diff options
Diffstat (limited to 'config')
35 files changed, 200 insertions, 98 deletions
diff --git a/config/countryblock/countryblock.inc b/config/countryblock/countryblock.inc index 5451b4bf..dc7bffd3 100644 --- a/config/countryblock/countryblock.inc +++ b/config/countryblock/countryblock.inc @@ -139,7 +139,7 @@ function deinstall_command_cb() exec("rm /usr/local/pkg/pf/countryblock.sh"); exec("pfctl -t countryblock -T kill"); exec("sed -i -e '/countryblock/d' /tmp/rules.debug"); - exec("pfctl -o basic -f /tmp/rules.debug"); + exec("pfctl -f /tmp/rules.debug"); conf_mount_ro(); } diff --git a/config/openvpn-client-export/openvpn-client-export.inc b/config/openvpn-client-export/openvpn-client-export.inc index 4d6ded8f..1a34c260 100755 --- a/config/openvpn-client-export/openvpn-client-export.inc +++ b/config/openvpn-client-export/openvpn-client-export.inc @@ -236,7 +236,8 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $verifys if (!empty($proxy)) { if ($proxy['proxy_type'] == "http") { - if ($proto == "udp") { + + if (strtoupper(substr($settings['protocol'], 0, 3)) == "UDP") { $input_errors[] = "This server uses UDP protocol and cannot communicate with HTTP proxy."; return; } @@ -344,7 +345,7 @@ function openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $verifys $conf .= "management-hold{$nl}"; $conf .= "# query management channel for user/pass{$nl}"; $conf .= "management-query-passwords{$nl}"; - $conf .= "# disconnect VPN when managment program connection is closed{$nl}"; + $conf .= "# disconnect VPN when management program connection is closed{$nl}"; $conf .= "management-signal{$nl}"; $conf .= "# forget password when management disconnects{$nl}"; $conf .= "management-forget-disconnect{$nl}"; @@ -629,7 +630,7 @@ function viscosity_openvpn_client_config_exporter($srvid, $usrid, $crtid, $usead file_put_contents("{$tempdir}/{$proxy['passwdfile']}", $pwdfle); } - $conf = openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $verifyservercn, $randomlocalport, $usetoken, true, $proxy, "baseconf", "", true, $openvpnmanager, $advancedoptions); + $conf = openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $verifyservercn, $randomlocalport, $usetoken, true, $proxy, "baseconf", $outpass, true, true, $openvpnmanager, $advancedoptions); if (!$conf) return false; @@ -733,7 +734,10 @@ function openvpn_client_export_sharedkey_config($srvid, $useaddr, $proxy, $zipco } else { if (!$interface) $interface = "wan"; - $server_host = get_interface_ip($interface); + if (in_array(strtolower($settings['protocol']), array("udp6", "tcp6"))) + $server_host = get_interface_ipv6($interface); + else + $server_host = get_interface_ip($interface); } } else if ($useaddr == "serverhostname" || empty($useaddr)) { $server_host = empty($config['system']['hostname']) ? "" : "{$config['system']['hostname']}."; @@ -742,7 +746,10 @@ function openvpn_client_export_sharedkey_config($srvid, $useaddr, $proxy, $zipco $server_host = $useaddr; $server_port = $settings['local_port']; - $proto = (strtoupper($settings['protocol']) == 'UDP' ? 'udp' : "tcp-client"); + + $proto = strtolower($settings['protocol']); + if (strtolower(substr($settings['protocol'], 0, 3)) == "tcp") + $proto .= "-client"; $cipher = $settings['crypto']; $digest = !empty($settings['digest']) ? $settings['digest'] : "SHA1"; @@ -837,7 +844,10 @@ function openvpn_client_export_build_remote_lines($settings, $useaddr, $interfac } else { if (!$interface || ($interface == "any")) $interface = "wan"; - $server_host = get_interface_ip($interface); + if (in_array(strtolower($settings['protocol']), array("udp6", "tcp6"))) + $server_host = get_interface_ipv6($interface); + else + $server_host = get_interface_ip($interface); } } else if ($useaddr == "serverhostname" || empty($useaddr)) { $server_host = empty($config['system']['hostname']) ? "" : "{$config['system']['hostname']}."; @@ -845,7 +855,10 @@ function openvpn_client_export_build_remote_lines($settings, $useaddr, $interfac } else $server_host = $useaddr; - $proto = (strtoupper($settings['protocol']) == 'UDP' ? 'udp' : "tcp"); + $proto = strtolower($settings['protocol']); + if (strtolower(substr($settings['protocol'], 0, 3)) == "tcp") + $proto .= "-client"; + if (($expformat == "inlineios") && ($proto == "tcp-client")) $proto = "tcp"; @@ -867,6 +880,9 @@ function openvpn_client_export_find_port_forwards($targetip, $targetport, $targe filter_generate_optcfg_array(); $destinations = array(); + if (!is_array($config['nat']) || !is_array($config['nat']['rule'])) + return $destinations; + foreach ($config['nat']['rule'] as $natent) { $dest = array(); if (!isset($natent['disabled']) diff --git a/config/openvpn-client-export/openvpn-client-export.xml b/config/openvpn-client-export/openvpn-client-export.xml index f8513387..a6a46649 100755 --- a/config/openvpn-client-export/openvpn-client-export.xml +++ b/config/openvpn-client-export/openvpn-client-export.xml @@ -1,7 +1,7 @@ <?xml version="1.0" encoding="utf-8" ?