aboutsummaryrefslogtreecommitdiffstats
path: root/config
diff options
context:
space:
mode:
Diffstat (limited to 'config')
-rw-r--r--config/snort-dev/css/style_snort2.css56
-rw-r--r--config/snort-dev/images/progress_bar2.gifbin0 -> 63777 bytes
-rw-r--r--config/snort-dev/images/progressbar.gifbin0 -> 1052 bytes
-rw-r--r--config/snort-dev/javascript/jquery.progressbar.min.js20
-rw-r--r--config/snort-dev/snort_build.inc4
-rw-r--r--config/snort-dev/snort_download_rules.inc292
-rw-r--r--config/snort-dev/snort_download_updates.php190
7 files changed, 339 insertions, 223 deletions
diff --git a/config/snort-dev/css/style_snort2.css b/config/snort-dev/css/style_snort2.css
index 0582f70d..6b5995cd 100644
--- a/config/snort-dev/css/style_snort2.css
+++ b/config/snort-dev/css/style_snort2.css
@@ -114,22 +114,6 @@ a {
background-color:#000;
}
-.snortModalUpdate {
- width:900px;
- height:500px;
- position:absolute;
- z-index:999;
- background-color:#000;
-}
-
-.snortModalTopUpdate {
- width:900px;
- height:25px;
- background-image:url( '/snort/images/top_modal_bar_lil.jpg' );
- background-repeat:repeat-x;
- margin-bottom:1px;
-}
-
.snortModalTop {
width:500px;
height:25px;
@@ -138,6 +122,10 @@ a {
margin-bottom:1px;
}
+.snortModalTitle {
+ text-align: center;
+}
+
.snortModalTopClose {
width:9px;
height:9px;
@@ -146,15 +134,41 @@ a {
margin-top:8px;
}
-.snortModalTitle {
- text-align: center;
+.snortModalUpdate {
+ width: 700px;
+ height: 200px;
+ z-index:999;
+ background-color:#000000;
+}
+
+.snortModalTopUpdate {
+ width: 700px;
+ height: 25px;
+ background-image:url( '/snort/images/top_modal_bar_lil.jpg' );
+ background-repeat:repeat-x;
+ margin-bottom:1px;
}
.snortModalTitleUpdate {
position:absolute;
- top: 125px;
- left: 170px;
- width: 600px;
+ left: 50px;
+ width: 600px;
+ margin-top: 0px;
+ margin-bottom: 0px;
+}
+
+.snortModalTitleUpdateMsg1 {
+ top: 50px;
+ font-weight: bold;
+ font-size: 24px;
+}
+
+.snortModalTitleUpdateBar {
+ top: 90px;
+}
+
+.snortModalTitleUpdateMsg2 {
+ top: 145px;
}
.listhdrr2 {
diff --git a/config/snort-dev/images/progress_bar2.gif b/config/snort-dev/images/progress_bar2.gif
new file mode 100644
index 00000000..81766a93
--- /dev/null
+++ b/config/snort-dev/images/progress_bar2.gif
Binary files differ
diff --git a/config/snort-dev/images/progressbar.gif b/config/snort-dev/images/progressbar.gif
new file mode 100644
index 00000000..6d167f5b
--- /dev/null
+++ b/config/snort-dev/images/progressbar.gif
Binary files differ
diff --git a/config/snort-dev/javascript/jquery.progressbar.min.js b/config/snort-dev/javascript/jquery.progressbar.min.js
new file mode 100644
index 00000000..77d147f9
--- /dev/null
+++ b/config/snort-dev/javascript/jquery.progressbar.min.js
@@ -0,0 +1,20 @@
+
+(function($){$.extend({progressBar:new function(){this.defaults={steps:20,stepDuration:20,max:100,showText:true,textFormat:'percentage',width:120,height:12,callback:null,boxImage:'/snort/images/progressbar.gif',barImage:{0:'images/progressbg_red.gif',30:'images/progressbg_orange.gif',70:'images/progressbg_green.gif'},running_value:0,value:0,image:null};this.construct=function(arg1,arg2){var argvalue=null;var argconfig=null;if(arg1!=null){if(!isNaN(arg1)){argvalue=arg1;if(arg2!=null){argconfig=arg2;}}else{argconfig=arg1;}}
+return this.each(function(child){var pb=this;var config=this.config;if(argvalue!=null&&this.bar!=null&&this.config!=null){this.config.value=parseInt(argvalue)
+if(argconfig!=null)
+pb.config=$.extend(this.config,argconfig);config=pb.config;}else{var $this=$(this);var config=$.extend({},$.progressBar.defaults,argconfig);config.id=$this.attr('id')?$this.attr('id'):Math.ceil(Math.random()*100000);if(argvalue==null)
+argvalue=$this.html().replace("%","")
+config.value=parseInt(argvalue);config.running_value=0;config.image=getBarImage(config);var numeric=['steps','stepDuration','max','width','height','running_value','value'];for(var i=0;i<numeric.length;i++)
+config[numeric[i]]=parseInt(config[numeric[i]]);$this.html("");var bar=document.createElement('img');var text=document.createElement('span');var $bar=$(bar);var $text=$(text);pb.bar=$bar;$bar.attr('id',config.id+"_pbImage");$text.attr('id',config.id+"_pbText");$text.html(getText(config));$bar.attr('title',getText(config));$bar.attr('alt',getText(config));$bar.attr('src',config.boxImage);$bar.attr('width',config.width);$bar.css("width",config.width+"px");$bar.css("height",config.height+"px");$bar.css("background-image","url("+config.image+")");$bar.css("background-position",((config.width*-1))+'px 50%');$bar.css("padding","0");$bar.css("margin","0");$this.append($bar);$this.append($text);}
+function getPercentage(config){return config.running_value*100/config.max;}
+function getBarImage(config){var image=config.barImage;if(typeof(config.barImage)=='object'){for(var i in config.barImage){if(config.running_value>=parseInt(i)){image=config.barImage[i];}else{break;}}}
+return image;}
+function getText(config){if(config.showText){if(config.textFormat=='percentage'){return" "+Math.round(config.running_value)+"%";}else if(config.textFormat=='fraction'){return" "+config.running_value+'/'+config.max;}}}
+config.increment=Math.round((config.value-config.running_value)/config.steps);if(config.increment<0)
+config.increment*=-1;if(config.increment<1)
