From 140efc422969d411e620174501aa292ae1345534 Mon Sep 17 00:00:00 2001 From: robiscool Date: Mon, 16 Aug 2010 16:53:15 -0700 Subject: snort, major changes, fix pid bug, add jquery lightbox, update gui --- config/snort/css/colorbox.css | 36 + config/snort/css/new_tab_menu.css | 101 + config/snort/css/sexybuttons.css | 342 ++ config/snort/css/style.css | 43 +- config/snort/css/style2.css | 111 - config/snort/help_and_info.php | 361 +- config/snort/images/arrow_down.png | Bin 0 -> 379 bytes config/snort/images/awesome-overlay-sprite.png | Bin 0 -> 214 bytes config/snort/images/controls.png | Bin 0 -> 1633 bytes config/snort/images/logo22.png | Bin 0 -> 28415 bytes config/snort/images/new_tab_menu.png | Bin 0 -> 3276 bytes config/snort/images/page_white_text.png | Bin 0 -> 342 bytes config/snort/javascript/jquery-1.3.2.js | 4376 ---------------------- config/snort/javascript/jquery-1.4.2.min.js | 154 + config/snort/javascript/jquery.blockUI.js | 463 --- config/snort/javascript/jquery.colorbox.js | 764 ++++ config/snort/javascript/row_helper.js | 69 - config/snort/javascript/tabs.js | 123 - config/snort/snort.inc | 43 +- config/snort/snort.xml | 19 +- config/snort/snort_alerts.php | 63 +- config/snort/snort_barnyard.php | 66 +- config/snort/snort_blocked.php | 65 +- config/snort/snort_define_servers.php | 57 +- config/snort/snort_download_rules.php | 309 +- config/snort/snort_download_updates.php | 384 ++ config/snort/snort_fbegin.inc | 288 -- config/snort/snort_gui.inc | 117 + config/snort/snort_head.inc | 106 +- config/snort/snort_help_info.php | 192 - config/snort/snort_interfaces.php | 1142 +++--- config/snort/snort_interfaces_edit.php | 66 +- config/snort/snort_interfaces_global.php | 70 +- config/snort/snort_interfaces_suppress.php | 65 +- config/snort/snort_interfaces_suppress_edit.php | 72 +- config/snort/snort_interfaces_whitelist.php | 62 +- config/snort/snort_interfaces_whitelist_edit.php | 67 +- config/snort/snort_preprocessors.php | 54 +- config/snort/snort_rules.php | 66 +- config/snort/snort_rules_edit.php | 85 +- config/snort/snort_rulesets.php | 74 +- pkg_config.7.xml | 2 +- pkg_config.8.xml | 2 +- 43 files changed, 3413 insertions(+), 7066 deletions(-) create mode 100644 config/snort/css/colorbox.css create mode 100644 config/snort/css/new_tab_menu.css create mode 100644 config/snort/css/sexybuttons.css delete mode 100644 config/snort/css/style2.css create mode 100644 config/snort/images/arrow_down.png create mode 100644 config/snort/images/awesome-overlay-sprite.png create mode 100644 config/snort/images/controls.png create mode 100644 config/snort/images/logo22.png create mode 100644 config/snort/images/new_tab_menu.png create mode 100644 config/snort/images/page_white_text.png delete mode 100644 config/snort/javascript/jquery-1.3.2.js create mode 100644 config/snort/javascript/jquery-1.4.2.min.js delete mode 100644 config/snort/javascript/jquery.blockUI.js create mode 100644 config/snort/javascript/jquery.colorbox.js delete mode 100644 config/snort/javascript/row_helper.js delete mode 100644 config/snort/javascript/tabs.js create mode 100644 config/snort/snort_download_updates.php delete mode 100644 config/snort/snort_fbegin.inc delete mode 100644 config/snort/snort_help_info.php diff --git a/config/snort/css/colorbox.css b/config/snort/css/colorbox.css new file mode 100644 index 00000000..97155a56 --- /dev/null +++ b/config/snort/css/colorbox.css @@ -0,0 +1,36 @@ +/* + ColorBox Core Style + The following rules are the styles that are consistant between themes. + Avoid changing this area to maintain compatability with future versions of ColorBox. +*/ +#colorbox, #cboxOverlay, #cboxWrapper{position:absolute; top:0; left:0; z-index:9999; overflow:hidden;} +#cboxOverlay{position:fixed; width:100%; height:100%;} +#cboxMiddleLeft, #cboxBottomLeft{clear:left;} +#cboxContent{position:relative;} +#cboxLoadedContent{overflow:auto;} +#cboxLoadedContent iframe{display:block; width:100%; height:100%; border:0;} +#cboxTitle{margin:0;} +#cboxLoadingOverlay, #cboxLoadingGraphic{position:absolute; top:0; left:0; width:100%;} +#cboxPrevious, #cboxNext, #cboxClose, #cboxSlideshow{cursor:pointer;} + +/* + ColorBox example user style + The following rules are ordered and tabbed in a way that represents the + order/nesting of the generated HTML, so that the structure easier to understand. +*/ +#cboxOverlay{background:#000;} + +#colorbox{} + #cboxContent{margin-top:20px;} + #cboxLoadedContent{background:#000; padding:5px;} + #cboxTitle{position:absolute; top:-20px; left:0; color:#ccc;} + #cboxCurrent{position:absolute; top:-20px; right:0px; color:#ccc;} + #cboxSlideshow{position:absolute; top:-20px; right:90px; color:#fff;} + #cboxPrevious{position:absolute; top:50%; left:5px; margin-top:-32px; background:url(/snort/images//controls.png) top left no-repeat; width:28px; height:65px; text-indent:-9999px;} + #cboxPrevious.hover{background-position:bottom left;} + #cboxNext{position:absolute; top:50%; right:5px; margin-top:-32px; background:url(/snort/images//controls.png) top right no-repeat; width:28px; height:65px; text-indent:-9999px;} + #cboxNext.hover{background-position:bottom right;} + #cboxLoadingOverlay{background:#000;} + #cboxLoadingGraphic{background:url(/snort/images//loading.gif) center center no-repeat;} + #cboxClose{position:absolute; top:5px; right:5px; display:block; background:url(/snort/images//controls.png) top center no-repeat; width:38px; height:19px; text-indent:-9999px;} + #cboxClose.hover{background-position:bottom center;} \ No newline at end of file diff --git a/config/snort/css/new_tab_menu.css b/config/snort/css/new_tab_menu.css new file mode 100644 index 00000000..9d02348b --- /dev/null +++ b/config/snort/css/new_tab_menu.css @@ -0,0 +1,101 @@ +/* + new_tab_menu.css + part of pfSense + Copyright (C) 2010-2011 Robert Zelaya + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + + + Replace your old tab menu with the following code. To add a second tab menu line just cut and paste again. + The following code is dependent on new_tab_menu.css and images/new_tab_menu.png. + + + + + + + +*/ + +.snorttabs ul, li{border:0; margin:0; padding:0; list-style:none;} + +.snorttabs li{float:left; margin-right:2px; text-align: center;} +.snorttabs a:link, .snorttabs a:visited{ + background:url(/snort/images/new_tab_menu.png) right 45px; + color:#ffffff; /* noactive font */ + display:block; + /* fix for IE6 */ + display: inline-block; + /* END */ + font-weight:bold; + font-size:.9em; + height:20px; + line-height:20px; + text-decoration:none; +} +.snorttabs a span{ + background:url(/snort/images/new_tab_menu.png) left 45px; + display:block; + /* fix for IE6 */ + display: inline-block; + /* END */ + height:20px; + margin-right:7px; + padding-left:7px; +} +.snorttabs a:hover{ + background:url(/snort/images/new_tab_menu.png) right 23px; + display:block; + /* fix for IE6 */ + display: inline-block; + /* END */ + color:#ffffff; /* hover over font */ +} +.snorttabs a:hover span{ + background:url(/snort/images/new_tab_menu.png) left 23px; + display:block; + /* fix for IE6 */ + display: inline-block; + /* END */ +} + +/* -------------------------------- */ +/* ACTIVE ELEMENTS */ +.snorttabs_active a:link, .snorttabs_active a:visited, .snorttabs_active a:visited, .snorttabs_active a:hover{ + color:#000000; /* active font */ + background:url(/snort/images/new_tab_menu.png) right 0 no-repeat; +} +.snorttabs_active a span, .snorttabs_active a:hover span{ + background:url(/snort/images/new_tab_menu.png) left 0 no-repeat; +} \ No newline at end of file diff --git a/config/snort/css/sexybuttons.css b/config/snort/css/sexybuttons.css new file mode 100644 index 00000000..db36a287 --- /dev/null +++ b/config/snort/css/sexybuttons.css @@ -0,0 +1,342 @@ +/* + * Sexy Buttons + * + * DESCRIPTION: + * Sexy, skinnable HTML/CSS buttons with icons. + * + * PROJECT URL: + * http://code.google.com/p/sexybuttons/ + * + * AUTHOR: + * Richard Davies + * http://www.richarddavies.us + * Richard@richarddavies.us + * + * VERSION: + * 1.1 + * + * LICENSE: + * Apache License 2.0 (http://www.apache.org/licenses/LICENSE-2.0) + * Creative Commons 3.0 Attribution (http://creativecommons.org/licenses/by/3.0/) + * + * CREDITS: + * Inspired by, derived from, and thanks to: + * http://www.p51labs.com/simply-buttons-v2/ + * http://www.oscaralexander.com/tutorials/how-to-make-sexy-buttons-with-css.html + * http://www.zurb.com/article/266/super-awesome-buttons-with-css3-and-rgba + * http://www.elctech.com/snippets/make-your-buttons-look-super-awesome + * + * USAGE: + * Simply add class="sexybutton [skin]" to a + */ + + +/* + * Generic styles for all Sexy Buttons + */ + +.sexybutton { + display: inline-block; + margin: 0; + padding: 0; + font: bold 13px "Helvetica Neue", Helvetica, Arial !important; + text-decoration: none !important; + text-shadow: 1px 1px 2px rgba(0,0,0,0.20); + background: none; + border: none; + white-space: nowrap; + cursor: pointer; + user-select: none; + -moz-user-select: none; + + /* Fix extra width padding in IE */ + _width: 0; + overflow: visible; +} + +.sexybutton span { + display: block; /* Prevents :active from working in IE--oh well! */ + height: 24px; + padding-right: 12px; + background-repeat: no-repeat; + background-position: right top; +} + +.sexybutton span span { + padding-right: 0; + padding-left: 12px; + line-height: 24px; + background-position: left top; +} + +.sexybutton span span span { + padding-left: 21px; + background-image: none; + background-repeat: no-repeat; + background-position: left center; + /* IE6 still requires a PNG transparency fix */ + /* _background-image: none; Or just hide icons from the undeserving IE6 */ + /* _padding-left: 0; Or just hide icons from the undeserving IE6 */ +} + +.sexybutton span span span.after { + padding-left: 0px; + padding-right: 21px; + background-position: right center; + /* IE6 still requires a PNG transparency fix */ + /* _padding-right: 0; Or just hide icons from the undeserving IE6 */ +} + +.sexybutton[disabled], +.sexybutton[disabled]:hover, +.sexybutton[disabled]:focus, +.sexybutton[disabled]:active, +.sexybutton.disabled, +.sexybutton.disabled:hover, +.sexybutton.disabled:focus, +.sexybutton.disabled:active { + color: #333 !important; + cursor: inherit; + text-shadow: none; + opacity: 0.33; +} + +.sexybutton:hover span, +.sexybutton:focus span { + background-position: 100% -24px; +} + +.sexybutton:hover span span, +.sexybutton:focus span span { + background-position: 0% -24px; +} + +.sexybutton:active span { + background-position: 100% -48px; +} + +.sexybutton:active span span { + background-position: 0% -48px; +} + +.sexybutton[disabled] span, +.sexybutton.disabled span { + background-position: 100% -72px; +} + +.sexybutton[disabled] span span, +.sexybutton.disabled span span { + background-position: 0% -72px; +} + +.sexybutton:hover span span span, +.sexybutton:focus span span span, +.sexybutton:active span span span, +.sexybutton[disabled] span span span, +.sexybutton.disabled span span span { + background-position: left center; +} + +.sexybutton:hover span span span.after, +.sexybutton:focus span span span.after, +.sexybutton:active span span span.after, +.sexybutton[disabled] span span span.after, +.sexybutton.disabled span span span.after { + background-position: right center; +} + +.sexybutton img { + margin-right: 5px; + vertical-align: text-top; + /* IE6 Hack */ + _margin-top: 4px; + _vertical-align: text-bottom; + /* IE6 still requires a PNG transparency fix */ + /* _display: none; Or just hide icons from the undeserving IE6 */ +} + +.sexybutton img.after { + margin-right: 0; + margin-left: 5px; + /* IE6 still requires a PNG transparency fix */ + /* _margin-left: 0; Or just hide icons from the undeserving IE6 */ +} + +.sexybutton.sexysmalls { font-size:.8em !important; } +.sexybutton.sexymedium { font-size: 15px !important; } +.sexybutton.sexylarge { font-size: 18px !important; } + + +/* + * Button Skins + * + * .PNG background images with alpha transparency are also supplied if you'd rather use them instead of the + * default .GIF images. (Just beware of IE6's lack of support.) + * + * Additional skins can be added below. The images/skins/ButtonTemplate.psd can be used to create new skins. + * Prefix the skin name with "sexy" to avoid any potential conflicts with other class names. + */ + +/* + * Simple Skin Buttons + */ + +.sexybutton.sexysimple { + position: relative; + padding: 5px 10px 5px; + font: inherit; + font-size: .85em !important; + font-style: normal !important; + font-weight: bold !important; + color: #fff !important; + line-height: 1; + background-image: url(/snort/images//awesome-overlay-sprite.png); + background-repeat: repeat-x; + background-position: 0 0; + + /* Special effects */ + text-shadow: 0 -1px 1px rgba(0,0,0,0.25), -2px 0 1px rgba(0,0,0,0.25); + border-radius: 5px; + -moz-border-radius: 5px; + -webkit-border-radius: 5px; + -moz-box-shadow: 0 1px 2px rgba(0,0,0,0.5); + -webkit-box-shadow: 0 1px 2px rgba(0,0,0,0.5); + + /* IE only stuff */ + border-bottom: 1px solid transparent\9; + _background-image: none; + + /* Cross browser inline block hack - http://blog.mozilla.com/webdev/2009/02/20/cross-browser-inline-block/ */ + display: -moz-inline-stack; + display: inline-block; + vertical-align: middle; + *display: inline !important; + position: relative; + + /* Force hasLayout in IE */ + zoom: 1; + + /* Disable text selection (Firefox only)*/ + -moz-user-select: none; +} + +.sexybutton.sexysimple::selection { + background: transparent; +} + +.sexybutton.sexysimple:hover, +.sexybutton.sexysimple:focus { + background-position: 0 -50px; + color: #fff !important; +} + +.sexybutton.sexysimple:active { + background-position: 0 -100px; + -moz-box-shadow: inset 0 1px 2px rgba(0,0,0,0.7); + /* Unfortunately, Safari doesn't support inset yet */ + -webkit-box-shadow: none; + + /* IE only stuff */ + border-bottom: 0\9; + border-top: 1px solid #666\9; +} + +.sexybutton.sexysimple[disabled], +.sexybutton.sexysimple.disabled { + background-position: 0 -150px; + color: #333 !important; + text-shadow: none; +} + +.sexybutton.sexysimple[disabled]:hover, +.sexybutton.sexysimple[disabled]:focus, +.sexybutton.sexysimple[disabled]:active, +.sexybutton.sexysimple.disabled:hover, +.sexybutton.sexysimple.disabled:focus, +.sexybutton.sexysimple.disabled:active { + -moz-box-shadow: 0 1px 2px rgba(0,0,0,0.5); + -webkit-box-shadow: 0 1px 2px rgba(0,0,0,0.5); +} + +.sexybutton.sexysimple span { + height: auto; + padding-left: 24px; + padding-right: 0; + background-position: left center; + background-repeat: no-repeat; + /* IE6 still requires a PNG transparency fix */ + /* _padding-left: 0; Or just hide icons from the undeserving IE6 */ +} + +.sexybutton.sexysimple span.after { + padding-left: 0; + padding-right: 24px; + background-position: right center; + /* IE6 still requires a PNG transparency fix */ + /* _padding-right: 0; Or just hide icons from the undeserving IE6 */ +} + +/* Simple button colors */ +.sexybutton.sexysimple { background-color: #333; } /* Default */ +.sexybutton.sexysimple.sexyblack { background-color: #333; } +.sexybutton.sexysimple.sexyred { background-color: #a90118; } +.sexybutton.sexysimple.sexyorange { background-color: #ff8a00; } +.sexybutton.sexysimple.sexyyellow { background-color: #ffb515; } +.sexybutton.sexysimple.sexygreen { background-color: #59a901; } +.sexybutton.sexysimple.sexyblue { background-color: #015ea9; } +.sexybutton.sexysimple.sexyteal { background-color: #2daebf; } +.sexybutton.sexysimple.sexymagenta { background-color: #a9014b; } +.sexybutton.sexysimple.sexypurple { background-color: #9d01a9; } + +/* Simple button sizes */ +.sexybutton.sexysimple.sexysmall { padding: 4px 7px 5px; font-size: 10px !important; } +.sexybutton.sexysimple.sexysmall:active { padding: 5px 7px 4px; } +.sexybutton.sexysimple { /* default */ } +.sexybutton.sexysimple:active { padding: 6px 10px 4px; } +.sexybutton.sexysimple.sexymedium { /* default */ } +.sexybutton.sexysimple.sexymedium:active { padding: 6px 10px 4px; } +.sexybutton.sexysimple.sexylarge { padding: 8px 14px 8px; font-size: 14px !important; } +.sexybutton.sexysimple.sexylarge:active { padding: 9px 14px 7px; } +.sexybutton.sexysimple.sexyxl { padding: 8px 14px 8px; font-size: 16px !important; } +.sexybutton.sexysimple.sexyxl:active { padding: 9px 14px 7px; } +.sexybutton.sexysimple.sexyxxl { padding: 8px 14px 8px; font-size: 20px !important; } +.sexybutton.sexysimple.sexyxxl:active { padding: 9px 14px 7px; } +.sexybutton.sexysimple.sexyxxxl { padding: 8px 14px 8px; font-size: 26px !important; } +.sexybutton.sexysimple.sexyxxxl:active { padding: 9px 14px 7px; } + +.sexybutton.sexysimple.sexysmall[disabled]:active, +.sexybutton.sexysimple.sexysmall.disabled:active { padding: 4px 7px 5px; } +.sexybutton.sexysimple[disabled]:active, +.sexybutton.sexysimple.disabled:active { padding: 5px 10px 5px; } +.sexybutton.sexysimple.sexymedium[disabled]:active, +.sexybutton.sexysimple.sexymedium.disabled:active { padding: 6px 10px 4px; } +.sexybutton.sexysimple.sexylarge[disabled]:active, +.sexybutton.sexysimple.sexylarge.disabled:active { padding: 8px 14px 8px; } +.sexybutton.sexysimple.sexyxl[disabled]:active, +.sexybutton.sexysimple.sexyxl.disabled:active { padding: 8px 14px 8px; } +.sexybutton.sexysimple.sexyxxl[disabled]:active, +.sexybutton.sexysimple.sexyxxl.disabled:active { padding: 8px 14px 8px; } +.sexybutton.sexysimple.sexyxxxl[disabled]:active, +.sexybutton.sexysimple.sexyxxxl.disabled:active { padding: 8px 14px 8px; } + + +/* + * Icon Definitions + */ + +/* Silk Icons - http://www.famfamfam.com/lab/icons/silk/ */ +/* (Obviously not all Silk icons are defined here. Feel free to define any other icons that you may need.) */ + +.sexybutton span.ok { background-image: url(/snort/images//tick.png) !important; } +.sexybutton span.cancel { background-image: url(/snort/images//cross.png) !important; } +.sexybutton span.add { background-image: url(/snort/images//add.png) !important; } +.sexybutton span.delete { background-image: url(/snort/images//delete.png) !important; } +.sexybutton span.download { background-image: url(/snort/images//arrow_down.png) !important; } +.sexybutton span.pwhitetxt { background-image: url(/snort/images//page_white_text.png) !important; } + diff --git a/config/snort/css/style.css b/config/snort/css/style.css index 44568873..9c627971 100644 --- a/config/snort/css/style.css +++ b/config/snort/css/style.css @@ -1,3 +1,42 @@ +.alert { + position:absolute; + top:10px; + left:0px; + width:94%; +background:#FCE9C0; +background-position: 15px; +border-top:2px solid #DBAC48; +border-bottom:2px solid #DBAC48; +padding: 15px 10px 85% 50px; +} + +.formpre { +font-family:arial; +font-size: 1.1em; +} + +#download_rules { +font-family: arial; +font-size: 13px; +font-weight: bold; +text-align: center +} + +#download_rules_td { +font-family: arial; +font-size: 13px; +font-weight: bold; +text-align: center +} + +.body2 { +font-family:arial; +font-size:12px; +} + + + + /* Start of main css Pfsense */ /* Start of main css Pfsense */ @@ -147,7 +186,3 @@ tr.hide { border: 1px solid #ccc; } - -/*************************************************************/ - - diff --git a/config/snort/css/style2.css b/config/snort/css/style2.css deleted file mode 100644 index d7a1616c..00000000 --- a/config/snort/css/style2.css +++ /dev/null @@ -1,111 +0,0 @@ -/* ----------------------------------- -general ------------------------------------ */ - -body -{ - margin: 0px; - padding: 0px; - font: 100%/1.4 helvetica, arial, sans-serif; - color: #444; - background: #fff; -} - -h1, h2, h3, h4, h5, h6 -{ - margin: 0 0 1em; - line-height: 1.1; -} - -h2, h3 { color: #003d5d; } -h2 { font-size: 218.75%; } - - -p -{ -margin-top: 35pt; -margin-right: 0pt; -margin-bottom: -25px; -margin-left: 0pt; -text-indent: 25px; -} - -img { border: none; } -a:link { color: #035389; } -a:visited { color: #09619C; } - -/* ----------------------------------- -Play Hide the tab ------------------------------------ */ - -div.items p:not(:target) {display: none} -div.items p:target {display: block} - - -/* ----------------------------------- -layout ------------------------------------ */ - -#container -{ - margin: 0 0px; - background: #fff; -} - -#header -{ - background: #fff; -} - -#header h1 { margin: 0; } - -#navigation -{ - float: left; - width: 100%; - background: #333; -} - -#navigation ul -{ - margin: 0; - padding: 0; -} - -#navigation ul li -{ - list-style-type: none; - display: inline; -} - -#navigation li a -{ - display: block; - float: left; - padding: 5px 10px; - color: #fff; - text-decoration: none; - border-right: 1px solid #fff; -} - -#navigation li a:hover -{ - background-color: #3366cc; - background-image: none; - background-repeat: repeat; - background-attachment: scroll; - background-position: 0% 0%; -} - -#content -{ - clear: left; - padding: 20px; -} - -#content h2 -{ - color: #000; - font-size: 160%; - margin: 0 0 .5em; -} \ No newline at end of file diff --git a/config/snort/help_and_info.php b/config/snort/help_and_info.php index 0f4a0c9f..e7e78761 100644 --- a/config/snort/help_and_info.php +++ b/config/snort/help_and_info.php @@ -1,42 +1,137 @@ - + - -Help & Info - - - + +The Snort Package Help Page + + + + + + - - -
- - -
-
-

