diff options
Diffstat (limited to 'config')
-rw-r--r-- | config/snort-dev/NOTES.txt | 18 | ||||
-rw-r--r-- | config/snort-dev/snort.xml | 6 | ||||
-rw-r--r-- | config/snort-dev/snort_alerts.php | 2 | ||||
-rw-r--r-- | config/snort-dev/snort_barnyard.php | 2 | ||||
-rw-r--r-- | config/snort-dev/snort_blocked.php | 2 | ||||
-rw-r--r-- | config/snort-dev/snort_define_servers.php | 2 | ||||
-rw-r--r-- | config/snort-dev/snort_download_rules.php | 4 | ||||
-rwxr-xr-x | config/snort-dev/snort_fbegin.inc | 288 | ||||
-rw-r--r-- | config/snort-dev/snort_help_info.php | 2 | ||||
-rw-r--r-- | config/snort-dev/snort_interfaces.php | 11 | ||||
-rw-r--r-- | config/snort-dev/snort_interfaces_edit.php | 37 | ||||
-rw-r--r-- | config/snort-dev/snort_interfaces_global.php | 133 | ||||
-rw-r--r-- | config/snort-dev/snort_preprocessors.php | 2 | ||||
-rw-r--r-- | config/snort-dev/snort_rules.php | 4 | ||||
-rw-r--r-- | config/snort-dev/snort_rulesets.php | 4 |
15 files changed, 482 insertions, 35 deletions
diff --git a/config/snort-dev/NOTES.txt b/config/snort-dev/NOTES.txt index 88c80cb2..b8c61c39 100644 --- a/config/snort-dev/NOTES.txt +++ b/config/snort-dev/NOTES.txt @@ -1,19 +1,17 @@ -March 16 2019 -Snort-dev 2.8.5.3 pk v. 12 Beta +March 26 2019 +Snort-dev 2.8.5.3 pk v. 18 final -Snort is Stoping/Starting with new UUID. Files are independent of rule order now. Ya me....... +Final day. -TODO: -The snort.sh code needs to be looked at and made sure there is a new file at every enabe/disbale save, -reboot, rule delete. +Odds and ends left. -The snort_interfaces.php needs speed inprovments. !inportant. - -Make sure I ad a reset button someware the removes all of snort-devs addd to config.xml +2.0 group snort gets lost on reboot. Pierre POMES code needs to be added. +Threshold tab needs to be added. + -Done.
\ No newline at end of file +Done. diff --git a/config/snort-dev/snort.xml b/config/snort-dev/snort.xml index 06b0b7de..37ce9967 100644 --- a/config/snort-dev/snort.xml +++ b/config/snort-dev/snort.xml @@ -47,7 +47,7 @@ <faq>Currently there are no FAQ items provided.</faq> <name>Snort</name> <version>2.8.5.3</version> - <title>Services: Snort 2.8.5.2 pkg v. 1.12</title> + <title>Services: Snort 2.8.5.2 pkg v. 1.18</title> <include_file>/usr/local/pkg/snort/snort.inc</include_file> <menu> <name>Snort</name> @@ -69,9 +69,9 @@ <item>http://www.pfsense.com/packages/config/snort-dev/snort.inc</item> </additional_files_needed> <additional_files_needed> - <prefix>/usr/local/bin/</prefix> + <prefix>/usr/local/www/snort/</prefix> <chmod>077</chmod> - <item>http://www.pfsense.com/packages/config/snort-dev/bin/8.0.x86/barnyard2</item> + <item>http://www.pfsense.com/packages/config/snort-dev/snort_fbegin.inc</item> </additional_files_needed> <additional_files_needed> <prefix>/usr/local/bin/</prefix> diff --git a/config/snort-dev/snort_alerts.php b/config/snort-dev/snort_alerts.php index e2784974..4f0ddb03 100644 --- a/config/snort-dev/snort_alerts.php +++ b/config/snort-dev/snort_alerts.php @@ -311,7 +311,7 @@ include("head.inc"); <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php -include("fbegin.inc"); +include("./snort_fbegin.inc"); echo "<p class=\"pgtitle\">"; if($pfsense_stable == 'yes'){echo $pgtitle;} diff --git a/config/snort-dev/snort_barnyard.php b/config/snort-dev/snort_barnyard.php index 94217ba9..8189e414 100644 --- a/config/snort-dev/snort_barnyard.php +++ b/config/snort-dev/snort_barnyard.php @@ -233,7 +233,7 @@ include("head.inc"); ?> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php -include("fbegin.inc"); +include("./snort_fbegin.inc"); ?> <p class="pgtitle"><?if($pfsense_stable == 'yes'){echo $pgtitle;}?></p> <style type="text/css"> diff --git a/config/snort-dev/snort_blocked.php b/config/snort-dev/snort_blocked.php index abb4b329..293679d9 100644 --- a/config/snort-dev/snort_blocked.php +++ b/config/snort-dev/snort_blocked.php @@ -233,7 +233,7 @@ include("head.inc"); <body link="#000000" vlink="#000000" alink="#000000"> <?php -include("fbegin.inc"); +include("./snort_fbegin.inc"); echo "<p class=\"pgtitle\">"; if($pfsense_stable == 'yes'){echo $pgtitle;} diff --git a/config/snort-dev/snort_define_servers.php b/config/snort-dev/snort_define_servers.php index 2e3ed9f5..2d1f1f1d 100644 --- a/config/snort-dev/snort_define_servers.php +++ b/config/snort-dev/snort_define_servers.php @@ -222,7 +222,7 @@ include("head.inc"); ?> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php -include("fbegin.inc"); +include("./snort_fbegin.inc"); ?> <p class="pgtitle"><?if($pfsense_stable == 'yes'){echo $pgtitle;}?></p> <style type="text/css"> diff --git a/config/snort-dev/snort_download_rules.php b/config/snort-dev/snort_download_rules.php index ee954e9c..dd2a22e8 100644 --- a/config/snort-dev/snort_download_rules.php +++ b/config/snort-dev/snort_download_rules.php @@ -81,7 +81,7 @@ if ($id_d == "" || $snort_emrging_info == "stop" || $snort_oinkid_info == "stop" $pgtitle = "Services: Snort: Rule Updates"; include("head.inc"); -include("fbegin.inc"); +include("./snort_fbegin.inc"); echo "<p class=\"pgtitle\">"; if($pfsense_stable == 'yes'){echo $pgtitle;} echo "</p>\n"; @@ -220,7 +220,7 @@ setTimeout($.unblockUI, 2000); </script> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> -<?php include("/usr/local/www/fbegin.inc"); ?> +<?php include("./snort_fbegin.inc"); ?> <p class="pgtitle"><?if($pfsense_stable == 'yes'){echo $pgtitle;}?></p> <form action="snort_download_rules.php" method="post"> diff --git a/config/snort-dev/snort_fbegin.inc b/config/snort-dev/snort_fbegin.inc new file mode 100755 index 00000000..b8faff09 --- /dev/null +++ b/config/snort-dev/snort_fbegin.inc @@ -0,0 +1,288 @@ +<?php + +require_once("globals.inc"); +require_once("notices.inc"); +/* $Id$ */ + function return_ext_menu($section) { + global $config; + $htmltext = ""; + if($config['installedpackages']['menu'] <> "") { + foreach($config['installedpackages']['menu'] as $menuitem) { + if($menuitem['section'] != $section) continue; + if($menuitem['url'] <> "") { + $addresswithport = getenv("HTTP_HOST"); + $colonpos = strpos($addresswithport, ":"); + if ($colonpos !== False){ + //my url is actually just the IP address of the pfsense box + $myurl = substr($addresswithport, 0, $colonpos); + } + else + { + $myurl = $addresswithport; + } + + $description = str_replace('$myurl', $myurl, $menuitem['url']); + } else { + $description = '/pkg.php?xml=' . $menuitem['configfile']; + } + $htmltext .= '<li><a href="' . $description . ' "class="navlnk">' . $menuitem['name'] . '</a></li>' . "\n"; + } + } + return $htmltext; + } + + + + + /* NOTICE ACKNOWLEDGE CODE by Erik Kristensen */ + if ($_REQUEST['noticeaction'] == 'acknowledge') { + $notice_id = $_REQUEST['noticeid']; + close_notice($notice_id); + } + /**********************************************/ +?> + +<div id="wrapper"> + + <div id="header"> + <div id="header-left"><a href="../index.php" id="status-link"><img src="/themes/<?= $g['theme']; ?