+config.increment=1;var t=setInterval(function(){var pixels=config.width/100;if(config.running_value>config.value){if(config.running_value-config.increment<config.value){config.running_value=config.value;}else{config.running_value-=config.increment;}}
+else if(config.running_value<config.value){if(config.running_value+config.increment>config.value){config.running_value=config.value;}else{config.running_value+=config.increment;}}
+if(config.running_value==config.value)
+clearInterval(t);var $bar=$("#"+config.id+"_pbImage");var $text=$("#"+config.id+"_pbText");var image=getBarImage(config);if(image!=config.image){$bar.css("background-image","url("+image+")");config.image=image;}
+$bar.css("background-position",(((config.width*-1))+(getPercentage(config)*pixels))+'px 50%');$bar.attr('title',getText(config));$text.html(getText(config));if(config.callback!=null&&typeof(config.callback)=='function')
+config.callback(config);pb.config=config;},config.stepDuration);});};}});$.fn.extend({progressBar:$.progressBar.construct});})(jQuery); \ No newline at end of file
diff --git a/config/snort-dev/snort_build.inc b/config/snort-dev/snort_build.inc
index 29695df4..ee663735 100644
--- a/config/snort-dev/snort_build.inc
+++ b/config/snort-dev/snort_build.inc
@@ -565,10 +565,12 @@ function generate_snort_conf($uuid)
$listEnabled_rulesets = array();
$listEnabled_rulesets = snortSql_fetchAllSettings('snortDBrules', 'SnortRuleSets', 'rdbuuid', $ifaceSettingsArray['ruledbname']);
+ $listCurntDirRules = array();
+ $listCurntDirRules = snortScanDirFilter("/usr/local/etc/snort/sn_{$uuid}/rules", '\.rules');
if(!empty($listEnabled_rulesets)) {
foreach($listEnabled_rulesets as $enabled_item)
{
- if ($enabled_item['enable'] !== 'off') {
+ if ($enabled_item['enable'] !== 'off' && in_array($enabled_item['rulesetname'], $listCurntDirRules)) {
$selected_rules_sections .= "include \$RULE_PATH/{$enabled_item['rulesetname']}\n";
}
}
diff --git a/config/snort-dev/snort_download_rules.inc b/config/snort-dev/snort_download_rules.inc
index 0d3330b7..09770c4f 100644
--- a/config/snort-dev/snort_download_rules.inc
+++ b/config/snort-dev/snort_download_rules.inc
@@ -1,4 +1,3 @@
-#!/usr/local/bin/php
<?php
/* $Id$ */
/*
@@ -45,8 +44,7 @@
*/
// fetch db Settings NONE Json
-// fetch db Settings NONE Json
-function snortSql_fetchAllSettings($dbname, $table, $type, $id_uuid)
+function snortSql_fetchAllSettings2($dbname, $table, $type, $id_uuid)
{
if ($dbname == '' || $table == '' || $type == '') {
@@ -87,12 +85,91 @@ function snortSql_fetchAllSettings($dbname, $table, $type, $id_uuid)
} // end func
+function snortSql_updateRuleSetList($type, $value, $file_size, $downloaded, $filename)
+{
+
+ $dbname = 'snortDBtemp';
+ $table = 'SnortDownloads';
+ $addDate = date(U);
+
+ // do let user pick the DB path
+ $db = sqlite_open("/var/snort/{$dbname}");
+
+ if ($type === 'percent2'){
+ $query_ck = sqlite_query($db, // @ supress warnings usonly in production
+ "UPDATE {$table} SET date = '{$addDate}', percent = '{$value}', filesize = '{$file_size}', downloaded = '{$downloaded}' where filename = '{$filename}';
+ ");
+ }
+
+
+ if ($type === 'percent'){
+ $query_ck = sqlite_query($db, // @ supress warnings usonly in production
+ "UPDATE {$table} SET date = '{$addDate}', percent = '{$value}' where filename = '{$filename}';
+ ");
+ }
+
+ if ($type === 'msg1'){
+ $query_ck = sqlite_query($db, // @ supress warnings usonly in production
+ "UPDATE SnortDownloadsMsg SET date = '{$addDate}', msg = '{$value}' where id = '1';
+ ");
+ }
+
+ if ($type === 'msg2'){
+ $query_ck = sqlite_query($db, // @ supress warnings usonly in production
+ "UPDATE SnortDownloadsMsg SET date = '{$addDate}', msg = '{$value}' where id = '2';
+ ");
+ }
+
+ /*
+ * INPORTANT:
+ * Register worker to prevent loops and ghost process
+ * Needs to be watched,
+ */
+
+ if ($type === 'working'){
+
+ $getmypid = getmypid();
+ $getmyfilename = $_SERVER['SCRIPT_NAME'];
+
+ $resultChk = sqlite_query($db,
+ "SELECT * FROM RegisterWorker WHERE uuid = 'jdjEf!773&h3bhFd6A';
+ ");
+
+ $resultChkFinal = sqlite_fetch_all($resultChk, SQLITE_ASSOC);
+
+ if (!empty($resultChkFinal)) {
+ $query_ck = sqlite_query($db, // @ supress warnings usonly in production
+ "UPDATE RegisterWorker SET date = '{$addDate}', processid = '{$getmypid}', filename = '{$getmyfilename}', working = '{$value}' where uuid = 'jdjEf!773&h3bhFd6A';
+ ");
+ }else{
+ $query_ck = sqlite_query($db, // @ supress warnings usonly in production
+ "INSERT INTO RegisterWorker (date, processid, filename, working, uuid) VALUES ('{$addDate}', '{$getmypid}', '{$getmyfilename}', '{$value}', 'jdjEf!773&h3bhFd6A');
+ ");
+ }
+ }
+
+
+ if ($type === 'snortWait'){
+ $query_ck = sqlite_query($db, // @ supress warnings usonly in production
+ "UPDATE {$table} SET waittime = '{$addDate}' where filename = '{$filename}';
+ ");
+ }
+
+ if (sqlite_changes($db) < 1){
+ sqlite_close($db);
+ return 'Error in query';
+ }
+
+ sqlite_close($db);
+
+
+}
// reapply rule settings
function reapplyRuleSettings_run($sidRule_array)
{
- $sid_array = snortSql_fetchAllSettings('snortDBrules', 'SnortruleSigs', 'rdbuuid', $sidRule_array);
+ $sid_array = snortSql_fetchAllSettings2('snortDBrules', 'SnortruleSigs', 'rdbuuid', $sidRule_array);
if (!empty($sid_array)) {
foreach ($sid_array as $sid)
@@ -174,98 +251,34 @@ function snortCmpareMD5($type, $path1, $path2, $filename_md5)
* update_output_window: update bottom textarea dynamically.
