aboutsummaryrefslogtreecommitdiffstats
path: root/config/suricata
diff options
context:
space:
mode:
Diffstat (limited to 'config/suricata')
-rw-r--r--config/suricata/suricata.inc97
-rw-r--r--config/suricata/suricata_global.php14
2 files changed, 102 insertions, 9 deletions
diff --git a/config/suricata/suricata.inc b/config/suricata/suricata.inc
index d9842eb5..a2be802a 100644
--- a/config/suricata/suricata.inc
+++ b/config/suricata/suricata.inc
@@ -502,6 +502,97 @@ function suricata_loglimit_install_cron($should_install=true) {
install_cron_job("/usr/bin/nice -n20 /usr/local/bin/php -f /usr/local/pkg/suricata/suricata_check_cron_misc.inc", $should_install, "*/5");
}
+function suricata_rm_blocked_install_cron($should_install) {
+ global $config, $g;
+ $suri_pf_table = SURICATA_PF_TABLE;
+
+ $suricata_rm_blocked_info_ck = $config['installedpackages']['suricata']['config'][0]['rm_blocked'];
+
+ if ($suricata_rm_blocked_info_ck == "15m_b") {
+ $suricata_rm_blocked_min = "*/1";
+ $suricata_rm_blocked_hr = "*";
+ $suricata_rm_blocked_mday = "*";
+ $suricata_rm_blocked_month = "*";
+ $suricata_rm_blocked_wday = "*";
+ $suricata_rm_blocked_expire = "900";
+ }
+ if ($suricata_rm_blocked_info_ck == "30m_b") {
+ $suricata_rm_blocked_min = "*/5";
+ $suricata_rm_blocked_hr = "*";
+ $suricata_rm_blocked_mday = "*";
+ $suricata_rm_blocked_month = "*";
+ $suricata_rm_blocked_wday = "*";
+ $suricata_rm_blocked_expire = "1800";
+ }
+ if ($suricata_rm_blocked_info_ck == "1h_b") {
+ $suricata_rm_blocked_min = "*/5";
+ $suricata_rm_blocked_hr = "*";
+ $suricata_rm_blocked_mday = "*";
+ $suricata_rm_blocked_month = "*";
+ $suricata_rm_blocked_wday = "*";
+ $suricata_rm_blocked_expire = "3600";
+ }
+ if ($suricata_rm_blocked_info_ck == "3h_b") {
+ $suricata_rm_blocked_min = "*/5";
+ $suricata_rm_blocked_hr = "*";
+ $suricata_rm_blocked_mday = "*";
+ $suricata_rm_blocked_month = "*";
+ $suricata_rm_blocked_wday = "*";
+ $suricata_rm_blocked_expire = "10800";
+ }
+ if ($suricata_rm_blocked_info_ck == "6h_b") {
+ $suricata_rm_blocked_min = "*/5";
+ $suricata_rm_blocked_hr = "*";
+ $suricata_rm_blocked_mday = "*";
+ $suricata_rm_blocked_month = "*";
+ $suricata_rm_blocked_wday = "*";
+ $suricata_rm_blocked_expire = "21600";
+ }
+ if ($suricata_rm_blocked_info_ck == "12h_b") {
+ $suricata_rm_blocked_min = "*/5";
+ $suricata_rm_blocked_hr = "*";
+ $suricata_rm_blocked_mday = "*";
+ $suricata_rm_blocked_month = "*";
+ $suricata_rm_blocked_wday = "*";
+ $suricata_rm_blocked_expire = "43200";
+ }
+ if ($suricata_rm_blocked_info_ck == "1d_b") {
+ $suricata_rm_blocked_min = "*/5";
+ $suricata_rm_blocked_hr = "*";
+ $suricata_rm_blocked_mday = "*";
+ $suricata_rm_blocked_month = "*";
+ $suricata_rm_blocked_wday = "*";
+ $suricata_rm_blocked_expire = "86400";
+ }
+ if ($suricata_rm_blocked_info_ck == "4d_b") {
+ $suricata_rm_blocked_min = "*/5";
+ $suricata_rm_blocked_hr = "*";
+ $suricata_rm_blocked_mday = "*";
+ $suricata_rm_blocked_month = "*";
+ $suricata_rm_blocked_wday = "*";
+ $suricata_rm_blocked_expire = "345600";
+ }
+ if ($suricata_rm_blocked_info_ck == "7d_b") {
+ $suricata_rm_blocked_min = "*/5";
+ $suricata_rm_blocked_hr = "*";
+ $suricata_rm_blocked_mday = "*";
+ $suricata_rm_blocked_month = "*";
+ $suricata_rm_blocked_wday = "*";
