aboutsummaryrefslogtreecommitdiffstats
path: root/config/suricata/suricata_sync.xml
diff options
context:
space:
mode:
Diffstat (limited to 'config/suricata/suricata_sync.xml')
-rw-r--r--config/suricata/suricata_sync.xml216
1 files changed, 216 insertions, 0 deletions
diff --git a/config/suricata/suricata_sync.xml b/config/suricata/suricata_sync.xml
new file mode 100644
index 00000000..a85a3d63
--- /dev/null
+++ b/config/suricata/suricata_sync.xml
@@ -0,0 +1,216 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE packagegui SYSTEM "./schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="./xsl/package.xsl"?>
+<packagegui>
+ <copyright>
+<![CDATA[
+/* $Id$ */
+/* ========================================================================== */
+/*
+based on snortsync.xml developed as part
+of pfSense (http://www.pfSense.com)
+Copyright (C) 2013 Marcello Coutinho
+based on pfblocker_sync.xml
+All rights reserved.
+
+modified for use with Suricata package
+Copyright (C) 2014 Bill Meeks
+All rights reserved.
+
+Based on m0n0wall (http://m0n0.ch/wall)
+Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+All rights reserved.
+*/
+/* ========================================================================== */
+/*
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+1. Redistributions of source code MUST retain the above copyright notice,
+this list of conditions and the following disclaimer.
+
+2. Redistributions in binary form MUST reproduce the above copyright
+notice, this list of conditions and the following disclaimer in the
+documentation and/or other materials provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+POSSIBILITY OF SUCH DAMAGE.
+*/
+/* ========================================================================== */
+]]></copyright>
+ <description><![CDATA[Describe your package here]]></description>
+ <requirements>Describe your package requirements here</requirements>
+ <faq>Currently there are no FAQ items provided.</faq>
+ <name>suricatasync</name>
+ <version>1.0</version>
+ <title>Suricata: XMLRPC Sync</title>
+ <include_file>/usr/local/pkg/suricata/suricata.inc</include_file>
+ <tabs>
+ <tab>
+ <text>Interfaces</text>
+ <url>/suricata/suricata_interfaces.php</url>
+ <no_drop_down/>
+ </tab>
+ <tab>
+ <text>Global Settings</text>
+ <url>/suricata/suricata_global.php</url>
+ <no_drop_down/>
+ </tab>
+ <tab>
+ <text>Updates</text>
+ <url>/suricata/suricata_download_updates.php</url>
+ <no_drop_down/>
+ </tab>
+ <tab>
+ <text>Alerts</text>
+ <url>/suricata/suricata_alerts.php</url>
+ <no_drop_down/>
+ </tab>
+ <tab>
+ <text>Blocks</text>
+ <url>/suricata/suricata_blocked.php</url>
+ <no_drop_down/>
+ </tab>
+ <tab>
+ <text>Pass Lists</text>
+ <url>/suricata/suricata_passlist.php</url>
+ <no_drop_down/>
+ </tab>
+ <tab>
+ <text>Suppress</text>
+ <url>/suricata/suricata_suppress.php</url>
+ <no_drop_down/>
+ </tab>
+ <tab>
+ <text>Logs View</text>
+ <url>/suricata/suricata_logs_browser.php</url>
+ <no_drop_down/>
+ </tab>
+ <tab>
+ <text>Logs Mgmt</text>
+ <url>/suricata/suricata_logs_mgmt.php</url>
+ <no_drop_down/>
+ </tab>
+ <tab>
+ <text>SID Mgmt</text>
+ <url>/suricata/suricata_sid_mgmt.php</url>
+ <no_drop_down/>
+ </tab>
+ <tab>
+ <text>Sync</text>
+ <url>/pkg_edit.php?xml=suricata/suricata_sync.xml</url>
+ <no_drop_down/>
+ <active/>
+ </tab>
+ </tabs>
+ <fields>
+ <field>
+ <name>Suricata Package XMLRPC Sync Settings</name>
+ <type>listtopic</type>
+ </field>
+ <field>
+ <fielddescr>Enable Sync</fielddescr>
+ <fieldname>varsynconchanges</fieldname>
+ <description><![CDATA[All changes will be synced with apply config to the IPs listed below if this option is checked.<br/><br/>