> <packagegui> <name>OpenVPN Client Export</name> - <version>1.2.4</version> + <version>1.2.9</version> <title>OpenVPN Client Export</title> <include_file>/usr/local/pkg/openvpn-client-export.inc</include_file> <backup_file></backup_file> diff --git a/config/servicewatchdog/services_servicewatchdog.php b/config/servicewatchdog/services_servicewatchdog.php index 920fd1bb..bd4d4442 100644 --- a/config/servicewatchdog/services_servicewatchdog.php +++ b/config/servicewatchdog/services_servicewatchdog.php @@ -56,8 +56,33 @@ if ($_GET['act'] == "del") { servicewatchdog_cron_job(); write_config(); header("Location: services_servicewatchdog.php"); - exit; + return; + } +} + +if (isset($_POST['Update'])) { + /* update selected services */ + if (is_array($_POST['notifies']) && count($_POST['notifies'])) { + /* Check each service and set the notify flag only for those chosen, remove those that are unset. */ + foreach ($a_pwservices as $idx => $thisservice) { + if (!is_array($thisservice)) + continue; + if (in_array($idx, $_POST['notifies'])) { + $a_pwservices[$idx]['notify'] = true; + } else { + if (isset($a_pwservices[$idx]['notify'])) + unset($a_pwservices[$idx]['notify']); + } + } + } else { /* No notifies selected, remove them all. */ + foreach ($a_pwservices as $idx => $thisservice) { + unset($a_pwservices[$idx]['notify']); + } } + servicewatchdog_cron_job(); + write_config(); + header("Location: services_servicewatchdog.php"); + return; } if (isset($_POST['del_x'])) { @@ -69,7 +94,7 @@ if (isset($_POST['del_x'])) { servicewatchdog_cron_job(); write_config(); header("Location: services_servicewatchdog.php"); - exit; + return; } } else { /* yuck - IE won't send value attributes for image buttons, while Mozilla does - so we use .x/.y to find move button clicks instead... */ @@ -141,6 +166,7 @@ include("head.inc"); </td></tr> <tr id="frheader"> <td width="5%" class="list"> </td> +<td width="5%" class="listhdrr">Notify</td> <td width="30%" class="listhdrr"><?=gettext("Service Name");?></td> <td width="60%" class="listhdrr"><?=gettext("Description");?></td> <td width="5%" class="list"> @@ -164,7 +190,8 @@ foreach ($a_pwservices as $thisservice): ?> <tr valign="top" id="fr<?=$nservices;?>"> <td class="listt"><input type="checkbox" id="frc<?=$nservices;?>" name="pwservices[]" value="<?=$i;?>" onClick="fr_bgcolor('<?=$nservices;?>')" style="margin: 0; padding: 0; width: 15px; height: 15px;" /></td> - <td class="listlr" onclick="fr_toggle(<?=$nservices;?>)" id="frd<?=$nservices;?>" ondblclick="document.location='services_servicewatchdog_add.php?id=<?=$nservices;?>';"> + <td class="listlr"><input type="checkbox" id="notify<?=$nservices;?>" name="notifies[]" value="<?=$i;?>" style="margin: 0; padding: 0; width: 15px; height: 15px;" <?PHP if (isset($thisservice['notify'])) echo 'checked="CHECKED"';?>/></td> + <td class="listr" onclick="fr_toggle(<?=$nservices;?>)" id="frd<?=$nservices;?>" ondblclick="document.location='services_servicewatchdog_add.php?id=<?=$nservices;?>';"> <?=$thisservice['name'];?> </td> <td class="listr" onclick="fr_toggle(<?=$nservices;?>)" id="frd<?=$nservices;?>" ondblclick="document.location='services_servicewatchdog_add.php?id=<?=$nservices;?>';"> @@ -180,7 +207,7 @@ foreach ($a_pwservices as $thisservice): </td></tr> <?php $i++; $nservices++; endforeach; ?> <tr> - <td class="list" colspan="3"></td> + <td class="list" colspan="4"></td> <td class="list" valign="middle" nowrap> <table border="0" cellspacing="0" cellpadding="1" summary="add"> <tr> @@ -199,7 +226,14 @@ foreach ($a_pwservices as $thisservice): </table> </td> </tr> - <tr><td></td><td colspan="3"> + <tr><td></td><td colspan="4"> + <?php echo gettext("Check Notify next to services to perform an e-mail notification when the service is restarted. Configure e-mail notifications to receive the alerts."); ?> + <br/> + <input name="Update" type="submit" class="formbtn" value="<?=gettext("Update Notification Settings"); ?>" /> + <br/> + <br/> + </td><td></td></tr> + <tr><td></td><td colspan="4"> <?php echo gettext("Click to select a service and use the arrows to re-order them in the list. Higher services are checked first."); ?> </td><td></td></tr> </table> diff --git a/config/servicewatchdog/servicewatchdog.inc b/config/servicewatchdog/servicewatchdog.inc index 696e570e..5b638836 100644 --- a/config/servicewatchdog/servicewatchdog.inc +++ b/config/servicewatchdog/servicewatchdog.inc @@ -3,6 +3,7 @@ require_once("config.inc"); require_once("services.inc"); require_once("service-utils.inc"); require_once("util.inc"); +require_once("notices.inc"); function servicewatchdog_service_matches($svc1, $svc2) { /* If the arrays are equal, it must be the same service. */ @@ -74,7 +75,10 @@ function servicewatchdog_check_services() { foreach ($a_pwservices as $svc) { if (!get_service_status($svc)) { $descr = strlen($svc['description']) > 50 ? substr($svc['description'], 0, 50) . "..." : $svc['description']; - log_error("Service Watchdog detected service {$svc['name']} stopped. Restarting {$svc['name']} ({$descr})"); + $error_message = "Service Watchdog detected service {$svc['name']} stopped. Restarting {$svc['name']} ({$descr})"; + log_error($error_message); + if (isset($svc['notify'])) + notify_via_smtp($error_message); service_control_start($svc['name'], $svc); } } diff --git a/config/servicewatchdog/servicewatchdog.xml b/config/servicewatchdog/servicewatchdog.xml index e66f878d..685ba997 100644 --- a/config/servicewatchdog/servicewatchdog.xml +++ b/config/servicewatchdog/servicewatchdog.xml @@ -40,7 +40,7 @@ <requirements>None</requirements> <faq>Monitors for stopped services and restarts them.</faq> <name>Service Watchdog</name> - <version>1.5</version> + <version>1.6</version> <title>Services: Service Watchdog</title> <include_file>/usr/local/pkg/servicewatchdog.inc</include_file> <menu> diff --git a/config/snort/snort.inc b/config/snort/snort.inc index 1c9c5cd6..f4fd93b9 100755 --- a/config/snort/snort.inc +++ b/config/snort/snort.inc @@ -53,9 +53,11 @@ $snort_version = $snortver[0]; if (empty($snort_version)) $snort_version = "2.9.6.0"; -/* package version */ -$pfSense_snort_version = "3.0.5"; -$snort_package_version = "Snort {$snort_version} pkg v{$pfSense_snort_version}"; +/* Used to indicate latest version of this include file has been loaded */ +$pfSense_snort_version = "3.0.7"; + +/* get installed package version for display */ +$snort_package_version = "Snort {$config['installedpackages']['package'][get_pkg_id("snort")]['version']}"; // Define SNORTDIR and SNORTLIBDIR constants according to pfSense version $pfs_version=substr(trim(file_get_contents("/etc/version")),0,3); @@ -648,7 +650,7 @@ function snort_post_delete_logs($snort_uuid = 0) { /* Clean-up stats file if enabled */ if ($value['perform_stat'] == 'on') - file_put_contents("{$snort_log_dir}/{$if_real}.stats", ""); + @file_put_contents("{$snort_log_dir}/{$if_real}.stats", ""); } } } @@ -1628,7 +1630,7 @@ function snort_write_enforcing_rules_file($rule_map, $rule_path) { /* If the $rule_map array is empty, then exit. */ if (empty($rule_map)) { - file_put_contents($rule_file, ""); + @file_put_contents($rule_file, ""); return; } @@ -1984,10 +1986,13 @@ function snort_generate_barnyard2_conf($snortcfg, $if_real) { if ($snortcfg['barnyard_mysql_enable'] == 'on') { $by2_dbpwd = base64_decode($snortcfg['barnyard_dbpwd']); $snortbarnyardlog_output_plugins .