diff options
Diffstat (limited to 'config')
-rw-r--r-- | config/suricata/suricata_alerts.php | 12 | ||||
-rw-r--r-- | config/suricata/suricata_app_parsers.php | 145 | ||||
-rw-r--r-- | config/suricata/suricata_download_updates.php | 18 | ||||
-rw-r--r-- | config/suricata/suricata_flow_stream.php | 144 | ||||
-rw-r--r-- | config/suricata/suricata_global.php | 12 | ||||
-rw-r--r-- | config/suricata/suricata_import_aliases.php | 191 | ||||
-rw-r--r-- | config/suricata/suricata_interfaces_edit.php | 43 | ||||
-rw-r--r-- | config/suricata/suricata_libhtp_policy_engine.php | 12 | ||||
-rw-r--r-- | config/suricata/suricata_os_policy_engine.php | 12 | ||||
-rw-r--r-- | config/suricata/suricata_rules.php | 228 | ||||
-rw-r--r-- | config/suricata/suricata_rulesets.php | 60 |
11 files changed, 408 insertions, 469 deletions
diff --git a/config/suricata/suricata_alerts.php b/config/suricata/suricata_alerts.php index 2f23260b..3fc39f36 100644 --- a/config/suricata/suricata_alerts.php +++ b/config/suricata/suricata_alerts.php @@ -208,9 +208,11 @@ if (($_POST['addsuppress_srcip'] || $_POST['addsuppress_dstip'] || $_POST['addsu exit; } - /* Add the new entry to the Suppress List */ - if (suricata_add_supplist_entry($suppress)) + /* Add the new entry to the Suppress List and signal Suricata to reload config */ + if (suricata_add_supplist_entry($suppress)) { + suricata_reload_config($a_instance[$instanceid]); $savemsg = $success; + } else $input_errors[] = gettext("Suppress List '{$a_instance[$instanceid]['suppresslistname']}' is defined for this interface, but it could not be found!"); } @@ -547,11 +549,11 @@ if (file_exists("/var/log/suricata/suricata_{$if_real}{$suricata_uuid}/alerts.lo <td class='listr' align='center'>{$alert_priority}</td> <td class='listr' align='center'>{$alert_proto}</td> <td class='listr' style=\"word-wrap:break-word;\">{$alert_class}</td> - <td class='listr' align='center'>{$alert_ip_src}</td> + <td class='listr' align='center' sorttable_customkey='{$fields[9]}'>{$alert_ip_src}</td> <td class='listr' align='center'>{$alert_src_p}</td> - <td class='listr' align='center'>{$alert_ip_dst}</td> + <td class='listr' align='center' sorttable_customkey='{$fields[11]}'>{$alert_ip_dst}</td> <td class='listr' align='center'>{$alert_dst_p}</td> - <td class='listr' align='center'>{$alert_sid_str}<br/>{$sidsupplink} {$sid_dsbl_link}</td> + <td class='listr' align='center' sorttable_customkey='{$fields[3]}'>{$alert_sid_str}<br/>{$sidsupplink} {$sid_dsbl_link}</td> <td class='listr' style=\"word-wrap:break-word;\">{$alert_descr}</td> </tr>\n"; diff --git a/config/suricata/suricata_app_parsers.php b/config/suricata/suricata_app_parsers.php index 0be45c32..1706f04a 100644 --- a/config/suricata/suricata_app_parsers.php +++ b/config/suricata/suricata_app_parsers.php @@ -28,7 +28,6 @@ * POSSIBILITY OF SUCH DAMAGE. */ - require_once("guiconfig.inc"); require_once("/usr/local/pkg/suricata/suricata.inc"); @@ -37,10 +36,8 @@ global $g, $rebuild_rules; $id = $_GET['id']; if (isset($_POST['id'])) $id = $_POST['id']; -if (is_null($id)) { - header("Location: /suricata/suricata_interfaces.php"); - exit; -} +if (is_null($id)) + $id = 0; if (!is_array($config['installedpackages']['suricata'])) $config['installedpackages']['suricata'] = array(); @@ -51,10 +48,21 @@ if (!is_array($config['installedpackages']['suricata']['rule'])) if (!is_array($config['installedpackages']['suricata']['rule'][$id]['libhtp_policy']['item'])) $config['installedpackages']['suricata']['rule'][$id]['libhtp_policy']['item'] = array(); +// Initialize required array variables as necessary +if (!is_array($config['aliases']['alias'])) + $config['aliases']['alias'] = array(); +$a_aliases = $config['aliases']['alias']; + $a_nat = &$config['installedpackages']['suricata']['rule']; $libhtp_engine_next_id = count($a_nat[$id]['libhtp_policy']['item']); +// Build a lookup array of currently used engine 'bind_to' Aliases +// so we can screen matching Alias names from the list. +$used = array(); +foreach ($a_nat[$id]['host_os_policy']['item'] as $v) + $used[$v['bind_to']] = true; + $pconfig = array(); if (isset($id) && $a_nat[$id]) { /* Get current values from config for page form fields */ @@ -78,29 +86,32 @@ if (isset($id) && $a_nat[$id]) { $pconfig['libhtp_policy'] = $a_nat[$id]['libhtp_policy']; } -// Check for returned "selected alias" if action is import -if ($_GET['act'] == "import" && isset($_GET['varname']) && !empty($_GET['varvalue'])) { - $pconfig[$_GET['varname']] = $_GET['varvalue']; +// Check for "import alias mode" and set flag if TRUE +if ($_POST['import_alias']) { + $importalias = true; + $title = "HTTP Server Policy"; } +else + $importalias = false; -if ($_GET['act'] && isset($_GET['eng_id'])) { - +if ($_POST['add_libhtp_policy']) { + header("Location: suricata_libhtp_policy_engine.php?id={$id}&eng_id={$libhtp_engine_next_id}"); + exit; +} +elseif ($_POST['del_libhtp_policy']) { $natent = array(); $natent = $pconfig; - if ($_GET['act'] == "del_libhtp_policy") - unset($natent['libhtp_policy']['item'][$_GET['eng_id']]); - + if ($_POST['eng_id'] != "") { + unset($natent['libhtp_policy']['item'][$_POST['eng_id']]); + $pconfig = $natent; + } if (isset($id) && $a_nat[$id]) { $a_nat[$id] = $natent; write_config(); } - - header("Location: /suricata/suricata_app_parsers.php?id=$id"); - exit; } - -if ($_POST['ResetAll']) { +elseif ($_POST['ResetAll']) { /* Reset all the settings to defaults */ $pconfig['asn1_max_frames'] = "256"; @@ -108,7 +119,57 @@ if ($_POST['ResetAll']) { /* Log a message at the top of the page to inform the user */ $savemsg = gettext("All flow and stream settings have been reset to their defaults."); } -elseif ($_POST['Submit']) { +elseif ($_POST['save_import_alias']) { + $engine = array( "name" => "", "bind_to" => "", "personality" => "IDS", + "request-body-limit" => "4096", "response-body-limit" => "4096", + "double-decode-path" => "no", "double-decode-query" => "no" ); + + // See if anything was checked to import + if (is_array($_POST['aliastoimport']) && count($_POST['aliastoimport']) > 0) { + foreach ($_POST['aliastoimport'] as $item) { + $engine['name'] = strtolower($item); + $engine['bind_to'] = $item; + $a_nat[$id]['libhtp_policy']['item'][] = $engine; + } + } + else { + $input_errors[] = gettext("No entries were selected for import. Please select one or more Aliases for import and click SAVE."); + $importalias = true; + } + + // if no errors, write new entry to conf + if (!$input_errors) { + // Reorder the engine array to ensure the + // 'bind_to=all' entry is at the bottom if + // the array contains more than one entry. + if (count($a_nat[$id]['libhtp_policy']['item']) > 1) { + $i = -1; + foreach ($a_nat[$id]['libhtp_policy']['item'] as $f => $v) { + if ($v['bind_to'] == "all") { + $i = $f; + break; + } + } + // Only relocate the entry if we + // found it, and it's not already + // at the end. + if ($i > -1 && ($i < (count($a_nat[$id]['libhtp_policy']['item']) - 1))) { + $tmp = $a_nat[$id]['libhtp_policy']['item'][$i]; + unset($a_nat[$id]['libhtp_policy']['item'][$i]); + $a_nat[$id]['libhtp_policy']['item'][] = $tmp; + } + $pconfig['libhtp_policy']['item'] = $a_nat[$id]['libhtp_policy']['item']; + } + + // Write the new engine array to config file + write_config(); + $importalias = false; + } +} +elseif ($_POST['cancel_import_alias']) { + $importalias = false; +} +elseif ($_POST['save']) { $natent = array(); $natent = $pconfig; @@ -149,29 +210,19 @@ include_once("head.inc"); ?> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> -<?php include("fbegin.inc"); ?> -<?php if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';} - - - /* Display Alert message */ - +<?php include("fbegin.inc"); + /* Display error or save message */ if ($input_errors) { print_input_errors($input_errors); // TODO: add checks } - if ($savemsg) { print_info_box($savemsg); } - ?> -<script type="text/javascript" src="/javascript/autosuggest.js"> -</script> -<script type="text/javascript" src="/javascript/suggestions.js"> -</script> - -<form action="suricata_app_parsers.php" method="post" - enctype="multipart/form-data" name="iform" id="iform"> +<form action="suricata_app_parsers.php" method="post"name="iform" id="iform"> +<input name="id" type="hidden" value="<?=$id;?