aboutsummaryrefslogtreecommitdiffstats
path: root/config
diff options
context:
space:
mode:
Diffstat (limited to 'config')
-rw-r--r--config/suricata/suricata_check_for_rule_updates.php16
-rw-r--r--config/suricata/suricata_download_updates.php28
2 files changed, 41 insertions, 3 deletions
diff --git a/config/suricata/suricata_check_for_rule_updates.php b/config/suricata/suricata_check_for_rule_updates.php
index 3cf6b84b..4d159cdb 100644
--- a/config/suricata/suricata_check_for_rule_updates.php
+++ b/config/suricata/suricata_check_for_rule_updates.php
@@ -239,7 +239,7 @@ function suricata_check_rule_md5($file_url, $file_dst, $desc = "") {
/* error occurred. */
/**********************************************************/
- global $pkg_interface, $suricata_rules_upd_log, $last_curl_error;
+ global $pkg_interface, $suricata_rules_upd_log, $last_curl_error, $update_errors;
$suricatadir = SURICATADIR;
$filename_md5 = basename($file_dst);
@@ -284,6 +284,7 @@ function suricata_check_rule_md5($file_url, $file_dst, $desc = "") {
if ($pkg_interface == "console")
error_log(gettext("\tServer error message was: {$last_curl_error}\n"), 3, $suricata_rules_upd_log);
error_log(gettext("\t{$desc} will not be updated.\n"), 3, $suricata_rules_upd_log);
+ $update_errors = true;
return false;
}
}
@@ -307,7 +308,7 @@ function suricata_fetch_new_rules($file_url, $file_dst, $file_md5, $desc = "") {
/* FALSE if download was not successful. */
/**********************************************************/
- global $pkg_interface, $suricata_rules_upd_log, $last_curl_error;
+ global $pkg_interface, $suricata_rules_upd_log, $last_curl_error, $update_errors;
$suricatadir = SURICATADIR;
$filename = basename($file_dst);
@@ -337,6 +338,7 @@ function suricata_fetch_new_rules($file_url, $file_dst, $file_md5, $desc = "") {
error_log(gettext("\tDownloaded {$desc} file MD5: " . md5_file($file_dst) . "\n"), 3, $suricata_rules_upd_log);
error_log(gettext("\tExpected {$desc} file MD5: {$file_md5}\n"), 3, $suricata_rules_upd_log);
error_log(gettext("\t{$desc} file download failed. {$desc} will not be updated.\n"), 3, $suricata_rules_upd_log);
+ $update_errors = true;
return false;
}
return true;
@@ -349,6 +351,7 @@ function suricata_fetch_new_rules($file_url, $file_dst, $file_md5, $desc = "") {
if ($pkg_interface == "console")
error_log(gettext("\tThe error text was: {$last_curl_error}\n"), 3, $suricata_rules_upd_log);
error_log(gettext("\t{$desc} will not be updated.\n"), 3, $suricata_rules_upd_log);
+ $update_errors = true;
return false;
}
@@ -375,6 +378,7 @@ if (file_exists($suricata_rules_upd_log)) {
/* Log start time for this rules update */
error_log(gettext("Starting rules update... Time: " . date("Y-m-d H:i:s") . "\n"), 3, $suricata_rules_upd_log);
$last_curl_error = "";
+$update_errors = false;
/* Check for and download any new Emerging Threats Rules sigs */
if ($emergingthreats == 'on') {
@@ -715,4 +719,12 @@ conf_mount_ro();
// Restore the state of $pkg_interface
$pkg_interface = $pkg_interface_orig;
+/* Save this update status to the configuration file */
+if ($update_errors)
+ $config['installedpackages']['suricata']['config'][0]['last_rule_upd_status'] = gettext("failed");
+else
+ $config['installedpackages']['suricata']['config'][0]['last_rule_upd_status'] = gettext("success");
+$config['installedpackages']['suricata']['config'][0]['last_rule_upd_time'] = gettext(date("M-d Y H:i"));
+write_config();
+
?>
diff --git a/config/suricata/suricata_download_updates.php b/config/suricata/suricata_download_updates.php
index 46030bd0..a353b054 100644
--- a/config/suricata/suricata_download_updates.php
+++ b/config/suricata/suricata_download_updates.php
@@ -40,6 +40,16 @@ $emergingthreats = $config['installedpackages']['suricata']['config'][0]['enable
$etpro = $config['installedpackages']['suricata']['config'][0]['enable_etpro_rules'];
$snortcommunityrules = $config['installedpackages']['suricata']['config'][0]['snortcommunityrules'];
+/* Get last update information if available */
+if (!empty($config['installedpackages']['suricata']['config'][0]['last_rule_upd_time']))
+ $last_rule_upd_time = htmlspecialchars($config['installedpackages']['suricata']['config'][0]['last_rule_upd_time']);
+else
+ $last_rule_upd_time = gettext("Unknown");
+if (!empty($config['installedpackages']['suricata']['config'][0]['last_rule_upd_status']))
+ $last_rule_upd_status = htmlspecialchars($config['installedpackages']['suricata']['config'][0]['last_rule_upd_status']);
+else
+ $last_rule_upd_status = gettext("Unknown");
+
$snort_rules_file = VRT_DNLD_FILENAME;
$snort_community_rules_filename = GPLV2_DNLD_FILENAME;
@@ -211,6 +221,22 @@ include_once("head.inc");
</tr>
<tr>
<td align="center">
+ <table width="45%" border="0" cellpadding="0" cellspacing="0">
+ <tbody>
+ <tr>
+ <td class="list" align="right"><strong><?php echo gettext("Last Update:");?></strong></td>
+ <td class="list" align="left"><?php echo $last_rule_upd_time;?></td>
+ </tr>
+ <tr>
+ <td class="list" align="right"><strong><?php echo gettext("Result:");?></strong></td>
+ <td class="list" align="left"><?php echo $last_rule_upd_status;?></td>
+ </tr>
+ </tbody>
+ </table>
+ </td>
+ </tr>
+ <tr>
+ <td align="center">
<?php if ($snortdownload != 'on' && $emergingthreats != 'on' && $etpro != 'on'): ?>
<br/><button disabled="disabled"><?=gettext("Check");?></button>&nbsp;&nbsp;&nbsp;&nbsp;
<button disabled="disabled"><?=gettext("Force");?></button>
@@ -226,7 +252,7 @@ include_once("head.inc");
title="<?php echo gettext("Check for new updates to enabled rule sets"); ?>"/>&nbsp;&nbsp;&nbsp;&nbsp;
<input type="submit" value="<?=gettext("Force");?>" name="force" id="force" class="formbtn"
title="<?=gettext("Force an update of all enabled rule sets");?>"
- onclick="return confirm('<?=gettext("This will zero-out the MD5 hashes to force a fresh download of enabled rule sets. Click OK to continue or CANCEL to quit");?>');"/>
+ onclick="return confirm('<?=gettext("This will zero-out the MD5 hashes to force a fresh download of all enabled rule sets. Click OK to continue or CANCEL to quit");?>');"/>
<br/><br/>
<?php endif; ?>
</td>