>/images/transparent.gif" border="0"></img></a></div> + <div id="header-right"> + <div class="container"> + <div class="left">webConfigurator</div> + <div class="right"> +<? + if (are_notices_pending()) { + $notices = get_notices(); + + $requests=array(); + + ## Get Query Arguments from URL ### + foreach ($_REQUEST as $key => $value) { + if ($key != "PHPSESSID") + $requests[] = $key.'='.$value; + } + if(is_array($requests)) + $request_string = implode("&", $requests); + + if(is_array($notices)) { + foreach ($notices as $key => $value) { + $date = date("m-d-y H:i:s", $key); + $noticemsg = str_replace("'", "", $value['notice']); + $noticemsg = str_replace('"', "", $noticemsg); + $noticemsg = str_replace("\n", "", $noticemsg); + $noticemsg = str_replace("<p>", "", $noticemsg); + $noticemsg = str_replace("<pre>", "", $noticemsg); + $noticemsg = str_replace("</pre>", "", $noticemsg); + $noticemsg = str_replace("</p>", "", $noticemsg); + $noticemsg = str_replace("<br>", "", $noticemsg); + $extra_args = ""; + if($_GET['xml']) + $extraargs="&xml=" . $_GET['xml']; + if($_POST['xml']) + $extraargs="&xml=" . $_POST['xml']; + if($_GET['id']) + $extraargs="&xml=" . $_GET['id']; + if($_POST['id']) + $extraargs="&xml=" . $_POST['id']; + $notice_msgs = '<a href="?noticeaction=acknowledge¬iceid=all' . $extraargs . '">Acknowledge All</a> .:. '; + if ($value['url']) { + $notice_msgs .= $date.' - <a href="'.$url.'?'.$request_string.'¬iceaction=acknowledge¬iceid='.$key.'">['.$value['id'].']</a>'; + } else { + $notice_msgs .= $date.' - <a href="?'.$request_string.'¬iceaction=acknowledge¬iceid='.$key.'">['.$value['id'].']'.$noticemsg.'</a>'; + } + $notice_msgs .= " .:. "; + } + } +?> + <div id="alerts"> + <script type="text/javascript"> + var content='<div id="marquee-text"><?= $notice_msgs; ?></div>' + </script> + <script type="text/javascript" src="/ticker.js"></script> + </div> +<? + } else { +?> + <div id="hostname"> + <? print $config['system']['hostname'] . "." . $config['system']['domain']; ?> + </div> +<? + } +?> + </div> + </div> + </div> + </div> <!-- Header DIV --> + <div id="content"> + <div id="left"> + <div id="navigation" style="z-index:1000"> + <ul id="menu"> + <li class="firstdrop"> + <div>System</div> + <ul class="subdrop"> + <li><a href="/system_advanced.php" class="navlnk">Advanced</a></li> + <li><a href="/system_firmware.php" class="navlnk">Firmware</a></li> + <li><a href="/system.php" class="navlnk">General Setup</a></li> + <?php if($g['platform'] == "pfSense" or $g['platform'] == "nanobsd"): ?> + <li><a href="/pkg_mgr.php" class="navlnk">Packages</a></li> + <?php endif; ?> + <li><a href="/wizard.php?xml=setup_wizard.xml" class="navlnk">Setup wizard</a></li> + <li><a href="/system_routes.php" class="navlnk">Static routes</a></li> + </ul> + </li> + <li class="drop"> + <div>Interfaces</div> + <ul class="subdrop"> + <?php if (!isset($config['system']['webgui']['noassigninterfaces'])): ?><li><a href="/interfaces_assign.php" class="navlnks">(assign)</a></li><?php endif; ?> + <li><a href="/interfaces_wan.php" class="navlnk">WAN</a></li> + <li><a href="/interfaces_lan.php" class="navlnk">LAN</a></li> + <?php for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++): if (!isset($config['interfaces']['opt' . $i]['ovpn'])): ?> + <li><a href="/interfaces_opt.php?index=<?=$i;?>" class="navlnk"><?=htmlspecialchars($config['interfaces']['opt' . $i]['descr']);?></a></li> + <?php endif; endfor; ?> + <?php echo return_ext_menu("Interfaces"); ?> + </ul> + </li> +<?php + if($config['system']['shapertype'] <> "m0n0") + $shaper = "firewall_shaper.php"; + else + $shaper = "m0n0/firewall_shaper.php"; +?