diff options
Diffstat (limited to 'config/snort')
-rw-r--r-- | config/snort/snort_barnyard.php | 23 | ||||
-rw-r--r-- | config/snort/snort_blocked.php | 2 | ||||
-rwxr-xr-x | config/snort/snort_define_servers.php | 2 | ||||
-rwxr-xr-x | config/snort/snort_interfaces.php | 6 | ||||
-rw-r--r-- | config/snort/snort_interfaces_suppress.php | 8 | ||||
-rw-r--r-- | config/snort/snort_list_view.php | 6 | ||||
-rw-r--r-- | config/snort/snort_rules_flowbits.php | 38 | ||||
-rwxr-xr-x | config/snort/snort_rulesets.php | 7 |
8 files changed, 53 insertions, 39 deletions
diff --git a/config/snort/snort_barnyard.php b/config/snort/snort_barnyard.php index 2773fe95..a5c1ffec 100644 --- a/config/snort/snort_barnyard.php +++ b/config/snort/snort_barnyard.php @@ -89,7 +89,7 @@ if ($_POST) { write_config(); /* No need to rebuild rules if just toggling Barnyard2 on or off */ - $rebuild_rules = "off"; + $rebuild_rules = false; sync_snort_package_config(); /* after click go to this page */ @@ -108,16 +108,11 @@ $pgtitle = "Snort: Interface: {$if_friendly} Barnyard2 Edit"; include_once("head.inc"); ?> -<body - link="#0000CC" vlink="#0000CC" alink="#0000CC"> - +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php include("fbegin.inc"); ?> <?if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}?> -<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> -<?php include_once("fbegin.inc"); -?> <script language="JavaScript"> <!-- @@ -184,7 +179,7 @@ function enable_change(enable_change) { <td width="22%" valign="top" class="vncellreq"><?php echo gettext("Enable"); ?></td> <td width="78%" class="vtable"> <input name="barnyard_enable" type="checkbox" value="on" <?php if ($pconfig['barnyard_enable'] == "on") echo "checked"; ?> onClick="enable_change(false)"> - <strong><?php echo gettext("Enable Barnyard2"); ?></strong><br> + <strong><?php echo gettext("Enable Barnyard2"); ?></strong><br/> <?php echo gettext("This will enable barnyard2 for this interface. You will also have to set the database credentials."); ?></td> </tr> <tr> @@ -194,9 +189,9 @@ function enable_change(enable_change) { <td width="22%" valign="top" class="vncell"><?php echo gettext("Log to a MySQL Database"); ?></td> <td width="78%" class="vtable"><input name="barnyard_mysql" type="text" class="formfld" id="barnyard_mysql" style="width:95%;" size="85" - value="<?=htmlspecialchars($pconfig['barnyard_mysql']);?>"> <br> + value="<?=htmlspecialchars($pconfig['barnyard_mysql']);?>"> <br/> <span class="vexpl"><?php echo gettext("Example: output database: alert, mysql, " . - "dbname=snort user=snort host=localhost password=xyz"); ?><br> + "dbname=snort user=snort host=localhost password=xyz"); ?><br/> <?php echo gettext("Example: output database: log, mysql, dbname=snort user=snort " . "host=localhost password=xyz"); ?></span></td> </tr> @@ -204,11 +199,11 @@ function enable_change(enable_change) { <td colspan="2" valign="top" class="listtopic"><?php echo gettext("Advanced Settings"); ?></td> </tr> <tr> - <td width="22%" valign="top" class="vncell"<?php echo gettext("Advanced configuration " . + <td width="22%" valign="top" class="vncell"><?php echo gettext("Advanced configuration " . "pass through"); ?></td> <td width="78%" class="vtable"><textarea name="barnconfigpassthru" style="width:95%;" cols="65" rows="7" id="barnconfigpassthru" ><?=htmlspecialchars($pconfig['barnconfigpassthru']);?></textarea> - <br> + <br/> <?php echo gettext("Arguments here will be automatically inserted into the running " . "barnyard2 configuration."); ?></td> </tr> @@ -220,8 +215,8 @@ function enable_change(enable_change) { </tr> <tr> <td width="22%" valign="top"> </td> - <td width="78%"><span class="vexpl"><span class="red"><strong><?php echo gettext("Note:"); ?