+ $suricata_rm_blocked_expire = "604800";
+ }
+ if ($suricata_rm_blocked_info_ck == "28d_b") {
+ $suricata_rm_blocked_min = "*/5";
+ $suricata_rm_blocked_hr = "*";
+ $suricata_rm_blocked_mday = "*";
+ $suricata_rm_blocked_month = "*";
+ $suricata_rm_blocked_wday = "*";
+ $suricata_rm_blocked_expire = "2419200";
+ }
+
+ $command = "/usr/bin/nice -n20 /sbin/pfctl -t {$suri_pf_table} -T expire {$suricata_rm_blocked_expire}";
+ install_cron_job($command, $should_install, $suricata_rm_blocked_min, $suricata_rm_blocked_hr, $suricata_rm_blocked_mday, $suricata_rm_blocked_month, $suricata_rm_blocked_wday, "root");
+}
+
function sync_suricata_package_config() {
global $config, $g;
@@ -534,9 +625,11 @@ function sync_suricata_package_config() {
$suricataglob = $config['installedpackages']['suricata']['config'][0];
// setup the log directory size check job if enabled
- suricata_loglimit_install_cron();
+ suricata_loglimit_install_cron(true);
// setup the suricata rules update job if enabled
- suricata_rules_up_install_cron($suricataglob['autoruleupdate'] != "never_up" ? true : false);
+ suricata_rules_up_install_cron($config['installedpackages']['suricata']['config'][0]['autoruleupdate'] != "never_up" ? true : false);
+ // set the suricata blocked hosts time
+ suricata_rm_blocked_install_cron($config['installedpackages']['suricata']['config'][0]['rm_blocked'] != "never_b" ? true : false);
write_config();
configure_cron();
diff --git a/config/suricata/suricata_global.php b/config/suricata/suricata_global.php
index 07638b97..a780cb89 100644
--- a/config/suricata/suricata_global.php
+++ b/config/suricata/suricata_global.php
@@ -124,7 +124,7 @@ if (!$input_errors) {
$retval = 0;
- /* create whitelist and homenet file, then sync files */
+ /* create passlist and homenet file, then sync files */
sync_suricata_package_config();
write_config();
@@ -306,18 +306,18 @@ if ($input_errors)
<tr>
<td colspan="2" valign="top" class="listtopic"><?php echo gettext("General Settings"); ?></td>
</tr>
-<tr style="display:none;">
+<tr>
<td width="22%" valign="top" class="vncell"><?php echo gettext("Remove Blocked Hosts Interval"); ?></td>
<td width="78%" class="vtable">
<select name="rm_blocked" class="formselect" id="rm_blocked">
<?php
$interfaces3 = array('never_b' => gettext('NEVER'), '15m_b' => gettext('15 MINS'), '30m_b' => gettext('30 MINS'), '1h_b' => gettext('1 HOUR'), '3h_b' => gettext('3 HOURS'), '6h_b' => gettext('6 HOURS'), '12h_b' => gettext('12 HOURS'), '1d_b' => gettext('1 DAY'), '4d_b' => gettext('4 DAYS'), '7d_b' => gettext('7 DAYS'), '28d_b' => gettext('28 DAYS'));
foreach ($interfaces3 as $iface3 => $ifacename3): ?>
- <option value="<?=$iface3;?>"
- <?php if ($iface3 == $pconfig['rm_blocked']) echo "selected"; ?>>
- <?=htmlspecialchars($ifacename3);?></option>
- <?php endforeach; ?>
- </select>&nbsp;
+ <option value="<?=$iface3;?>"
+ <?php if ($iface3 == $pconfig['rm_blocked']) echo "selected"; ?>>
+ <?=htmlspecialchars($ifacename3);?></option>
+ <?php endforeach; ?>
+ </select>&nbsp;
<?php echo gettext("Please select the amount of time you would like hosts to be blocked."); ?><br/><br/>
<?php echo "<span class=\"red\"><strong>" . gettext("Hint:") . "</strong></span>" . gettext(" in most cases, 1 hour is a good choice.");?></td>
</tr>