- Snort Package is a GUI based front-end for Sourcefire\'s Snort ® IDS/IPS software. The Snort Package goal is to be +

+ +
+
+

Snort Package

+ +

+ Snort Package is a GUI based front-end for Sourcefire\'s Snort IDS/IPS software. The Snort Package goal is to be the best open-source GUI to manage multiple snort sensors and multiple rule snapshots. The project other goal is to be a highly competitive GUI for network monitoring for both private and enterprise use. Lastly, this project software development should bring programmers and users together to create software. @@ -54,143 +149,89 @@ echo ' The more interfaces you select the more memory you need.

Development is done on a Alix 2D3 system (500 MHz AMD Geode LX800 CPU 256MB DDR DRAM).

-
-
-

-About Me

-Coming soon............ + +

+ +
+

Snort Package

+ +

Change Log

+ +

Changes to this package can be viwed by following pfSense packages repository

+
+ +
+

Snort Package

+ +

Getting Help

+ +

+Obtaining Support
+We provide several means of obtaining support for pfSense.

-
-
-

-Services

-Coming soon............ -

-
-
+

-Change Log

-Coming soon............ +Free Options
+Our free options include our forum, mailing list , and IRC channel. Before using any of these resources, please review the Project Rules below.

-
-
+

-PfSense is brought to you by a dedicated group of developers who are security and network professionals by trade. The following people are active developers of the pfSense project. -Username is listed in parenthesis (generally also the person\'s forum username, IRC nickname, etc.).

- -Main Snort-dev Package Developer
-Robert Zelaya

- -Founders
-In alphabetical order

- -Chris Buechler (cmb)
-Scott Ullrich (sullrich)

- -Active Developers
-Listed in order of seniority along with date of first contribution.

- -Bill Marquette (billm) - February 2005
-Holger Bauer (hoba) - May 2005
-Erik Kristensen (ekristen) - August 2005
-Seth Mos (smos) - November 2005
-Scott Dale (sdale) - December 2006
-Martin Fuchs (mfuchs) - June 2007
-Ermal Luçi (ermal) - January 2008
-Matthew Grooms (mgrooms) - July 2008
-Mark Crane (mcrane) - October 2008
-Jim Pingle (jim-p) - February 2009
-Rob Zelaya (robiscool) - March 2009
-Renato Botelho (rbgarga) - May 2009

- -FreeBSD Developer Assistance
-We would like to thank the following FreeBSD developers for their assistance.

- -Max Laier (mlaier)
-Christian S.J. Peron (csjp)
-Andrew Thompson (thompsa)
-Bjoern A. Zeeb (bz)

- -among many others who help us directly, and everyone who contributes to FreeBSD.

- -Inactive Developers
-The following individuals are no longer active contributors, having moved on because of other commitments, or employers forbidding contributions. We thank them for their past contributions.

- -Daniel Berlin (dberlin)
-Daniel Haischt (dsh)
-Espen Johansen (lsf)
-Scott Kamp (dingo)
-Bachman Kharazmi (bkw)
-Fernando Tarlá Cardoso Lemos (fernando)
-Kyle Mott (kyle)
-Colin Smith (colin)
+Commercial Support
+ +Commercial support is available from the company founded by the founders of the pfSense project, BSD Perimeter. Phone and email support is available for support subscribers only.

-
-
+

-Heros

-Coming soon............ +Project Rules
+To keep things orderly, and be fair to everyone, we must enforce these rules.

-
-
-

-=========================
- -Q: Do you have a quick install tutorial and tabs explanation.
- -A: Yes.
- - http://doc.pfsense.org/index.php/Setup_Snort_Package
- -=========================
- -Q: What interfaces can snort listen on ?
- -A: Right now all WAN interfaces and LAN interfaces. But if you select a LAN interface you may need to adjust the snort rules to use the LAN interface.
- -==========================
- -Q: What logs does the snort package keep. ?
- -A: Most of the snort logs are keept in the /var/log/snort.
- Snorts syslogs\' are saved to the /var/log/snort/snort_sys_0ng0.
- -==========================
- -Q: What is the best Performance setting ? or Snort is using 90% cpu and all my memory.
- -A: Depends how much memory you have and how many rules you want to run.; lowmem for systems with less than 256 mb memory, ac-bnfa for systems
- with over 256 mb of memory. The other options are; ac high memory, best performance, ac-std moderate memory, high performance,acs small
- memory, moderate performance,ac-banded small memory,moderate performance,ac-sparsebands small memory, high performance.
- - Short version: For most people ac-bnfa is the best setting.
-=========================
- -Q: What is the Oinkmaster code ? How do I get the code ?
- -A: The Oinkmaster code is your personal password in order to download snort rules.
- You get a Oinkmaster code when you register with snort.org. It is free to register.
- Goto https://www.snort.org/signup to get your personal code.
- -=========================
- -Q: What is the Snort.org subscriber option? How do I become a Snort.org subscriber?
- -A: Snort.org subscribers get the the latest rule updates 30 days faster than registered users.
- Goto http://www.snort.org/vrt/buy-a-subscription/. - It is highly suggested that you get a paid subscription so that you can always have the latest rules.
- -=========================
- -Q: When did you start working on the snort package.
+

+Please do not post support questions to the blog comments. The comments are for discussion of the post, and letting people ask questions there would make a mess of the purpose of those comments. Any support questions will not be moderator approved. +

-A: I started working on the snort package in May 2009.
+

+Please do not cross post questions between the forum and mailing list, unless your inquiry has gone unanswered for at least 24 hours. Do not bump your mailing list or forum posts for at least 24 hours. If you have not received a reply after more than 24 hours, you are welcome to bump your thread.

+ +

+Please do not email individuals, the coreteam address, or private message people on the forum to ask questions. We provide a wide variety of means for obtaining help in a public forum, where it helps others who have the same questions in the future. We don't have enough time to answer all the questions our users post in the public forums, much less via email and private messages. Since we cannot possibly reply to everyone's email and private messages, to be fair we will not reply to anyone. Individual attention via phone and email support is available for commercial support customers. +

+
+ +
+

Snort Package

+ +

Heros

+ +

Pfsense Snort Package users who have cared enough to donate to this project. I can't thank you enough for all your help. With-out your support I would have stoped long time ago.

+ +

If your not on this list PM me and I will add you. If you would like to be removed pm me and I will remove you.

+ +

Names

+ +

sandro tavella

+

Joo Kemp Filho

+

Julio Fumoso

+

Rolland Hart

+

DiMarco Technology Solutions Inc.

