aboutsummaryrefslogtreecommitdiffstats
path: root/packages/snort
diff options
context:
space:
mode:
Diffstat (limited to 'packages/snort')
-rw-r--r--packages/snort/snort.inc1
-rw-r--r--packages/snort/snort.xml6
-rw-r--r--packages/snort/snort_blocked.php6
3 files changed, 12 insertions, 1 deletions
diff --git a/packages/snort/snort.inc b/packages/snort/snort.inc
index 0f00687a..88fef66a 100644
--- a/packages/snort/snort.inc
+++ b/packages/snort/snort.inc
@@ -511,6 +511,7 @@ function get_snort_alert($ip) {
}
function make_clickable($buffer) {
+ global $config, $g;
/* if clickable urls is disabled, simply return buffer back to caller */
$clickablalerteurls = $config['installedpackages']['snort']['config'][0]['oinkmastercode'];
if(!$clickablalerteurls)
diff --git a/packages/snort/snort.xml b/packages/snort/snort.xml
index 5bdf9a06..24b67f55 100644
--- a/packages/snort/snort.xml
+++ b/packages/snort/snort.xml
@@ -172,6 +172,12 @@
<type>checkbox</type>
</field>
<field>
+ <fielddescr>Associate events on Blocked tab</fielddescr>
+ <fieldname>associatealertip</fieldname>
+ <description>Checking this option will automatically associate the blocked reason from the snort alerts file.</description>
+ <type>checkbox</type>
+ </field>
+ <field>
<fielddescr>Sync Snort configuration to secondary cluster members</fielddescr>
<fieldname>syncxmlrpc</fieldname>
<description>Checking this option will automatically sync the snort configuration via XMLRPC to CARP cluster members.</description>
diff --git a/packages/snort/snort_blocked.php b/packages/snort/snort_blocked.php
index 778e607c..67bd1f90 100644
--- a/packages/snort/snort_blocked.php
+++ b/packages/snort/snort_blocked.php
@@ -81,6 +81,7 @@ include("head.inc");
</tr>
<?php
+ $associatealertip = $config['installedpackages']['snort']['config'][0]['associatealertip'];
$ips = `/sbin/pfctl -t snort2c -T show`;
$ips_array = split("\n", $ips);
$counter = 0;
@@ -89,7 +90,10 @@ include("head.inc");
continue;
$ww_ip = str_replace(" ", "", $ip);
$counter++;
- $alert_description = get_snort_alert($ww_ip);
+ if($associatealertip)
+ $alert_description = get_snort_alert($ww_ip);
+ else
+ $alert_description = "";
echo "\n<tr>";
echo "\n<td align=\"center\" valign=\"top\"'><a href='snort_blocked.php?todelete=" . trim(urlencode($ww_ip)) . "'>";
echo "\n<img title=\"Delete\" border=\"0\" name='todelete' id='todelete' alt=\"Delete\" src=\"./themes/{$g['theme']}/images/icons/icon_x.gif\"></a></td>";