></strong></span> - <br> + <td width="78%"><span class="vexpl"><span class="red"><strong><?php echo gettext("Note:"); ?></strong></span></span> + <br/> <?php echo gettext("Please save your settings before you click start."); ?> </td> </tr> </table> diff --git a/config/snort/snort_blocked.php b/config/snort/snort_blocked.php index 43b351ab..56edfbc5 100644 --- a/config/snort/snort_blocked.php +++ b/config/snort/snort_blocked.php @@ -191,10 +191,12 @@ if ($pconfig['brefresh'] == 'on') <col width="10%" align="center"> </colgroup> <thead> + <tr> <th class="listhdrr" axis="number">#</th> <th class="listhdrr" axis="string"><?php echo gettext("IP"); ?></th> <th class="listhdrr" axis="string"><?php echo gettext("Alert Description"); ?></th> <th class="listhdrr"><?php echo gettext("Remove"); ?></th> + </tr> </thead> <tbody> <?php diff --git a/config/snort/snort_define_servers.php b/config/snort/snort_define_servers.php index 8c19325b..371bbecd 100755 --- a/config/snort/snort_define_servers.php +++ b/config/snort/snort_define_servers.php @@ -127,7 +127,7 @@ if ($_POST) { write_config(); /* Update the snort conf file for this interface. */ - $rebuild_rules = "off"; + $rebuild_rules = false; snort_generate_conf($a_nat[$id]); /* after click go to this page */ diff --git a/config/snort/snort_interfaces.php b/config/snort/snort_interfaces.php index 390b83eb..84273167 100755 --- a/config/snort/snort_interfaces.php +++ b/config/snort/snort_interfaces.php @@ -145,9 +145,9 @@ if ($_GET['act'] == 'toggle' && is_numeric($id)) { log_error("Toggle (snort starting) for {$if_friendly}({$snortcfg['descr']})..."); /* set flag to rebuild interface rules before starting Snort */ - $rebuild_rules = "on"; + $rebuild_rules = true; sync_snort_package_config(); - $rebuild_rules = "off"; + $rebuild_rules = false; snort_start($snortcfg, $if_real); header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' ); @@ -364,7 +364,7 @@ if ($pfsense_stable == 'yes') </td> <td class="listbg" ondblclick="document.location='snort_interfaces_edit.php?id=<?=$nnats;?>';"> - <font color="#ffffff"> <?=htmlspecialchars($natent['descr']);?> + <font color="#ffffff"> <?=htmlspecialchars($natent['descr']);?> </font> </td> <td valign="middle" class="list" nowrap> <table border="0" cellspacing="0" cellpadding="0"> diff --git a/config/snort/snort_interfaces_suppress.php b/config/snort/snort_interfaces_suppress.php index 8095ff37..780a6e92 100644 --- a/config/snort/snort_interfaces_suppress.php +++ b/config/snort/snort_interfaces_suppress.php @@ -98,7 +98,7 @@ if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';} <?=htmlspecialchars($list['name']);?></td> <td class="listbg" ondblclick="document.location='snort_interfaces_suppress_edit.php?id=<?=$i;?>';"> - <font color="#FFFFFF"> <?=htmlspecialchars($list['descr']);?> + <font color="#FFFFFF"> <?=htmlspecialchars($list['descr']);?> </font> </td> <td valign="middle" nowrap class="list"> @@ -130,17 +130,17 @@ if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';} width="17" height="17" border="0" title="<?php echo gettext("add a new list"); ?>"></a></td> </tr> </table> - </div> </td> </tr> </table> +</div> </td></tr> <tr> <td colspan="3" width="100%"><br/><span class="vexpl"><span class="red"><strong><?php echo gettext("Note:"); ?></strong></span> - <p><span class="vexpl"><?php echo gettext("Here you can create event filtering and " . + <p><?php echo gettext("Here you can create event filtering and " . "suppression for your snort package rules."); ?><br/><br/> <?php echo gettext("Please note that you must restart a running Interface so that changes can " . - "take effect."); ?></span></p></td> + "take effect."); ?