*/
function update_output_window2($type, $text)
-{
-
- if ($GLOBALS['tmp']['snort']['downloadupdate']['console'] != 'on'){
- snortSql_updateRuleSetList($type, $text, '', '', $GLOBALS['tmp']['snort']['downloadupdate']['workingfile']); // write out msg to db
- }else{
- echo "\n" . $type . ': ' . $text;
- }
-
-}
-
-function snortSql_updateRuleSetList($type, $value, $file_size, $downloaded, $filename)
{
-
- $dbname = 'snortDBtemp';
- $table = 'SnortDownloads';
- $addDate = date(U);
-
- // do let user pick the DB path
- $db = sqlite_open("/var/snort/{$dbname}");
-
- if ($type === 'percent2'){
- $query_ck = sqlite_query($db, // @ supress warnings usonly in production
- "UPDATE {$table} SET date = '{$addDate}', percent = '{$value}', filesize = '{$file_size}', downloaded = '{$downloaded}' where filename = '{$filename}';
- ");
- }
-
-
- if ($type === 'percent'){
- $query_ck = sqlite_query($db, // @ supress warnings usonly in production
- "UPDATE {$table} SET date = '{$addDate}', percent = '{$value}' where filename = '{$filename}';
- ");
+ if ($type === 'ms1') {
+ $msg = 1;
}
-
- if ($type === 'msg1'){
- $query_ck = sqlite_query($db, // @ supress warnings usonly in production
- "UPDATE SnortDownloadsMsg SET date = '{$addDate}', msg = '{$value}' where id = '1';
- ");
- }
-
- if ($type === 'msg2'){
- $query_ck = sqlite_query($db, // @ supress warnings usonly in production
- "UPDATE SnortDownloadsMsg SET date = '{$addDate}', msg = '{$value}' where id = '2';
- ");
+
+ if ($type === 'ms2') {
+ $msg = 2;
}
-
- /*
- * INPORTANT:
- * Register worker to prevent loops and ghost process
- * Needs to be watched,
- */
- if ($type === 'working'){
-
- $getmypid = getmypid();
- $getmyfilename = $_SERVER['SCRIPT_NAME'];
+ if ($GLOBALS['tmp']['snort']['downloadupdate']['console'] != 'on'){
+ echo
+ '
+<script type="text/javascript">
+jQuery("#msg' . $msg . 'Text").remove();
+jQuery("#UpdateMsg' . $msg . '").append(\'<span id="msg' . $msg . 'Text">' . $text . '</span>\');
+</script>
+ ';
+ ob_flush();
+ apc_clear_cache();
- $resultChk = sqlite_query($db,
- "SELECT * FROM RegisterWorker WHERE uuid = 'jdjEf!773&h3bhFd6A';
- ");
-
- $resultChkFinal = sqlite_fetch_all($resultChk, SQLITE_ASSOC);
-
- if (!empty($resultChkFinal)) {
- $query_ck = sqlite_query($db, // @ supress warnings usonly in production
- "UPDATE RegisterWorker SET date = '{$addDate}', processid = '{$getmypid}', filename = '{$getmyfilename}', working = '{$value}' where uuid = 'jdjEf!773&h3bhFd6A';
- ");
- }else{
- $query_ck = sqlite_query($db, // @ supress warnings usonly in production
- "INSERT INTO RegisterWorker (date, processid, filename, working, uuid) VALUES ('{$addDate}', '{$getmypid}', '{$getmyfilename}', '{$value}', 'jdjEf!773&h3bhFd6A');
- ");
- }
+ }else{
+ echo "\n" . $type . ': ' . $text;
}
-
- if ($type === 'snortWait'){
- $query_ck = sqlite_query($db, // @ supress warnings usonly in production
- "UPDATE {$table} SET waittime = '{$addDate}' where filename = '{$filename}';
- ");
- }
-
- if (sqlite_changes($db) < 1){
- sqlite_close($db);
- return 'Error in query';
- }
-
- sqlite_close($db);
-
-
-}
+}
// returns array that matches pattern, option to replace objects in matches
-function snortScanDirFilter($arrayList, $pattmatch, $pattreplace, $pattreplacewith)
+function snortScanDirFilter2($arrayList, $pattmatch, $pattreplace, $pattreplacewith)
{
foreach ( $arrayList as $val )
{
@@ -282,7 +295,7 @@ function snortScanDirFilter($arrayList, $pattmatch, $pattreplace, $pattreplacewi
}
// set page vars
-$generalSettings = snortSql_fetchAllSettings('snortDB', 'SnortSettings', 'id', '1');
+$generalSettings = snortSql_fetchAllSettings2('snortDB', 'SnortSettings', 'id', '1');
// Setup file names and dir
$tmpfname = '/usr/local/etc/snort/snort_download';
@@ -306,6 +319,26 @@ function sendUpdateSnortLogDownload($console)
$GLOBALS['tmp']['snort']['downloadupdate']['console'] = 'on';
}
+ if ($console !== 'console') {
+
+ echo
+ '
+<script type="text/javascript">
+jQuery.fn.centerModal = function () {
+ this.css("position","absolute");
+ this.css("top", 70 + "px");
+ this.css("left", ((jQuery(window).width() - this.outerWidth()) / 2) + jQuery(window).scrollLeft() + "px");
+ return this;
+}
+jQuery("#loadingRuleUpadteGUI").show();
+jQuery(".snortModalUpdate").centerModal();
+jQuery("#pb4").progressBar(0, { showText: true, barImage: "/snort/images/progress_bar2.gif", width: 560, height: 43} );
+</script>
+ ';
+
+ }
+
+
//bring in the global vars
global $generalSettings, $tmpfname, $snortdir, $snortdir_rules, $emergingdir_rules, $pfsensedir_rules, $customdir_rules, $snort_filename_md5, $snort_filename, $emergingthreats_filename_md5, $emergingthreats_filename, $pfsense_rules_filename_md5, $pfsense_rules_filename;
@@ -412,11 +445,17 @@ function sendUpdateSnortLogDownload($console)
* update_progress_bar($percent): updates the javascript driven progress bar.