= "# database: log to a MySQL DB\noutput database: log, mysql, "; - if (isset($snortcfg['barnyard_sensor_name']) && strlen($snortcfg['barnyard_sensor_name']) > 0) - $snortbarnyardlog_output_plugins .= "sensor_name={$snortcfg['barnyard_sensor_name']}, "; $snortbarnyardlog_output_plugins .= "user={$snortcfg['barnyard_dbuser']} password={$by2_dbpwd} "; - $snortbarnyardlog_output_plugins .= "dbname={$snortcfg['barnyard_dbname']} host={$snortcfg['barnyard_dbhost']}\n\n"; + $snortbarnyardlog_output_plugins .= "dbname={$snortcfg['barnyard_dbname']} host={$snortcfg['barnyard_dbhost']}"; + if (isset($snortcfg['barnyard_sensor_name']) && strlen($snortcfg['barnyard_sensor_name']) > 0) + $snortbarnyardlog_output_plugins .= " sensor_name={$snortcfg['barnyard_sensor_name']}"; + if ($snortcfg['barnyard_disable_sig_ref_tbl'] == 'on') + $snortbarnyardlog_output_plugins .= " disable_signature_reference_table"; + $snortbarnyardlog_output_plugins .= "\n\n"; } if ($snortcfg['barnyard_syslog_enable'] == 'on') { $snortbarnyardlog_output_plugins .= "# syslog_full: log to a syslog receiver\noutput alert_syslog_full: "; @@ -2109,7 +2114,7 @@ function snort_deinstall() { } } $config['widgets']['sequence'] = implode(",", $widgetlist); - write_config(); + write_config("Snort pkg: remove Snort Dashboard Widget on package deinstall."); } /* See if we are to clear blocked hosts on uninstall */ @@ -2199,7 +2204,7 @@ function snort_prepare_rule_files($snortcfg, $snortcfgdir) { $sd_tmp_new_file=""; foreach ($sd_tmp_file as $sd_tmp_line) $sd_tmp_new_file.=preg_match("/$sdf_alert_pattern/i",$sd_tmp_line) ? $sd_tmp_line : ""; - file_put_contents("{$snortcfgdir}/preproc_rules/sensitive-data.rules",$sd_tmp_new_file,LOCK_EX); + @file_put_contents("{$snortcfgdir}/preproc_rules/sensitive-data.rules",$sd_tmp_new_file,LOCK_EX); } } elseif ($snortcfg['sensitive_data'] != 'on' && $snortcfg['protect_preproc_rules'] != 'on') { @@ -3541,7 +3546,7 @@ EOD; // Check for and configure Host Attribute Table if enabled $host_attrib_config = ""; if ($snortcfg['host_attribute_table'] == "on" && !empty($snortcfg['host_attribute_data'])) { - file_put_contents("{$snortcfgdir}/host_attributes", base64_decode($snortcfg['host_attribute_data'])); + @file_put_contents("{$snortcfgdir}/host_attributes", base64_decode($snortcfg['host_attribute_data'])); $host_attrib_config = "# Host Attribute Table #\n"; $host_attrib_config .= "attribute_table filename {$snortcfgdir}/host_attributes\n"; if (!empty($snortcfg['max_attribute_hosts'])) @@ -3778,7 +3783,7 @@ output alert_csv: alert timestamp,sig_generator,sig_id,sig_rev,msg,proto,src,src EOD; // Write out snort.conf file - file_put_contents("{$snortcfgdir}/snort.conf", $snort_conf_text); + @file_put_contents("{$snortcfgdir}/snort.conf", $snort_conf_text); conf_mount_ro(); unset($snort_conf_text, $selected_rules_sections, $suppress_file_name, $snort_misc_include_rules, $spoink_type, $snortunifiedlog_type, $alertsystemlog_type); unset($home_net, $external_net, $ipvardef, $portvardef); diff --git a/config/snort/snort.xml b/config/snort/snort.xml index d391d397..9d52aa6c 100755 --- a/config/snort/snort.xml +++ b/config/snort/snort.xml @@ -47,7 +47,7 @@ <faq>Currently there are no FAQ items provided.</faq> <name>Snort</name> <version>2.9.6.0</version> - <title>Services:2.9.6.0 pkg v3.0.5</title> + <title>Services:2.9.6.0 pkg v3.0.7</title> <include_file>/usr/local/pkg/snort/snort.inc</include_file> <menu> <name>Snort</name> @@ -269,7 +269,7 @@ </custom_add_php_command> <custom_php_resync_config_command> <![CDATA[ - if ($GLOBALS['pfSense_snort_version'] == "3.0.5") + if ($GLOBALS['pfSense_snort_version'] == "3.0.7") sync_snort_package_config(); ]]> </custom_php_resync_config_command> diff --git a/config/snort/snort_alerts.php b/config/snort/snort_alerts.php index 998cd061..45443ec2 100755 --- a/config/snort/snort_alerts.php +++ b/config/snort/snort_alerts.php @@ -99,11 +99,13 @@ function snort_add_supplist_entry($suppress) { $a_suppress[] = $s_list; $a_instance[$instanceid]['suppresslistname'] = $s_list['name']; $found_list = true; + $list_name = $s_list['name']; } else { /* If we get here, a Suppress List is defined for the interface so see if we can find it */ foreach ($a_suppress as $a_id => $alist) { if ($alist['name'] == $a_instance[$instanceid]['suppresslistname']) { $found_list = true; + $list_name = $alist['name']; if (!empty($alist['suppresspassthru'])) { $tmplist = base64_decode($alist['suppresspassthru']); $tmplist .= "\n{$suppress}"; @@ -121,7 +123,7 @@ function snort_add_supplist_entry($suppress) { /* If we created a new list or updated an existing one, save the change, */ /* tell Snort to load it, and return true; otherwise return false. */ if ($found_list) { - write_config(); + write_config("Snort pkg: modified Suppress List {$list_name}."); sync_snort_package_config(); snort_reload_config($a_instance[$instanceid]); return true; @@ -168,7 +170,7 @@ if ($_POST['save']) { $config['installedpackages']['snortglobal']['alertsblocks']['arefresh'] = $_POST['arefresh'] ? 