+ <b>Important:</b> While using "Sync to hosts defined below", only sync from host A to B, A to C but <b>do not</B> enable XMLRPC sync <b>to</b> A. This will result in a loop!]]></description>
+ <type>select</type>
+ <required/>
+ <default_value>disabled</default_value>
+ <options>
+ <option><name>Sync to configured system backup server</name><value>auto</value></option>
+ <option><name>Sync to host(s) defined below</name><value>manual</value></option>
+ <option><name>Do not sync this package configuration</name><value>disabled</value></option>
+ </options>
+ </field>
+ <field>
+ <fielddescr>XMLRPC Timeout</fielddescr>
+ <fieldname>varsynctimeout</fieldname>
+ <description><![CDATA[Timeout in seconds for the XMLRPC timeout. Default: 150]]></description>
+ <type>input</type>
+ <default_value>150</default_value>
+ <size>5</size>
+ </field>
+
+ <field>
+ <fielddescr>Refresh Rule Sets</fielddescr>
+ <fieldname>vardownloadrules</fieldname>
+ <description><![CDATA[Ask target hosts to refresh rule sets files on each sync operation.<br/><br/>
+ During each Suricata package sync operation, ask the target remote host to check for
+ a new set of posted rule sets files and refresh the local copies if necessary. The default is
+ to refresh the files if newer versions have been posted.<br/><br/>
+ <b>Note: </b>The sync process will wait for the rules download and rebuild to finish on the target remote host before returning.]]></description>
+ <type>select</type>
+ <default_value>yes</default_value>
+ <options>
+ <option><name>Signal target host to refresh rules files</name><value>yes</value></option>
+ <option><name>Do NOT ask target host to refresh rules files</name><value>no</value></option>
+ </options>
+ </field>
+
+ <field>
+ <fielddescr>Replication Targets</fielddescr>
+ <fieldname>none</fieldname>
+ <type>rowhelper</type>
+ <rowhelper>
+ <rowhelperfield>
+ <fielddescr>Enable</fielddescr>
+ <fieldname>varsyncdestinenable</fieldname>
+ <description><![CDATA[Enable this host as a replication target]]></description>
+ <type>checkbox</type>
+ </rowhelperfield>
+ <rowhelperfield>
+ <fielddescr>Protocol</fielddescr>
+ <fieldname>varsyncprotocol</fieldname>
+ <description><![CDATA[Choose the protocol of the destination host. Probably <b>http</b> or <b>https</b>]]></description>
+ <type>select</type>
+ <default_value>HTTP</default_value>
+ <options>
+ <option><name>HTTP</name><value>http</value></option>
+ <option><name>HTTPS</name><value>https</value></option>
+ </options>
+ </rowhelperfield>
+ <rowhelperfield>
+ <fielddescr>IP-Address</fielddescr>
+ <fieldname>varsyncipaddress</fieldname>
+ <description><![CDATA[IP Address of the destination host.]]></description>
+ <type>input</type>
+ <size>15</size>
+ </rowhelperfield>
+ <rowhelperfield>
+ <fielddescr>Port</fielddescr>
+ <fieldname>varsyncport</fieldname>
+ <description><![CDATA[Choose the sync port of the destination host.]]></description>
+ <type>input</type>
+ <size>3</size>
+ </rowhelperfield>
+ <rowhelperfield>
+ <fielddescr>Admin Password</fielddescr>
+ <fieldname>varsyncpassword</fieldname>
+ <description><![CDATA[Password of the user "admin" on the destination host.]]></description>
+ <type>password</type>
+ <size>20</size>
+ </rowhelperfield>
+ <rowhelperfield>
+ <fielddescr>Start Suricata</fielddescr>
+ <fieldname>varsyncsuricatastart</fieldname>
+ <description><![CDATA[Start Suricata on target host if not already running.]]></description>
+ <type>checkbox</type>
+ <value>ON</value>
+ </rowhelperfield>
+ </rowhelper>
+ </field>
+ </fields>
+ <custom_delete_php_command>
+ </custom_delete_php_command>
+ <custom_php_resync_config_command>
+ write_config("Suricata pkg: updating CARP sync info.");suricata_sync_on_changes();
+ </custom_php_resync_config_command>
+</packagegui>