*/
function update_progress_bar2($percent, $file_size, $downloaded)
- {
- if($percent > 100) $percent = 1;
-
+ {
if ($GLOBALS['tmp']['snort']['downloadupdate']['console'] != 'on') {
- snortSql_updateRuleSetList('percent2', $percent, $file_size, $downloaded, $GLOBALS['tmp']['snort']['downloadupdate']['workingfile']); // write out percent to db
+ if (!empty($percent)) {
+ echo
+ '
+<script type="text/javascript">
+jQuery("#pb4").progressBar(' . $percent . ', { showText: true, barImage: "/snort/images/progress_bar2.gif", width: 560, height: 43} );
+</script>
+ ';
+ }
+
}else{
echo "\n" . 'percent: ' . $percent . ' filesize: ' . $file_size . ' downloaded: ' . $downloaded;
}
@@ -500,19 +539,22 @@ function sendUpdateSnortLogDownload($console)
}
if ($oinkid == '' && $generalSettings['snortdownload'] === 'on') {
- update_output_window2('ms1', 'You must obtain an oinkid from snort.org and set its value in the Snort settings tab.');
+ update_output_window2('ms1', 'Snort Error!');
+ update_output_window2('ms2', 'You must obtain an oinkid from snort.org and set its value in the Snort settings tab.');
exec("/usr/bin/logger -p daemon.info -i -t SnortStartup 'You must obtain an oinkid from snort.org and set its value in the Snort settings tab.'");
return false;
}
if ($emergingthreatscode === '' && $generalSettings['snortdownload'] === 'pro') {
- update_output_window2('ms1', 'You must obtain an emergingthreat pro id from emergingthreatspro.com and set its value in the Snort settings tab.');
+ update_output_window2('ms1', 'Snort Error!');
+ update_output_window2('ms2', 'You must obtain an emergingthreat pro id from emergingthreatspro.com and set its value in the Snort settings tab.');
exec("/usr/bin/logger -p daemon.info -i -t SnortStartup 'You must obtain an emergingthreat pro id from emergingthreatspro.com and set its value in the Snort settings tab.'");
return false;
}
if ($generalSettings['snortdownload'] === 'off' && $generalSettings['emergingthreatsdownload'] === 'off') { // note: basic and pro
- update_output_window2('ms1', 'SnortStartup: No rules have been selected to download.');
+ update_output_window2('ms1', 'Snort Error!');
+ update_output_window2('ms2', 'SnortStartup: No rules have been selected to download.');
exec("/usr/bin/logger -p daemon.info -i -t SnortStartup 'No rules have been selected to download.'");
return false;
}
@@ -526,7 +568,7 @@ function sendUpdateSnortLogDownload($console)
// check is we need to wait
update_output_window2('ms2', 'Checking Wait Status for Snort.org...');
- $getSnort_filename_Waittime_chk = snortSql_fetchAllSettings('snortDBtemp', 'SnortDownloads', 'filename', $snort_filename);
+ $getSnort_filename_Waittime_chk = snortSql_fetchAllSettings2('snortDBtemp', 'SnortDownloads', 'filename', $snort_filename);
if (date(U) > $getSnort_filename_Waittime_chk['waittime'] + 900) {
update_output_window2('ms2', 'Snort.org Wait Time Status: OK...');
@@ -538,7 +580,7 @@ function sendUpdateSnortLogDownload($console)
// check is we need to wait
update_output_window2('ms2', 'Checking Wait Status for Emergingthreats.net...');
- $getEmergingthreats_filename_Waittime_chk = snortSql_fetchAllSettings('snortDBtemp', 'SnortDownloads', 'filename', $emergingthreats_filename);
+ $getEmergingthreats_filename_Waittime_chk = snortSql_fetchAllSettings2('snortDBtemp', 'SnortDownloads', 'filename', $emergingthreats_filename);
if (date(U) > $getEmergingthreats_filename_Waittime_chk['waittime'] + 900) {
update_output_window2('ms2', 'Emergingthreats.net Wait Time Status: OK...');
@@ -557,6 +599,7 @@ function sendUpdateSnortLogDownload($console)
if ($snort_md5_check_ok === false) {
snort_file_get_contents($tmpfname, $snort_filename_md5, 'http://www.snort.org/pub-bin/oinkmaster.cgi/' . $oinkid);
+ snortSql_updateRuleSetList('percent', '100', '', '', $snort_filename_md5); // finsh percent
// if snort.org md5 do not match
if(snortCmpareMD5('string', $tmpfname, $snortdir_rules, $snort_filename_md5)) {
@@ -569,6 +612,7 @@ function sendUpdateSnortLogDownload($console)
if ($emerg_md5_check_ok === false) {
snort_file_get_contents($tmpfname, $emergingthreats_filename_md5, 'http://rules.emergingthreats.net/open/snort-2.9.0');
+ snortSql_updateRuleSetList('percent', '100', '', '', $emergingthreats_filename_md5); // finsh percent
// if emergingthreats.net md5 do not match
if(snortCmpareMD5('string', $tmpfname, $emergingdir_rules, $emergingthreats_filename_md5)) {
@@ -579,6 +623,7 @@ function sendUpdateSnortLogDownload($console)