>"/> +<input type="hidden" name="eng_id" id="eng_id" value=""/> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr><td> <?php @@ -179,7 +230,7 @@ include_once("head.inc"); $tab_array[] = array(gettext("Suricata Interfaces"), true, "/suricata/suricata_interfaces.php"); $tab_array[] = array(gettext("Global Settings"), false, "/suricata/suricata_global.php"); $tab_array[] = array(gettext("Update Rules"), false, "/suricata/suricata_download_updates.php"); - $tab_array[] = array(gettext("Alerts"), false, "/suricata/suricata_alerts.php"); + $tab_array[] = array(gettext("Alerts"), false, "/suricata/suricata_alerts.php?instance={$id}"); $tab_array[] = array(gettext("Suppress"), false, "/suricata/suricata_suppress.php"); $tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php"); display_top_tabs($tab_array); @@ -198,6 +249,11 @@ include_once("head.inc"); ?> </td></tr> <tr><td><div id="mainarea"> + +<?php if ($importalias) : ?> + <?php include("/usr/local/www/suricata/suricata_import_aliases.php"); ?> +<?php else: ?> + <table id="maintable" class="tabcont" width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> @@ -231,11 +287,9 @@ include_once("head.inc"); <tr> <th class="listhdrr" axis="string"><?php echo gettext("Name");?></th> <th class="listhdrr" axis="string"><?php echo gettext("Bind-To Address Alias");?></th> - <th class="list" align="right"><a href="suricata_import_aliases.php?id=<?=$id?>&eng=libhtp_policy"> - <img src="../themes/<?= $g['theme'];?>/images/icons/icon_import_alias.gif" width="17" - height="17" border="0" title="<?php echo gettext("Import server configuration from existing Aliases");?>"></a> - <a href="suricata_libhtp_policy_engine.php?id=<?=$id?>&eng_id=<?=$libhtp_engine_next_id?>"> - <img src="../themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" width="17" + <th class="list" align="right"><input type="image" name="import_alias[]" src="../themes/<?= $g['theme'];?>/images/icons/icon_import_alias.gif" width="17" + height="17" border="0" title="<?php echo gettext("Import server configuration from existing Aliases");?>"/> + <input type="image" name="add_libhtp_policy[]" src="../themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="<?php echo gettext("Add a new server configuration");?>"></a></th> </tr> </thead> @@ -247,8 +301,8 @@ include_once("head.inc"); <img src="/themes/<?=$g['theme'];?>/images/icons/icon_e.gif" width="17" height="17" border="0" title="<?=gettext("Edit this server configuration");?>"></a> <?php if ($v['bind_to'] <> "all") : ?> - <a href="suricata_app_parsers.php?id=<?=$id;?>&eng_id=<?=$f;?>&act=del_libhtp_policy" onclick="return confirm('Are you sure you want to delete this entry?');"> - <img src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif" width="17" height="17" border="0" + <input type="image" name="del_libhtp_policy[]" value="<?=$f;?>" onclick="document.getElementById('eng_id').value='<?=$f;?>';return confirm('Are you sure you want to delete this entry?');" + src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="<?=gettext("Delete this server configuration");?>"></a> <?php else : ?> <img src="/themes/<?=$g['theme'];?>/images/icons/icon_x_d.gif" width="17" height="17" border="0" @@ -263,9 +317,9 @@ include_once("head.inc"); <tr> <td width="22%" valign="top"> </td> <td width="78%"> - <input name="Submit" type="submit" class="formbtn" value="Save" title="<?php echo + <input name="save" type="submit" class="formbtn" value="Save" title="<?php echo gettext("Save flow and stream settings"); ?>"> - <input name="id" type="hidden" value="<?=$id;?>"> + <input name="ResetAll" type="submit" class="formbtn" value="Reset" title="<?php echo gettext("Reset all settings to defaults") . "\" onclick=\"return confirm('" . gettext("WARNING: This will reset ALL App Parsers settings to their defaults. Click OK to continue or CANCEL to quit.") . @@ -278,6 +332,9 @@ include_once("head.inc"); <?php echo gettext("may take several seconds. Suricata must also be restarted to activate any changes made on this screen."); ?></td> </tr> </table> + +<?php endif; ?> + </div> </td></tr></table> </form> diff --git a/config/suricata/suricata_download_updates.php b/config/suricata/suricata_download_updates.php index ecfd5f8b..200bc834 100644 --- a/config/suricata/suricata_download_updates.php +++ b/config/suricata/suricata_download_updates.php @@ -91,6 +91,9 @@ if ($_POST['view']&& $suricata_rules_upd_log_chk == 'yes') { $input_errors[] = gettext("Unable to read log file: {$suricata_rules_upd_log}"); } +if ($_POST['hide']) + $contents = ""; + $pgtitle = gettext("Suricata: Update Rules Set Files"); include_once("head.inc"); ?> @@ -174,15 +177,20 @@ include_once("head.inc"); <td align="center" valign="middle" class="vexpl"> <?php if ($suricata_rules_upd_log_chk == 'yes'): ?> <br/> + <?php if (!empty($contents)): ?> + <input type="submit" value="<?php echo gettext("Hide Log"); ?>" name="hide" id="hide" class="formbtn" + title="<?php echo gettext("Hide rules update log"); ?>"/> + <?php else: ?> <input type="submit" value="<?php echo gettext("View Log"); ?>" name="view" id="view" class="formbtn" - title="<?php echo gettext("View rules update log contents"); ?>"/> - + title="<?php echo gettext("View rules update log"); ?>"/> + <?php endif; ?> + <input type="submit" value="<?php echo gettext("Clear Log"); ?>" name="clear" id="clear" class="formbtn" - title="<?php echo gettext("Clear rules update log contents"); ?>" onClick="return confirm('Are you sure?\nOK to confirm, or CANCEL to quit');"/> + title="<?php echo gettext("Clear rules update log"); ?>" onClick="return confirm('Are you sure?\nOK to confirm, or CANCEL to quit');"/> <br/> <?php else: ?> <br/> - <button disabled='disabled'><?php echo gettext("View Log"); ?></button> <?php echo gettext("Log is empty."); ?><br/> + <button disabled='disabled'><?php echo gettext("View Log"); ?></button><br/><?php echo gettext("Log is empty."); ?><br/> <?php endif; ?> <br/><?php echo gettext("The log file is limited to 1024K in size and automatically clears when the limit is exceeded."); ?><br/><br/> </td> @@ -201,7 +209,7 @@ include_once("head.inc"); <?php endif; ?> <tr> <td align="center"> - <span class="vexpl"><br/><br/> + <span class="vexpl"><br/> <span class="red"><b><?php echo gettext("NOTE:"); ?></b></span> <a href="http://www.snort.org/" target="_blank"><?php echo gettext("Snort.org") . "</a>" . gettext(" and ") . "<a href=\"http://www.emergingthreats.net/\" target=\"_blank\">" . gettext("EmergingThreats.net") . "</a>" . diff --git a/config/suricata/suricata_flow_stream.php b/config/suricata/suricata_flow_stream.php index 3a677d3a..6d5134c3 100644 --- a/config/suricata/suricata_flow_stream.php +++ b/config/suricata/suricata_flow_stream.php @@ -28,7 +28,6 @@ * POSSIBILITY OF SUCH DAMAGE. */ - require_once("guiconfig.inc"); require_once("/usr/local/pkg/suricata/suricata.inc"); @@ -37,16 +36,19 @@ global $g, $rebuild_rules; $id = $_GET['id']; if (isset($_POST['id'])) $id = $_POST['id']; -if (is_null($id)) { - header("Location: /suricata/suricata_interfaces.php"); - exit; -} +if (is_null($id)) + $id=0; if (!is_array($config['installedpackages']['suricata'])) $config['installedpackages']['suricata'] = array(); if (!is_array($config['installedpackages']['suricata']['rule'])) $config['installedpackages']['suricata']['rule'] = array(); +// Initialize required array variables as necessary +if (!is_array($config['aliases']['alias'])) + $config['aliases']['alias'] = array(); +$a_aliases = $config['aliases']['alias']; + // Initialize Host-OS Policy engine arrays if necessary if (!is_array($config['installedpackages']['suricata']['rule'][$id]['host_os_policy']['item'])) $config['installedpackages']['suricata']['rule'][$id]['host_os_policy']['item'] = array(); @@ -55,6 +57,12 @@ $a_nat = &$config['installedpackages']['suricata']['rule']; $host_os_policy_engine_next_id = count($a_nat[$id]['host_os_policy']['item']); +// Build a lookup array of currently used engine 'bind_to' Aliases +// so we can screen matching Alias names from the list. +$used = array(); +foreach ($a_nat[$id]['host_os_policy']['item'] as $v) + $used[$v['bind_to']] = true; + $pconfig = array(); if (isset($id) && $a_nat[$id]) { /* Get current values from config for page form fields */ @@ -76,29 +84,32 @@ if (isset($id) && $a_nat[$id]) { $pconfig['host_os_policy'] = $a_nat[$id]['host_os_policy']; } -// Check for returned "selected alias" if action is import -if ($_GET['act'] == "import" && isset($_GET['varname']) && !empty($_GET['varvalue'])) { - $pconfig[$_GET['varname']] = $_GET['varvalue']; +// Check for "import alias mode" and set flag if TRUE +if ($_POST['import_alias']) { + $importalias = true; + $title = "Host Operating System Policy"; } +else + $importalias = false; -if ($_GET['act'] && isset($_GET['eng_id'])) { - +if ($_POST['add_os_policy']) { + header("Location: suricata_os_policy_engine.php?id={$id}&eng_id={$host_os_policy_engine_next_id}"); + exit; +} +elseif ($_POST['del_os_policy']) { $natent = array(); $natent = $pconfig; - if ($_GET['act'] == "del_host_os_policy") - unset($natent['host_os_policy']['item'][$_GET['eng_id']]); - + if ($_POST['eng_id'] != "") { + unset($natent['host_os_policy']['item'][$_POST['eng_id']]); + $pconfig = $natent; + } if (isset($id) && $a_nat[$id]) { $a_nat[$id] = $natent; write_config(); } - - header("Location: /suricata/suricata_flow_stream.php?id=$id"); - exit; } - -if ($_POST['ResetAll']) { +elseif ($_POST['ResetAll']) { /* Reset all the settings to defaults */ $pconfig['ip_max_frags'] = "65535"; @@ -143,7 +154,7 @@ if ($_POST['ResetAll']) { /* Log a message at the top of the page to inform the user */ $savemsg = gettext("All flow and stream settings have been reset to their defaults."); } -elseif ($_POST['Submit']) { +elseif ($_POST['save']) { $natent = array(); $natent = $pconfig; @@ -211,6 +222,54 @@ elseif ($_POST['Submit']) { exit; } } +elseif ($_POST['save_import_alias']) { + $engine = array( "name" => "", "bind_to" => "", "policy" => "bsd" ); + + // See if anything was checked to import + if (is_array($_POST['aliastoimport']) && count($_POST['aliastoimport']) > 0) { + foreach ($_POST['aliastoimport'] as $item) { + $engine['name'] = strtolower($item); + $engine['bind_to'] = $item; + $a_nat[$id]['host_os_policy']['item'][] = $engine; + } + } + else { + $input_errors[] = gettext("No entries were selected for import. Please select one or more Aliases for import and click SAVE."); + $importalias = true; + } + + // if no errors, write new entry to conf + if (!$input_errors) { + // Reorder the engine array to ensure the + // 'bind_to=all' entry is at the bottom if + // the array contains more than one entry. + if (count($a_nat[$id]['host_os_policy']['item']) > 1) { + $i = -1; + foreach ($a_nat[$id]['host_os_policy']['item'] as $f => $v) { + if ($v['bind_to'] == "all") { + $i = $f; + break; + } + } + // Only relocate the entry if we + // found it, and it's not already + // at the end. + if ($i > -1 && ($i < (count($a_nat[$id]['host_os_policy']['item']) - 1))) { + $tmp = $a_nat[$id]['host_os_policy']['item'][$i]; + unset($a_nat[$id]['host_os_policy']['item'][$i]); + $a_nat[$id]['host_os_policy']['item'][] = $tmp; + } + $pconfig['host_os_policy']['item'] = $a_nat[$id]['host_os_policy']['item']; + } + + // Write the new engine array to config file + write_config(); + $importalias = false; + } +} +elseif ($_POST['cancel_import_alias']) { + $importalias = false; +} $if_friendly = convert_friendly_interface_to_friendly_descr($pconfig['interface']); $pgtitle = gettext("Suricata: Interface {$if_friendly} - Flow and Stream"); @@ -218,29 +277,21 @@ include_once("head.inc"); ?> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> -<?php include("fbegin.inc"); ?> -<?php if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';} - - - /* Display Alert message */ +<?php include("fbegin.inc"); + /* Display error or save message */ if ($input_errors) { print_input_errors($input_errors); // TODO: add checks } - if ($savemsg) { print_info_box($savemsg); } - ?> -<script type="text/javascript" src="/javascript/autosuggest.js"> -</script> -<script type="text/javascript" src="/javascript/suggestions.js"> -</script> +<form action="suricata_flow_stream.php" method="post" name="iform" id="iform"> +<input type="hidden" name="eng_id" id="eng_id" value=""/> +<input type="hidden" name="id" id="id" value="<?=$id;?>"/> -<form action="suricata_flow_stream.php" method="post" - enctype="multipart/form-data" name="iform" id="iform"> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr><td> <?php @@ -248,7 +299,7 @@ include_once("head.inc"); $tab_array[] = array(gettext("Suricata Interfaces"), true, "/suricata/suricata_interfaces.php"); $tab_array[] = array(gettext("Global Settings"), false, "/suricata/suricata_global.php"); $tab_array[] = array(gettext("Update Rules"), false, "/suricata/suricata_download_updates.php"); - $tab_array[] = array(gettext("Alerts"), false, "/suricata/suricata_alerts.php"); + $tab_array[] = array(gettext("Alerts"), false, "/suricata/suricata_alerts.php?instance={$id}"); $tab_array[] = array(gettext("Suppress"), false, "/suricata/suricata_suppress.php"); $tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php"); display_top_tabs($tab_array); @@ -267,6 +318,11 @@ include_once("head.inc"); ?> </td></tr> <tr><td><div id="mainarea"> + +<?php if ($importalias) : ?> + <?php include("/usr/local/www/suricata/suricata_import_aliases.php"); ?> +<?php else: ?> + <table id="maintable" class="tabcont" width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> <td colspan="2" valign="top" class="listtopic"><?php echo gettext("Host-Specific Defrag and Stream Settings"); ?></td> @@ -284,12 +340,10 @@ include_once("head.inc"); <tr> <th class="listhdrr" axis="string"><?php echo gettext("Name");?></th> <th class="listhdrr" axis="string"><?php echo gettext("Bind-To Address Alias");?></th> - <th class="list" align="right"><a href="suricata_import_aliases.php?id=<?=$id?>&eng=host_os_policy"> - <img src="../themes/<?= $g['theme'];?>/images/icons/icon_import_alias.gif" width="17" - height="17" border="0" title="<?php echo gettext("Import policy configuration from existing Aliases");?>"></a> - <a href="suricata_os_policy_engine.php?id=<?=$id?>&eng_id=<?=$host_os_policy_engine_next_id?>"> - <img src="../themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" width="17" - height="17" border="0" title="<?php echo gettext("Add a new policy configuration");?>"></a></th> + <th class="list" align="right"><input type="image" name="import_alias[]" src="../themes/<?= $g['theme'];?>/images/icons/icon_import_alias.gif" width="17" + height="17" border="0" title="<?php echo gettext("Import policy configuration from existing Aliases");?>"/> + <input type="image" name="add_os_policy[]" src="../themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" width="17" + height="17" border="0" title="<?php echo gettext("Add a new policy configuration");?>"/></th> </tr> </thead> <?php foreach ($pconfig['host_os_policy']['item'] as $f => $v): ?> @@ -300,9 +354,9 @@ include_once("head.inc"); <img src="/themes/<?=$g['theme'];?>/images/icons/icon_e.gif" width="17" height="17" border="0" title="<?=gettext("Edit this policy configuration");?>"></a> <?php if ($v['bind_to'] <> "all") : ?> - <a href="suricata_flow_stream.php?id=<?=$id;?>&eng_id=<?=$f;?>&act=del_host_os_policy" onclick="return confirm('Are you sure you want to delete this entry?');"> - <img src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif" width="17" height="17" border="0" - title="<?=gettext("Delete this policy configuration");?>"></a> + <input type="image" name="del_os_policy[]" value="<?=$f;?>" onclick="document.getElementById('eng_id').value='<?=$f;?>';return confirm('Are you sure you want to delete this entry?');" + src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif" width="17" height="17" border="0" + title="<?=gettext("Delete this policy configuration");?>"/> <?php else : ?> <img src="/themes/<?=$g['theme'];?>/images/icons/icon_x_d.gif" width="17" height="17" border="0" title="<?=gettext("Default policy configuration cannot be deleted");?>"> @@ -314,7 +368,6 @@ include_once("head.inc"); </td> </tr> <tr> - <td colspan="2" valign="top" class="listtopic"><?php echo gettext("IP Defragmentation"); ?></td> </tr> <tr> @@ -603,7 +656,7 @@ include_once("head.inc"); <tr> <td width="22%" valign="top"> </td> <td width="78%"> - <input name="Submit" type="submit" class="formbtn" value="Save" title="<?php echo + <input name="save" type="submit" class="formbtn" value="Save" title="<?php echo gettext("Save flow and stream settings"); ?>"> <input name="id" type="hidden" value="<?=$id;?>"> <input name="ResetAll" type="submit" class="formbtn" value="Reset" title="<?php echo @@ -618,6 +671,9 @@ include_once("head.inc"); <?php echo gettext("may take several seconds. Suricata must also be restarted to activate any changes made on this screen."); ?></td> </tr> </table> + +<?php endif; ?