'on' : 'off'; $config['installedpackages']['snortglobal']['alertsblocks']['alertnumber'] = $_POST['alertnumber']; - write_config(); + write_config("Snort pkg: updated ALERTS tab settings."); header("Location: /snort/snort_alerts.php?instance={$instanceid}"); exit; @@ -274,7 +276,7 @@ if ($_POST['togglesid'] && is_numeric($_POST['sidid']) && is_numeric($_POST['gen unset($a_instance[$instanceid]['rule_sid_off']); /* Update the config.xml file. */ - write_config(); + write_config("Snort pkg: modified state for rule {$gid}:{$sid}"); /*************************************************/ /* Update the snort.conf file and rebuild the */ diff --git a/config/snort/snort_barnyard.php b/config/snort/snort_barnyard.php index 7acf95c3..902c1637 100644 --- a/config/snort/snort_barnyard.php +++ b/config/snort/snort_barnyard.php @@ -144,6 +144,7 @@ if ($_POST['save']) { $natent['barnyard_syslog_enable'] = $_POST['barnyard_syslog_enable'] ? 'on' : 'off'; $natent['barnyard_syslog_local'] = $_POST['barnyard_syslog_local'] ? 'on' : 'off'; $natent['barnyard_bro_ids_enable'] = $_POST['barnyard_bro_ids_enable'] ? 'on' : 'off'; + $natent['barnyard_disable_sig_ref_tbl'] = $_POST['barnyard_disable_sig_ref_tbl'] ? 'on' : 'off'; $natent['barnyard_syslog_opmode'] = $_POST['barnyard_syslog_opmode']; $natent['barnyard_syslog_proto'] = $_POST['barnyard_syslog_proto']; @@ -163,7 +164,7 @@ if ($_POST['save']) { if ($_POST['barnconfigpassthru']) $natent['barnconfigpassthru'] = base64_encode($_POST['barnconfigpassthru']); else unset($natent['barnconfigpassthru']); $a_nat[$id] = $natent; - write_config(); + write_config("Snort pkg: modified Barnyard2 settings."); // No need to rebuild rules for Barnyard2 changes $rebuild_rules = false; @@ -378,6 +379,14 @@ include_once("head.inc"); <?php echo gettext("Password for the MySQL database user"); ?> </td> </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?php echo gettext("Disable Signature Reference Table"); ?></td> + <td width="78%" class="vtable"> + <input name="barnyard_disable_sig_ref_tbl" type="checkbox" value="on" <?php if ($pconfig['barnyard_disable_sig_ref_tbl'] == "on") echo "checked"; ?>/> + <?php echo gettext("Disable synchronization of sig_reference table in schema. Default value is ") . "<strong>" . gettext("Not Checked") . "</strong>"; ?><br/> + <br/><?php echo gettext("This option will speedup the process when checked, plus it can help work around a 'duplicate entry' error when running multiple Snort instances."); ?> + </td> + </tr> </tbody> <tr> <td colspan="2" valign="top" class="listtopic"><?php echo gettext("Syslog Output Settings"); ?></td> @@ -539,6 +548,7 @@ function toggle_mySQL() { document.iform.barnyard_dbname.disabled = endis; document.iform.barnyard_dbuser.disabled = endis; document.iform.barnyard_dbpwd.disabled = endis; + document.iform.barnyard_disable_sig_ref_tbl.disabled = endis; if (endis) document.getElementById("mysql_config_rows").style.display = "none"; @@ -608,6 +618,7 @@ function enable_change(enable_change) { document.iform.barnyard_dbname.disabled = endis; document.iform.barnyard_dbuser.disabled = endis; document.iform.barnyard_dbpwd.disabled = endis; + document.iform.barnyard_disable_sig_ref_tbl.disabled = endis; document.iform.barnyard_syslog_enable.disabled = endis; document.iform.barnyard_syslog_local.disabled = endis; document.iform.barnyard_syslog_opmode_default.disabled = endis; diff --git a/config/snort/snort_blocked.php b/config/snort/snort_blocked.php index b05384ae..76d5a9df 100644 --- a/config/snort/snort_blocked.php +++ b/config/snort/snort_blocked.php @@ -119,7 +119,7 @@ if ($_POST['save']) $config['installedpackages']['snortglobal']['alertsblocks']['brefresh'] = $_POST['brefresh'] ? 'on' : 'off'; $config['installedpackages']['snortglobal']['alertsblocks']['blertnumber'] = $_POST['blertnumber']; - write_config(); + write_config("Snort pkg: updated BLOCKED tab settings."); header("Location: /snort/snort_blocked.php"); exit; diff --git a/config/snort/snort_check_cron_misc.inc b/config/snort/snort_check_cron_misc.inc index 7b0cfe34..a5b9e65e 100644 --- a/config/snort/snort_check_cron_misc.inc +++ b/config/snort/snort_check_cron_misc.inc @@ -58,7 +58,7 @@ function snort_check_dir_size_limit($snortloglimitsize) { // Truncate the Rules Update Log file if it exists if (file_exists(RULES_UPD_LOGFILE)) { log_error(gettext("[Snort] Truncating the Rules Update Log file...")); - file_put_contents(RULES_UPD_LOGFILE, ""); + @file_put_contents(RULES_UPD_LOGFILE, ""); } // Clean-up the logs for each configured Snort instance @@ -71,7 +71,7 @@ function snort_check_dir_size_limit($snortloglimitsize) { // Truncate the alert log file if it exists if (file_exists("{$snort_log_dir}/alert")) { - file_put_contents("{$snort_log_dir}/alert", ""); + @file_put_contents("{$snort_log_dir}/alert", ""); } // This is needed if snort is run as snort user diff --git a/config/snort/snort_check_for_rule_updates.php b/config/snort/snort_check_for_rule_updates.php index f16e3310..667f4044 100755 --- a/config/snort/snort_check_for_rule_updates.php +++ b/config/snort/snort_check_for_rule_updates.php @@ -68,6 +68,7 @@ if (!defined("IPREP_PATH")) $snortdir = SNORTDIR; $snortlibdir = SNORTLIBDIR; $snortlogdir = SNORTLOGDIR; +$snortiprepdir = IPREP_PATH; $snort_rules_upd_log = RULES_UPD_LOGFILE; /* Save the state of $pkg_interface so we can restore it */ @@ -415,7 +416,7 @@ safe_mkdir("{$snortdir}/preproc_rules"); safe_mkdir("{$tmpfname}"); safe_mkdir("{$snortlibdir}/dynamicrules"); safe_mkdir("{$snortlogdir}"); -safe_mkdir(IPREP_PATH); +safe_mkdir("{$snortiprepdir}"); /* See if we need to automatically clear the Update Log based on 1024K size limit */ if (file_exists($snort_rules_upd_log)) { @@ -812,5 +813,5 @@ if ($update_errors) else $config['installedpackages']['snortglobal']['last_rule_upd_status'] = gettext("success"); $config['installedpackages']['snortglobal']['last_rule_upd_time'] = time(); -write_config(); +write_config("Snort pkg: updated status for updated rules package(s) check."); ?