+

Brett Burley

+

Tomasz Iskra

+

Bruno Buchschacher

+

Marco Pannetto

+

Christopher Weakland

+

Antonio Riveros

+

Jeremy Harany

+

Serialdie

+

Dlawley

+

Onhel

+

Jerrygoldsmith

+ + +
+
-
+ - -'; -?> \ No newline at end of file + \ No newline at end of file diff --git a/config/snort/images/arrow_down.png b/config/snort/images/arrow_down.png new file mode 100644 index 00000000..2c4e2793 Binary files /dev/null and b/config/snort/images/arrow_down.png differ diff --git a/config/snort/images/awesome-overlay-sprite.png b/config/snort/images/awesome-overlay-sprite.png new file mode 100644 index 00000000..c3af7dd9 Binary files /dev/null and b/config/snort/images/awesome-overlay-sprite.png differ diff --git a/config/snort/images/controls.png b/config/snort/images/controls.png new file mode 100644 index 00000000..e1e97982 Binary files /dev/null and b/config/snort/images/controls.png differ diff --git a/config/snort/images/logo22.png b/config/snort/images/logo22.png new file mode 100644 index 00000000..d8de56f3 Binary files /dev/null and b/config/snort/images/logo22.png differ diff --git a/config/snort/images/new_tab_menu.png b/config/snort/images/new_tab_menu.png new file mode 100644 index 00000000..c27a3e53 Binary files /dev/null and b/config/snort/images/new_tab_menu.png differ diff --git a/config/snort/images/page_white_text.png b/config/snort/images/page_white_text.png new file mode 100644 index 00000000..813f712f Binary files /dev/null and b/config/snort/images/page_white_text.png differ diff --git a/config/snort/javascript/jquery-1.3.2.js b/config/snort/javascript/jquery-1.3.2.js deleted file mode 100644 index 59b71d25..00000000 --- a/config/snort/javascript/jquery-1.3.2.js +++ /dev/null @@ -1,4376 +0,0 @@ -/*! - * jQuery JavaScript Library v1.3.2 - * http://jquery.com/ - * - * Copyright (c) 2009 John Resig - * Dual licensed under the MIT and GPL licenses. - * http://docs.jquery.com/License - * - * Date: 2009-02-19 17:34:21 -0500 (Thu, 19 Feb 2009) - * Revision: 6246 - */ -(function(){ - -var - // Will speed up references to window, and allows munging its name. - window = this, - // Will speed up references to undefined, and allows munging its name. - undefined, - // Map over jQuery in case of overwrite - _jQuery = window.jQuery, - // Map over the $ in case of overwrite - _$ = window.$, - - jQuery = window.jQuery = window.$ = function( selector, context ) { - // The jQuery object is actually just the init constructor 'enhanced' - return new jQuery.fn.init( selector, context ); - }, - - // A simple way to check for HTML strings or ID strings - // (both of which we optimize for) - quickExpr = /^[^<]*(<(.|\s)+>)[^>]*$|^#([\w-]+)$/, - // Is it a simple selector - isSimple = /^.[^:#\[\.,]*$/; - -jQuery.fn = jQuery.prototype = { - init: function( selector, context ) { - // Make sure that a selection was provided - selector = selector || document; - - // Handle $(DOMElement) - if ( selector.nodeType ) { - this[0] = selector; - this.length = 1; - this.context = selector; - return this; - } - // Handle HTML strings - if ( typeof selector === "string" ) { - // Are we dealing with HTML string or an ID? - var match = quickExpr.exec( selector ); - - // Verify a match, and that no context was specified for #id - if ( match && (match[1] || !context) ) { - - // HANDLE: $(html) -> $(array) - if ( match[1] ) - selector = jQuery.clean( [ match[1] ], context ); - - // HANDLE: $("#id") - else { - var elem = document.getElementById( match[3] ); - - // Handle the case where IE and Opera return items - // by name instead of ID - if ( elem && elem.id != match[3] ) - return jQuery().find( selector ); - - // Otherwise, we inject the element directly into the jQuery object - var ret = jQuery( elem || [] ); - ret.context = document; - ret.selector = selector; - return ret; - } - - // HANDLE: $(expr, [context]) - // (which is just equivalent to: $(content).find(expr) - } else - return jQuery( context ).find( selector ); - - // HANDLE: $(function) - // Shortcut for document ready - } else if ( jQuery.isFunction( selector ) ) - return jQuery( document ).ready( selector ); - - // Make sure that old selector state is passed along - if ( selector.selector && selector.context ) { - this.selector = selector.selector; - this.context = selector.context; - } - - return this.setArray(jQuery.isArray( selector ) ? - selector : - jQuery.makeArray(selector)); - }, - - // Start with an empty selector - selector: "", - - // The current version of jQuery being used - jquery: "1.3.2", - - // The number of elements contained in the matched element set - size: function() { - return this.length; - }, - - // Get the Nth element in the matched element set OR - // Get the whole matched element set as a clean array - get: function( num ) { - return num === undefined ? - - // Return a 'clean' array - Array.prototype.slice.call( this ) : - - // Return just the object - this[ num ]; - }, - - // Take an array of elements and push it onto the stack - // (returning the new matched element set) - pushStack: function( elems, name, selector ) { - // Build a new jQuery matched element set - var ret = jQuery( elems ); - - // Add the old object onto the stack (as a reference) - ret.prevObject = this; - - ret.context = this.context; - - if ( name === "find" ) - ret.selector = this.selector + (this.selector ? " " : "") + selector; - else if ( name ) - ret.selector = this.selector + "." + name + "(" + selector + ")"; - - // Return the newly-formed element set - return ret; - }, - - // Force the current matched set of elements to become - // the specified array of elements (destroying the stack in the process) - // You should use pushStack() in order to do this, but maintain the stack - setArray: function( elems ) { - // Resetting the length to 0, then using the native Array push - // is a super-fast way to populate an object with array-like properties - this.length = 0; - Array.prototype.push.apply( this, elems ); - - return this; - }, - - // Execute a callback for every element in the matched set. - // (You can seed the arguments with an array of args, but this is - // only used internally.) - each: function( callback, args ) { - return jQuery.each( this, callback, args ); - }, - - // Determine the position of an element within - // the matched set of elements - index: function( elem ) { - // Locate the position of the desired element - return jQuery.inArray( - // If it receives a jQuery object, the first element is used - elem && elem.jquery ? elem[0] : elem - , this ); - }, - - attr: function( name, value, type ) { - var options = name; - - // Look for the case where we're accessing a style value - if ( typeof name === "string" ) - if ( value === undefined ) - return this[0] && jQuery[ type || "attr" ]( this[0], name ); - - else { - options = {}; - options[ name ] = value; - } - - // Check to see if we're setting style values - return this.each(function(i){ - // Set all the styles - for ( name in options ) - jQuery.attr( - type ? - this.style : - this, - name, jQuery.prop( this, options[ name ], type, i, name ) - ); - }); - }, - - css: function( key, value ) { - // ignore negative width and height values - if ( (key == 'width' || key == 'height') && parseFloat(value) < 0 ) - value = undefined; - return this.attr( key, value, "curCSS" ); - }, - - text: function( text ) { - if ( typeof text !== "object" && text != null ) - return this.empty().append( (this[0] && this[0].ownerDocument || document).createTextNode( text ) ); - - var ret = ""; - - jQuery.each( text || this, function(){ - jQuery.each( this.childNodes, function(){ - if ( this.nodeType != 8 ) - ret += this.nodeType != 1 ? - this.nodeValue : - jQuery.fn.text( [ this ] ); - }); - }); - - return ret; - }, - - wrapAll: function( html ) { - if ( this[0] ) { - // The elements to wrap the target around - var wrap = jQuery( html, this[0].ownerDocument ).clone(); - - if ( this[0].parentNode ) - wrap.insertBefore( this[0] ); - - wrap.map(function(){ - var elem = this; - - while ( elem.firstChild ) - elem = elem.firstChild; - - return elem; - }).append(this); - } - - return this; - }, - - wrapInner: function( html ) { - return this.each(function(){ - jQuery( this ).contents().wrapAll( html ); - }); - }, - - wrap: function( html ) { - return this.each(function(){ - jQuery( this ).wrapAll( html ); - }); - }, - - append: function() { - return this.domManip(arguments, true, function(elem){ - if (this.nodeType == 1) - this.appendChild( elem ); - }); - }, - - prepend: function() { - return this.domManip(arguments, true, function(elem){ - if (this.nodeType == 1) - this.insertBefore( elem, this.firstChild ); - }); - }, - - before: function() { - return this.domManip(arguments, false, function(elem){ - this.parentNode.insertBefore( elem, this ); - }); - }, - - after: function() { - return this.domManip(arguments, false, function(elem){ - this.parentNode.insertBefore( elem, this.nextSibling ); - }); - }, - - end: function() { - return this.prevObject || jQuery( [] ); - }, - - // For internal use only. - // Behaves like an Array's method, not like a jQuery method. - push: [].push, - sort: [].sort, - splice: [].splice, - - find: function( selector ) { - if ( this.length === 1 ) { - var ret = this.pushStack( [], "find", selector ); - ret.length = 0; - jQuery.find( selector, this[0], ret ); - return ret; - } else { - return this.pushStack( jQuery.unique(jQuery.map(this, function(elem){ - return jQuery.find( selector, elem ); - })), "find", selector ); - } - }, - - clone: function( events ) { - // Do the clone - var ret = this.map(function(){ - if ( !jQuery.support.noCloneEvent && !jQuery.isXMLDoc(this) ) { - // IE copies events bound via attachEvent when - // using cloneNode. Calling detachEvent on the - // clone will also remove the events from the orignal - // In order to get around this, we use innerHTML. - // Unfortunately, this means some modifications to - // attributes in IE that are actually only stored - // as properties will not be copied (such as the - // the name attribute on an input). - var html = this.outerHTML; - if ( !html ) { - var div = this.ownerDocument.createElement("div"); - div.appendChild( this.cloneNode(true) ); - html = div.innerHTML; - } - - return jQuery.clean([html.replace(/ jQuery\d+="(?:\d+|null)"/g, "").replace(/^\s*/, "")])[0]; - } else - return this.cloneNode(true); - }); - - // Copy the events from the original to the clone - if ( events === true ) { - var orig = this.find("*").andSelf(), i = 0; - - ret.find("*").andSelf().each(function(){ - if ( this.nodeName !== orig[i].nodeName ) - return; - - var events = jQuery.data( orig[i], "events" ); - - for ( var type in events ) { - for ( var handler in events[ type ] ) { - jQuery.event.add( this, type, events[ type ][ handler ], events[ type ][ handler ].data ); - } - } - - i++; - }); - } - - // Return the cloned set - return ret; - }, - - filter: function( selector ) { - return this.pushStack( - jQuery.isFunction( selector ) && - jQuery.grep(this, function(elem, i){ - return selector.call( elem, i ); - }) || - - jQuery.multiFilter( selector, jQuery.grep(this, function(elem){ - return elem.nodeType === 1; - }) ), "filter", selector ); - }, - - closest: function( selector ) { - var pos = jQuery.expr.match.POS.test( selector ) ? jQuery(selector) : null, - closer = 0; - - return this.map(function(){ - var cur = this; - while ( cur && cur.ownerDocument ) { - if ( pos ? pos.index(cur) > -1 : jQuery(cur).is(selector) ) { - jQuery.data(cur, "closest", closer); - return cur; - } - cur = cur.parentNode; - closer++; - } - }); - }, - - not: function( selector ) { - if ( typeof selector === "string" ) - // test special case where just one selector is passed in - if ( isSimple.test( selector ) ) - return this.pushStack( jQuery.multiFilter( selector, this, true ), "not", selector ); - else - selector = jQuery.multiFilter( selector, this ); - - var isArrayLike = selector.length && selector[selector.length - 1] !