> + <li class="drop"> + <div>Firewall</div> + <ul class="subdrop"> + <li><a href="/firewall_aliases.php" class="navlnk">Aliases</a></li> + <li><a href="/firewall_nat.php" class="navlnk">NAT</a></li> + <li><a href="/firewall_rules.php" class="navlnk">Rules</a></li> + <li><a href="/firewall_schedule.php" class="navlnk">Schedules</a></li> + <li><a href="<?=$shaper?>" class="navlnk">Traffic Shaper</a></li> + <li><a href="/firewall_virtual_ip.php" class="navlnk">Virtual IPs</a></li> + <?php echo return_ext_menu("Firewall"); ?> + </ul> + </li> + <li class="drop"> + <div>Services</div> + <ul class="subdrop"> + <li><a href="/services_captiveportal.php" class="navlnk">Captive portal</a></li> + <li><a href="/services_dnsmasq.php" class="navlnk">DNS forwarder</a></li> + <li><a href="/services_dhcp_relay.php" class="navlnk">DHCP relay</a></li> + <li><a href="/services_dhcp.php" class="navlnk">DHCP server</a></li> + <li><a href="/services_dyndns.php" class="navlnk">Dynamic DNS</a></li> + <li><a href="/load_balancer_pool.php" class="navlnk">Load Balancer</a></li> + <li><a href="/pkg_edit.php?xml=olsrd.xml&id=0" class="navlnk">OLSR</a></li> + <li><a href="/vpn_pppoe.php" class="navlnk">PPPoE Server</a></li> + <li><a href="/pkg_edit.php?xml=routed/routed.xml&id=0" class="navlnk">RIP</a></li> + <li><a href="/services_snmp.php" class="navlnk">SNMP</a></li> + <li><a href="/pkg_edit.php?xml=miniupnpd.xml&id=0" class="navlnk">UPnP</a></li> + <li><a href="/pkg_edit.php?xml=openntpd.xml&id=0" class="navlnk">OpenNTPD</a></li> + <li><a href="/services_wol.php" class="navlnk">Wake on LAN</a></li> + <?php echo return_ext_menu("Services"); ?> + </ul> + </li> + <li class="drop"> + <div>VPN</div> + <ul class="subdrop"> + <li><a href="/vpn_ipsec.php" class="navlnk">IPsec</a></li> + <li><a href="/pkg.php?xml=openvpn.xml" class="navlnk">OpenVPN</a></li> + <li><a href="/vpn_pptp.php" class="navlnk">PPTP</a></li> + <?php echo return_ext_menu("VPN"); ?> + </ul> + </li> + <li class="drop"> + <div>Status</div> + <ul class="subdrop"> + <?php if (isset($config['captiveportal']['enable'])): ?> + <li><a href="/status_captiveportal.php" class="navlnk">Captive portal</a></li> + <?php endif; ?> + <li><a href="/carp_status.php" class="navlnk">CARP (failover)</a></li> + <li><a href="/diag_dhcp_leases.php" class="navlnk">DHCP leases</a></li> + <li><a href="/status_filter_reload.php" class="navlnk">Filter Reload Status</a></li> + <li><a href="/status_interfaces.php" class="navlnk">Interfaces</a></li> + <li><a href="/diag_ipsec.php" class="navlnk">IPsec</a></li> + <li><a href="/status_slbd_pool.php" class="navlnk">Load Balancer</a></li> + <?php if($g['platform'] == "pfSense"): ?> + <li><a href="/diag_pkglogs.php" class="navlnk">Package logs</a></li> + <?php endif; ?> + <li><a href="/status_queues.php" class="navlnk">Queues</a></li> + <li><a href="/status_rrd_graph.php" class="navlnk">RRD Graphs</a></li> + <li><a href="/status_services.php" class="navlnk">Services</a></li> + <li><a href="/index.php" class="navlnk">System</a></li> + <li><a href="/diag_logs.php" class="navlnk">System logs</a></li> + <li><a href="/status_graph.php?if=wan" class="navlnk">Traffic graph</a></li> + <li><a href="/status_upnp.php" class="navlnk">UPnP</a></li> + <?php $i = 0; $ifdescrs = array(); + if (is_array($config['interfaces']['wan']['wireless']) && + preg_match($g['wireless_regex'], $config['interfaces']['wan']['if'])) + $ifdescrs['wan'] = 'WAN'; + if (is_array($config['interfaces']['lan']['wireless']) && + preg_match($g['wireless_regex'], $config['interfaces']['lan']['if'])) + $ifdescrs['lan'] = 'LAN'; + for ($j = 1; isset($config['interfaces']['opt' . $j]); $j++) { + if (is_array($config['interfaces']['opt' . $j]['wireless']) && + isset($config['interfaces']['opt' . $j]['enable']) && + preg_match($g['wireless_regex'], $config['interfaces']['opt' . $j]['if'])) + $ifdescrs['opt' . $j] = $config['interfaces']['opt' . $j]['descr']; + } + if (count($ifdescrs) > 0): ?