> diff --git a/config/snort/snort_define_servers.php b/config/snort/snort_define_servers.php index d210da2c..4d1b3c2e 100755 --- a/config/snort/snort_define_servers.php +++ b/config/snort/snort_define_servers.php @@ -134,7 +134,7 @@ if ($_POST['save']) { $a_nat[$id] = $natent; - write_config(); + write_config("Snort pkg: modified settings for VARIABLES tab."); /* Update the snort conf file for this interface. */ $rebuild_rules = false; diff --git a/config/snort/snort_edit_hat_data.php b/config/snort/snort_edit_hat_data.php index cef6a894..a5ec0aad 100644 --- a/config/snort/snort_edit_hat_data.php +++ b/config/snort/snort_edit_hat_data.php @@ -66,7 +66,7 @@ else if ($_POST['clear']) { unset($a_nat[$id]['host_attribute_data']); $a_nat[$id]['host_attribute_table'] = 'off'; - write_config(); + write_config("Snort pkg: cleared Host Attribute Table data for {$a_nat[$id]['interface']}."); $rebuild_rules = false; snort_generate_conf($a_nat[$id]); $pconfig['host_attribute_data'] = ""; @@ -78,7 +78,7 @@ if ($_POST['save']) { $a_nat[$id]['host_attribute_table'] = 'on'; else $a_nat[$id]['host_attribute_table'] = 'off'; - write_config(); + write_config("Snort pkg: modified Host Attribute Table data for {$a_nat[$id]['interface']}."); $rebuild_rules = false; snort_generate_conf($a_nat[$id]); $pconfig['host_attribute_data'] = $_POST['host_attribute_data']; diff --git a/config/snort/snort_frag3_engine.php b/config/snort/snort_frag3_engine.php index a4c8cb53..9489bf16 100644 --- a/config/snort/snort_frag3_engine.php +++ b/config/snort/snort_frag3_engine.php @@ -185,7 +185,7 @@ if ($_POST['save']) { } /* Now write the new engine array to conf */ - write_config(); + write_config("Snort pkg: modified frag3 engine settings."); header("Location: /snort/snort_preprocessors.php?id={$id}#frag3_row"); exit; diff --git a/config/snort/snort_ftp_client_engine.php b/config/snort/snort_ftp_client_engine.php index 9058a06e..f462efa8 100644 --- a/config/snort/snort_ftp_client_engine.php +++ b/config/snort/snort_ftp_client_engine.php @@ -216,7 +216,7 @@ if ($_POST['save']) { } /* Now write the new engine array to conf */ - write_config(); + write_config("Snort pkg: modified ftp_telnet_client engine settings."); header("Location: /snort/snort_preprocessors.php?id={$id}#ftp_telnet_row_ftp_proto_opts"); exit; diff --git a/config/snort/snort_ftp_server_engine.php b/config/snort/snort_ftp_server_engine.php index 618c8d85..cb9abc9c 100644 --- a/config/snort/snort_ftp_server_engine.php +++ b/config/snort/snort_ftp_server_engine.php @@ -187,7 +187,7 @@ if ($_POST['save']) { } /* Now write the new engine array to conf */ - write_config(); + write_config("Snort pkg: modified ftp_telnet_server engine settings."); header("Location: /snort/snort_preprocessors.php?id={$id}#ftp_telnet_row_ftp_proto_opts"); exit; diff --git a/config/snort/snort_httpinspect_engine.php b/config/snort/snort_httpinspect_engine.php index 47495ebe..c7680892 100644 --- a/config/snort/snort_httpinspect_engine.php +++ b/config/snort/snort_httpinspect_engine.php @@ -296,7 +296,7 @@ if ($_POST['save']) { } // Now write the new engine array to conf - write_config(); + write_config("Snort pkg: modified http_inspect engine settings."); header("Location: /snort/snort_preprocessors.php?id={$id}#httpinspect_row"); exit; diff --git a/config/snort/snort_import_aliases.php b/config/snort/snort_import_aliases.php index 7edadea7..80b3bb1d 100644 --- a/config/snort/snort_import_aliases.php +++ b/config/snort/snort_import_aliases.php @@ -206,7 +206,7 @@ if ($_POST['save']) { } // Now write the new engine array to conf and return - write_config(); + write_config("Snort pkg: imported new host or network alias."); header("Location: /snort/snort_preprocessors.php?id={$id}{$anchor}"); exit; diff --git a/config/snort/snort_interfaces.php b/config/snort/snort_interfaces.php index 9f42ab2e..c82ec57e 100755 --- a/config/snort/snort_interfaces.php +++ b/config/snort/snort_interfaces.php @@ -65,7 +65,7 @@ if (isset($_POST['del_x'])) { if (empty($a_nat)) unset($a_nat); - write_config(); + write_config("Snort pkg: deleted one or more Snort interfaces."); sleep(2); /* if there are no ifaces remaining do not create snort.sh */ diff --git a/config/snort/snort_interfaces_edit.php b/config/snort/snort_interfaces_edit.php index 1f3a3cbe..4c868844 100755 --- a/config/snort/snort_interfaces_edit.php +++ b/config/snort/snort_interfaces_edit.php @@ -273,7 +273,7 @@ if ($_POST["save"]) { snort_stop($natent, $if_real); /* Save configuration changes */ - write_config(); + write_config("Snort pkg: modified interface configuration for {$natent['interface']}."); /* Most changes don't require a rules rebuild, so default to "off" */ $rebuild_rules = false; diff --git a/config/snort/snort_interfaces_global.php b/config/snort/snort_interfaces_global.php index 99c8313d..69a182bd 100644 --- a/config/snort/snort_interfaces_global.php +++ b/config/snort/snort_interfaces_global.php @@ -151,7 +151,7 @@ if (!