== undefined && !selector.nodeType; - return this.filter(function() { - return isArrayLike ? jQuery.inArray( this, selector ) < 0 : this != selector; - }); - }, - - add: function( selector ) { - return this.pushStack( jQuery.unique( jQuery.merge( - this.get(), - typeof selector === "string" ? - jQuery( selector ) : - jQuery.makeArray( selector ) - ))); - }, - - is: function( selector ) { - return !!selector && jQuery.multiFilter( selector, this ).length > 0; - }, - - hasClass: function( selector ) { - return !!selector && this.is( "." + selector ); - }, - - val: function( value ) { - if ( value === undefined ) { - var elem = this[0]; - - if ( elem ) { - if( jQuery.nodeName( elem, 'option' ) ) - return (elem.attributes.value || {}).specified ? elem.value : elem.text; - - // We need to handle select boxes special - if ( jQuery.nodeName( elem, "select" ) ) { - var index = elem.selectedIndex, - values = [], - options = elem.options, - one = elem.type == "select-one"; - - // Nothing was selected - if ( index < 0 ) - return null; - - // Loop through all the selected options - for ( var i = one ? index : 0, max = one ? index + 1 : options.length; i < max; i++ ) { - var option = options[ i ]; - - if ( option.selected ) { - // Get the specifc value for the option - value = jQuery(option).val(); - - // We don't need an array for one selects - if ( one ) - return value; - - // Multi-Selects return an array - values.push( value ); - } - } - - return values; - } - - // Everything else, we just grab the value - return (elem.value || "").replace(/\r/g, ""); - - } - - return undefined; - } - - if ( typeof value === "number" ) - value += ''; - - return this.each(function(){ - if ( this.nodeType != 1 ) - return; - - if ( jQuery.isArray(value) && /radio|checkbox/.test( this.type ) ) - this.checked = (jQuery.inArray(this.value, value) >= 0 || - jQuery.inArray(this.name, value) >= 0); - - else if ( jQuery.nodeName( this, "select" ) ) { - var values = jQuery.makeArray(value); - - jQuery( "option", this ).each(function(){ - this.selected = (jQuery.inArray( this.value, values ) >= 0 || - jQuery.inArray( this.text, values ) >= 0); - }); - - if ( !values.length ) - this.selectedIndex = -1; - - } else - this.value = value; - }); - }, - - html: function( value ) { - return value === undefined ? - (this[0] ? - this[0].innerHTML.replace(/ jQuery\d+="(?:\d+|null)"/g, "") : - null) : - this.empty().append( value ); - }, - - replaceWith: function( value ) { - return this.after( value ).remove(); - }, - - eq: function( i ) { - return this.slice( i, +i + 1 ); - }, - - slice: function() { - return this.pushStack( Array.prototype.slice.apply( this, arguments ), - "slice", Array.prototype.slice.call(arguments).join(",") ); - }, - - map: function( callback ) { - return this.pushStack( jQuery.map(this, function(elem, i){ - return callback.call( elem, i, elem ); - })); - }, - - andSelf: function() { - return this.add( this.prevObject ); - }, - - domManip: function( args, table, callback ) { - if ( this[0] ) { - var fragment = (this[0].ownerDocument || this[0]).createDocumentFragment(), - scripts = jQuery.clean( args, (this[0].ownerDocument || this[0]), fragment ), - first = fragment.firstChild; - - if ( first ) - for ( var i = 0, l = this.length; i < l; i++ ) - callback.call( root(this[i], first), this.length > 1 || i > 0 ? - fragment.cloneNode(true) : fragment ); - - if ( scripts ) - jQuery.each( scripts, evalScript ); - } - - return this; - - function root( elem, cur ) { - return table && jQuery.nodeName(elem, "table") && jQuery.nodeName(cur, "tr") ? - (elem.getElementsByTagName("tbody")[0] || - elem.appendChild(elem.ownerDocument.createElement("tbody"))) : - elem; - } - } -}; - -// Give the init function the jQuery prototype for later instantiation -jQuery.fn.init.prototype = jQuery.fn; - -function evalScript( i, elem ) { - if ( elem.src ) - jQuery.ajax({ - url: elem.src, - async: false, - dataType: "script" - }); - - else - jQuery.globalEval( elem.text || elem.textContent || elem.innerHTML || "" ); - - if ( elem.parentNode ) - elem.parentNode.removeChild( elem ); -} - -function now(){ - return +new Date; -} - -jQuery.extend = jQuery.fn.extend = function() { - // copy reference to target object - var target = arguments[0] || {}, i = 1, length = arguments.length, deep = false, options; - - // Handle a deep copy situation - if ( typeof target === "boolean" ) { - deep = target; - target = arguments[1] || {}; - // skip the boolean and the target - i = 2; - } - - // Handle case when target is a string or something (possible in deep copy) - if ( typeof target !== "object" && !jQuery.isFunction(target) ) - target = {}; - - // extend jQuery itself if only one argument is passed - if ( length == i ) { - target = this; - --i; - } - - for ( ; i < length; i++ ) - // Only deal with non-null/undefined values - if ( (options = arguments[ i ]) != null ) - // Extend the base object - for ( var name in options ) { - var src = target[ name ], copy = options[ name ]; - - // Prevent never-ending loop - if ( target === copy ) - continue; - - // Recurse if we're merging object values - if ( deep && copy && typeof copy === "object" && !copy.nodeType ) - target[ name ] = jQuery.extend( deep, - // Never move original objects, clone them - src || ( copy.length != null ? [ ] : { } ) - , copy ); - - // Don't bring in undefined values - else if ( copy !== undefined ) - target[ name ] = copy; - - } - - // Return the modified object - return target; -}; - -// exclude the following css properties to add px -var exclude = /z-?index|font-?weight|opacity|zoom|line-?height/i, - // cache defaultView - defaultView = document.defaultView || {}, - toString = Object.prototype.toString; - -jQuery.extend({ - noConflict: function( deep ) { - window.$ = _$; - - if ( deep ) - window.jQuery = _jQuery; - - return jQuery; - }, - - // See test/unit/core.js for details concerning isFunction. - // Since version 1.3, DOM methods and functions like alert - // aren't supported. They return false on IE (#2968). - isFunction: function( obj ) { - return toString.call(obj) === "[object Function]"; - }, - - isArray: function( obj ) { - return toString.call(obj) === "[object Array]"; - }, - - // check if an element is in a (or is an) XML document - isXMLDoc: function( elem ) { - return elem.nodeType === 9 && elem.documentElement.nodeName !== "HTML" || - !!elem.ownerDocument && jQuery.isXMLDoc( elem.ownerDocument ); - }, - - // Evalulates a script in a global context - globalEval: function( data ) { - if ( data && /\S/.test(data) ) { - // Inspired by code by Andrea Giammarchi - // http://webreflection.blogspot.com/2007/08/global-scope-evaluation-and-dom.html - var head = document.getElementsByTagName("head")[0] || document.documentElement, - script = document.createElement("script"); - - script.type = "text/javascript"; - if ( jQuery.support.scriptEval ) - script.appendChild( document.createTextNode( data ) ); - else - script.text = data; - - // Use insertBefore instead of appendChild to circumvent an IE6 bug. - // This arises when a base node is used (#2709). - head.insertBefore( script, head.firstChild ); - head.removeChild( script ); - } - }, - - nodeName: function( elem, name ) { - return elem.nodeName && elem.nodeName.toUpperCase() == name.toUpperCase(); - }, - - // args is for internal usage only - each: function( object, callback, args ) { - var name, i = 0, length = object.length; - - if ( args ) { - if ( length === undefined ) { - for ( name in object ) - if ( callback.apply( object[ name ], args ) === false ) - break; - } else - for ( ; i < length; ) - if ( callback.apply( object[ i++ ], args ) === false ) - break; - - // A special, fast, case for the most common use of each - } else { - if ( length === undefined ) { - for ( name in object ) - if ( callback.call( object[ name ], name, object[ name ] ) === false ) - break; - } else - for ( var value = object[0]; - i < length && callback.call( value, i, value ) !== false; value = object[++i] ){} - } - - return object; - }, - - prop: function( elem, value, type, i, name ) { - // Handle executable functions - if ( jQuery.isFunction( value ) ) - value = value.call( elem, i ); - - // Handle passing in a number to a CSS property - return typeof value === "number" && type == "curCSS" && !exclude.test( name ) ? - value + "px" : - value; - }, - - className: { - // internal only, use addClass("class") - add: function( elem, classNames ) { - jQuery.each((classNames || "").split(/\s+/), function(i, className){ - if ( elem.nodeType == 1 && !jQuery.className.has( elem.className, className ) ) - elem.className += (elem.className ? " " : "") + className; - }); - }, - - // internal only, use removeClass("class") - remove: function( elem, classNames ) { - if (elem.nodeType == 1) - elem.className = classNames !== undefined ? - jQuery.grep(elem.className.split(/\s+/), function(className){ - return !jQuery.className.has( classNames, className ); - }).join(" ") : - ""; - }, - - // internal only, use hasClass("class") - has: function( elem, className ) { - return elem && jQuery.inArray( className, (elem.className || elem).toString().split(/\s+/) ) > -1; - } - }, - - // A method for quickly swapping in/out CSS properties to get correct calculations - swap: function( elem, options, callback ) { - var old = {}; - // Remember the old values, and insert the new ones - for ( var name in options ) { - old[ name ] = elem.style[ name ]; - elem.style[ name ] = options[ name ]; - } - - callback.call( elem ); - - // Revert the old values - for ( var name in options ) - elem.style[ name ] = old[ name ]; - }, - - css: function( elem, name, force, extra ) { - if ( name == "width" || name == "height" ) { - var val, props = { position: "absolute", visibility: "hidden", display:"block" }, which = name == "width" ? [ "Left", "Right" ] : [ "Top", "Bottom" ]; - - function getWH() { - val = name == "width" ? elem.offsetWidth : elem.offsetHeight; - - if ( extra === "border" ) - return; - - jQuery.each( which, function() { - if ( !extra ) - val -= parseFloat(jQuery.curCSS( elem, "padding" + this, true)) || 0; - if ( extra === "margin" ) - val += parseFloat(jQuery.curCSS( elem, "margin" + this, true)) || 0; - else - val -= parseFloat(jQuery.curCSS( elem, "border" + this + "Width", true)) || 0; - }); - } - - if ( elem.offsetWidth !== 0 ) - getWH(); - else - jQuery.swap( elem, props, getWH ); - - return Math.max(0, Math.round(val)); - } - - return jQuery.curCSS( elem, name, force ); - }, - - curCSS: function( elem, name, force ) { - var ret, style = elem.style; - - // We need to handle opacity special in IE - if ( name == "opacity" && !jQuery.support.opacity ) { - ret = jQuery.attr( style, "opacity" ); - - return ret == "" ? - "1" : - ret; - } - - // Make sure we're using the right name for getting the float value - if ( name.match( /float/i ) ) - name = styleFloat; - - if ( !force && style && style[ name ] ) - ret = style[ name ]; - - else if ( defaultView.getComputedStyle ) { - - // Only "float" is needed here - if ( name.match( /float/i ) ) - name = "float"; - - name = name.replace( /([A-Z])/g, "-$1" ).toLowerCase(); - - var computedStyle = defaultView.getComputedStyle( elem, null ); - - if ( computedStyle ) - ret = computedStyle.getPropertyValue( name ); - - // We should always get a number back from opacity - if ( name == "opacity" && ret == "" ) - ret = "1"; - - } else if ( elem.currentStyle ) { - var camelCase = name.replace(/\-(\w)/g, function(all, letter){ - return letter.toUpperCase(); - }); - - ret = elem.currentStyle[ name ] || elem.currentStyle[ camelCase ]; - - // From the awesome hack by Dean Edwards - // http://erik.eae.net/archives/2007/07/27/18.54.15/#comment-102291 - - // If we're not dealing with a regular pixel number - // but a number that has a weird ending, we need to convert it to pixels - if ( !/^\d+(px)?$/i.test( ret ) && /^\d/.test( ret ) ) { - // Remember the original values - var left = style.left, rsLeft = elem.runtimeStyle.left; - - // Put in the new values to get a computed value out - elem.runtimeStyle.left = elem.currentStyle.left; - style.left = ret || 0; - ret = style.pixelLeft + "px"; - - // Revert the changed values - style.left = left; - elem.runtimeStyle.left = rsLeft; - } - } - - return ret; - }, - - clean: function( elems, context, fragment ) { - context = context || document; - - // !context.createElement fails in IE with an error but returns typeof 'object' - if ( typeof context.createElement === "undefined" ) - context = context.ownerDocument || context[0] && context[0].ownerDocument || document; - - // If a single string is passed in and it's a single tag - // just do a createElement and skip the rest - if ( !fragment && elems.length === 1 && typeof elems[0] === "string" ) { - var match = /^<(\w+)\s*\/?>$/.exec(elems[0]); - if ( match ) - return [ context.createElement( match[1] ) ]; - } - - var ret = [], scripts = [], div = context.createElement("div"); - - jQuery.each(elems, function(i, elem){ - if ( typeof elem === "number" ) - elem += ''; - - if ( !elem ) - return; - - // Convert html string into DOM nodes - if ( typeof elem === "string" ) { - // Fix "XHTML"-style tags in all browsers - elem = elem.replace(/(<(\w+)[^>]*?)\/>/g, function(all, front, tag){ - return tag.match(/^(abbr|br|col|img|input|link|meta|param|hr|area|embed)$/i) ? - all : - front + ">"; - }); - - // Trim whitespace, otherwise indexOf won't work as expected - var tags = elem.replace(/^\s+/, "").substring(0, 10).toLowerCase(); - - var wrap = - // option or optgroup - !tags.indexOf("", "" ] || - - !tags.indexOf("", "" ] || - - tags.match(/^<(thead|tbody|tfoot|colg|cap)/) && - [ 1, "", "
" ] || - - !tags.indexOf("", "" ] || - - // matched above - (!tags.indexOf("", "" ] || - - !tags.indexOf("", "" ] || - - // IE can't serialize and - - - + jQuery(document).ready(function(){ + + //Examples of how to assign the ColorBox event to elements + jQuery(".example8").colorbox({width:"820px", height:"700px", iframe:true, overlayClose:false}); + + }); + + +"; -if($pfsense_stable == 'yes'){echo $pgtitle;} -echo "