> + <li><a href="/status_wireless.php" class="navlnk">Wireless</a></li> + <?php endif; ?> + <?php echo return_ext_menu("Status"); ?> + </ul> + </li> + <li class="lastdrop"> + <div>Diagnostics</div> + <ul id="diag" class="subdrop"> + <li><a href="/diag_arp.php" class="navlnk">ARP Tables</a></li> + <li><a href="/diag_backup.php" class="navlnk">Backup/Restore</a></li> + <li><a href="/exec.php" class="navlnk">Command Prompt</a></li> + <li><a href="/edit.php" class="navlnk">Edit File</a></li> + <li><a href="/diag_defaults.php" class="navlnk">Factory defaults </a></li> + <li><a href="/halt.php" class="navlnk">Halt system</a></li> +<?php if($g['platform']=="nanobsd"): ?> + <li><a href="/diag_nanobsd.php" class="navlnk">NanoBSD</a></li> +<?php endif; ?> + <li><a href="/diag_ping.php" class="navlnk">Ping</a></li> + <li><a href="/reboot.php" class="navlnk">Reboot system</a></li> + <li><a href="/diag_routes.php" class="navlnk">Routes</a></li> + <li><a href="/diag_dump_states.php" class="navlnk">States</a></li> + <li><a href="/diag_traceroute.php" class="navlnk">Traceroute</a></li> + <li><a href="/diag_packet_capture.php" class="navlnk">Packet Capture</a></li> + <?php echo return_ext_menu("Diagnostics"); ?> + <?php if(isset($config['system']['developer'])): ?> + <li><hr width="80%"/></li> + <li><a href="/restart_httpd.php" class="navlnk">Restart HTTPD</a></li> + <?php endif; ?> + </ul> + </li> + </ul> + </div> + + </div> <!-- Left DIV --> + + <div id="right"> + + +<?php + /* display a top alert bar if need be */ + $need_alert_display = false; + $found_notices = are_notices_pending(); + if($found_notices == true) { + $notices = get_notices(); + if(!$notices) { + $need_alert_display = true; + $display_text = print_notices() . "<br>"; + } + } + if($need_alert_display == true) { + echo "<div style=\"background-color:#000000\" id=\"roundalert\">"; + echo "<table>"; + echo "<tr><td><font color=\"#ffffff\">"; + echo " <img align=\"middle\" src=\"/top_notification.gif\"> "; + echo $display_text; + echo "</td>"; + echo "</tr>"; + echo "</table>"; + echo "</div>"; + } + +?>
\ No newline at end of file diff --git a/config/snort-dev/snort_help_info.php b/config/snort-dev/snort_help_info.php index 3e495d25..c3724b44 100644 --- a/config/snort-dev/snort_help_info.php +++ b/config/snort-dev/snort_help_info.php @@ -73,7 +73,7 @@ clear: both; </style> <body> -<?php include("fbegin.inc"); ?> +<?php include("./snort_fbegin.inc"); ?> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> diff --git a/config/snort-dev/snort_interfaces.php b/config/snort-dev/snort_interfaces.php index f4a73f16..44e8aa3d 100644 --- a/config/snort-dev/snort_interfaces.php +++ b/config/snort-dev/snort_interfaces.php @@ -169,7 +169,7 @@ if (isset($_POST['del_x'])) { conf_mount_ro(); write_config(); - touch($d_natconfdirty_path); + //touch($d_natconfdirty_path); header("Location: /snort/snort_interfaces.php"); exit; } @@ -223,12 +223,12 @@ if ($_GET['act'] == 'toggle' && $_GET['id'] != '') -$pgtitle = "Services: Snort 2.8.5.3 pkg v. 1.17 RC Final"; +$pgtitle = "Services: Snort 2.8.5.3 pkg v. 1.18 RC Final"; include("head.inc"); ?