> + </div> </td></tr></table> </form> diff --git a/config/suricata/suricata_global.php b/config/suricata/suricata_global.php index f6b5d83d..3ba84736 100644 --- a/config/suricata/suricata_global.php +++ b/config/suricata/suricata_global.php @@ -28,7 +28,6 @@ * POSSIBILITY OF SUCH DAMAGE. */ - require_once("guiconfig.inc"); require_once("/usr/local/pkg/suricata/suricata.inc"); @@ -59,7 +58,6 @@ if (empty($pconfig['suricataloglimitsize'])) // Set limit to 20% of slice that is unused */ $pconfig['suricataloglimitsize'] = round(exec('df -k /var | grep -v "Filesystem" | awk \'{print $4}\'') * .20 / 1024); - if ($_POST['autoruleupdatetime']) { if (!preg_match('/^([01]?[0-9]|2[0-3]):?([0-5][0-9])$/', $_POST['autoruleupdatetime'])) $input_errors[] = "Invalid Rule Update Start Time! Please supply a value in 24-hour format as 'HH:MM'."; @@ -73,7 +71,7 @@ if ($_POST['enable_etpro_rules'] == "on" && empty($_POST['etprocode'])) /* if no errors move foward with save */ if (!$input_errors) { - if ($_POST["Submit"]) { + if ($_POST["save"]) { $config['installedpackages']['suricata']['config'][0]['enable_vrt_rules'] = $_POST['enable_vrt_rules'] ? 'on' : 'off'; $config['installedpackages']['suricata']['config'][0]['snortcommunityrules'] = $_POST['snortcommunityrules'] ? 'on' : 'off'; @@ -388,14 +386,10 @@ if ($input_errors) > <?php echo gettext("Settings will not be removed during package deinstallation."); ?></td> </tr> <tr> - <td width="22%" valign="top"> - <td width="78%"> - <input name="Submit" type="submit" class="formbtn" value="Save" > - </td> + <td colspan="2" align="center"><input name="save" type="submit" class="formbtn" value="Save"/></td> </tr> <tr> - <td width="22%" valign="top"> </td> - <td width="78%" class="vexpl"><span class="red"><strong><?php echo gettext("Note:");?></strong> + <td colspan="2" class="vexpl" align="center"><span class="red"><strong><?php echo gettext("Note:");?></strong> </span><?php echo gettext("Changing any settings on this page will affect all Suricata-configured interfaces.");?></td> </tr> </table> diff --git a/config/suricata/suricata_import_aliases.php b/config/suricata/suricata_import_aliases.php index c16ac65d..a93d2d64 100644 --- a/config/suricata/suricata_import_aliases.php +++ b/config/suricata/suricata_import_aliases.php @@ -1,5 +1,4 @@ <?php -/* $Id$ */ /* suricata_import_aliases.php Copyright (C) 2014 Bill Meeks @@ -27,160 +26,39 @@ POSSIBILITY OF SUCH DAMAGE. */ -require("guiconfig.inc"); -require_once("functions.inc"); -require_once("/usr/local/pkg/suricata/suricata.inc"); +/************************************************************************************ + This file contains code for selecting and importing an existing Alias. + It is included and injected inline from other Suricata PHP pages that + use the Import Alias functionality. -// Retrieve any passed QUERY STRING or POST variables -$id = $_GET['id']; -$eng = $_GET['eng']; -if (isset($_POST['id'])) - $id = $_POST['id']; -if (isset($_POST['eng'])) - $eng = $_POST['eng']; + The following variables are assumed to exist and must be initialized + as necessary in order to utilize this page. -// Make sure we have a valid rule ID and ENGINE name, or -// else bail out to top-level menu. -if (is_null($id) || is_null($eng)) { - header("Location: /suricata/suricata_interfaces.php"); - exit; -} + $g --> system global variables array + $config --> global variable pointing to configuration information + $a_aliases --> $config['aliases']['alias'] array + $title --> title string for import alias engine type + $used --> array of currently used engine 'bind_to' Alias names -// Used to track if any selectable Aliases are found -$selectablealias = false; - -// Initialize required array variables as necessary -if (!is_array($config['aliases']['alias'])) - $config['aliases']['alias'] = array(); -$a_aliases = $config['aliases']['alias']; -if (!is_array($config['installedpackages']['suricata']['rule'])) - $config['installedpackages']['suricata']['rule'] = array(); - -// The $eng variable points to the specific Suricata config section -// engine we are importing values into. Initialize the config.xml -// array if necessary. -if (!is_array($config['installedpackages']['suricata']['rule'][$id][$eng]['item'])) - $config['installedpackages']['suricata']['rule'][$id][$eng]['item'] = array(); - -// Initialize a pointer to the Suricata config section engine we are -// importing values into. -$a_nat = &$config['installedpackages']['suricata']['rule'][$id][$eng]['item']; - -// Build a lookup array of currently used engine 'bind_to' Aliases -// so we can screen matching Alias names from the list. -$used = array(); -foreach ($a_nat as $v) - $used[$v['bind_to']] = true; - -// Construct the correct return URL based on the Suricata config section -// engine we were called with. This lets us return to the page we were -// called from. -switch ($eng) { - case "host_os_policy": - $returl = "/suricata/suricata_flow_stream.php"; - $multi_ip = true; - $title = "Host Operating System Policy"; - break; - case "libhtp_policy": - $returl = "/suricata/suricata_app_parsers.php"; - $multi_ip = true; - $title = "HTTP Server Policy"; - break; - default: - $returl = "/suricata/suricata_interface_edit"; - $multi_ip = true; - $title = ""; -} - -if ($_POST['cancel']) { - header("Location: {$returl}?id={$id}"); - exit; -} - -if ($_POST['save']) { - - // Define default engine configurations for each of the supported engines. - $def_os_policy = array( "name" => "", "bind_to" => "", "policy" => "bsd" ); - - $def_libhtp_policy = array( "name" => "default", "bind_to" => "all", "personality" => "IDS", - "request-body-limit" => 4096, "response-body-limit" => 4096, - "double-decode-path" => "no", "double-decode-query" => "no" ); - - // Figure out which engine type we are importing and set up default engine array - $engine = array(); - switch ($eng) { - case "host_os_policy": - $engine = $def_os_policy; - break; - case "libhtp_policy": - $engine = $def_libhtp_policy; - break; - default: - $engine = ""; - $input_errors[] = gettext("Invalid ENGINE TYPE passed in query string. Aborting operation."); - } - - // See if anything was checked to import - if (is_array($_POST['toimport']) && count($_POST['toimport']) > 0) { - foreach ($_POST['toimport'] as $item) { - $engine['name'] = strtolower($item); - $engine['bind_to'] = $item; - $a_nat[] = $engine; - } - } - else - $input_errors[] = gettext("No entries were selected for import. Please select one or more Aliases for import and click SAVE."); - - // if no errors, write new entry to conf - if (!$input_errors) { - // Reorder the engine array to ensure the - // 'bind_to=all' entry is at the bottom if - // the array contains more than one entry. - if (count($a_nat) > 1) { - $i = -1; - foreach ($a_nat as $f => $v) { - if ($v['bind_to'] == "all") { - $i = $f; - break; - } - } - // Only relocate the entry if we - // found it, and it's not already - // at the end. - if ($i > -1 && ($i < (count($a_nat) - 1))) { - $tmp = $a_nat[$i]; - unset($a_nat[$i]); - $a_nat[] = $tmp; - } - } - - // Now write the new engine array to conf and return - write_config(); - - header("Location: {$returl}?id={$id}"); - exit; - } -} - -$pgtitle = gettext("Suricata: Import Host/Network Alias for {$title}"); -include("head.inc"); + Information is returned from this page via the following form fields: + aliastoimport[] --> checkbox array containing selected alias names + save_import_alias --> Submit button for save operation and exit + cancel_import_alias --> Submit button to cancel operation and exit + ************************************************************************************/ ?> -<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> -<?php include("fbegin.inc"); ?> -<form action="suricata_import_aliases.php" method="post"> -<input type="hidden" name="id" value="<?=$id;?>"> -<input type="hidden" name="eng" value="<?=$eng;?>"> -<?php if ($input_errors) print_input_errors($input_errors); ?> -<div id="boxarea"> -<table width="100%" border="0" cellpadding="0" cellspacing="0"> +<?php $selectablealias = false; + if (!is_array($a_aliases)) + $a_aliases = array(); +?> +<table id="maintable" class="tabcont" width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> - <td class="tabcont"><strong><?=gettext("Select one or more Aliases to use as {$title} targets from the list below.");?></strong><br/> + <td class="listtopic" align="center"><?=gettext("Select one or more Aliases to use as {$title} targets from the list below.");?