\n"; +include("fbegin.inc"); +echo $snort_general_css; /* refresh every 60 secs */ if ($pconfig['arefresh'] == 'on' || $pconfig['arefresh'] == '') @@ -321,20 +328,28 @@ if ($pconfig['arefresh'] == 'on' || $pconfig['arefresh'] == '') echo "\n"; } ?> + +
+ +' . $pgtitle . '

';}?> + @@ -616,6 +631,8 @@ if (is_array($alerts_array))
- + +
+ + +
+
+
+ \n"; - echo "\n
\n"; - -/* make sure user has javascript on */ -echo " -\n"; -echo "\n"; - -echo "\n -\n -\n - \n - \n - \n - \n - \n - \n -
\n"; - - $tab_array = array(); - $tab_array[] = array("Snort Interfaces", false, "/snort/snort_interfaces.php"); - $tab_array[] = array("Global Settings", false, "/snort/snort_interfaces_global.php"); - $tab_array[] = array("Rule Updates", true, "/snort/snort_download_rules.php"); - $tab_array[] = array("Alerts", false, "/snort/snort_alerts.php"); - $tab_array[] = array("Blocked", false, "/snort/snort_blocked.php"); - $tab_array[] = array("Whitelists", false, "/snort/snort_interfaces_whitelist.php"); - $tab_array[] = array("Suppress", false, "/snort/snort_interfaces_suppress.php"); - $tab_array[] = array("Help", false, "/snort/snort_help_info.php"); - display_top_tabs($tab_array); - -if ($snort_emrging_info == "stop" && $snort_oinkid_info == "stop") { -$disable_enable_button = 'onclick="this.disabled=true"'; -}else{ -$disable_enable_button = "onClick=\"parent.location='/snort/snort_download_rules.php?id_d=up'\""; -} -echo "
\n -
\n - \n - \n - \n - \n -
\n -

\n"; - -if ($mfolder_chk == "empty") -{ -echo "WARNING:   The main rules directory is empty. /usr/local/etc/snort/rules

\n"; -} - -if ($snort_emrging_info == "stop") { -echo "WARNING:   Click on the \"Global Settings\" tab and select ether snort.org or enmergingthreats.net rules to download.