> <body link="#000000" vlink="#000000" alink="#000000"> -<?php include("fbegin.inc"); ?> +<?php include("./snort_fbegin.inc"); ?> <p class="pgtitle"><?if($pfsense_stable == 'yes'){echo $pgtitle;}?></p> <style type="text/css"> @@ -337,7 +337,7 @@ padding: 15px 10px 50% 50px; } ?> - <td class="listt"><a href="?act=toggle&id=<?=$i;?>"><img src="../themes/<?= $g['theme']; ?>/images/icons/icon_<?=$iconfn;?>.gif" width="13" height="13" border="0" title="click to toggle start/stop snort"></a><input type="checkbox" id="frc<?=$nnats;?>" name="rule[]" value="<?=$i;?>" onClick="fr_bgcolor('<?=$nnats;?>')" style="margin: 0; padding: 0; width: 7px; height: 7px;"></td> + <td class="listt"><a href="?act=toggle&id=<?=$i;?>"><img src="../themes/<?= $g['theme']; ?>/images/icons/icon_<?=$iconfn;?>.gif" width="13" height="13" border="0" title="click to toggle start/stop snort"></a><input type="checkbox" id="frc<?=$nnats;?>" name="rule[]" value="<?=$i;?>" onClick="fr_bgcolor('<?=$nnats;?>')" style="margin: 0; padding: 0;"></td> <td class="listt" align="center"></td> <td class="<?=$class_color_up;?>" onClick="fr_toggle(<?=$nnats;?>)" id="frd<?=$nnats;?>" ondblclick="document.location='snort_interfaces_edit.php?id=<?=$nnats;?>';"> <?php @@ -480,7 +480,8 @@ $footer2 = " background-repeat: repeat; background-attachment: scroll; background-position: 0% 0%; - font-size: 0.9em; + font-size: 0.8em; + text-align: center; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; diff --git a/config/snort-dev/snort_interfaces_edit.php b/config/snort-dev/snort_interfaces_edit.php index 416b4a8e..960da061 100644 --- a/config/snort-dev/snort_interfaces_edit.php +++ b/config/snort-dev/snort_interfaces_edit.php @@ -327,6 +327,35 @@ if ($_POST["Submit"]) { header("Location: /snort/snort_interfaces_edit.php?id=$id"); } + + if ($_POST["Reset"]) + { + + conf_mount_rw(); + + Running_Stop($snort_uuid, $if_real, $id); + sleep(2); + + /* remove all snort iface dir */ + exec('rm -r /usr/local/etc/snort/snort_*'); + exec('rm /var/log/snort/*'); + + unset($config['installedpackages']['snortglobal']['rule'][$id]); + write_config(); + + header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' ); + header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' ); + header( 'Cache-Control: no-store, no-cache, must-revalidate' ); + header( 'Cache-Control: post-check=0, pre-check=0', false ); + header( 'Pragma: no-cache' ); + sleep(2); + header("Location: /snort/snort_interfaces_edit.php?id=$id"); + + conf_mount_ro(); + + } + + $pgtitle = "Snort: Interface Edit: $id $snort_uuid $if_real"; include("head.inc"); @@ -334,7 +363,7 @@ include("head.inc"); ?> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php -include("fbegin.inc"); +include("./snort_fbegin.inc"); ?> <style type="text/css"> .alert { @@ -417,12 +446,15 @@ if ($a_nat[$id]['interface'] != '') { $tab_array = array(); $tab_array[] = array("Snort Interfaces", false, "/snort/snort_interfaces.php"); $tab_array[] = array("If Settings", true, "/snort/snort_interfaces_edit.php?id={$id}"); + /* hide user tabs when no settings have be saved */ + if ($config['installedpackages']['snortglobal']['rule'][$id]['interface'] != '') { //$tab_array[] = array("upload", false, "/snort/snort_conf_upload.php?id={$id}"); $tab_array[] = array("Categories", false, "/snort/snort_rulesets.php?id={$id}"); $tab_array[] = array("Rules", false, "/snort/snort_rules.php?id={$id}"); $tab_array[] = array("Servers", false, "/snort/snort_define_servers.php?id={$id}"); $tab_array[] = array("Preprocessors", false, "/snort/snort_preprocessors.php?id={$id}"); $tab_array[] = array("Barnyard2", false, "/snort/snort_barnyard.php?id={$id}"); + } display_top_tabs($tab_array); ?