> </td> </tr> <tr> - <td class="tabcont"> + <td> <table id="sortabletable1" style="table-layout: fixed;" class="sortable" width="100%" border="0" cellpadding="0" cellspacing="0"> <colgroup> <col width="5%" align="center"> @@ -221,7 +99,7 @@ include("head.inc"); <td class="listlr" align="center"><img src="../themes/<?=$g['theme'];?>/images/icons/icon_block_d.gif" width="11" height"11" border="0"/> <?php else: ?> <tr> - <td class="listlr" align="center"><input type="checkbox" name="toimport[]" value="<?=htmlspecialchars($alias['name']);?>" title="<?=$tooltip;?>"/></td> + <td class="listlr" align="center"><input type="checkbox" name="aliastoimport[]" value="<?=htmlspecialchars($alias['name']);?>" title="<?=$tooltip;?>"/></td> <?php endif; ?> <td class="listr" align="left"><?=$textss . htmlspecialchars($alias['name']) . $textse;?></td> <td class="listr" align="left"> @@ -244,29 +122,26 @@ include("head.inc"); </tr> <?php if (!$selectablealias): ?> <tr> - <td class="tabcont" align="center"><b><?php echo gettext("There are currently no defined Aliases eligible for import.");?></b></td> + <td align="center"><b><?php echo gettext("There are currently no defined Aliases eligible for import.");?></b></td> </tr> <tr> - <td class="tabcont" align="center"> - <input type="Submit" name="cancel" value="Cancel" id="cancel" class="formbtn" title="<?=gettext("Cancel import operation and return");?>"/> + <td align="center" valign="middle"> + <input type="Submit" name="cancel_import_alias" value="Cancel" id="cancel_import_alias" class="formbtn" title="<?=gettext("Cancel import operation and return");?>"/> </td> </tr> <?php else: ?> <tr> - <td class="tabcont" align="center"> - <input type="Submit" name="save" value="Save" id="save" class="formbtn" title="<?=gettext("Import selected item and return");?>"/> - <input type="Submit" name="cancel" value="Cancel" id="cancel" class="formbtn" title="<?=gettext("Cancel import operation and return");?>"/> + <td align="center" valign="middle"> + <input type="Submit" name="save_import_alias" value="Save" id="save_import_alias" class="formbtn" title="<?=gettext("Import selected item and return");?>"/> + <input type="Submit" name="cancel_import_alias" value="Cancel" id="cancel_import_alias" class="formbtn" title="<?=gettext("Cancel import operation and return");?>"/> </td> </tr> <?php endif; ?> <tr> - <td class="tabcont"> + <td> <span class="vexpl"><span class="red"><strong><?=gettext("Note:"); ?><br></strong></span><?=gettext("Fully-Qualified Domain Name (FQDN) host Aliases cannot be used as Suricata configuration parameters. Aliases resolving to a single FQDN value are disabled in the list above. In the case of nested Aliases where one or more of the nested values is a FQDN host, the FQDN host will not be included in the {$title} configuration.");?></span> </td> </tr> </table> -</div> -</form> -<?php include("fend.inc"); ?> -</body> -</html> + + diff --git a/config/suricata/suricata_interfaces_edit.php b/config/suricata/suricata_interfaces_edit.php index 20deb885..6dbf9412 100644 --- a/config/suricata/suricata_interfaces_edit.php +++ b/config/suricata/suricata_interfaces_edit.php @@ -44,10 +44,8 @@ if ($_GET['id'] && is_numeric($_GET['id'])); $id = htmlspecialchars($_GET['id'], ENT_QUOTES | ENT_HTML401); if ($_POST['id'] && is_numeric($_POST['id'])) $id = $_POST['id']; -if (is_null($id)) { - header("Location: /suricata/suricata_interfaces.php"); - exit; -} +if (is_null($id)) + $id = 0; $pconfig = array(); if (empty($suricataglob['rule'][$id]['uuid'])) { @@ -128,7 +126,7 @@ if (empty($pconfig['max_pcap_log_size'])) if (empty($pconfig['max_pcap_log_files'])) $pconfig['max_pcap_log_files'] = "1000"; -if ($_POST["Submit"]) { +if ($_POST["save"]) { if (!$_POST['interface']) $input_errors[] = gettext("Choosing an Interface is mandatory!"); @@ -255,7 +253,7 @@ if ($_POST["Submit"]) { $natent['libhtp_policy']['item'][] = $default; // Enable the basic default rules for the interface - $natent['rulesets'] = "decoder-events.rules||files.rules||http-events.rules||smtp-events.rules||stream-events"; + $natent['rulesets'] = "decoder-events.rules||files.rules||http-events.rules||smtp-events.rules||stream-events.rules"; // Adding a new interface, so set flag to build new rules $rebuild_rules = true; @@ -301,19 +299,14 @@ include_once("head.inc"); <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> -<?php include("fbegin.inc"); ?> - -<?if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}?> - -<?php - /* Display Alert message */ - if ($input_errors) { - print_input_errors($input_errors); - } - - if ($savemsg) { - print_info_box($savemsg); - } +<?php include("fbegin.inc"); +/* Display Alert message */ +if ($input_errors) { + print_input_errors($input_errors); +} +if ($savemsg) { + print_info_box($savemsg); +} ?> <form action="suricata_interfaces_edit.php<?php echo "?id=$id";?>" method="post" name="iform" id="iform"> @@ -654,6 +647,7 @@ include_once("head.inc"); "setting at default. Create an Alias for custom External Net settings."); ?><br/> </td> </tr> +<!-- <tr> <td width="22%" valign="top" class="vncell"><?php echo gettext("Whitelist"); ?></td> <td width="78%" class="vtable"> @@ -682,6 +676,7 @@ include_once("head.inc"); "whitelist adds local networks, WAN IPs, Gateways, VPNs and VIPs. Create an Alias to customize."); ?> </td> </tr> +--> <tr> <td colspan="2" class="listtopic"><?php echo gettext("Alert Suppression and Filtering"); ?></td> </tr> @@ -723,15 +718,13 @@ include_once("head.inc"); </td> </tr> <tr> - <td width="22%" valign="top"></td> - <td width="78%"><input name="Submit" type="submit" class="formbtn" value="Save" title="<?php echo + <td colspan="2" align="center" valign="middle"><input name="save" type="submit" class="formbtn" value="Save" title="<?php echo gettext("Click to save settings and exit"); ?>"/> <input name="id" type="hidden" value="<?=$id;?>"/> </td> </tr> <tr> - <td width="22%" valign="top"> </td> - <td width="78%"><span class="vexpl"><span class="red"><strong><?php echo gettext("Note: ") . "</strong></span></span>" . + <td colspan="2" align="center" valign="middle"><span class="vexpl"><span class="red"><strong><?php echo gettext("Note: ") . "</strong></span></span>" . gettext("Please save your settings before you attempt to start Suricata."); ?> </td> </tr> @@ -849,11 +842,11 @@ function enable_change(enable_change) { document.iform.alertsystemlog.disabled = endis; document.iform.externallistname.disabled = endis; document.iform.homelistname.disabled = endis; - document.iform.whitelistname.disabled=endis; +// document.iform.whitelistname.disabled=endis; document.iform.suppresslistname.disabled = endis; document.iform.configpassthru.disabled = endis; document.iform.btnHomeNet.disabled=endis; - document.iform.btnWhitelist.disabled=endis; +// document.iform.btnWhitelist.disabled=endis; document.iform.btnSuppressList.disabled=endis; } diff --git a/config/suricata/suricata_libhtp_policy_engine.php b/config/suricata/suricata_libhtp_policy_engine.php index e7cf4135..ec00bbb2 100644 --- a/config/suricata/suricata_libhtp_policy_engine.php +++ b/config/suricata/suricata_libhtp_policy_engine.php @@ -43,6 +43,10 @@ if (is_null($id)) { header("Location: /suricata/suricata_interfaces.php"); exit; } +if (is_null($eng_id)) { + header("Location: /suricata/suricata_app_parsers.php?id={$id}"); + exit; +} if (!is_array($config['installedpackages']['suricata']['rule'])) $config['installedpackages']['suricata']['rule'] = array(); @@ -71,7 +75,7 @@ else { $pconfig['personality'] = "IDS"; } -if ($_POST['Cancel']) { +if ($_POST['cancel']) { header("Location: /suricata/suricata_app_parsers.php?id={$id}"); exit; } @@ -82,7 +86,7 @@ if ($_GET['act'] == "import") { $pconfig[$_GET['varname']] = $_GET['varvalue']; } -if ($_POST['Submit']) { +if ($_POST['save']) { /* Grab all the POST values and save in new temp array */ $engine = array(); @@ -279,10 +283,10 @@ if ($savemsg) <tr> <td width="22%" valign="bottom"> </td> <td width="78%" valign="bottom"> - <input name="Submit" id="submit" type="submit" class="formbtn" value=" Save " title="<?php echo + <input name="save" id="save" type="submit" class="formbtn" value=" Save " title="<?php echo gettext("Save web server policy engine settings and return to App Parsers tab"); ?>"> - <input name="Cancel" id="cancel" type="submit" class="formbtn" value="Cancel" title="<?php echo + <input name="cancel" id="cancel" type="submit" class="formbtn" value="Cancel" title="<?php echo gettext("Cancel changes and return to App Parsers tab"); ?