\n"; -} - -if ($snort_oinkid_info == "stop") { -echo "WARNING:   Click on the \"Global Settings\" tab and enter a oinkmaster code.

\n"; -} - -if ($snort_dirty_d == "stop") { -echo "WARNING: CHANGES HAVE NOT BEEN APPLIED   Click on the \"Apply Settings\" button at the main interface tab.

\n"; -} - -echo "
\n -
\n -
\n -\n -\n -\n -

\n\n"; - -if ($id_d == "") -echo "Click on the \"Update Rules\" button to start the updates.

\n"; - -if ($config['installedpackages']['snortglobal']['last_md5_download'] != "") -echo "The last time the updates were started $last_md5_download.

\n"; - -if ($config['installedpackages']['snortglobal']['last_rules_install'] != "") -echo "The last time the updates were installed $last_rules_install.

\n"; - -include("fend.inc"); - -echo ""; -echo ""; - -exit(0); - -} - $pgtitle = "Services: Snort: Update Rules"; -include("/usr/local/www/head.inc"); +include("./snort_head.inc"); ?> - - - - + - - -

+' . $pgtitle . '

';}?> -
-
+ @@ -309,11 +140,35 @@ setTimeout($.unblockUI, 2000);
- - -
-
+
+ + + \n\n"; - echo ' -'; echo ""; echo ""; conf_mount_ro(); @@ -444,12 +295,6 @@ if (0 == filesize("{$tmpfname}/$pfsense_rules_filename_md5")){ hide_progress_bar_status(); /* Display last time of sucsessful md5 check from cache */ echo "\n\n\n\n"; - echo ' -'; echo ""; echo ""; conf_mount_ro(); @@ -526,12 +371,6 @@ if ($snortdownload == 'on' && $emergingthreats == 'on') { update_status(gettext("All your rules are up to date...")); update_output_window(gettext("You may start Snort now...")); - echo ' - '; echo ""; echo ""; conf_mount_ro(); @@ -545,12 +384,6 @@ if ($snortdownload == 'on' && $emergingthreats == 'off') { update_status(gettext("Your snort.org rules are up to date...")); update_output_window(gettext("You may start Snort now...")); - echo ' - '; echo ""; echo ""; conf_mount_ro(); @@ -564,12 +397,6 @@ if ($snortdownload == 'off' && $emergingthreats == 'on') { update_status(gettext("Your Emergingthreats rules are up to date...")); update_output_window(gettext("You may start Snort now...")); - echo ' - '; echo ""; echo ""; conf_mount_ro(); @@ -598,19 +425,14 @@ if ($snortdownload == 'on') update_status(gettext("There is a new set of Snort.org rules posted. Downloading...")); update_output_window(gettext("May take 4 to 10 min...")); conf_mount_rw(); - snort_download_file_with_progress_bar("http://www.snort.org/pub-bin/oinkmaster.cgi/{$oinkid}/{$snort_filename}", $tmpfname . "/{$snort_filename}", "read_body_firmware"); + snort_download_file_with_progress_bar("http://www.mtest.local/pub-bin/oinkmaster.cgi/{$oinkid}/{$snort_filename}", $tmpfname . "/{$snort_filename}", "read_body_firmware"); + //snort_download_file_with_progress_bar("http://www.snort.org/pub-bin/oinkmaster.cgi/{$oinkid}/{$snort_filename}", $tmpfname . "/{$snort_filename}", "read_body_firmware"); update_all_status($static_output); update_status(gettext("Done downloading rules file.")); if (150000 > filesize("{$tmpfname}/$snort_filename")){ update_status(gettext("Error with the snort rules download...")); update_output_window(gettext("Snort rules file downloaded failed...")); - echo ' -'; echo ""; echo ""; conf_mount_ro(); @@ -630,9 +452,9 @@ if ($emergingthreats == "on") update_status(gettext("Emergingthreats tar file exists...")); }else{ update_status(gettext("There is a new set of Emergingthreats rules posted. Downloading...")); - update_output_window(gettext("May take 4 to 10 min...")); -// download_file_with_progress_bar("http://www.mtest.local/pub-bin/oinkmaster.cgi/{$oinkid}/emerging.rules.tar.gz", $tmpfname . "/{$emergingthreats_filename}", "read_body_firmware"); - download_file_with_progress_bar("http://www.emergingthreats.net/rules/emerging.rules.tar.gz", $tmpfname . "/{$emergingthreats_filename}", "read_body_firmware"); + update_output_window(gettext("May take 4 to 10 min...")); + download_file_with_progress_bar("http://www.mtest.local/pub-bin/oinkmaster.cgi/{$oinkid}/emerging.rules.tar.gz", $tmpfname . "/{$emergingthreats_filename}", "read_body_firmware"); + // download_file_with_progress_bar("http://www.emergingthreats.net/rules/emerging.rules.tar.gz", $tmpfname . "/{$emergingthreats_filename}", "read_body_firmware"); update_all_status($static_output); update_status(gettext("Done downloading Emergingthreats rules file.")); } @@ -647,8 +469,8 @@ if (file_exists("{$tmpfname}/{$pfsense_rules_filename}")) { unhide_progress_bar_status(); update_status(gettext("There is a new set of Pfsense rules posted. Downloading...")); update_output_window(gettext("May take 4 to 10 min...")); -// download_file_with_progress_bar("http://www.mtest.local/pub-bin/oinkmaster.cgi/{$oinkid}/pfsense_rules.tar.gz", $tmpfname . "/{$pfsense_rules_filename}", "read_body_firmware"); - download_file_with_progress_bar("http://www.pfsense.com/packages/config/snort/pfsense_rules/pfsense_rules.tar.gz", $tmpfname . "/{$pfsense_rules_filename}", "read_body_firmware"); + download_file_with_progress_bar("http://www.mtest.local/pub-bin/oinkmaster.cgi/{$oinkid}/pfsense_rules.tar.gz", $tmpfname . "/{$pfsense_rules_filename}", "read_body_firmware"); + // download_file_with_progress_bar("http://www.pfsense.com/packages/config/snort/pfsense_rules/pfsense_rules.tar.gz", $tmpfname . "/{$pfsense_rules_filename}", "read_body_firmware"); update_all_status($static_output); update_status(gettext("Done downloading rules file.")); } @@ -755,12 +577,6 @@ if ($snortdownload == 'on') }else{ update_status(gettext("Error extracting Snort.org Rules...")); update_output_window(gettext("Error Line 755")); - echo ' -'; echo ""; echo ""; conf_mount_ro(); @@ -815,12 +631,6 @@ if ($snortdownload == 'on') }else{ update_status(gettext("The md5 file does not exist...")); update_output_window(gettext("Error copying config...")); - echo ' -'; echo ""; echo ""; conf_mount_ro(); @@ -857,12 +667,6 @@ if (file_exists("{$tmpfname}/$pfsense_rules_filename_md5")) { } else { update_status(gettext("The Pfsense md5 file does not exist...")); update_output_window(gettext("Error copying config...")); - echo ' -'; echo ""; echo ""; conf_mount_ro(); @@ -887,12 +691,6 @@ if ($snortdownload == 'on') }else{ update_status(gettext("Directory signatures exist...")); update_output_window(gettext("Error copying signature...")); - echo ' -'; echo ""; echo ""; conf_mount_ro(); @@ -1095,13 +893,6 @@ if (file_exists("/tmp/snort_download_halt.pid")) { update_output_window(gettext("You may start snort now...")); } -echo ' -'; - /* hide progress bar and lets end this party */ hide_progress_bar_status(); conf_mount_ro(); diff --git a/config/snort/snort_download_updates.php b/config/snort/snort_download_updates.php new file mode 100644 index 00000000..49007238 --- /dev/null +++ b/config/snort/snort_download_updates.php @@ -0,0 +1,384 @@ +. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +require_once("guiconfig.inc"); +require_once("/usr/local/pkg/snort/snort_gui.inc"); +require_once("/usr/local/pkg/snort/snort.inc"); + +/* load only javascript that is needed */ +$snort_load_jquery = 'yes'; +$snort_load_jquery_colorbox = 'yes'; + + + /* quick md5s chk */ + if(file_exists('/usr/local/etc/snort/snortrules-snapshot-2860.tar.gz.md5')) + { + $snort_org_sig_chk_local = exec('/bin/cat /usr/local/etc/snort/snortrules-snapshot-2860.tar.gz.md5'); + }else{ + $snort_org_sig_chk_local = 'N/A'; + } + + if(file_exists('/usr/local/etc/snort/version.txt')) + { + $emergingt_net_sig_chk_local = exec('/bin/cat /usr/local/etc/snort/version.txt'); + }else{ + $emergingt_net_sig_chk_local = 'N/A'; + } + + if(file_exists('/usr/local/etc/snort/pfsense_rules.tar.gz.md5')) + { + $pfsense_org_sig_chk_local = exec('/bin/cat /usr/local/etc/snort/pfsense_rules.tar.gz.md5'); + }else{ + $pfsense_org_sig_chk_local = 'N/A'; + } + +/* define checks */ +$oinkid = $config['installedpackages']['snortglobal']['oinkmastercode']; +$snortdownload = $config['installedpackages']['snortglobal']['snortdownload']; +$emergingthreats = $config['installedpackages']['snortglobal']['emergingthreats']; + + if ($snortdownload != 'on' && $emergingthreats != 'on') + { + $snort_emrging_info = 'stop'; + } + + if ($oinkid == '' && $snortdownload != 'off') + { + $snort_oinkid_info = 'stop'; + } + + if ($snort_emrging_info == 'stop' || $snort_oinkid_info == 'stop') { + $error_stop = 'true'; + } + + + /* check if main rule directory is empty */ + $if_mrule_dir = "/usr/local/etc/snort/rules"; + $mfolder_chk = (count(glob("$if_mrule_dir/*")) === 0) ? 'empty' : 'full'; + + /* check for logfile */ + if(file_exists('/usr/local/etc/snort/snort_update.log')) + { + $update_logfile_chk = 'yes'; + }else{ + $update_logfile_chk = 'no'; + } + +header("snort_help_info.php"); +header( "Expires: Mon, 20 Dec 1998 01:00:00 GMT" ); +header( "Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT" ); +header( "Cache-Control: no-cache, must-revalidate" ); +header( "Pragma: no-cache" ); + +$snort_package_version = 'Snort 2.8.6 pkg v. 1.32'; +$pgtitle = "Services: $snort_package_version"; +include_once("/usr/local/pkg/snort/snort_head.inc"); + +?> + + + + + + +' . $pgtitle . '

';}?> + + + +
+ + + + + + + + + + + + + + + +
+ +
+ + +
+ +
+ +
+ + +
+ +
+
+ + + + +
+ +
+ + + + +
+ + + + + + + +
+
+
+
+ +
+ + + + + +
+
+ + INSTALLED SIGNATURE RULESET

+

SNORT.ORG >>>  
+ EMERGINGTHREATS.NET >>>  
+ PFSENSE.ORG >>>  

+ +
+
+ +
+ + + + + + +
+
+
+
+ +
+ + + + + +
+
+ + UPDATE YOUR RULES

+ +Update Rules    
+

+ WARNING:  No rule types have been selected for download. "Global Settings Tab"
+ '; + + if ($mfolder_chk == 'empty') { + + echo ' + WARNING:  The main rules directory is empty. /usr/local/etc/snort/rules + ' . "\n"; + } + + echo '

' . "\n"; + + }else{ + + echo ' + + + + ' . "\n"; + + if ($mfolder_chk == 'empty') { + + echo ' +