> @@ -511,7 +543,8 @@ if ($a_nat[$id]['interface'] != '') { Snort will log Alerts to a file in the UNIFIED2 format. This is a requirement for barnyard2.</td> </tr> <tr> - <td width="22%" valign="top"> </td> + <td width="22%" valign="top"><input name="Reset" type="submit" class="formbtn" value="Reset" onclick="return confirm('Do you really want to reset this Snort Interface?')" ><span class="red"><strong> WARNING:</strong><br> + This will reset this interface.</span> </td> <td width="78%"> <input name="Submit" type="submit" class="formbtn" value="Save"> <?php echo $snort_up_ck; ?> <input type="button" class="formbtn" value="Cancel" onclick="history.back()"> <?php if (isset($id) && $a_nat[$id]): ?> diff --git a/config/snort-dev/snort_interfaces_global.php b/config/snort-dev/snort_interfaces_global.php index de1ff812..e3d0daf5 100644 --- a/config/snort-dev/snort_interfaces_global.php +++ b/config/snort-dev/snort_interfaces_global.php @@ -62,6 +62,8 @@ if ($_POST) { } if (!$input_errors) { + + if ($_POST["Submit"]) { $config['installedpackages']['snortglobal']['snortdownload'] = $_POST['snortdownload']; $config['installedpackages']['snortglobal']['oinkmastercode'] = $_POST['oinkmastercode']; @@ -107,11 +109,135 @@ if ($_POST) { $savemsg = get_std_save_message($retval); + + } } + + + if ($_POST["Reset"]) { + +//////>>>>>>>>> + + function snort_deinstall_settings() +{ + + global $config, $g, $id, $if_real; + conf_mount_rw(); + + + exec("/usr/usr/bin/killall snort"); + sleep(2); + exec("/usr/usr/bin/killall -9 snort"); + sleep(2); + exec("/usr/usr/bin/killall barnyard2"); + sleep(2); + exec("/usr/usr/bin/killall -9 barnyard2"); + sleep(2); + + /* Remove snort cron entries Ugly code needs smoothness*/ +function snort_rm_blocked_deinstall_cron($should_install) +{ + global $config, $g; + conf_mount_rw(); + + $is_installed = false; + + if(!$config['cron']['item']) + return; + + $x=0; + foreach($config['cron']['item'] as $item) + { + if (strstr($item['command'], "snort2c")) + { + $is_installed = true; + break; + } + + $x++; + + } + if($is_installed == true) + { + if($x > 0) + { + unset($config['cron']['item'][$x]); + write_config(); + conf_mount_rw(); + } + + configure_cron(); + + } + conf_mount_ro(); + +} + + function snort_rules_up_deinstall_cron($should_install) +{ + global $config, $g; + conf_mount_rw(); + + $is_installed = false; + + if(!$config['cron']['item']) + return; + + $x=0; + foreach($config['cron']['item'] as $item) { + if (strstr($item['command'], "snort_check_for_rule_updates.php")) { + $is_installed = true; + break; + } + $x++; + } + if($is_installed == true) { + if($x > 0) { + unset($config['cron']['item'][$x]); + write_config(); + conf_mount_rw(); + } + configure_cron(); + } +} + +snort_rm_blocked_deinstall_cron(""); +snort_rules_up_deinstall_cron(""); + + + /* Unset snort registers in conf.xml IMPORTANT snort will not start with out this */ + /* Keep this as a last step */ + unset($config['installedpackages']['snortglobal']); + write_config(); + conf_mount_rw(); + + /* remove all snort iface dir */ + exec('rm -r /usr/local/etc/snort/snort_*'); + exec('rm /var/log/snort/*'); + + conf_mount_ro(); + } + + snort_deinstall_settings(); + + header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' ); + header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' ); + header( 'Cache-Control: no-store, no-cache, must-revalidate' ); + header( 'Cache-Control: post-check=0, pre-check=0', false ); + header( 'Pragma: no-cache' ); + sleep(2); + header("Location: /snort/snort_interfaces_global.php"); + + exit; + +//////>>>>>>>>> + } +} + include("head.inc"); ?