>"></td> </tr> </table> diff --git a/config/suricata/suricata_os_policy_engine.php b/config/suricata/suricata_os_policy_engine.php index 61918e65..ae5a9348 100644 --- a/config/suricata/suricata_os_policy_engine.php +++ b/config/suricata/suricata_os_policy_engine.php @@ -43,6 +43,10 @@ if (is_null($id)) { header("Location: /suricata/suricata_interfaces.php"); exit; } +if (is_null($eng_id)) { + header("Location: /suricata/suricata_flow_stream.php?id={$id}"); + exit; +} if (!is_array($config['installedpackages']['suricata']['rule'])) $config['installedpackages']['suricata']['rule'] = array(); @@ -68,7 +72,7 @@ else { $pconfig['policy'] = "bsd"; } -if ($_POST['Cancel']) { +if ($_POST['cancel']) { header("Location: /suricata/suricata_flow_stream.php?id={$id}"); exit; } @@ -79,7 +83,7 @@ if ($_GET['act'] == "import") { $pconfig[$_GET['varname']] = $_GET['varvalue']; } -if ($_POST['Submit']) { +if ($_POST['save']) { /* Grab all the POST values and save in new temp array */ $engine = array(); @@ -225,10 +229,10 @@ if ($savemsg) <tr> <td width="22%" valign="bottom"> </td> <td width="78%" valign="bottom"> - <input name="Submit" id="submit" type="submit" class="formbtn" value=" Save " title="<?php echo + <input name="save" id="save" type="submit" class="formbtn" value=" Save " title="<?php echo gettext("Save OS policy engine settings and return to Flow/Stream tab"); ?>"> - <input name="Cancel" id="cancel" type="submit" class="formbtn" value="Cancel" title="<?php echo + <input name="cancel" id="cancel" type="submit" class="formbtn" value="Cancel" title="<?php echo gettext("Cancel changes and return to Flow/Stream tab"); ?>"></td> </tr> </table> diff --git a/config/suricata/suricata_rules.php b/config/suricata/suricata_rules.php index 428bc9be..f6457f19 100644 --- a/config/suricata/suricata_rules.php +++ b/config/suricata/suricata_rules.php @@ -27,7 +27,6 @@ * POSSIBILITY OF SUCH DAMAGE. */ - require_once("guiconfig.inc"); require_once("/usr/local/pkg/suricata/suricata.inc"); @@ -35,23 +34,26 @@ global $g, $rebuild_rules; $suricatadir = SURICATADIR; $rules_map = array(); +$pconfig = array(); if (!is_array($config['installedpackages']['suricata']['rule'])) $config['installedpackages']['suricata']['rule'] = array(); $a_rule = &$config['installedpackages']['suricata']['rule']; -if (is_numeric($_GET['id'])) +log_error(print_r($_POST, true)); + +if ($_GET['id']) $id = $_GET['id']; -if (isset($_POST['id'])) +if ($_POST['id']) $id = $_POST['id']; if (is_null($id)) { - header("Location: /suricata/suricata_interfaces.php"); - exit; + $id = 0; } if (isset($id) && $a_rule[$id]) { $pconfig['interface'] = $a_rule[$id]['interface']; $pconfig['rulesets'] = $a_rule[$id]['rulesets']; + $pconfig['customrules'] = base64_decode($a_rule[$id]['customrules']); } function truncate($string, $length) { @@ -110,7 +112,9 @@ $categories = explode("||", $pconfig['rulesets']); if ($_GET['openruleset']) $currentruleset = htmlspecialchars($_GET['openruleset'], ENT_QUOTES | ENT_HTML401); -else if ($_POST['openruleset']) +elseif ($_POST['selectbox']) + $currentruleset = $_POST['selectbox']; +elseif ($_POST['openruleset']) $currentruleset = $_POST['openruleset']; else $currentruleset = $categories[0]; @@ -147,13 +151,11 @@ if ($currentruleset != 'custom.rules') { $enablesid = suricata_load_sid_mods($a_rule[$id]['rule_sid_on']); $disablesid = suricata_load_sid_mods($a_rule[$id]['rule_sid_off']); -if ($_GET['act'] == "toggle" && $_GET['ids'] && !empty($rules_map)) { - - // Get the GID tag embedded in the clicked rule icon. - $gid = $_GET['gid']; +if ($_POST['toggle'] && is_numeric($_POST['sid']) && is_numeric($_POST['gid']) && !empty($rules_map)) { - // Get the SID tag embedded in the clicked rule icon. - $sid= $_GET['ids']; + // Get the GID:SID tags embedded in the clicked rule icon. + $gid = $_POST['gid']; + $sid = $_POST['sid']; // See if the target SID is in our list of modified SIDs, // and toggle it back to default if present; otherwise, @@ -197,11 +199,9 @@ if ($_GET['act'] == "toggle" && $_GET['ids'] && !empty($rules_map)) { /* Update the config.xml file. */ write_config(); - $_GET['openruleset'] = $currentruleset; $anchor = "rule_{$gid}_{$sid}"; } - -if ($_GET['act'] == "disable_all" && !empty($rules_map)) { +elseif ($_POST['disable_all'] && !empty($rules_map)) { // Mark all rules in the currently selected category "disabled". foreach (array_keys($rules_map) as $k1) { @@ -238,13 +238,8 @@ if ($_GET['act'] == "disable_all" && !empty($rules_map)) { unset($a_rule[$id]['rule_sid_off']); write_config(); - - $_GET['openruleset'] = $currentruleset; - header("Location: /suricata/suricata_rules.php?id={$id}&openruleset={$currentruleset}"); - exit; } - -if ($_GET['act'] == "enable_all" && !empty($rules_map)) { +elseif ($_POST['enable_all'] && !empty($rules_map)) { // Mark all rules in the currently selected category "enabled". foreach (array_keys($rules_map) as $k1) { @@ -280,13 +275,8 @@ if ($_GET['act'] == "enable_all" && !empty($rules_map)) { unset($a_rule[$id]['rule_sid_off']); write_config(); - - $_GET['openruleset'] = $currentruleset; - header("Location: /suricata/suricata_rules.php?id={$id}&openruleset={$currentruleset}"); - exit; } - -if ($_GET['act'] == "resetcategory" && !empty($rules_map)) { +elseif ($_POST['resetcategory'] && !empty($rules_map)) { // Reset any modified SIDs in the current rule category to their defaults. foreach (array_keys($rules_map) as $k1) { @@ -324,13 +314,8 @@ if ($_GET['act'] == "resetcategory" && !empty($rules_map)) { unset($a_rule[$id]['rule_sid_off']); write_config(); - - $_GET['openruleset'] = $currentruleset; - header("Location: /suricata/suricata_rules.php?id={$id}&openruleset={$currentruleset}"); - exit; } - -if ($_GET['act'] == "resetall" && !empty($rules_map)) { +elseif ($_POST['resetall'] && !empty($rules_map)) { // Remove all modified SIDs from config.xml and save the changes. unset($a_rule[$id]['rule_sid_on']); @@ -338,23 +323,20 @@ if ($_GET['act'] == "resetall" && !empty($rules_map)) { /* Update the config.xml file. */ write_config(); - - $_GET['openruleset'] = $currentruleset; - header("Location: /suricata/suricata_rules.php?id={$id}&openruleset={$currentruleset}"); - exit; } - -if ($_POST['clear']) { +elseif ($_POST['clear']) { unset($a_rule[$id]['customrules']); write_config(); $rebuild_rules = true; suricata_generate_yaml($a_rule[$id]); $rebuild_rules = false; - header("Location: /suricata/suricata_rules.php?id={$id}&openruleset={$currentruleset}"); - exit; + $pconfig['customrules'] = ''; } - -if ($_POST['customrules']) { +elseif ($_POST['cancel']) { + $pconfig['customrules'] = base64_decode($a_rule[$id]['customrules']); +} +elseif ($_POST['save']) { + $pconfig['customrules'] = $_POST['customrules']; if ($_POST['customrules']) $a_rule[$id]['customrules'] = base64_encode($_POST['customrules']); else @@ -363,24 +345,21 @@ if ($_POST['customrules']) { $rebuild_rules = true; suricata_generate_yaml($a_rule[$id]); $rebuild_rules = false; - $output = ""; - $retcode = ""; - exec("/usr/local/bin/suricata -T --init-errors-fatal -c {$suricatacfgdir}/suricata.yaml 2>&1", $output, $retcode); - if (intval($retcode) != 0) { - $error = ""; - $start = count($output); - $end = $start - 4; - for($i = $start; $i > $end; $i--) - $error .= $output[$i]; - $input_errors[] = "Custom rules have errors:\n {$error}"; - } - else { - header("Location: /suricata/suricata_rules.php?id={$id}&openruleset={$currentruleset}"); - exit; - } + /* Signal Suricata to "live reload" the rules */ + suricata_reload_config($a_rule[$id]); +// $output = ""; +// $retcode = ""; +// exec("/usr/local/bin/suricata -T --init-errors-fatal -c {$suricatacfgdir}/suricata.yaml 2>&1", $output, $retcode); +// if (intval($retcode) != 0) { +// $error = ""; +// $start = count($output); +// $end = $start - 4; +// for($i = $start; $i > $end; $i--) +// $error .= $output[$i]; +// $input_errors[] = "Custom rules have errors:\n {$error}"; +// } } - -else if ($_POST['apply']) { +elseif ($_POST['apply']) { /* Save new configuration */ write_config(); @@ -395,16 +374,6 @@ else if ($_POST['apply']) { /* Signal Suricata to "live reload" the rules */ suricata_reload_config($a_rule[$id]); - - /* Return to this same page */ - header("Location: /suricata/suricata_rules.php?id={$id}&openruleset={$currentruleset}"); - exit; -} -else if ($_POST['cancel']) { - - /* Return to this same page */ - header("Location: /suricata/suricata_rules.php?id={$id}"); - exit; } require_once("guiconfig.inc"); @@ -417,9 +386,7 @@ $pgtitle = gettext("Suricata: Interface {$if_friendly} - Rules: {$currentruleset <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php include("fbegin.inc"); -if ($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';} - -/* Display message */ +/* Display error or save messages if present */ if ($input_errors) { print_input_errors($input_errors); // TODO: add checks } @@ -430,7 +397,11 @@ if ($savemsg) { ?