21 @@ if ($savemsg)
</script>
<form action="snort_interfaces_whitelist_edit.php" method="post" name="iform" id="iform">
<table width="100%" border="0" cellpadding="0" cellspacing="0">
+<tr><td>
+<?php
+ $tab_array = array();
+ $tab_array[0] = array(gettext("Snort Interfaces"), false, "/snort/snort_interfaces.php");
+ $tab_array[1] = array(gettext("Global Settings"), false, "/snort/snort_interfaces_global.php");
+ $tab_array[2] = array(gettext("Updates"), false, "/snort/snort_download_updates.php");
+ $tab_array[3] = array(gettext("Alerts"), false, "/snort/snort_alerts.php");
+ $tab_array[4] = array(gettext("Blocked"), false, "/snort/snort_blocked.php");
+ $tab_array[5] = array(gettext("Whitelists"), true, "/snort/snort_interfaces_whitelist.php");
+ $tab_array[6] = array(gettext("Suppress"), false, "/snort/snort_interfaces_suppress.php");
+ $tab_array[7] = array(gettext("Sync"), false, "/pkg_edit.php?xml=snort/snort_sync.xml");
+ display_top_tabs($tab_array);
+?>
+ </td>
+</tr>
<tr><td class="tabcont">
<table width="100%" border="0" cellpadding="6" cellspacing="0">
<tr>
diff --git a/config/snort/snort_preprocessors.php b/config/snort/snort_preprocessors.php
index 705dfe24..14e51ed3 100755
--- a/config/snort/snort_preprocessors.php
+++ b/config/snort/snort_preprocessors.php
@@ -394,14 +394,26 @@ include_once("head.inc");
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr><td>
<?php
+ $tab_array = array();
+ $tab_array[0] = array(gettext("Snort Interfaces"), true, "/snort/snort_interfaces.php");
+ $tab_array[1] = array(gettext("Global Settings"), false, "/snort/snort_interfaces_global.php");
+ $tab_array[2] = array(gettext("Updates"), false, "/snort/snort_download_updates.php");
+ $tab_array[3] = array(gettext("Alerts"), false, "/snort/snort_alerts.php");
+ $tab_array[4] = array(gettext("Blocked"), false, "/snort/snort_blocked.php");
+ $tab_array[5] = array(gettext("Whitelists"), false, "/snort/snort_interfaces_whitelist.php");
+ $tab_array[6] = array(gettext("Suppress"), false, "/snort/snort_interfaces_suppress.php");
+ $tab_array[7] = array(gettext("Sync"), false, "/pkg_edit.php?xml=snort/snort_sync.xml");
+ display_top_tabs($tab_array);
+ echo '</td></tr>';
+ echo '<tr><td class="tabnavtbl">';
+ $menu_iface=($if_friendly?substr($if_friendly,0,5)." ":"Iface ");
$tab_array = array();
- $tab_array[] = array(gettext("Snort Interfaces"), false, "/snort/snort_interfaces.php");
- $tab_array[] = array(gettext("If Settings"), false, "/snort/snort_interfaces_edit.php?id={$id}");
- $tab_array[] = array(gettext("Categories"), false, "/snort/snort_rulesets.php?id={$id}");
- $tab_array[] = array(gettext("Rules"), false, "/snort/snort_rules.php?id={$id}");
- $tab_array[] = array(gettext("Variables"), false, "/snort/snort_define_servers.php?id={$id}");
- $tab_array[] = array(gettext("Preprocessors"), true, "/snort/snort_preprocessors.php?id={$id}");
- $tab_array[] = array(gettext("Barnyard2"), false, "/snort/snort_barnyard.php?id={$id}");
+ $tab_array[] = array($menu_iface . gettext("Settings"), false, "/snort/snort_interfaces_edit.php?id={$id}");
+ $tab_array[] = array($menu_iface . gettext("Categories"), false, "/snort/snort_rulesets.php?id={$id}");
+ $tab_array[] = array($menu_iface . gettext("Rules"), false, "/snort/snort_rules.php?id={$id}");
+ $tab_array[] = array($menu_iface . gettext("Variables"), false, "/snort/snort_define_servers.php?id={$id}");