> -<?php include("fbegin.inc"); ?> +<?php include("./snort_fbegin.inc"); ?> <p class="pgtitle"><?if($pfsense_stable == 'yes'){echo $pgtitle;}?></p> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> @@ -163,7 +289,6 @@ include("head.inc"); <td class="vncell" valign="top">Code</td> <td class="vtable"><input name="oinkmastercode" type="text" class="formfld" id="oinkmastercode" size="52" value="<?=htmlspecialchars($pconfig['oinkmastercode']);?>"><br> Obtain a snort.org Oinkmaster code and paste here.</td> - </td> </table> </tr> <tr> @@ -224,7 +349,9 @@ include("head.inc"); Hint: Best pratice is to chose full logging.</span> <span class="red"><strong>WARNING:</strong></span> <strong>On change, alert file will be cleared.</strong></td> </tr> <tr> - <td width="22%" valign="top"> </td> + <td width="22%" valign="top"><input name="Reset" type="submit" class="formbtn" value="Reset" onclick="return confirm('Do you really want to delete all global and interface settings?')"><span class="red"><strong> WARNING:</strong><br> + This will reset all global and interface settings.</span> + </td> <td width="78%"> <input name="Submit" type="submit" class="formbtn" value="Save" onClick="enable_change(true)"> <input type="button" class="formbtn" value="Cancel" onclick="history.back()"> </td> diff --git a/config/snort-dev/snort_preprocessors.php b/config/snort-dev/snort_preprocessors.php index 08fe2f03..6e634891 100644 --- a/config/snort-dev/snort_preprocessors.php +++ b/config/snort-dev/snort_preprocessors.php @@ -216,7 +216,7 @@ include("head.inc"); ?> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php -include("fbegin.inc"); +include("./snort_fbegin.inc"); ?> <p class="pgtitle"><?if($pfsense_stable == 'yes'){echo $pgtitle;}?></p> <style type="text/css"> diff --git a/config/snort-dev/snort_rules.php b/config/snort-dev/snort_rules.php index 9d0cc89c..c95d76ca 100644 --- a/config/snort-dev/snort_rules.php +++ b/config/snort-dev/snort_rules.php @@ -65,7 +65,7 @@ $isrulesfolderempty = exec("ls -A /usr/local/etc/snort/snort_{$iface_uuid}_{$if_ if ($isrulesfolderempty == "") { include("head.inc"); -include("fbegin.inc"); +include("./snort_fbegin.inc"); echo "<body link=\"#000000\" vlink=\"#000000\" alink=\"#000000\">"; @@ -412,7 +412,7 @@ $pgtitle = "Snort: $id $iface_uuid $if_real Category: $currentruleset"; ?> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> -<?php include("fbegin.inc"); ?> +<?php include("./snort_fbegin.inc"); ?> <p class="pgtitle"><?if($pfsense_stable == 'yes'){echo $pgtitle;}?></p> <?php diff --git a/config/snort-dev/snort_rulesets.php b/config/snort-dev/snort_rulesets.php index 172780b6..53c5d379 100644 --- a/config/snort-dev/snort_rulesets.php +++ b/config/snort-dev/snort_rulesets.php @@ -68,7 +68,7 @@ $isrulesfolderempty = exec("ls -A /usr/local/etc/snort/snort_{$iface_uuid}_{$if_ if ($isrulesfolderempty == "") { include("head.inc"); -include("fbegin.inc"); +include("./snort_fbegin.inc"); echo "<p class=\"pgtitle\">"; if($pfsense_stable == 'yes'){echo $pgtitle;} @@ -157,7 +157,7 @@ include("head.inc"); ?> <body link="#000000" vlink="#000000" alink="#000000"> -<?php include("fbegin.inc"); ?> +<?php include("./snort_fbegin.inc"); ?> <p class="pgtitle"><?php if($pfsense_stable == 'yes'){echo $pgtitle;}?></p> <?php |