> -<form action="/suricata/suricata_rules.php" method="post" name="iform" id="iform"> +<form action='/suricata/suricata_rules.php' method='post' name='iform' id='iform'> +<input type='hidden' name='id' id='id' value='<?=$id;?>'/> +<input type='hidden' name='openruleset' id='openruleset' value='<?=$currentruleset;?>'/> +<input type='hidden' name='sid' id='sid' value=''/> +<input type='hidden' name='gid' id='gid' value=''/> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr><td> <?php @@ -461,31 +432,31 @@ if ($savemsg) { <tr> <td class="listtopic"><?php echo gettext("Available Rule Categories"); ?></td> </tr> - <tr> - <td class="vncell" height="30px"><strong><?php echo gettext("Category:"); ?></strong> <select id="selectbox" name="selectbox" class="formselect" onChange="go()"> - <option value='?id=<?=$id;?>&openruleset=custom.rules'>custom.rules</option> + <td class="vncell" height="30px"><strong><?php echo gettext("Category:"); ?></strong> + <select id="selectbox" name="selectbox" class="formselect" onChange="go();"> + <option value='custom.rules'>custom.rules</option> <?php - $files = explode("||", $pconfig['rulesets']); - if ($a_rule[$id]['ips_policy_enable'] == 'on') - $files[] = "IPS Policy - " . ucfirst($a_rule[$id]['ips_policy']); - if ($a_rule[$id]['autoflowbitrules'] == 'on') - $files[] = "Auto-Flowbit Rules"; - natcasesort($files); - foreach ($files as $value) { - if ($snortdownload != 'on' && substr($value, 0, mb_strlen(VRT_FILE_PREFIX)) == VRT_FILE_PREFIX) - continue; - if ($emergingdownload != 'on' && substr($value, 0, mb_strlen(ET_OPEN_FILE_PREFIX)) == ET_OPEN_FILE_PREFIX) - continue; - if ($etpro != 'on' && substr($value, 0, mb_strlen(ET_PRO_FILE_PREFIX)) == ET_PRO_FILE_PREFIX) - continue; - if (empty($value)) - continue; - echo "<option value='?id={$id}&openruleset={$value}' "; - if ($value == $currentruleset) - echo "selected"; - echo ">{$value}</option>\n"; - } + $files = explode("||", $pconfig['rulesets']); + if ($a_rule[$id]['ips_policy_enable'] == 'on') + $files[] = "IPS Policy - " . ucfirst($a_rule[$id]['ips_policy']); + if ($a_rule[$id]['autoflowbitrules'] == 'on') + $files[] = "Auto-Flowbit Rules"; + natcasesort($files); + foreach ($files as $value) { + if ($snortdownload != 'on' && substr($value, 0, mb_strlen(VRT_FILE_PREFIX)) == VRT_FILE_PREFIX) + continue; + if ($emergingdownload != 'on' && substr($value, 0, mb_strlen(ET_OPEN_FILE_PREFIX)) == ET_OPEN_FILE_PREFIX) + continue; + if ($etpro != 'on' && substr($value, 0, mb_strlen(ET_PRO_FILE_PREFIX)) == ET_PRO_FILE_PREFIX) + continue; + if (empty($value)) + continue; + echo "<option value='{$value}' "; + if ($value == $currentruleset) + echo "selected"; + echo ">{$value}</option>\n"; + } ?> </select> <?php echo gettext("Select the rule category to view"); ?> </td> @@ -497,15 +468,13 @@ if ($savemsg) { </tr> <tr> <td valign="top" class="vtable"> - <input type='hidden' name='openruleset' value='custom.rules'> - <input type='hidden' name='id' value='<?=$id;?>'> <textarea wrap="soft" cols="90" rows="40" name="customrules"><?=$pconfig['customrules'];?></textarea> </td> </tr> <tr> <td> - <input name="Submit" type="submit" class="formbtn" id="submit" value="<?php echo gettext(" Save "); ?>" title=" <?php echo gettext("Save custom rules"); ?>"/> - <input name="cancel" type="submit" class="formbtn" id="cancel" value="<?php echo gettext("Cancel"); ?>" title="<?php echo gettext("Cancel changes and return to last page"); ?>"/> + <input name="save" type="submit" class="formbtn" id="save" value="<?php echo gettext(" Save "); ?>" title=" <?php echo gettext("Save custom rules"); ?>"/> + <input name="cancel" type="submit" class="formbtn" id="cancel" value="<?php echo gettext("Cancel"); ?>" title="<?php echo gettext("Cancel all changes made prior to last save"); ?>"/> <input name="clear" type="submit" class="formbtn" id="clear" value="<?php echo gettext("Clear"); ?>" onclick="return confirm('<?php echo gettext("This will erase all custom rules for the interface. Are you sure?"); ?>')" title="<?php echo gettext("Deletes all custom rules"); ?>"/> </td> </tr> @@ -518,43 +487,40 @@ if ($savemsg) { <table width="100%" align="center" border="0" cellpadding="0" cellspacing="0"> <tr> <td rowspan="5" width="48%" valign="middle"><input type="submit" name="apply" id="apply" value="<?php echo gettext("Apply"); ?>" class="formbtn" - title="<?php echo gettext("Click to rebuild the rules with your changes"); ?>"/> - <input type='hidden' name='id' value='<?=$id;?>'/> - <input type='hidden' name='openruleset' value='<?=$currentruleset;?>'/><br/><br/> + title="<?php echo gettext("Click to rebuild the rules with your changes"); ?>"/><br/><br/> <span class="vexpl"><span class="red"><strong><?php echo gettext("Note: ") . "</strong></span>" . gettext("Suricata must be restarted to activate any SID enable/disable changes made on this tab."); ?></span></td> - <td class="vexpl" valign="middle"><?php echo "<a href='?id={$id}&openruleset={$currentruleset}&act=resetcategory'> - <img src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\" width=\"15\" height=\"15\" + <td class="vexpl" valign="middle"><?php echo "<input type='image' name='resetcategory[]' + src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\" width=\"15\" height=\"15\" onmouseout='this.src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\"' onmouseover='this.src=\"../themes/{$g['theme']}/images/icons/icon_x_mo.gif\"' border='0' - title='" . gettext("Click to remove enable/disable changes for rules in the selected category only") . "'></a>"?> + title='" . gettext("Click to remove enable/disable changes for rules in the selected category only") . "'/>"?> <?php echo gettext("Remove Enable/Disable changes in the current Category"); ?></td> </tr> <tr> - <td class="vexpl" valign="middle"><?php echo "<a href='?id={$id}&openruleset={$currentruleset}&act=resetall'> - <img src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\" width=\"15\" height=\"15\" + <td class="vexpl" valign="middle"><?php echo "<input type='image' name='resetall[]' + src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\" width=\"15\" height=\"15\" onmouseout='this.src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\"' onmouseover='this.src=\"../themes/{$g['theme']}/images/icons/icon_x_mo.gif\"' border='0' - title='" . gettext("Click to remove all enable/disable changes for rules in all categories") . "'></a>"?> + title='" . gettext("Click to remove all enable/disable changes for rules in all categories") . "'/>"?> <?php echo gettext("Remove all Enable/Disable changes in all Categories"); ?></td> </tr> <tr> - <td class="vexpl" valign="middle"><?php echo "<a href='?id={$id}&openruleset={$currentruleset}&act=disable_all'> - <img src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\" width=\"15\" height=\"15\" + <td class="vexpl" valign="middle"><?php echo "<input type='image' name='disable_all[]' + src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\" width=\"15\" height=\"15\" onmouseout='this.src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\"' onmouseover='this.src=\"../themes/{$g['theme']}/images/icons/icon_x_mo.gif\"' border='0' - title='" . gettext("Click to disable all rules in the selected category") . "'></a>"?> + title='" . gettext("Click to disable all rules in the selected category") . "'/>"?> <?php echo gettext("Disable all rules in the current Category"); ?></td> </tr> <tr> - <td class="vexpl" valign="middle"><?php echo "<a href='?id={$id}&openruleset={$currentruleset}&act=enable_all'> - <img src=\"../themes/{$g['theme']}/images/icons/icon_plus.gif\" width=\"15\" height=\"15\" + <td class="vexpl" valign="middle"><?php echo "<input type='image' name='enable_all[]' + src=\"../themes/{$g['theme']}/images/icons/icon_plus.gif\" width=\"15\" height=\"15\" onmouseout='this.src=\"../themes/{$g['theme']}/images/icons/icon_plus.gif\"' onmouseover='this.src=\"../themes/{$g['theme']}/images/icons/icon_plus_mo.gif\"' border='0' - title='" . gettext("Click to enable all rules in the selected category") . "'></a>"?