+ WARNING:  The main rules directory is empty. /usr/local/etc/snort/rules +

+ '; + } + + } + + ?> + +
+ +
+
+ +
+ + + + + +
+
+ + VIEW UPDATE LOG

+ + Update Log    ' . "\n"; + }else{ + echo ' + ' . "\n"; + } + + ?> +

+ +
+
+ +
+ + + + + +
+
+
+
+ +
+ + + + + +
+
+ + + NOTE:  Snort.org and Emergingthreats.net will go down from time to time. Please be patient. + +
+
+ +
+ + + + + +
+
+
+
+ +
+
+
+
+ + + + + +
+
+
+ + + +
+ + + + + + + + + diff --git a/config/snort/snort_fbegin.inc b/config/snort/snort_fbegin.inc deleted file mode 100644 index b8faff09..00000000 --- a/config/snort/snort_fbegin.inc +++ /dev/null @@ -1,288 +0,0 @@ - "") { - foreach($config['installedpackages']['menu'] as $menuitem) { - if($menuitem['section'] != $section) continue; - if($menuitem['url'] <> "") { - $addresswithport = getenv("HTTP_HOST"); - $colonpos = strpos($addresswithport, ":"); - if ($colonpos !== False){ - //my url is actually just the IP address of the pfsense box - $myurl = substr($addresswithport, 0, $colonpos); - } - else - { - $myurl = $addresswithport; - } - - $description = str_replace('$myurl', $myurl, $menuitem['url']); - } else { - $description = '/pkg.php?xml=' . $menuitem['configfile']; - } - $htmltext .= '
  • ' . $menuitem['name'] . '
    • ' . "\n"; - } - } - return $htmltext; - } - - - - - /* NOTICE ACKNOWLEDGE CODE by Erik Kristensen */ - if ($_REQUEST['noticeaction'] == 'acknowledge') { - $notice_id = $_REQUEST['noticeid']; - close_notice($notice_id); - } - /**********************************************/ -?> - -
    - - -
    -
    - - -
    - - -
    - - - - - - diff --git a/config/snort/snort_interfaces.php b/config/snort/snort_interfaces.php index 24d230d6..1c26af8a 100644 --- a/config/snort/snort_interfaces.php +++ b/config/snort/snort_interfaces.php @@ -1,599 +1,543 @@ -. - Copyright (C) 2008-2009 Robert Zelaya. - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -/* TODO: redo check if snort is up */ - -require_once("guiconfig.inc"); -require_once("/usr/local/pkg/snort/snort_gui.inc"); -require_once("/usr/local/pkg/snort/snort.inc"); - -$id = $_GET['id']; -if (isset($_POST['id'])) - $id = $_POST['id']; - -if (!is_array($config['installedpackages']['snortglobal']['rule'])) - $config['installedpackages']['snortglobal']['rule'] = array(); - -$a_nat = &$config['installedpackages']['snortglobal']['rule']; - -if (isset($config['installedpackages']['snortglobal']['rule'])) { -$id_gen = count($config['installedpackages']['snortglobal']['rule']); -}else{ -$id_gen = '0'; -} - -/* alert file */ -$d_snortconfdirty_path_ls = exec('/bin/ls /var/run/snort_conf_*.dirty'); - - /* this will exec when alert says apply */ - if ($_POST['apply']) { - - if ($d_snortconfdirty_path_ls != '') { - - write_config(); - - sync_snort_package_empty(); - sync_snort_package(); - - exec('/bin/rm /var/run/snort_conf_*.dirty'); - - header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' ); - header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' ); - header( 'Cache-Control: no-store, no-cache, must-revalidate' ); - header( 'Cache-Control: post-check=0, pre-check=0', false ); - header( 'Pragma: no-cache' ); - sleep(2); - header("Location: /snort/snort_interfaces.php"); - - exit; - - } - - } - - - -if (isset($_POST['del_x'])) { - /* delete selected rules */ - if (is_array($_POST['rule']) && count($_POST['rule'])) { - foreach ($_POST['rule'] as $rulei) { - - /* convert fake interfaces to real */ - $if_real = convert_friendly_interface_to_real_interface_name2($a_nat[$rulei]['interface']); - $snort_uuid = $a_nat[$rulei]['uuid']; - - /* cool code to check if any snort is up */ - $snort_up_ck = exec("/bin/ps -auwx | /usr/bin/grep -v grep | /usr/bin/grep snort | /usr/bin/awk '{print \$2;}' | sed 1q"); - - if ($snort_up_ck != "") - { - - $start_up_pre = exec("/usr/bin/top -a -U snort -u | grep -v grep | grep \"R {$snort_uuid}{$if_real}\" | awk '{print \$1;}'"); - $start_up_s = exec("/usr/bin/top -U snort -u | grep snort | grep {$start_up_pre} | awk '{ print $1; }'"); - $start_up_r = exec("/usr/bin/top -U root -u | grep snort | grep {$start_up_pre} | awk '{ print $1; }'"); - - $start2_upb_pre = exec("/bin/cat /var/run/barnyard2_{$snort_uuid}_{$if_real}.pid"); - $start2_upb_s = exec("/usr/bin/top -U snort -u | grep barnyard2 | grep {$start2_upb_pre} | awk '{ print $1; }'"); - $start2_upb_r = exec("/usr/bin/top -U root -u | grep barnyard2 | grep {$start2_upb_pre} | awk '{ print $1; }'"); - - - if ($start_up_s != "" || $start_up_r != "" || $start2_upb_s != "" || $start2_upb_r != "") - { - - /* dont flood the syslog code */ - //exec("/bin/cp /var/log/system.log /var/log/system.log.bk"); - //sleep(3); - - - /* remove only running instances */ - if ($start_up_s != "") - { - exec("/bin/kill {$start_up_s}"); - exec("/bin/rm /var/run/snort_{$snort_uuid}_{$if_real}*"); - } - - if ($start2_upb_s != "") - { - exec("/bin/kill {$start2_upb_s}"); - exec("/bin/rm /var/run/barnyard2_{$snort_uuid}_{$if_real}*"); - } - - if ($start_up_r != "") - { - exec("/bin/kill {$start_up_r}"); - exec("/bin/rm /var/run/snort_{$snort_uuid}_{$if_real}*"); - } - - if ($start2_upb_r != "") - { - exec("/bin/kill {$start2_upb_r}"); - exec("/bin/rm /var/run/barnyard2_{$snort_uuid}_{$if_real}*"); - } - - /* stop syslog flood code */ - //$if_real_wan_rulei = $a_nat[$rulei]['interface']; - //$if_real_wan_rulei2 = convert_friendly_interface_to_real_interface_name2($if_real_wan_rulei); - //exec("/sbin/ifconfig $if_real_wan_rulei2 -promisc"); - //exec("/bin/cp /var/log/system.log /var/log/snort/snort_sys_$rulei$if_real.log"); - //exec("/usr/bin/killall syslogd"); - //exec("/usr/sbin/clog -i -s 262144 /var/log/system.log"); - //exec("/usr/sbin/syslogd -c -ss -f /var/etc/syslog.conf"); - //sleep(2); - //exec("/bin/cp /var/log/system.log.bk /var/log/system.log"); - //$after_mem = exec("/usr/bin/top | /usr/bin/grep Wired | /usr/bin/awk '{ print $2 }'"); - //exec("/usr/bin/logger -p daemon.info -i -t SnortStartup 'MEM after {$rulei}{$if_real} STOP {$after_mem}'"); - //exec("/usr/bin/logger -p daemon.info -i -t SnortStartup 'Interface Rule removed for {$rulei}{$if_real}...'"); - - } - - } - - /* for every iface do these steps */ - conf_mount_rw(); - exec("/bin/rm /var/log/snort/snort.u2_{$snort_uuid}_{$if_real}*"); - exec("/bin/rm -r /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}"); - - conf_mount_ro(); - - unset($a_nat[$rulei]); - - } - - write_config(); - sleep(2); - - /* if there are no ifaces do not create snort.sh */ - if (isset($config['installedpackages']['snortglobal']['rule'][0]['enable'])) { - create_snort_sh(); - }else{ - conf_mount_rw(); - exec('/bin/rm /usr/local/etc/rc.d/snort.sh'); - conf_mount_ro(); - } - - //touch("/var/run/snort_conf_delete.dirty"); - - header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' ); - header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' ); - header( 'Cache-Control: no-store, no-cache, must-revalidate' ); - header( 'Cache-Control: post-check=0, pre-check=0', false ); - header( 'Pragma: no-cache' ); - sleep(2); - header("Location: /snort/snort_interfaces.php"); - //exit; - } - -} - - -/* start/stop snort */ -if ($_GET['act'] == 'toggle' && $_GET['id'] != '') -{ - - $if_real = convert_friendly_interface_to_real_interface_name2($config['installedpackages']['snortglobal']['rule'][$id]['interface']); - $snort_uuid = $config['installedpackages']['snortglobal']['rule'][$id]['uuid']; - - /* Log Iface stop */ - exec("/usr/bin/logger -p daemon.info -i -t SnortStartup 'Toggle for {$snort_uuid}_{$if_real}...'"); - - $tester2 = Running_Ck($snort_uuid, $if_real, $id); - - if ($tester2 == 'yes') { - - /* Log Iface stop */ - exec("/usr/bin/logger -p daemon.info -i -t SnortStartup '{$tester2} yn for {$snort_uuid}_{$if_real}...'"); - - Running_Stop($snort_uuid, $if_real, $id); - - header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' ); - header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' ); - header( 'Cache-Control: no-store, no-cache, must-revalidate' ); - header( 'Cache-Control: post-check=0, pre-check=0', false ); - header( 'Pragma: no-cache' ); - sleep(2); - header("Location: /snort/snort_interfaces.php"); - - }else{ - - sync_snort_package_all($id, $if_real, $snort_uuid); - sync_snort_package(); - - Running_Start($snort_uuid, $if_real, $id); - - header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' ); - header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' ); - header( 'Cache-Control: no-store, no-cache, must-revalidate' ); - header( 'Cache-Control: post-check=0, pre-check=0', false ); - header( 'Pragma: no-cache' ); - sleep(2); - header("Location: /snort/snort_interfaces.php"); - } -} - - - -$pgtitle = "Services: Snort 2.8.6 pkg v. 1.31"; -include("head.inc"); - -?> - - -

    - - - - - - - -'; - - if($savemsg) { - print_info_box_np2("{$savemsg}"); - }else{ - print_info_box_np2(' - The Snort configuration has changed for one or more interfaces.
    - You must apply the changes in order for them to take effect.
    - '); - } - } - -?> - - - - - - -
    - -
    -
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
      IfSnortPerformanceBlockBarnyard2Description - - - - - -
    -
    - - - - - - - - - - - - - - - -   - - - - - -
    -
    - - - - -
    -
    -
    -
    - -
    - - -
    - Note: -
    - This is the Snort Menu where you can see an over view of all your interface settings. -
    - Please edit the Global Settings tab before adding an interface. -