+ $tab_array[] = array($menu_iface . gettext("Preprocessors"), true, "/snort/snort_preprocessors.php?id={$id}");
+ $tab_array[] = array($menu_iface . gettext("Barnyard2"), false, "/snort/snort_barnyard.php?id={$id}");
display_top_tabs($tab_array);
?>
</td></tr>
diff --git a/config/snort/snort_rules.php b/config/snort/snort_rules.php
index 609eb052..cbb1fe50 100755
--- a/config/snort/snort_rules.php
+++ b/config/snort/snort_rules.php
@@ -322,15 +322,27 @@ h += 96;
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr><td class="tabnavtbl">
<?php
- $tab_array = array();
- $tab_array[] = array(gettext("Snort Interfaces"), false, "/snort/snort_interfaces.php");
- $tab_array[] = array(gettext("If Settings"), false, "/snort/snort_interfaces_edit.php?id={$id}");
- $tab_array[] = array(gettext("Categories"), false, "/snort/snort_rulesets.php?id={$id}");
- $tab_array[] = array(gettext("Rules"), true, "/snort/snort_rules.php?id={$id}");
- $tab_array[] = array(gettext("Variables"), false, "/snort/snort_define_servers.php?id={$id}");
- $tab_array[] = array(gettext("Preprocessors"), false, "/snort/snort_preprocessors.php?id={$id}");
- $tab_array[] = array(gettext("Barnyard2"), false, "/snort/snort_barnyard.php?id={$id}");
- display_top_tabs($tab_array);
+ $tab_array = array();
+ $tab_array[0] = array(gettext("Snort Interfaces"), true, "/snort/snort_interfaces.php");
+ $tab_array[1] = array(gettext("Global Settings"), false, "/snort/snort_interfaces_global.php");
+ $tab_array[2] = array(gettext("Updates"), false, "/snort/snort_download_updates.php");
+ $tab_array[3] = array(gettext("Alerts"), false, "/snort/snort_alerts.php");
+ $tab_array[4] = array(gettext("Blocked"), false, "/snort/snort_blocked.php");
+ $tab_array[5] = array(gettext("Whitelists"), false, "/snort/snort_interfaces_whitelist.php");
+ $tab_array[6] = array(gettext("Suppress"), false, "/snort/snort_interfaces_suppress.php");
+ $tab_array[7] = array(gettext("Sync"), false, "/pkg_edit.php?xml=snort/snort_sync.xml");
+ display_top_tabs($tab_array);
+ echo '</td></tr>';
+ echo '<tr><td class="tabnavtbl">';
+ $menu_iface=($if_friendly?substr($if_friendly,0,5)." ":"Iface ");;
+ $tab_array = array();
+ $tab_array[] = array($menu_iface . gettext("Settings"), false, "/snort/snort_interfaces_edit.php?id={$id}");
+ $tab_array[] = array($menu_iface . gettext("Categories"), false, "/snort/snort_rulesets.php?id={$id}");
+ $tab_array[] = array($menu_iface . gettext("Rules"), true, "/snort/snort_rules.php?id={$id}");
+ $tab_array[] = array($menu_iface . gettext("Variables"), false, "/snort/snort_define_servers.php?id={$id}");
+ $tab_array[] = array($menu_iface . gettext("Preprocessors"), false, "/snort/snort_preprocessors.php?id={$id}");
+ $tab_array[] = array($menu_iface . gettext("Barnyard2"), false, "/snort/snort_barnyard.php?id={$id}");
+ display_top_tabs($tab_array);
?>
</td></tr>
<tr><td class="tabcont">
diff --git a/config/snort/snort_rulesets.php b/config/snort/snort_rulesets.php
index 4a7380b1..f9fb6aa8 100755
--- a/config/snort/snort_rulesets.php
+++ b/config/snort/snort_rulesets.php
@@ -257,16 +257,28 @@ function enable_change()
<input type="hidden" name="id" id="id" value="<?=$id;?>" />
<table width="99%" border="0" cellpadding="0" cellspacing="0">
<tr><td>
-<?php
- $tab_array = array();
- $tab_array[] = array(gettext("Snort Interfaces"), false, "/snort/snort_interfaces.php");
