aboutsummaryrefslogtreecommitdiffstats
path: root/config/suricata/suricata_flow_stream.php
diff options
context:
space:
mode:
Diffstat (limited to 'config/suricata/suricata_flow_stream.php')
-rw-r--r--config/suricata/suricata_flow_stream.php62
1 files changed, 36 insertions, 26 deletions
diff --git a/config/suricata/suricata_flow_stream.php b/config/suricata/suricata_flow_stream.php
index ba594d55..53c4e010 100644
--- a/config/suricata/suricata_flow_stream.php
+++ b/config/suricata/suricata_flow_stream.php
@@ -251,7 +251,6 @@ elseif ($_POST['ResetAll']) {
$pconfig['flow_icmp_emerg_established_timeout'] = '100';
$pconfig['stream_memcap'] = '33554432';
- $pconfig['stream_max_sessions'] = '262144';
$pconfig['stream_prealloc_sessions'] = '32768';
$pconfig['reassembly_memcap'] = '67108864';
$pconfig['reassembly_depth'] = '1048576';
@@ -261,9 +260,9 @@ elseif ($_POST['ResetAll']) {
$pconfig['enable_async_sessions'] = 'off';
/* Log a message at the top of the page to inform the user */
- $savemsg = gettext("All flow and stream settings have been reset to their defaults.");
+ $savemsg = gettext("All flow and stream settings have been reset to their defaults. Click APPLY to save the changes.");
}
-elseif ($_POST['save']) {
+elseif ($_POST['save'] || $_POST['apply']) {
$natent = array();
$natent = $pconfig;
@@ -300,7 +299,6 @@ elseif ($_POST['save']) {
if ($_POST['flow_icmp_emerg_established_timeout'] != "") { $natent['flow_icmp_emerg_established_timeout'] = $_POST['flow_icmp_emerg_established_timeout']; }else{ $natent['flow_icmp_emerg_established_timeout'] = "100"; }
if ($_POST['stream_memcap'] != "") { $natent['stream_memcap'] = $_POST['stream_memcap']; }else{ $natent['stream_memcap'] = "33554432"; }
- if ($_POST['stream_max_sessions'] != "") { $natent['stream_max_sessions'] = $_POST['stream_max_sessions']; }else{ $natent['stream_max_sessions'] = "262144"; }
if ($_POST['stream_prealloc_sessions'] != "") { $natent['stream_prealloc_sessions'] = $_POST['stream_prealloc_sessions']; }else{ $natent['stream_prealloc_sessions'] = "32768"; }
if ($_POST['enable_midstream_sessions'] == "on") { $natent['enable_midstream_sessions'] = 'on'; }else{ $natent['enable_midstream_sessions'] = 'off'; }
if ($_POST['enable_async_sessions'] == "on") { $natent['enable_async_sessions'] = 'on'; }else{ $natent['enable_async_sessions'] = 'off'; }
@@ -318,7 +316,12 @@ elseif ($_POST['save']) {
$a_nat[$id] = $natent;
write_config();
$rebuild_rules = false;
+ conf_mount_rw();
suricata_generate_yaml($natent);
+ conf_mount_ro();
+
+ // Sync to configured CARP slaves if any are enabled
+ suricata_sync_on_changes();
}
header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' );
@@ -431,32 +434,39 @@ include_once("head.inc");
<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
<?php include("fbegin.inc");
-
- /* Display error or save message */
- if ($input_errors) {
- print_input_errors($input_errors); // TODO: add checks
- }
- if ($savemsg) {
- print_info_box($savemsg);
- }
+/* Display error message */
+if ($input_errors) {
+ print_input_errors($input_errors); // TODO: add checks
+}
?>
<form action="suricata_flow_stream.php" method="post" name="iform" id="iform">
<input type="hidden" name="eng_id" id="eng_id" value="<?=$eng_id;?>"/>
<input type="hidden" name="id" id="id" value="<?=$id;?>"/>
+<?php
+if ($savemsg) {
+ /* Display save message */
+ print_info_box($savemsg);
+}
+?>
+
<table width="100%" border="0" cellpadding="0" cellspacing="0">
+<tbody>
<tr><td>
<?php
$tab_array = array();
- $tab_array[] = array(gettext("Suricata Interfaces"), false, "/suricata/suricata_interfaces.php");
+ $tab_array[] = array(gettext("Interfaces"), true, "/suricata/suricata_interfaces.php");
$tab_array[] = array(gettext("Global Settings"), false, "/suricata/suricata_global.php");
- $tab_array[] = array(gettext("Update Rules"), false, "/suricata/suricata_download_updates.php");
+ $tab_array[] = array(gettext("Updates"), false, "/suricata/suricata_download_updates.php");
$tab_array[] = array(gettext("Alerts"), false, "/suricata/suricata_alerts.php?instance={$id}");
+ $tab_array[] = array(gettext("Blocks"), false, "/suricata/suricata_blocked.php");
$tab_array[] = array(gettext("Pass Lists"), false, "/suricata/suricata_passlist.php");
$tab_array[] = array(gettext("Suppress"), false, "/suricata/suricata_suppress.php");
- $tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php?instance={$id}");