> + title='" . gettext("Click to enable all rules in the selected category") . "'/>"?> <?php echo gettext("Enable all rules in the current Category"); ?></td> </tr> - <tr> <td class="vexpl" valign="middle"><a href="javascript: void(0)" onclick="wopen('suricata_rules_edit.php?id=<?=$id;?>&openruleset=<?=$currentruleset;?>','FileViewer',800,600)"> @@ -564,7 +530,6 @@ if ($savemsg) { title="<?php echo gettext("Click to view full text of all the category rules"); ?>" width="17" height="17" border="0"></a> <?php echo gettext("View full file contents for the current Category"); ?></td> </tr> - <?php if ($currentruleset == 'Auto-Flowbit Rules'): ?> <tr> <td colspan="3"> </td> @@ -579,7 +544,6 @@ if ($savemsg) { </table> </td> </tr> - <tr> <td class="listtopic"><?php echo gettext("Selected Category's Rules"); ?></td> </tr> @@ -587,7 +551,7 @@ if ($savemsg) { <td> <table id="myTable" class="sortable" style="table-layout: fixed;" width="100%" border="0" cellpadding="0" cellspacing="0"> <colgroup> - <col width="14" align="left" valign="middle"> + <col width="20" align="left" valign="middle"> <col width="6%" align="center" axis="number"> <col width="8%" align="center" axis="number"> <col width="54" align="center" axis="string"> @@ -668,11 +632,11 @@ if ($savemsg) { $message = suricata_get_msg($v['rule']); $sid_tooltip = gettext("View the raw text for this rule"); - echo "<tr><td class=\"listt\" align=\"left\" valign=\"middle\">{$textss} - <a href='?id={$id}&openruleset={$currentruleset}&act=toggle&ids={$sid}'> - <img src=\"../themes/{$g['theme']}/images/icons/{$iconb}\" - width=\"11\" height=\"11\" border=\"0\" - title='{$title}' id=\"rule_{$gid}_{$sid}\"></a>{$textse} + echo "<tr><td class=\"listt\" align=\"left\" valign=\"middle\" sorttable_customkey=\"\">{$textss} + <input type=\"image\" onClick=\"document.getElementById('sid').value='{$sid}'; + document.getElementById('gid').value='{$gid}';\" + src=\"../themes/{$g['theme']}/images/icons/{$iconb}\" width=\"11\" height=\"11\" border=\"0\" + title='{$title}' name=\"toggle[]\"/>{$textse} </td> <td class=\"listlr\" align=\"center\" style=\"font-size: 10px;\"> {$textss}{$gid}{$textse} @@ -753,15 +717,14 @@ if ($savemsg) { </tr> </table> </form> -<?php include("fend.inc"); ?> - <script language="javascript" type="text/javascript"> function go() { - var box = document.iform.selectbox; - destination = box.options[box.selectedIndex].value; - if (destination) - location.href = destination; + var box = document.getElementById("selectbox"); + var ruleset = box.options[box.selectedIndex].value; + if (ruleset) + document.getElementById("openruleset").value = ruleset; + document.getElementById("iform").submit(); } function wopen(url, name, w, h) @@ -785,7 +748,8 @@ function wopen(url, name, w, h) window.scrollBy(0,-60); <?php endif;?> - </script> +<?php include("fend.inc"); ?> + </body> </html> diff --git a/config/suricata/suricata_rulesets.php b/config/suricata/suricata_rulesets.php index a1609d6c..e15818d5 100644 --- a/config/suricata/suricata_rulesets.php +++ b/config/suricata/suricata_rulesets.php @@ -43,10 +43,8 @@ $a_nat = &$config['installedpackages']['suricata']['rule']; $id = $_GET['id']; if (isset($_POST['id'])) $id = $_POST['id']; -if (is_null($id)) { - header("Location: /suricata/suricata_interfaces.php"); - exit; -} +if (is_null($id)) + $id = 0; if (isset($id) && $a_nat[$id]) { $pconfig['enable'] = $a_nat[$id]['enable']; @@ -117,9 +115,7 @@ if ($a_nat[$id]['ips_policy_enable'] == 'on') { else $disable_vrt_rules = ""; -/* alert file */ -if ($_POST["Submit"]) { - +if ($_POST["save"]) { if ($_POST['ips_policy_enable'] == "on") { $a_nat[$id]['ips_policy_enable'] = 'on'; $a_nat[$id]['ips_policy'] = $_POST['ips_policy']; @@ -129,11 +125,12 @@ if ($_POST["Submit"]) { unset($a_nat[$id]['ips_policy']); } - $enabled_items = ""; + // Always start with the default events and files rules + $enabled_items = "decoder-events.rules||files.rules||http-events.rules||smtp-events.rules||stream-events.rules"; if (is_array($_POST['toenable'])) - $enabled_items = implode("||", $_POST['toenable']); + $enabled_items .= "||" . implode("||", $_POST['toenable']); else - $enabled_items = $_POST['toenable']; + $enabled_items .= "||{$_POST['toenable']}"; $a_nat[$id]['rulesets'] = $enabled_items; @@ -155,12 +152,12 @@ if ($_POST["Submit"]) { suricata_generate_yaml($a_nat[$id]); $rebuild_rules = false; - header("Location: /suricata/suricata_rulesets.php?id=$id"); - exit; + /* Signal Suricata to "live reload" the rules */ + suricata_reload_config($a_nat[$id]); } - -if ($_POST['unselectall']) { - $a_nat[$id]['rulesets'] = ""; +elseif ($_POST['unselectall']) { + // Remove all but the default events and files rules + $a_nat[$id]['rulesets'] = "decoder-events.rules||files.rules||http-events.rules||smtp-events.rules||stream-events.rules"; if ($_POST['ips_policy_enable'] == "on") { $a_nat[$id]['ips_policy_enable'] = 'on'; @@ -173,13 +170,10 @@ if ($_POST['unselectall']) { write_config(); sync_suricata_package_config(); - - header("Location: /suricata/suricata_rulesets.php?id=$id"); - exit; } - -if ($_POST['selectall']) { - $rulesets = array(); +elseif ($_POST['selectall']) { + // Start with the required default events and files rules + $rulesets = array( "decoder-events.rules", "files.rules", "http-events.rules", "smtp-events.rules", "stream-events.rules" ); if ($_POST['ips_policy_enable'] == "on") { $a_nat[$id]['ips_policy_enable'] = 'on'; @@ -218,9 +212,6 @@ if ($_POST['selectall']) { write_config(); sync_suricata_package_config(); - - header("Location: /suricata/suricata_rulesets.php?id=$id"); - exit; } $enabled_rulesets_array = explode("||", $a_nat[$id]['rulesets']); @@ -234,7 +225,6 @@ include_once("head.inc"); <?php include("fbegin.inc"); -if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';} /* Display message */ if ($input_errors) { @@ -282,9 +272,8 @@ if ($savemsg) { $isrulesfolderempty = glob("{$suricatadir}rules/*.rules"); $iscfgdirempty = array(); if (file_exists("{$suricatadir}suricata_{$suricata_uuid}_{$if_real}/rules/custom.rules")) - $iscfgdirempty = (array)("{$suricatadir}suricata_{$suricata_uuid}_{$if_real}/rules/custom.rules"); - if (empty($isrulesfolderempty)): -?> + $iscfgdirempty = (array)("{$suricatadir}suricata_{$suricata_uuid}_{$if_real}/rules/custom.rules"); ?> +<?php if (empty($isrulesfolderempty)): ?> <tr> <td class="vexpl"><br/> <?php printf(gettext("# The rules directory is empty: %s%srules%s"), '<strong>',$suricatadir,'</strong>'); ?> <br/><br/> @@ -294,14 +283,7 @@ if ($savemsg) { '</strong></a>' . gettext(" tab."); ?> </td> </tr> -<?php else: - $colspan = 4; - if ($emergingdownload != 'on') - $colspan -= 2; - if ($snortdownload != 'on') - $colspan -= 2; - -?> +<?php else: ?> <tr> <td> <table width="100%" border="0" @@ -393,7 +375,7 @@ if ($savemsg) { <tr height="45px"> <td valign="middle"><input value="Select All" class="formbtns" type="submit" name="selectall" id="selectall" title="<?php echo gettext("Add all to enforcing rules"); ?>"/></td> <td valign="middle"><input value="Unselect All" class="formbtns" type="submit" name="unselectall" id="unselectall" title="<?php echo gettext("Remove all from enforcing rules"); ?>"/></td> - <td valign="middle"><input value=" Save " class="formbtns" type="submit" name="Submit" id="Submit" title="<?php echo gettext("Save changes to enforcing rules and rebuild"); ?>"/></td> + <td valign="middle"><input value=" Save " class="formbtns" type="submit" name="save" id="save" title="<?php echo gettext("Save changes to enforcing rules and rebuild"); ?>"/></td> <td valign="middle"><span class="vexpl"><?php echo gettext("Click to save changes and auto-resolve flowbit rules (if option is selected above)"); ?></span></td> </tr> </table> @@ -531,7 +513,7 @@ if ($savemsg) { </tr> <tr> <td colspan="4" align="center" valign="middle"> - <input value="Save" type="submit" name="Submit" id="Submit" class="formbtn" title=" <?php echo gettext("Click to Save changes and rebuild rules"); ?>"/></td> + <input value="Save" type="submit" name="save" id="save" class="formbtn" title=" <?php echo gettext("Click to Save changes and rebuild rules"); ?>"/></td> </tr> <?php endif; ?> </table> @@ -581,7 +563,7 @@ function enable_change() for (var i = 0; i < document.iform.elements.length; i++) { if (document.iform.elements[i].type == 'checkbox') { var str = document.iform.elements[i].value; - if (str.substr(0,6) == "suricata_") + if (str.substr(0,6) == "snort_") document.iform.elements[i].disabled = !(endis); } } |