- $tab_array[] = array(gettext("If Settings"), false, "/snort/snort_interfaces_edit.php?id={$id}");
- $tab_array[] = array(gettext("Categories"), true, "/snort/snort_rulesets.php?id={$id}");
- $tab_array[] = array(gettext("Rules"), false, "/snort/snort_rules.php?id={$id}");
- $tab_array[] = array(gettext("Variables"), false, "/snort/snort_define_servers.php?id={$id}");
- $tab_array[] = array(gettext("Preprocessors"), false, "/snort/snort_preprocessors.php?id={$id}");
- $tab_array[] = array(gettext("Barnyard2"), false, "/snort/snort_barnyard.php?id={$id}");
- display_top_tabs($tab_array);
+<?php
+ $tab_array = array();
+ $tab_array[0] = array(gettext("Snort Interfaces"), true, "/snort/snort_interfaces.php");
+ $tab_array[1] = array(gettext("Global Settings"), false, "/snort/snort_interfaces_global.php");
+ $tab_array[2] = array(gettext("Updates"), false, "/snort/snort_download_updates.php");
+ $tab_array[3] = array(gettext("Alerts"), false, "/snort/snort_alerts.php");
+ $tab_array[4] = array(gettext("Blocked"), false, "/snort/snort_blocked.php");
+ $tab_array[5] = array(gettext("Whitelists"), false, "/snort/snort_interfaces_whitelist.php");
+ $tab_array[6] = array(gettext("Suppress"), false, "/snort/snort_interfaces_suppress.php");
+ $tab_array[7] = array(gettext("Sync"), false, "/pkg_edit.php?xml=snort/snort_sync.xml");
+ display_top_tabs($tab_array);
+ echo '</td></tr>';
+ echo '<tr><td class="tabnavtbl">';
+ $menu_iface=($if_friendly?substr($if_friendly,0,5)." ":"Iface ");
+ $tab_array = array();
+ $tab_array[] = array($menu_iface . gettext("Settings"), false, "/snort/snort_interfaces_edit.php?id={$id}");
+ $tab_array[] = array($menu_iface . gettext("Categories"), true, "/snort/snort_rulesets.php?id={$id}");
+ $tab_array[] = array($menu_iface . gettext("Rules"), false, "/snort/snort_rules.php?id={$id}");
+ $tab_array[] = array($menu_iface . gettext("Variables"), false, "/snort/snort_define_servers.php?id={$id}");
+ $tab_array[] = array($menu_iface . gettext("Preprocessors"), false, "/snort/snort_preprocessors.php?id={$id}");
+ $tab_array[] = array($menu_iface . gettext("Barnyard2"), false, "/snort/snort_barnyard.php?id={$id}");
+ display_top_tabs($tab_array);
?>
</td></tr>
<tr>
diff --git a/config/snort/snort_sync.xml b/config/snort/snort_sync.xml
new file mode 100755
index 00000000..5bfeba12
--- /dev/null
+++ b/config/snort/snort_sync.xml
@@ -0,0 +1,166 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
+<packagegui>
+ <copyright>
+<![CDATA[
+/* $Id$ */
+/* ========================================================================== */
+/*
+snortsync.xml
+part of pfSense (http://www.pfSense.com)
+Copyright (C) 2013 Marcello Coutinho
+based on pfblocker_sync.xml
+All rights reserved.
+
+Based on m0n0wall (http://m0n0.ch/wall)
+Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+All rights reserved.
+*/
+/* ========================================================================== */
+/*
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+1. Redistributions of source code MUST retain the above copyright notice,
+this list of conditions and the following disclaimer.
+
+2. Redistributions in binary form MUST reproduce the above copyright
+notice, this list of conditions and the following disclaimer in the
+documentation and/or other materials provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+POSSIBILITY OF SUCH DAMAGE.