$input_errors) { /* create whitelist and homenet file then sync files */ sync_snort_package_config(); - write_config(); + write_config("Snort pkg: modified global settings."); /* forces page to reload new settings */ header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' ); diff --git a/config/snort/snort_interfaces_suppress.php b/config/snort/snort_interfaces_suppress.php index 216b93c6..ecbd04a7 100644 --- a/config/snort/snort_interfaces_suppress.php +++ b/config/snort/snort_interfaces_suppress.php @@ -76,7 +76,7 @@ if ($_POST['del']) { } else { unset($a_suppress[$_POST['list_id']]); - write_config(); + write_config("Snort pkg: deleted a Suppress List."); header("Location: /snort/snort_interfaces_suppress.php"); exit; } diff --git a/config/snort/snort_interfaces_suppress_edit.php b/config/snort/snort_interfaces_suppress_edit.php index 370fa017..986bfc38 100644 --- a/config/snort/snort_interfaces_suppress_edit.php +++ b/config/snort/snort_interfaces_suppress_edit.php @@ -109,7 +109,6 @@ if ($_POST['save']) { } } - if (!$input_errors) { $s_list = array(); $s_list['name'] = $_POST['name']; @@ -125,7 +124,7 @@ if ($_POST['save']) { else $a_suppress[] = $s_list; - write_config(); + write_config("Snort pkg: modified Suppress List {$s_list['name']}."); sync_snort_package_config(); header("Location: /snort/snort_interfaces_suppress.php"); @@ -142,14 +141,14 @@ include_once("head.inc"); <?php include("fbegin.inc"); -if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';} - -if ($input_errors) print_input_errors($input_errors); +if ($input_errors) + print_input_errors($input_errors); if ($savemsg) print_info_box($savemsg); ?> <form action="/snort/snort_interfaces_suppress_edit.php" name="iform" id="iform" method="post"> +<input name="id" type="hidden" value="<?=$id;?>"/> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr><td> <?php @@ -215,8 +214,7 @@ if ($savemsg) <td colspan="2"><input id="save" name="save" type="submit" class="formbtn" value="Save" /> <input id="cancelbutton" name="cancelbutton" type="button" class="formbtn" value="Cancel" - onclick="history.back();"/> <?php if (isset($id) && $a_suppress[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>"/> <?php endif; ?> + onclick="history.back();"/> </td> </tr> </table> diff --git a/config/snort/snort_ip_reputation.php b/config/snort/snort_ip_reputation.php index a59021db..3de8c661 100644 --- a/config/snort/snort_ip_reputation.php +++ b/config/snort/snort_ip_reputation.php @@ -75,13 +75,24 @@ if ($_POST['mode'] == 'blist_add' && isset($_POST['iplist'])) { // Test the supplied IP List file to see if it exists if (file_exists($_POST['iplist'])) { - $a_nat[$id]['blist_files']['item'][] = basename($_POST['iplist']); - write_config(); - $pconfig['blist_files'] = $a_nat[$id]['blist_files']; - $pconfig['wlist_files'] = $a_nat[$id]['wlist_files']; + // See if the file is already assigned to the interface + foreach ($a_nat[$id]['blist_files']['item'] as $f) { + if ($f == basename($_POST['iplist'])) { + $input_errors[] = gettext("The file {$f} is already assigned as a blacklist file."); + break; + } + } + if (!$input_errors) { + $a_nat[$id]['blist_files']['item'][] = basename($_POST['iplist']); + write_config("Snort pkg: added new blacklist file for IP REPUTATION preprocessor."); + mark_subsystem_dirty('snort_iprep'); + } } else $input_errors[] = gettext("The file '{$_POST['iplist']}' could not be found."); + + $pconfig['blist_files'] = $a_nat[$id]['blist_files']; + $pconfig['wlist_files'] = $a_nat[$id]['wlist_files']; } if ($_POST['mode'] == 'wlist_add' && isset($_POST['iplist'])) { @@ -89,19 +100,31 @@ if ($_POST['mode'] == 'wlist_add' && isset($_POST['iplist'])) { // Test the supplied IP List file to see if it exists if (file_exists($_POST['iplist'])) { - $a_nat[$id]['wlist_files']['item'][] = basename($_POST['iplist']); - write_config(); - $pconfig['wlist_files'] = $a_nat[$id]['wlist_files']; - $pconfig['blist_files'] = $a_nat[$id]['blist_files']; + // See if the file is already assigned to the interface + foreach ($a_nat[$id]['wlist_files']['item'] as $f) { + if ($f == basename($_POST['iplist'])) { + $input_errors[] = gettext("The file {$f} is already assigned as a whitelist file."); + break; + } + } + if (!$input_errors) { + $a_nat[$id]['wlist_files']['item'][] = basename($_POST['iplist']); + write_config("Snort pkg: added new whitelist file for IP REPUTATION preprocessor."); + mark_subsystem_dirty('snort_iprep'); + } } else $input_errors[] = gettext("The file '{$_POST['iplist']}' could not be found."); + + $pconfig['blist_files'] = $a_nat[$id]['blist_files']; + $pconfig['wlist_files'] = $a_nat[$id]['wlist_files']; } if ($_POST['blist_del'] && is_numericint($_POST['list_id'])) { $pconfig = $_POST; unset($a_nat[$id]['blist_files']['item'][$_POST['list_id']]); - write_config(); + write_config("Snort pkg: deleted blacklist file for IP REPUTATION preprocessor."); + mark_subsystem_dirty('snort_iprep'); $pconfig['blist_files'] = $a_nat[$id]['blist_files']; $pconfig['wlist_files'] = $a_nat[$id]['wlist_files']; } @@ -109,12 +132,13 @@ if ($_POST['blist_del'] && is_numericint($_POST['list_id'])) { if ($_POST['wlist_del'] && is_numericint($_POST['list_id'])) { $pconfig = $_POST; unset($a_nat[$id]['wlist_files']['item'][$_POST['list_id']]); - write_config(); + write_config("Snort pkg: deleted whitelist file for IP REPUTATION preprocessor."); + mark_subsystem_dirty('snort_iprep'); $pconfig['wlist_files'] = $a_nat[$id]['wlist_files']; $pconfig['blist_files'] = $a_nat[$id]['blist_files']; } -if ($_POST['save']) { +if ($_POST['save'] || $_POST['apply']) { $natent = array(); $natent = $pconfig; @@ -134,7 +158,7 @@ if ($_POST['save']) { $a_nat[$id] = $natent; - write_config(); + write_config("Snort pkg: modified IP REPUTATION preprocessor settings for {$a_nat[$id]['interface']}."); // Update the snort conf file for this interface $rebuild_rules = false; @@ -143,6 +167,9 @@ if ($_POST['save']) { // Soft-restart Snort to live-load new variables snort_reload_config($a_nat[$id]); $pconfig = $natent; + + // We have saved changes and done a soft restart, so clear "dirty" flag + clear_subsystem_dirty('snort_iprep'); } else $pconfig = $_POST; @@ -169,6 +196,11 @@ if ($savemsg) <input type="hidden" id="mode" name="mode" value="" /> <input name="iplist" id="iplist" type="hidden" value="" /> <input name="list_id" id="list_id" type="hidden" value="" /> + +<?php if (is_subsystem_dirty('snort_iprep')): ?