// download pfsense.org md5 and compare
snort_file_get_contents($tmpfname, $pfsense_rules_filename_md5, 'http://www.pfsense.com/packages/config/snort/pfsense_rules');
+ snortSql_updateRuleSetList('percent', '100', '', '', $pfsense_rules_filename_md5); // finsh percent
// if pfsense.org md5 do not match
if(snortCmpareMD5('string', $tmpfname, $pfsensedir_rules, $pfsense_rules_filename_md5)) {
@@ -633,10 +678,12 @@ function sendUpdateSnortLogDownload($console)
$GLOBALS['tmp']['snort']['downloadupdate']['workingfile'] = $snort_filename;
update_output_window2('ms1', 'Snort.org: Starting Download...');
+ update_output_window2('ms2', 'May take a while...');
download_file_with_progress_bar2("http://www.snort.org/pub-bin/oinkmaster.cgi/{$oinkid}/{$snort_filename}", $tmpfname, $snort_filename, "read_body_firmware");
//download_file_with_progress_bar2("http://theseusnetworking.com/pub-bin/oinkmaster.cgi/{$oinkid}/{$snort_filename}", $tmpfname, $snort_filename, "read_body_firmware");
- snortSql_updateRuleSetList('percent', '100', '', '', $snort_filename); // finsh percent
- update_output_window2('ms1', 'Snort.org: Finished Download...');
+ update_progress_bar2(100, '', ''); // finsh percent
+ snortSql_updateRuleSetList('percent', '100', '', '', $snort_filename); // finsh percent, add date time finnished
+ update_output_window2('ms2', 'Snort.org: Finished Download...');
// if md5 does not match then the file is bad or snort.org says wait 15 min
update_output_window2('ms1', 'Snort.org MD5 File Check ...');
@@ -651,8 +698,6 @@ function sendUpdateSnortLogDownload($console)
$snort_md5_check_ok = true;
$snort_filename_corrupted = true;
- }else{
- snortSql_updateRuleSetList('snortWait', '', '', '', $snort_filename); // Register Worker off
}
}
@@ -661,9 +706,11 @@ function sendUpdateSnortLogDownload($console)
$GLOBALS['tmp']['snort']['downloadupdate']['workingfile'] = $emergingthreats_filename;
update_output_window2('ms1', 'Emergingthreats.net: Starting Download...');
+ update_output_window2('ms2', 'May take a while...');
download_file_with_progress_bar2("http://rules.emergingthreats.net/open/snort-2.9.0/{$emergingthreats_filename}", $tmpfname, $emergingthreats_filename, "read_body_firmware");
- snortSql_updateRuleSetList('percent', '100', '', '', $emergingthreats_filename); // finsh percent
- update_output_window2('ms1', 'Emergingthreats.net: Finished Download...');
+ update_progress_bar2(100, '', ''); // finsh percent
+ snortSql_updateRuleSetList('percent', '100', '', '', $emergingthreats_filename); // finsh percent
+ update_output_window2('ms2', 'Emergingthreats.net: Finished Download...');
// if md5 does not match then the file is bad or snort.org says wait 15 min
update_output_window2('ms1', 'Emergingthreats MD5 File Check ...');
@@ -673,9 +720,7 @@ function sendUpdateSnortLogDownload($console)
$emerg_md5_check_ok = true;
$emerg_filename_corrupted = true;
- }else{
- snortSql_updateRuleSetList('snortWait', '', '', '', $emergingthreats_filename); // Register Worker off
- }
+ }
}
/* download pfsense rule file */
@@ -683,9 +728,11 @@ function sendUpdateSnortLogDownload($console)
$GLOBALS['tmp']['snort']['downloadupdate']['workingfile'] = $pfsense_rules_filename;
update_output_window2('ms1', 'pfSense.org: Starting Download...');
+ update_output_window2('ms2', 'May take a while...');
download_file_with_progress_bar2("http://www.pfsense.com/packages/config/snort/pfsense_rules/{$pfsense_rules_filename}", $tmpfname, $pfsense_rules_filename, "read_body_firmware");
+ update_progress_bar2(100, '', ''); // finsh percent
snortSql_updateRuleSetList('percent', '100', '', '', $pfsense_rules_filename); // finsh percent
- update_output_window2('ms1', 'pfSense.org: Finished Download...');
+ update_output_window2('ms2', 'pfSense.org: Finished Download...');
// if md5 does not match then the file is bad or snort.org says wait 15 min
update_output_window2('ms1', 'pfSense.org MD5 File Check ...');
@@ -694,9 +741,7 @@ function sendUpdateSnortLogDownload($console)
// disable snort.org download
$pfsense_md5_check_ok = true;
- }else{
- snortSql_updateRuleSetList('snortWait', '', '', '', $pfsense_rules_filename); // Register Worker off
- }
+ }
}
// if both files are corrupted stop
@@ -747,7 +792,7 @@ function sendUpdateSnortLogDownload($console)
exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir_rules} rules/");
$snort_dirList = scandir("{$snortdir_rules}/rules"); // Waning: only in php 5
- $snortrules_filterList = snortScanDirFilter($snort_dirList, '/.*\.rules/', '/\.rules/', '');