+*/
+/* ========================================================================== */
+]]></copyright>
+ <description><![CDATA[Describe your package here]]></description>
+ <requirements>Describe your package requirements here</requirements>
+ <faq>Currently there are no FAQ items provided.</faq>
+ <name>snortsync</name>
+ <version>1.0</version>
+ <title>Proxy server snort: XMLRPC Sync</title>
+ <include_file>/usr/local/pkg/snort/snort.inc</include_file>
+ <tabs>
+ <tab>
+ <text>Snort Interfaces</text>
+ <url>/snort/snort_interfaces.php</url>
+ </tab>
+ <tab>
+ <text>Global Settings</text>
+ <url>/snort/snort_interfaces_global.php</url>
+ </tab>
+ <tab>
+ <text>Updates</text>
+ <url>/snort/snort_download_updates.php</url>
+ </tab>
+ <tab>
+ <text>Alerts</text>
+ <url>/snort/snort_alerts.php</url>
+ </tab>
+ <tab>
+ <text>Blocked</text>
+ <url>/snort/snort_blocked.php</url>
+ </tab>
+ <tab>
+ <text>Whitelists</text>
+ <url>/snort/snort_interfaces_whitelist.php</url>
+ </tab>
+ <tab>
+ <text>Suppress</text>
+ <url>/snort/snort_interfaces_suppress.php</url>
+ </tab>
+ <tab>
+ <text>Sync</text>
+ <url>/pkg_edit.php?xml=snort/snort_sync.xml</url>
+ <active/>
+ </tab>
+ </tabs>
+ <fields>
+ <field>
+ <name>Snort XMLRPC Sync</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Enable Sync</fielddescr>
+ <fieldname>varsynconchanges</fieldname>
+ <description><![CDATA[All changes will be synced with apply config to the IPs listed below if this option is checked.<br>
+ <b>Important:</b> While using "Sync to hosts defined below", only sync from host A to B, A to C but <b>do not</B> enable XMLRPC sync <b>to</b> A. This will result in a loop!]]></description>
+ <type>select</type>
+ <required/>
+ <default_value>auto</default_value>
+ <options>
+ <option><name>Sync to configured system backup server</name><value>auto</value></option>
+ <option><name>Sync to host(s) defined below</name><value>manual</value></option>
+ <option><name>Do not sync this package configuration</name><value>disabled</value></option>
+ </options>
+ </field>
+ <field>
+ <fielddescr>XMLRPC timeout</fielddescr>
+ <fieldname>varsynctimeout</fieldname>
+ <description><![CDATA[Timeout in seconds for the XMLRPC timeout. Default: 150]]></description>
+ <type>input</type>
+ <default_value>150</default_value>
+ <size>5</size>
+ </field>
+
+ <field>
+ <fielddescr>Destination Server</fielddescr>
+ <fieldname>none</fieldname>
+ <type>rowhelper</type>
+ <rowhelper>
+ <rowhelperfield>
+ <fielddescr>Enable</fielddescr>
+ <fieldname>varsyncdestinenable</fieldname>
+ <type>checkbox</type>
+ </rowhelperfield>
+ <rowhelperfield>
+ <fielddescr>GUI Protocol</fielddescr>
+ <fieldname>varsyncprotocol</fieldname>
+ <description><![CDATA[Choose the protocol of the destination host. Probably <b>http</b> or <b>https</b>]]></description>
+ <type>select</type>
+ <default_value>HTTP</default_value>
+ <options>
+ <option><name>HTTP</name><value>http</value></option>
+ <option><name>HTTPS</name><value>https</value></option>
+ </options>
+ </rowhelperfield>
+ <rowhelperfield>
+ <fielddescr>GUI IP-Address</fielddescr>
+ <fieldname>varsyncipaddress</fieldname>
+ <description><![CDATA[IP Address of the destination host.]]></description>
+ <type>input</type>
+ <size>15</size>
+ </rowhelperfield>
+ <rowhelperfield>
+ <fielddescr>GUI Port</fielddescr>
+ <fieldname>varsyncport</fieldname>
+ <description><![CDATA[Choose the port of the destination host.]]></description>
+ <type>input</type>
+ <size>3</size>
+ </rowhelperfield>
+ <rowhelperfield>
+ <fielddescr>GUI Admin Password</fielddescr>
+ <fieldname>varsyncpassword</fieldname>
+ <description><![CDATA[Password of the user "admin" on the destination host.]]></description>
+ <type>password</type>
+ <size>20</size>
+ </rowhelperfield>
+ </rowhelper>
+ </field>
+ </fields>
+ <custom_delete_php_command>
+ write_config();snort_sync_on_changes();
+ </custom_delete_php_command>
+ <custom_php_resync_config_command>
+ write_config();snort_sync_on_changes();
+ </custom_php_resync_config_command>
+</packagegui>