+ $tab_array[] = array(gettext("Logs View"), false, "/suricata/suricata_logs_browser.php?instance={$id}");
$tab_array[] = array(gettext("Logs Mgmt"), false, "/suricata/suricata_logs_mgmt.php");
+ $tab_array[] = array(gettext("SID Mgmt"), false, "/suricata/suricata_sid_mgmt.php");
+ $tab_array[] = array(gettext("Sync"), false, "/pkg_edit.php?xml=suricata/suricata_sync.xml");
display_top_tabs($tab_array, true);
echo '</td></tr>';
echo '<tr><td>';
@@ -489,6 +499,7 @@ include_once("head.inc");
<?php else: ?>
<table id="maintable" class="tabcont" width="100%" border="0" cellpadding="6" cellspacing="0">
+ <tbody>
<tr>
<td colspan="2" valign="top" class="listtopic"><?php echo gettext("Host-Specific Defrag and Stream Settings"); ?></td>
</tr>
@@ -511,6 +522,7 @@ include_once("head.inc");
height="17" border="0" title="<?php echo gettext("Add a new policy configuration");?>"/></th>
</tr>
</thead>
+ <tbody>
<?php foreach ($pconfig['host_os_policy']['item'] as $f => $v): ?>
<tr>
<td class="listlr" align="left"><?=gettext($v['name']);?></td>
@@ -529,6 +541,7 @@ include_once("head.inc");
</td>
</tr>
<?php endforeach; ?>
+ </tbody>
</table>
</td>
</tr>
@@ -633,6 +646,7 @@ include_once("head.inc");
<td width="22%" valign="top" class="vncell"><?php echo gettext("TCP Connections"); ?></td>
<td width="78%" class="vtable">
<table width="100%" cellspacing="4" cellpadding="0" border="0">
+ <tbody>
<tr>
<td class="vexpl"><input name="flow_tcp_new_timeout" type="text" class="formfld unknown" id="flow_tcp_new_timeout"
size="9" value="<?=htmlspecialchars($pconfig['flow_tcp_new_timeout']);?>">&nbsp;
@@ -669,6 +683,7 @@ include_once("head.inc");
<?php echo gettext("Emergency Closed TCP connection timeout in seconds. Default is ") . "<strong>" . gettext("20") . "</strong>."; ?>
</td>
</tr>
+ </tbody>
</table>
</td>
</tr>
@@ -676,6 +691,7 @@ include_once("head.inc");
<td width="22%" valign="top" class="vncell"><?php echo gettext("UDP Connections"); ?></td>
<td width="78%" class="vtable">
<table width="100%" cellspacing="4" cellpadding="0" border="0">
+ <tbody>
<tr>
<td class="vexpl"><input name="flow_udp_new_timeout" type="text" class="formfld unknown" id="flow_udp_new_timeout"
size="9" value="<?=htmlspecialchars($pconfig['flow_udp_new_timeout']);?>">&nbsp;
@@ -700,6 +716,7 @@ include_once("head.inc");
<?php echo gettext("Emergency Established UDP connection timeout in seconds. Default is ") . "<strong>" . gettext("100") . "</strong>."; ?>
</td>
</tr>
+ </tbody>
</table>
</td>
</tr>
@@ -707,6 +724,7 @@ include_once("head.inc");
<td width="22%" valign="top" class="vncell"><?php echo gettext("ICMP Connections"); ?></td>
<td width="78%" class="vtable">
<table width="100%" cellspacing="4" cellpadding="0" border="0">
+ <tbody>
<tr>
<td class="vexpl"><input name="flow_icmp_new_timeout" type="text" class="formfld unknown" id="flow_icmp_new_timeout"
size="9" value="<?=htmlspecialchars($pconfig['flow_icmp_new_timeout']);?>">&nbsp;
@@ -731,6 +749,7 @@ include_once("head.inc");
<?php echo gettext("Emergency Established ICMP connection timeout in seconds. Default is ") . "<strong>" . gettext("100") . "</strong>."; ?>
</td>
</tr>
+ </tbody>
</table>
</td>
</tr>
@@ -748,16 +767,6 @@ include_once("head.inc");
</td>
</tr>
<tr>
- <td width="22%" valign="top" class="vncell"><?php echo gettext("Max Sessions"); ?></td>
- <td width="78%" class="vtable">
- <input name="stream_max_sessions" type="text" class="formfld unknown" id="stream_max_sessions" size="9"
- value="<?=htmlspecialchars($pconfig['stream_max_sessions']);?>">&nbsp;
- <?php echo gettext("Max concurrent stream engine sessions. Default is ") .
- "<strong>" . gettext("262,144") . "</strong>" . gettext(" sessions."); ?><br/><br/>
- <?php echo gettext("Sets the maximum number of concurrent sessions to be used by the stream engine."); ?>
- </td>
- </tr>
- <tr>
<td width="22%" valign="top" class="vncell"><?php echo gettext("Preallocated Sessions"); ?></td>
<td width="78%" class="vtable">
<input name="stream_prealloc_sessions" type="text" class="formfld unknown" id="stream_prealloc_sessions" size="9"
@@ -835,12 +844,13 @@ include_once("head.inc");
<?php echo gettext("Please save your settings before you exit. Changes will rebuild the rules file. This "); ?>
<?php echo gettext("may take several seconds. Suricata must also be restarted to activate any changes made on this screen."); ?></td>
</tr>
+ </tbody>
</table>
<?php endif; ?>
</div>
-</td></tr></table>
+</td></tr></tbody></table>
</form>
<?php include("fend.inc"); ?>
</body>