+ $snortrules_filterList = snortscandirfilter2($snort_dirList, '/.*\.rules/', '/\.rules/', '');
if (!empty($snortrules_filterList)) {
foreach ($snortrules_filterList as $snort_rule_move)
@@ -767,7 +812,7 @@ function sendUpdateSnortLogDownload($console)
$so_rulesPattw = array('', '');
// build list of so rules
- $so_rules_filterList = snortScanDirFilter($so_rules_list, '/\/.*\.rules/', $so_rulesPattr, $so_rulesPattw);
+ $so_rules_filterList = snortscandirfilter2($so_rules_list, '/\/.*\.rules/', $so_rulesPattr, $so_rulesPattw);
if (!empty($so_rules_filterList)) {
// cp rule to so tmp dir
@@ -867,7 +912,7 @@ function sendUpdateSnortLogDownload($console)
// reapplay rules from DB cp base rules to dirs
- $sidOnOff_array = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'All', '');
+ $sidOnOff_array = snortSql_fetchAllSettings2('snortDBrules', 'Snortrules', 'All', '');
if (!empty($sidOnOff_array)) {
update_output_window2('ms1', 'Reapplying User Settings...');
@@ -888,7 +933,7 @@ function sendUpdateSnortLogDownload($console)
}
// cp snort conf's to Ifaces
- $ifaceConfMaps_array = snortSql_fetchAllSettings('snortDB', 'SnortIfaces', 'All', '');
+ $ifaceConfMaps_array = snortSql_fetchAllSettings2('snortDB', 'SnortIfaces', 'All', '');
if (!empty($ifaceConfMaps_array)) {
update_output_window2('ms1', 'Reapplying User Settings...');
@@ -927,11 +972,14 @@ function sendUpdateSnortLogDownload($console)
// remove old $tmpfname files */
+ update_output_window2('ms1', 'Removing old files...');
+ update_output_window2('ms2', 'Working...');
if (file_exists('/usr/local/etc/snort/tmp')) {
exec("/bin/rm -r /usr/local/etc/snort/tmp/snort_rules_up");
exec("/bin/rm -r /usr/local/etc/snort/tmp/rules_bk");
apc_clear_cache();
}
+ update_output_window2('ms2', 'Done...');
// php code to flush out cache some people are reportting missing files this might help
apc_clear_cache();
@@ -946,6 +994,10 @@ function sendUpdateSnortLogDownload($console)
exec("/bin/chmod -R 755 /usr/local/lib/snort");
+ update_output_window2('ms1', 'Finnished Updateing...');
+ update_output_window2('ms2', 'Finnished Updateing...');
+
+
// if snort is running hard restart, if snort is not running do nothing
// TODO: Restart Ifaces
@@ -956,13 +1008,13 @@ function sendUpdateSnortLogDownload($console)
//$argv[1] = 'console';
- $getWorkerStat = snortSql_fetchAllSettings('snortDBtemp', 'RegisterWorker', 'uuid', 'jdjEf!773&h3bhFd6A');
+ //$getWorkerStat = snortSql_fetchAllSettings2('snortDBtemp', 'RegisterWorker', 'uuid', 'jdjEf!773&h3bhFd6A');
- if ($getWorkerStat['working'] !== 'on') {
- snortSql_updateRuleSetList('working', 'on', '', '', ''); // Register Worker on
- sendUpdateSnortLogDownload($argv[1]); // start main function
- snortSql_updateRuleSetList('working', 'off', '', '', ''); // Register Worker off
- }
+ //if ($getWorkerStat['working'] !== 'on') {
+ //snortSql_updateRuleSetList2('working', 'on', '', '', ''); // Register Worker on
+ //sendUpdateSnortLogDownload($argv[1]); // start main function
+ //snortSql_updateRuleSetList2('working', 'off', '', '', ''); // Register Worker off
+ //}
diff --git a/config/snort-dev/snort_download_updates.php b/config/snort-dev/snort_download_updates.php
index 6092ff2e..e9ec907b 100644
--- a/config/snort-dev/snort_download_updates.php
+++ b/config/snort-dev/snort_download_updates.php
@@ -41,18 +41,80 @@
*/
+// disable csrf for downloads, progressbar did not work because of this
+$nocsrf = true;
+
require_once("guiconfig.inc");
-require_once("/usr/local/pkg/snort/snort_new.inc");
require_once("/usr/local/pkg/snort/snort_gui.inc");
-
+require_once("/usr/local/pkg/snort/snort_download_rules.inc");
// set page vars
-
-$generalSettings = snortSql_fetchAllSettings('snortDB', 'SnortSettings', 'id', '1');
+if (isset($_GET['updatenow'])) {
+ $updatenow = $_GET['updatenow'];
+}
header("Cache-Control: no-cache, must-revalidate");
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
+// get dates of md5s
+
+$tmpSettingsSnort = 'N/A';
+$tmpSettingsSnortChk = snortSql_fetchAllSettings2('snortDBtemp', 'SnortDownloads', 'filename', 'snortrules-snapshot-2905.tar.gz');
+if (!empty($tmpSettingsSnortChk)) {
+ $tmpSettingsSnort = date('l jS \of F Y h:i:s A', $tmpSettingsSnortChk[date]);
+}
+
+$tmpSettingsEmerging = 'N/A';
+$tmpSettingsEmergingChk = snortSql_fetchAllSettings2('snortDBtemp', 'SnortDownloads', 'filename', 'emerging.rules.tar.gz');
+if (!empty($tmpSettingsEmergingChk)) {
+ $tmpSettingsEmerging = date('l jS \of F Y h:i:s A', $tmpSettingsEmergingChk[date]);