></p></span></td> </tr> </table> </form> diff --git a/config/snort/snort_list_view.php b/config/snort/snort_list_view.php index b7de064b..856367ef 100644 --- a/config/snort/snort_list_view.php +++ b/config/snort/snort_list_view.php @@ -47,10 +47,14 @@ $type = $_GET['type']; if (isset($id) && isset($wlist)) { $a_rule = $config['installedpackages']['snortglobal']['rule'][$id]; - if ($type == "whitelist") { + if ($type == "homenet") { $list = snort_build_list($a_rule, $wlist); $contents = implode("\n", $list); } + elseif ($type == "whitelist") { + $list = snort_build_list($a_rule, $wlist, true); + $contents = implode("\n", $list); + } elseif ($type == "suppress") { $list = snort_find_list($wlist, $type); $contents = str_replace("\r", "", base64_decode($list['suppresspassthru'])); diff --git a/config/snort/snort_rules_flowbits.php b/config/snort/snort_rules_flowbits.php index 215399c6..7a653af8 100644 --- a/config/snort/snort_rules_flowbits.php +++ b/config/snort/snort_rules_flowbits.php @@ -38,9 +38,10 @@ require_once("guiconfig.inc"); require_once("/usr/local/pkg/snort/snort.inc"); -global $g, $flowbit_rules_file, $rebuild_rules; +global $g, $rebuild_rules; $snortdir = SNORTDIR; +$flowbit_rules_file = FLOWBITS_FILENAME; $rules_map = array(); $supplist = array(); @@ -67,10 +68,10 @@ if ($a_nat[$id]['autoflowbitrules'] == 'on') { $rules_map = snort_load_rules_map("{$snortdir}/snort_{$snort_uuid}_{$if_real}/rules/{$flowbit_rules_file}"); } else - $savemsg = "There are no flowbit-required rules necessary for the current enforcing rule set."; + $savemsg = gettext("There are no flowbit-required rules necessary for the current enforcing rule set."); } else - $input_errors[] = "Auto-Flowbit rule generation is disabled for this interface!"; + $input_errors[] = gettext("Auto-Flowbit rule generation is disabled for this interface!"); if ($_GET['act'] == "addsuppress" && is_numeric($_GET['sidid']) && is_numeric($_GET['gen_id'])) { $descr = snort_get_msg($rules_map[$_GET['gen_id']][$_GET['sidid']]['rule']); @@ -83,6 +84,7 @@ if ($_GET['act'] == "addsuppress" && is_numeric($_GET['sidid']) && is_numeric($_ if (!is_array($config['installedpackages']['snortglobal']['suppress']['item'])) $config['installedpackages']['snortglobal']['suppress']['item'] = array(); $a_suppress = &$config['installedpackages']['snortglobal']['suppress']['item']; + $found_list = false; if (empty($a_nat[$id]['suppresslistname']) || $a_nat[$id]['suppresslistname'] == 'default') { $s_list = array(); @@ -92,9 +94,11 @@ if ($_GET['act'] == "addsuppress" && is_numeric($_GET['sidid']) && is_numeric($_ $s_list['suppresspassthru'] = base64_encode($suppress); $a_suppress[] = $s_list; $a_nat[$id]['suppresslistname'] = $s_list['name']; + $found_list = true; } else { foreach ($a_suppress as $a_id => $alist) { if ($alist['name'] == $a_nat[$id]['suppresslistname']) { + $found_list = true; if (!empty($alist['suppresspassthru'])) { $tmplist = base64_decode($alist['suppresspassthru']); $tmplist .= "\n{$suppress}"; @@ -104,10 +108,16 @@ if ($_GET['act'] == "addsuppress" && is_numeric($_GET['sidid']) && is_numeric($_ } } } - write_config(); - $rebuild_rules = "off"; - sync_snort_package_config(); - $savemsg = "Wrote suppress rule for gen_id {$_GET['gen_id']}, sig_id {$_GET['sidid']} to the {$a_nat[$id]['suppresslistname']} Suppression List."; + if ($found_list) { + write_config(); + $rebuild_rules = false; + sync_snort_package_config(); + $savemsg = gettext("Wrote suppress rule for 'gen_id {$_GET['gen_id']}, sig_id {$_GET['sidid']}' to the '{$a_nat[$id]['suppresslistname']}' Suppression List."); + } + else { + /* We did not find the defined list, so notify the user with an error */ + $input_errors[] = gettext("Suppress List '{$a_nat[$id]['suppresslistname']}' is defined for this interface, but it could not be found!"); + } } function truncate($string, $length) { @@ -165,11 +175,11 @@ if ($savemsg) </tr> <tr> <td width="78%" class="vncell"> - <table width="100%" border="0 cellspacing="2" cellpadding="0"> + <table width="100%" border="0" cellspacing="2" cellpadding="0"> <tr> <td width="17px"><img src="../themes/<?