><p> +<?php print_info_box_np(gettext("A change has been made to blacklist or whitelist file assignments.") . "<br/>" . gettext("You must apply the changes in order for them to take effect."));?> +<?php endif; ?> + <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> <td> @@ -379,7 +411,6 @@ if ($savemsg) </td> </tr> </table> -</form> <script type="text/javascript"> Event.observe( @@ -469,6 +500,7 @@ function wlistComplete(req) { </script> +</form> <?php include("fend.inc"); ?> </body> </html> diff --git a/config/snort/snort_migrate_config.php b/config/snort/snort_migrate_config.php index d7a20726..b3152d5d 100644 --- a/config/snort/snort_migrate_config.php +++ b/config/snort/snort_migrate_config.php @@ -339,7 +339,6 @@ foreach ($rule as &$r) { $pconfig['barnyard_dbpwd'] = base64_encode($matches[2][$k]); } $pconfig['barnyard_mysql_enable'] = 'on'; - $pconfig['barnyard_enable'] = 'on'; unset($pconfig['barnyard_mysql']); } // Since Barnyard2 was enabled, configure the new archived log settings @@ -366,9 +365,9 @@ unset($r); // Write out the new configuration to disk if we changed anything if ($updated_cfg) { - $config['installedpackages']['snortglobal']['snort_config_ver'] = "3.0.5"; + $config['installedpackages']['snortglobal']['snort_config_ver'] = "3.0.7"; log_error("[Snort] Saving configuration settings in new format..."); - write_config(); + write_config("Snort pkg: migrate existing settings to new format as part of package upgrade."); log_error("[Snort] Settings successfully migrated to new configuration format..."); } else diff --git a/config/snort/snort_passlist.php b/config/snort/snort_passlist.php index 4eea356a..2cac9cd4 100644 --- a/config/snort/snort_passlist.php +++ b/config/snort/snort_passlist.php @@ -85,7 +85,7 @@ if ($_POST['del'] && is_numericint($_POST['list_id'])) { } if (!$input_errors) { unset($a_passlist[$_POST['list_id']]); - write_config(); + write_config("Snort pkg: deleted PASS LIST."); sync_snort_package_config(); header("Location: /snort/snort_passlist.php"); exit; diff --git a/config/snort/snort_passlist_edit.php b/config/snort/snort_passlist_edit.php index e486a076..3be776f4 100644 --- a/config/snort/snort_passlist_edit.php +++ b/config/snort/snort_passlist_edit.php @@ -156,7 +156,7 @@ if ($_POST['save']) { else $a_passlist[] = $w_list; - write_config(); + write_config("Snort pkg: modified PASS LIST {$w_list['name']}."); /* create pass list and homenet file, then sync files */ sync_snort_package_config(); diff --git a/config/snort/snort_post_install.php b/config/snort/snort_post_install.php index c2b46cd5..dbac41ef 100644 --- a/config/snort/snort_post_install.php +++ b/config/snort/snort_post_install.php @@ -1423,7 +1423,7 @@ if ($pkgid >= 0) { log_error(gettext("[Snort] Removing legacy 'Dashboard Widget: Snort' package because the widget is now part of the Snort package.")); unset($config['installedpackages']['package'][$pkgid]); unlink_if_exists("/usr/local/pkg/widget-snort.xml"); - write_config(); + write_config("Snort pkg: removed legacy Snort Dashboard Widget."); } /* Define a default Dashboard Widget Container for Snort */ @@ -1494,8 +1494,8 @@ if (stristr($config['widgets']['sequence'], "snort_alerts-container") === FALSE) $config['widgets']['sequence'] .= ",{$snort_widget_container}"; /* Update Snort package version in configuration */ -$config['installedpackages']['snortglobal']['snort_config_ver'] = "3.0.5"; -write_config(); +$config['installedpackages']['snortglobal']['snort_config_ver'] = "3.0.7"; +write_config("Snort pkg: post-install configuration saved."); /* Done with post-install, so clear flag */ unset($g['snort_postinstall']); diff --git a/config/snort/snort_preprocessors.php b/config/snort/snort_preprocessors.php index 6c3dc90f..5cee95df 100755 --- a/config/snort/snort_preprocessors.php +++ b/config/snort/snort_preprocessors.php @@ -199,7 +199,7 @@ if ($_GET['act'] == "import" && isset($_GET['varname']) && !empty($_GET['varvalu if ($_POST['del_http_inspect']) { if (isset($_POST['eng_id']) && isset($id) && issset($a_nat[$id])) { unset($a_nat[$id]['http_inspect_engine']['item'][$_POST['eng_id']]); - write_config(); + write_config("Snort pkg: deleted http_inspect engine for {$a_nat[$id]['interface']}."); header("Location: snort_preprocessors.php?id=$id#httpinspect_row"); exit; } @@ -207,7 +207,7 @@ if ($_POST['del_http_inspect']) { elseif ($_POST['del_frag3']) { if (isset($_POST['eng_id']) && isset($id) && isset($a_nat[$id])) { unset($a_nat[$id]['frag3_engine']['item'][$_POST['eng_id']]); - write_config(); + write_config("Snort pkg: deleted frag3 engine for {$a_nat[$id]['interface']}."); header("Location: snort_preprocessors.php?id=$id#frag3_row"); exit; } @@ -215,7 +215,7 @@ elseif ($_POST['del_frag3']) { elseif ($_POST['del_stream5_tcp']) { if (isset($_POST['eng_id']) && isset($id) && isset($a_nat[$id])) { unset($a_nat[$id]['stream5_tcp_engine']['item'][$_POST['eng_id']]); - write_config(); + write_config("Snort pkg: deleted stream5 engine for {$a_nat[$id]['interface']}."); header("Location: snort_preprocessors.php?id=$id#stream5_row"); exit; } @@ -223,7 +223,7 @@ elseif ($_POST['del_stream5_tcp']) { elseif ($_POST['del_ftp_client']) { if (isset($_POST['eng_id']) && isset($id) && isset($a_nat[$id])) { unset($a_nat[$id]['ftp_client_engine']['item'][$_POST['eng_id']]); - write_config(); + write_config("Snort pkg: deleted ftp_client engine for {$a_nat[$id]['interface']}."); header("Location: snort_preprocessors.php?id=$id#ftp_telnet_row"); exit; } @@ -231,7 +231,7 @@ elseif ($_POST['del_ftp_client']) { elseif ($_POST['del_ftp_server']) { if (isset($_POST['eng_id']) && isset($id) && isset($a_nat[$id])) { unset($a_nat[$id]['ftp_server_engine']['item'][$_POST['eng_id']]); - write_config(); + write_config("Snort pkg: deleted ftp_server engine for {$a_nat[$id]['interface']}."); header("Location: snort_preprocessors.php?id=$id#ftp_telnet_row"); exit; } @@ -377,7 +377,7 @@ if ($_POST['save']) { if (isset($id) && isset($a_nat[$id])) { $a_nat[$id] = $natent; - write_config(); + write_config("Snort pkg: saved modified preprocessor settings for {$a_nat[$id]['interface']}."); } /*************************************************/ @@ -427,7 +427,7 @@ if ($_POST['btn_import']) { $pconfig['host_attribute_data'] = $a_nat[$id]['host_attribute_data']; $a_nat[$id]['max_attribute_hosts'] = $pconfig['max_attribute_hosts']; $a_nat[$id]['max_attribute_services_per_host'] = $pconfig['max_attribute_services_per_host']; - write_config(); + write_config("Snort pkg: imported Host Attribute Table data for {$a_nat[$id]['interface']}."); } header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' ); header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' ); @@ -449,7 +449,7 @@ if ($_POST['btn_edit_hat']) { $a_nat[$id]['host_attribute_table'] = "on"; $a_nat[$id]['max_attribute_hosts'] = $pconfig['max_attribute_hosts']; $a_nat[$id]['max_attribute_services_per_host'] = $pconfig['max_attribute_services_per_host']; - write_config(); + write_config("Snort pkg: modified Host Attribute Table data for {$a_nat[$id]['interface']}."); header("Location: snort_edit_hat_data.php?id=$id"); exit; } diff --git a/config/snort/snort_rules.php b/config/snort/snort_rules.php index 158999f9..e69152c3 100755 --- a/config/snort/snort_rules.php +++ b/config/snort/snort_rules.php @@ -196,7 +196,7 @@ if ($_POST['toggle'] && is_numeric($_POST['sid']) && is_numeric($_POST['gid']) & unset($a_rule[$id]['rule_sid_off']); /* Update the config.xml file. */ - write_config(); + write_config("Snort pkg: modified state for rule {$gid}:{$sid} on {$a_rule[$id]['interface']}."); $anchor = "rule_{$gid}_{$sid}"; } @@ -236,7 +236,7 @@ elseif ($_POST['disable_all'] && !empty($rules_map)) { else unset($a_rule[$id]['rule_sid_off']); - write_config(); + write_config("Snort pkg: disabled all rules in category {$currentruleset} for {$a_rule[$id]['interface']}."); } elseif ($_POST['enable_all'] && !empty($rules_map)) { @@ -273,7 +273,7 @@ elseif ($_POST['enable_all'] && !empty($rules_map)) { else unset($a_rule[$id]['rule_sid_off']); - write_config(); + write_config("Snort pkg: enable all rules in category {$currentruleset} for {$a_rule[$id]['interface']}."); } elseif ($_POST['resetcategory'] && !empty($rules_map)) { @@ -312,7 +312,7 @@ elseif ($_POST['resetcategory'] && !empty($rules_map)) { else unset($a_rule[$id]['rule_sid_off']); - write_config(); + write_config("Snort pkg: remove enablesid/disablesid changes for category {$currentruleset} on {$a_rule[$id]['interface']}."); } elseif ($_POST['resetall'] && !empty($rules_map)) { @@ -321,14 +321,14 @@ elseif ($_POST['resetall'] && !empty($rules_map)) { unset($a_rule[$id]['rule_sid_off']); /* Update the config.xml file. */ - write_config(); + write_config("Snort pkg: remove all enablesid/disablesid changes for {$a_rule[$id]['interface']}."); } else if ($_POST['cancel']) { $pconfig['customrules'] = base64_decode($a_rule[$id]['customrules']); } elseif ($_POST['clear']) { unset($a_rule[$id]['customrules']); - write_config(); + write_config("Snort pkg: clear all custom rules for {$a_rule[$id]['interface']}."); $rebuild_rules = true; snort_generate_conf($a_rule[$id]); $rebuild_rules = false; @@ -340,7 +340,7 @@ elseif ($_POST['save']) { $a_rule[$id]['customrules'] = base64_encode($_POST['customrules']); else unset($a_rule[$id]['customrules']); - write_config(); + write_config("Snort pkg: save modified custom rules for {$a_rule[$id]['interface']}."); $rebuild_rules = true; snort_generate_conf($a_rule[$id]); $rebuild_rules = false; @@ -364,7 +364,7 @@ elseif ($_POST['save']) { } else if ($_POST['apply']) { /* Save new configuration */ - write_config(); + write_config("Snort pkg: save new rules configuration for {$a_rule[$id]['interface']}."); /*************************************************/ /* Update the snort conf file and rebuild the */ diff --git a/config/snort/snort_rules_flowbits.php b/config/snort/snort_rules_flowbits.php index de5bdc6b..daf1c4ef 100644 --- a/config/snort/snort_rules_flowbits.php +++ b/config/snort/snort_rules_flowbits.php @@ -125,7 +125,7 @@ if ($_POST['addsuppress'] && is_numeric($_POST['sid']) && is_numeric($_POST['gid } } if ($found_list) { - write_config(); + write_config("Snort pkg: modified Suppress List for {$a_nat[$id]['interface']}."); $rebuild_rules = false; sync_snort_package_config(); snort_reload_config($a_nat[$id]); diff --git a/config/snort/snort_rulesets.php b/config/snort/snort_rulesets.php index 46a67913..79365f5f 100755 --- a/config/snort/snort_rulesets.php +++ b/config/snort/snort_rulesets.php @@ -153,7 +153,7 @@ if ($_POST["save"]) { @unlink("{$snortdir}/snort_{$snort_uuid}_{$if_real}/rules/{$flowbit_rules_file}"); } - write_config(); + write_config("Snort pkg: save enabled rule categories for {$a_nat[$id]['interface']}."); /*************************************************/ /* Update the snort conf file and rebuild the */ diff --git a/config/snort/snort_stream5_engine.php b/config/snort/snort_stream5_engine.php index 9a91e0d6..89b0bc02 100644 --- a/config/snort/snort_stream5_engine.php +++ b/config/snort/snort_stream5_engine.php @@ -328,7 +328,7 @@ if ($_POST['save']) { } /* Now write the new engine array to conf */ - write_config(); + write_config("Snort pkg: save modified stream5 engine."); header("Location: /snort/snort_preprocessors.php?id={$id}#stream5_row"); exit; |