+}
+
+$tmpSettingsPfsense = 'N/A';
+$tmpSettingsPfsenseChk = snortSql_fetchAllSettings2('snortDBtemp', 'SnortDownloads', 'filename', 'pfsense_rules.tar.gz');
+if (!empty($tmpSettingsPfsenseChk)) {
+ $tmpSettingsPfsense = date('l jS \of F Y h:i:s A', $tmpSettingsPfsenseChk[date]);
+}
+
+// get rule on stats
+$generalSettings = snortSql_fetchAllSettings2('snortDB', 'SnortSettings', 'id', '1');
+
+$snortMd5CurrentChk = @file_get_contents('/usr/local/etc/snort/snortDBrules/snort_rules/snortrules-snapshot-2905.tar.gz.md5');
+
+$snortDownlodChkMark = '';
+if ($generalSettings[snortdownload] === 'on') {
+ $snortDownlodChkMark = 'checked="checked"';
+}
+
+$snortMd5Current = 'N/A';
+if (!empty($snortMd5CurrentChk)) {
+ preg_match('/^\".*\"/', $snortMd5CurrentChk, $snortMd5Current);
+ if (!empty($snortMd5Current[0])) {
+ $snortMd5Current = preg_replace('/\"/', '', $snortMd5Current[0]);
+ }
+}
+
+$emergingMd5CurrentChk = @file_get_contents('/usr/local/etc/snort/snortDBrules/emerging_rules/emerging.rules.tar.gz.md5');
+
+$emerginDownlodChkMark = '';
+if ($generalSettings[emergingthreatsdownload] !== 'off') {
+ $emerginDownlodChkMark = 'checked="checked"';
+}
+
+$emergingMd5Current = 'N/A';
+if (!empty($emergingMd5CurrentChk)) {
+ $emergingMd5Current = $emergingMd5CurrentChk;
+}
+
+$pfsenseMd5CurrentChk = @file_get_contents('/usr/local/etc/snort/snortDBrules/pfsense_rules/pfsense_rules.tar.gz.md5');
+
+$pfsenseMd5Current = 'N/A';
+if (!empty($pfsenseMd5CurrentChk)) {
+ preg_match('/^\".*\"/', $pfsenseMd5CurrentChk, $pfsenseMd5Current);
+ if (!empty($pfsenseMd5Current[0])) {
+ $pfsenseMd5Current = preg_replace('/\"/', '', $pfsenseMd5Current[0]);
+ }
+}
$pgtitle = 'Services: Snort: Updates';
include("/usr/local/pkg/snort/snort_head.inc");
@@ -63,44 +125,26 @@ header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
<body link="#0000CC" vlink="#0000CC" alink="#0000CC">
-
-<!-- loading msg -->
-<div id="loadingWaiting">
- <div class="snortModal" style="top: 200px; left: 700px;">
- <div class="snortModalTop">
- <!-- <div class="snortModalTopClose"><a href="javascript:hideLoading('#loadingWaiting');"><img src="/snort/images/close_9x9.gif" border="0" height="9" width="9"></a></div> -->
- </div>
- <div class="snortModalTitle">
- <p><img src="./images/loading.gif" /><br><br>Please Wait...</p>
- </div>
- <div>
- <p class="loadingWaitingMessage"></p>
- </div>
- </div>
-</div>
-
-<div class="pb_div" id="pb3"></div>
-
<!-- loading update msg -->
<div id="loadingRuleUpadteGUI">
<div class="snortModalUpdate">
<div class="snortModalTopUpdate">
- <!-- <div class="snortModalTopClose"><a href="javascript:hideLoading('#loadingWaiting');"><img src="/snort/images/close_9x9.gif" border="0" height="9" width="9"></a></div> -->
+ <div class="snortModalTopClose">
+ <!-- <a href="javascript:hideLoading('#loadingRuleUpadteGUI');"><img src="/snort/images/close_9x9.gif" border="0" height="9" width="9"></a> -->
+ </div>
</div>
- <div class="snortModalTitleUpdate">
- <table style='border-collapse: collapse; border: 1px solid #000000;' cellpadding='2' cellspacing='2'>
- <tr>
- <td>
- <img border='0' src='../themes/<?= $g['theme']; ?>/images/misc/progress_bar.gif' width='600' height='23' name='progressbar' id='progressbar' alt='' />
- </td>
- </tr>
+ <p id="UpdateMsg1" class="snortModalTitleUpdate snortModalTitleUpdateMsg1">
+ </p>
+ <div class="snortModalTitleUpdate snortModalTitleUpdateBar">
+ <table width="600px" height="43px" border="0" cellpadding="0" cellspacing="0">
+ <tr><td><span class="progressBar" id="pb4"></span></td></tr>
</table>
</div>
- <p class="loadingWaitingMessage">CARS</p>
+ <p id="UpdateMsg2" class="snortModalTitleUpdate snortModalTitleUpdateMsg2">
+ </p>
</div>
-
</div>
@@ -134,8 +178,8 @@ header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
<div class="newtabmenu" style="margin: 1px 0px; width: 775px;"><!-- Tabbed bar code-->
<ul class="newtabmenu">
<li class="newtabmenu_active"><a href="/snort/snort_download_rules.php"><span>Rule Update</span></a></li>
- <li><a href="#"><span>Upload Custom Rules</span></a></li>
- <li><a href="#"><span>Gui Update</span></a></li>
+ <!-- <li><a href="#"><span>Upload Custom Rules</span></a></li> -->
+ <!-- <li><a href="#"><span>Gui Update</span></a></li> -->
</ul>
</div>
@@ -151,7 +195,7 @@ header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr id="maintable77" >
<td colspan="2" valign="top" class="listtopic2">
- There are <?=$countSig; ?> rule databases that are ready to be updated.