=$g['theme']?>/images/icons/icon_plus.gif" width='12' height='12' border='0'/></td> <td><span class="vexpl"><?php echo gettext("Alert is Not Suppressed"); ?></span></td> - <td rowspan="3" align="right"><input id="cancelbutton" name="cancelbutton" type="button" class="formbtn" onclick="history.back()" <?php + <td rowspan="3" align="right"><input id="cancelbutton" name="cancelbutton" type="button" class="formbtn" onclick="parent.location='snort_rulesets.php?id=<?=$id;?>'" <?php echo "value=\"" . gettext("Return") . "\" title=\"" . gettext("Return to previous page") . "\""; ?>/></td> </tr> <tr> @@ -197,12 +207,14 @@ if ($savemsg) <col axis="string"> </colgroup> <thead> + <tr> <th class="listhdrr" axis="number"><?php echo gettext("SID"); ?></th> - <td class="listhdrr" axis="string"><?php echo gettext("Proto"); ?></th> + <th class="listhdrr" axis="string"><?php echo gettext("Proto"); ?></th> <th class="listhdrr" axis="string"><?php echo gettext("Source"); ?></th> <th class="listhdrr" axis="string"><?php echo gettext("Destination"); ?></th> <th class="listhdrr" axis="string"><?php echo gettext("Flowbits"); ?></th> <th class="listhdrr" axis="string"><?php echo gettext("Message"); ?></th> + </tr> <thead> <tbody> <?php @@ -228,12 +240,12 @@ if ($savemsg) else { if (!isset($supplist[$gid][$sid])) { $supplink = "<a href=\"?id={$id}&act=addsuppress&sidid={$sid}&gen_id={$gid}\">"; - $supplink .= "<img src=\"../themes/{$g['theme']}/images/icons/icon_plus.gif\""; + $supplink .= "<img src=\"../themes/{$g['theme']}/images/icons/icon_plus.gif\" "; $supplink .= "width='12' height='12' border='0' title='"; $supplink .= gettext("Click to add to Suppress List") . "'/></a>"; } else { - $supplink .= "<img src=\"../themes/{$g['theme']}/images/icons/icon_plus_d.gif\""; + $supplink = "<img src=\"../themes/{$g['theme']}/images/icons/icon_plus_d.gif\" "; $supplink .= "width='12' height='12' border='0' title='"; $supplink .= gettext("Alert has been suppressed") . "'/>"; } @@ -260,7 +272,7 @@ if ($savemsg) <?php if ($count > 20): ?> <tr> <td align="center" valign="middle"> - <input id="cancelbutton" name="cancelbutton" type="button" class="formbtn" onclick="history.back()" <?php + <input id="cancelbutton" name="cancelbutton" type="button" class="formbtn" onclick="parent.location='snort_rulesets.php?id=<?=$id;?>'" <?php echo "value=\"" . gettext("Return") . "\" title=\"" . gettext("Return to previous page") . "\""; ?>/> <input name="id" type="hidden" value="<?=$id;?>" /> </td> diff --git a/config/snort/snort_rulesets.php b/config/snort/snort_rulesets.php index fa3efc1b..7ec0edbd 100755 --- a/config/snort/snort_rulesets.php +++ b/config/snort/snort_rulesets.php @@ -32,9 +32,10 @@ require_once("guiconfig.inc"); require_once("/usr/local/pkg/snort/snort.inc"); -global $g, $flowbit_rules_file, $rebuild_rules; +global $g, $rebuild_rules; $snortdir = SNORTDIR; +$flowbit_rules_file = FLOWBITS_FILENAME; if (!is_array($config['installedpackages']['snortglobal']['rule'])) { $config['installedpackages']['snortglobal']['rule'] = array(); @@ -143,9 +144,9 @@ if ($_POST["Submit"]) { /* Update the snort conf file and rebuild the */ /* rules for this interface. */ /*************************************************/ - $rebuild_rules = "on"; + $rebuild_rules = true; snort_generate_conf($a_nat[$id]); - $rebuild_rules = "off"; + $rebuild_rules = false; header("Location: /snort/snort_rulesets.php?id=$id"); exit; |