+ Rule databases that are ready to be updated.
</td>
<td width="6%" colspan="2" valign="middle" class="listtopic3" >
</td>
@@ -176,7 +220,7 @@ header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
<td width="1%" class="listhdrr2">On</td>
<td width="25%" class="listhdrr2">Signature DB Name</td>
<td width="35%" class="listhdrr2">MD5 Version</td>
- <td width="38%" class="listhdrr2">New Rule DB Available</td>
+ <td width="38%" class="listhdrr2">Last Rule DB Date</td>
<td width="1%" class="listhdrr2">&nbsp;</td>
</tr>
@@ -185,11 +229,11 @@ header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
<tr id="fr0" valign="top">
<td class="odd_ruleset2">
-<input class="domecheck" name="filenamcheckbox2[]" value="1292" checked="checked" type="checkbox" disabled="disabled" >
+<input class="domecheck" name="filenamcheckbox2[]" value="1292" <?=$snortDownlodChkMark;?> type="checkbox" disabled="disabled" >
</td>
<td class="odd_ruleset2" id="frd0">SNORT.ORG</td>
-<td class="odd_ruleset2" id="frd0">tcp</td>
-<td class="listbg" id="frd0"><font color="white">ATTACK-RESPONSES directory listing</font></td>
+<td class="odd_ruleset2" id="frd0"><?=$snortMd5Current;?></td>
+<td class="listbg" id="frd0"><font color="white"><?=$tmpSettingsSnort;?></font></td>
<td class="odd_ruleset2">
<img src="/themes/pfsense_ng/images/icons/icon_alias_url_reload.gif" title="edit rule" width="17" border="0" height="17">
</td>
@@ -197,11 +241,11 @@ header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
<tr id="fr0" valign="top">
<td class="odd_ruleset2">
-<input class="domecheck" name="filenamcheckbox2[]" value="1292" checked="checked" type="checkbox" disabled="disabled" >
+<input class="domecheck" name="filenamcheckbox2[]" value="1292" <?=$emerginDownlodChkMark;?> type="checkbox" disabled="disabled" >
</td>
<td class="odd_ruleset2" id="frd0">EMERGINGTHREATS.NET</td>
-<td class="odd_ruleset2" id="frd0">tcp</td>
-<td class="listbg" id="frd0"><font color="white">ATTACK-RESPONSES directory listing</font></td>
+<td class="odd_ruleset2" id="frd0"><?=$emergingMd5Current;?></td>
+<td class="listbg" id="frd0"><font color="white"><?=$tmpSettingsEmerging; ?></font></td>
<td class="odd_ruleset2">
<img src="/themes/pfsense_ng/images/icons/icon_alias_url_reload.gif" title="edit rule" width="17" border="0" height="17">
</td>
@@ -212,8 +256,8 @@ header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
<input class="domecheck" name="filenamcheckbox2[]" value="1292" checked="checked" type="checkbox" disabled="disabled" >
</td>
<td class="odd_ruleset2" id="frd0">PFSENSE.ORG</td>
-<td class="odd_ruleset2" id="frd0">tcp</td>
-<td class="listbg" id="frd0"><font color="white">ATTACK-RESPONSES directory listing</font></td>
+<td class="odd_ruleset2" id="frd0"><?=$pfsenseMd5Current;?></td>
+<td class="listbg" id="frd0"><font color="white"><?=$tmpSettingsPfsense;?></font></td>
<td class="odd_ruleset2">
<img src="/themes/pfsense_ng/images/icons/icon_alias_url_reload.gif" title="edit rule" width="17" border="0" height="17">
</td>
@@ -230,7 +274,7 @@ header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td>
- <input name="update" type="submit" class="formbtn" value="Update">
+ <input id="openupdatebox" type="submit" class="formbtn" value="Update">
</td>
</tr>
</table>
@@ -272,48 +316,32 @@ header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
//prepare the form when the DOM is ready
jQuery(document).ready(function() {
- jQuery('input[name=update]').live('click', function(){
+ jQuery('.closeupdatebox').live('click', function(){
+ var url = '/snort/snort_download_updates.php';
+ window.location = url;
+ });
- // jQuery("#pb2").progressBar(percent,{width: 404, height: 22, barImage: 'images/pb_orange.png'});
- // console.log(response[0].percent);
- // '/snort/snort_json_get.php?snortGetUpdate=1'
+ jQuery('#openupdatebox').live('click', function(){
+ var url = '/snort/snort_download_updates.php?updatenow=1';
+ window.location = url;
+ });
- showLoading('#loadingRuleUpadteGUI');
+}); // end of document ready
- function callComplete(response) {
- //alert("Response received is: "+response);
-
- while(1)
- {
- console.log('HELLO: ' + response[0].percent);
- // reconnect to the server
- //connect();
-
- if(response[0].percent === '100')
- {
- console.log('HELLO: ' + response[0].percent);
- break;
- }
-
- };
+</script>
-
- };
-
- function connect() {
- // when the call completes, callComplete() will be called along with
- // the response returned
- jQuery.get('/snort/snort_json_get.php?snortGetUpdate=1', {}, callComplete, 'json');
- };
-
- connect(); // start loop
-
+<?php
- }); // end of on click
-
-}); // end of document ready
+if ($updatenow == 1) {
+ sendUpdateSnortLogDownload(''); // start main function
+ echo '
+ <script type="text/javascript">
+ jQuery(\'.snortModalTopClose\').append(\'<img class="icon_click closeupdatebox" src="/snort/images/close_9x9.gif" border="0" height="9" width="9">\');
+ </script>
+ ';
+}
-</script>
+?>
<!-- stop info box -->