    - Warning: -
    - New settings will not take effect until interface restart. -

    - Click on the icon to add a interface.                                            Click on the icon to start snort and barnyard2. -
    - Click on the icon to edit a interface and settings.                       Click on the icon to stop snort and barnyard2. -
    - Click on the icon to delete a interface and settings. -
    - - "") { - echo ""; -} -?> - - - - - -#footer2 -{ - position: relative; - top: -17px; - background-color: #cccccc; - background-image: none; - background-repeat: repeat; - background-attachment: scroll; - background-position: 0% 0%; - font-size: 0.8em; - text-align: center; - padding-top: 0px; - padding-right: 0px; - padding-bottom: 0px; - padding-left: 10px; - clear: both; -} - - - -
    - \"Apps\" - Snort is a registered trademark of Sourcefire, Inc, Barnyard2 is a registered trademark of securixlive.com, Orion copyright Robert Zelaya, - Emergingthreats is a registered trademark of emergingthreats.net, Mysql is a registered trademark of Mysql.com -
    \n"; -} - -if ($pfsense_theme_is == 'pfsense_ng') { -$footer3 = " - - - -
    - Snort is a registered trademark of Sourcefire, Inc, Barnyard2 is a registered trademark of securixlive.com, Orion copyright Robert Zelaya, - Emergingthreats is a registered trademark of emergingthreats.net, Mysql is a registered trademark of Mysql.com -
    \n"; -} -?> - - - -
    - - - - - - - - - - +. + Copyright (C) 2008-2009 Robert Zelaya. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +/* TODO: redo check if snort is up */ + +require_once("guiconfig.inc"); +require_once("/usr/local/pkg/snort/snort_gui.inc"); +require_once("/usr/local/pkg/snort/snort.inc"); + +$id = $_GET['id']; +if (isset($_POST['id'])) + $id = $_POST['id']; + +if (!is_array($config['installedpackages']['snortglobal']['rule'])) + $config['installedpackages']['snortglobal']['rule'] = array(); + +$a_nat = &$config['installedpackages']['snortglobal']['rule']; + +if (isset($config['installedpackages']['snortglobal']['rule'])) { +$id_gen = count($config['installedpackages']['snortglobal']['rule']); +}else{ +$id_gen = '0'; +} + +/* alert file */ +$d_snortconfdirty_path_ls = exec('/bin/ls /var/run/snort_conf_*.dirty'); + + /* this will exec when alert says apply */ + if ($_POST['apply']) { + + if ($d_snortconfdirty_path_ls != '') { + + write_config(); + + sync_snort_package_empty(); + sync_snort_package(); + + exec('/bin/rm /var/run/snort_conf_*.dirty'); + + header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' ); + header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' ); + header( 'Cache-Control: no-store, no-cache, must-revalidate' ); + header( 'Cache-Control: post-check=0, pre-check=0', false ); + header( 'Pragma: no-cache' ); + sleep(2); + header("Location: /snort/snort_interfaces.php"); + + exit; + + } + + } + + + +if (isset($_POST['del_x'])) { + /* delete selected rules */ + if (is_array($_POST['rule']) && count($_POST['rule'])) { + foreach ($_POST['rule'] as $rulei) { + + /* convert fake interfaces to real */ + $if_real = convert_friendly_interface_to_real_interface_name2($a_nat[$rulei]['interface']); + $snort_uuid = $a_nat[$rulei]['uuid']; + + /* cool code to check if any snort is up */ + $snort_up_ck = exec("/bin/ps -auwx | /usr/bin/grep -v grep | /usr/bin/grep snort | /usr/bin/awk '{print \$2;}' | sed 1q"); + + if ($snort_up_ck != "") + { + + $start_up_pre = exec("/usr/bin/top -a -U snort -u | grep -v grep | grep \"R {$snort_uuid}{$if_real}\" | awk '{print \$1;}'"); + $start_up_s = exec("/usr/bin/top -U snort -u | grep snort | grep {$start_up_pre} | awk '{ print $1; }'"); + $start_up_r = exec("/usr/bin/top -U root -u | grep snort | grep {$start_up_pre} | awk '{ print $1; }'"); + + $start2_upb_pre = exec("/bin/cat /var/run/barnyard2_{$snort_uuid}_{$if_real}.pid"); + $start2_upb_s = exec("/usr/bin/top -U snort -u | grep barnyard2 | grep {$start2_upb_pre} | awk '{ print $1; }'"); + $start2_upb_r = exec("/usr/bin/top -U root -u | grep barnyard2 | grep {$start2_upb_pre} | awk '{ print $1; }'"); + + + if ($start_up_s != "" || $start_up_r != "" || $start2_upb_s != "" || $start2_upb_r != "") + { + + /* dont flood the syslog code */ + //exec("/bin/cp /var/log/system.log /var/log/system.log.bk"); + //sleep(3); + + + /* remove only running instances */ + if ($start_up_s != "") + { + exec("/bin/kill {$start_up_s}"); + exec("/bin/rm /var/run/snort_{$snort_uuid}_{$if_real}*"); + } + + if ($start2_upb_s != "") + { + exec("/bin/kill {$start2_upb_s}"); + exec("/bin/rm /var/run/barnyard2_{$snort_uuid}_{$if_real}*"); + } + + if ($start_up_r != "") + { + exec("/bin/kill {$start_up_r}"); + exec("/bin/rm /var/run/snort_{$snort_uuid}_{$if_real}*"); + } + + if ($start2_upb_r != "") + { + exec("/bin/kill {$start2_upb_r}"); + exec("/bin/rm /var/run/barnyard2_{$snort_uuid}_{$if_real}*"); + } + + /* stop syslog flood code */ + //$if_real_wan_rulei = $a_nat[$rulei]['interface']; + //$if_real_wan_rulei2 = convert_friendly_interface_to_real_interface_name2($if_real_wan_rulei); + //exec("/sbin/ifconfig $if_real_wan_rulei2 -promisc"); + //exec("/bin/cp /var/log/system.log /var/log/snort/snort_sys_$rulei$if_real.log"); + //exec("/usr/bin/killall syslogd"); + //exec("/usr/sbin/clog -i -s 262144 /var/log/system.log"); + //exec("/usr/sbin/syslogd -c -ss -f /var/etc/syslog.conf"); + //sleep(2); + //exec("/bin/cp /var/log/system.log.bk /var/log/system.log"); + //$after_mem = exec("/usr/bin/top | /usr/bin/grep Wired | /usr/bin/awk '{ print $2 }'"); + //exec("/usr/bin/logger -p daemon.info -i -t SnortStartup 'MEM after {$rulei}{$if_real} STOP {$after_mem}'"); + //exec("/usr/bin/logger -p daemon.info -i -t SnortStartup 'Interface Rule removed for {$rulei}{$if_real}...'"); + + } + + } + + /* for every iface do these steps */ + conf_mount_rw(); + exec("/bin/rm /var/log/snort/snort.u2_{$snort_uuid}_{$if_real}*"); + exec("/bin/rm -r /usr/local/etc/snort/snort_{$snort_uuid}_{$if_real}"); + + conf_mount_ro(); + + unset($a_nat[$rulei]); + + } + + write_config(); + sleep(2); + + /* if there are no ifaces do not create snort.sh */ + if (isset($config['installedpackages']['snortglobal']['rule'][0]['enable'])) { + create_snort_sh(); + }else{ + conf_mount_rw(); + exec('/bin/rm /usr/local/etc/rc.d/snort.sh'); + conf_mount_ro(); + } + + //touch("/var/run/snort_conf_delete.dirty"); + + header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' ); + header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' ); + header( 'Cache-Control: no-store, no-cache, must-revalidate' ); + header( 'Cache-Control: post-check=0, pre-check=0', false ); + header( 'Pragma: no-cache' ); + sleep(2); + header("Location: /snort/snort_interfaces.php"); + //exit; + } + +} + + +/* start/stop snort */ +if ($_GET['act'] == 'toggle' && $_GET['id'] != '') +{ + + $if_real = convert_friendly_interface_to_real_interface_name2($config['installedpackages']['snortglobal']['rule'][$id]['interface']); + $snort_uuid = $config['installedpackages']['snortglobal']['rule'][$id]['uuid']; + + /* Log Iface stop */ + exec("/usr/bin/logger -p daemon.info -i -t SnortStartup 'Toggle for {$snort_uuid}_{$if_real}...'"); + + $tester2 = Running_Ck($snort_uuid, $if_real, $id); + + if ($tester2 == 'yes') { + + /* Log Iface stop */ + exec("/usr/bin/logger -p daemon.info -i -t SnortStartup '{$tester2} yn for {$snort_uuid}_{$if_real}...'"); + + Running_Stop($snort_uuid, $if_real, $id); + + header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' ); + header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' ); + header( 'Cache-Control: no-store, no-cache, must-revalidate' ); + header( 'Cache-Control: post-check=0, pre-check=0', false ); + header( 'Pragma: no-cache' ); + sleep(2); + header("Location: /snort/snort_interfaces.php"); + + }else{ + + sync_snort_package_all($id, $if_real, $snort_uuid); + sync_snort_package(); + + Running_Start($snort_uuid, $if_real, $id); + + header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' ); + header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' ); + header( 'Cache-Control: no-store, no-cache, must-revalidate' ); + header( 'Cache-Control: post-check=0, pre-check=0', false ); + header( 'Pragma: no-cache' ); + sleep(2); + header("Location: /snort/snort_interfaces.php"); + } +} + + +$pgtitle = "Services: $snort_package_version"; +include_once("/usr/local/pkg/snort/snort_head.inc"); + +?> + + + + + + +' . $pgtitle . '

    ';}?> + + + + +
    + + + + +
    + +'; + + if($savemsg) { + print_info_box_np2("{$savemsg}"); + }else{ + print_info_box_np2(' + The Snort configuration has changed for one or more interfaces.
    + You must apply the changes in order for them to take effect.
    + '); + } + } + +?> + + + + + + +
    + +
    + + +
    + +
    +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
      IfSnortPerformanceBlockBarnyard2Description + + + + + +
    +
    + + + + + + + + + + + + + + + +   + + + + + +
    +
    + + + + +
    +
    +
    +
    + +
    + + +
    +
    + + + + +
    + Note: +
    + This is the Snort Menu where you can see an over view of all your interface settings. +
    + Please edit the Global Settings tab before adding an interface. +

    + Warning: +
    + New settings will not take effect until interface restart. +

    + Click on the icon to add a interface.                                            Click on the icon to start snort and barnyard2. +
    + Click on the icon to edit a interface and settings.                       Click on the icon to stop snort and barnyard2. +
    + Click on the icon to delete a interface and settings. +
    +
    +
    + + "") { + echo ""; +} +?> + +
    +
    + +

    + + + +
    + Snort is a registered trademark of Sourcefire, Inc, Barnyard2 is a registered trademark of securixlive.com, Orion copyright Robert Zelaya, + Emergingthreats is a registered trademark of emergingthreats.net, Mysql is a registered trademark of Mysql.com +
    + + + + + + + diff --git a/config/snort/snort_interfaces_edit.php b/config/snort/snort_interfaces_edit.php index 84eb4fab..af1b8f2f 100644 --- a/config/snort/snort_interfaces_edit.php +++ b/config/snort/snort_interfaces_edit.php @@ -31,8 +31,8 @@ */ require_once("guiconfig.inc"); -require_once("/usr/local/pkg/snort/snort.inc"); require_once("/usr/local/pkg/snort/snort_gui.inc"); +require_once("/usr/local/pkg/snort/snort.inc"); if (!is_array($config['installedpackages']['snortglobal']['rule'])) { @@ -383,31 +383,20 @@ if ($_POST["Submit"]) { $pgtitle = "Snort: Interface Edit: $id $snort_uuid $if_real"; -include("head.inc"); +include("/usr/local/pkg/snort/snort_head.inc"); ?> - + + +
    + + + +
    + diff --git a/config/snort/snort_interfaces_global.php b/config/snort/snort_interfaces_global.php index 7cc4f3df..41a55a12 100644 --- a/config/snort/snort_interfaces_global.php +++ b/config/snort/snort_interfaces_global.php @@ -32,8 +32,9 @@ POSSIBILITY OF SUCH DAMAGE. */ -$pgtitle = "Services: Snort: Global Settings"; + require_once("guiconfig.inc"); +require_once("/usr/local/pkg/snort/snort_gui.inc"); require_once("/usr/local/pkg/snort/snort.inc"); /* make things short */ @@ -241,32 +242,58 @@ snort_rules_up_deinstall_cron(""); } } -include("head.inc"); +$pgtitle = "Services: Snort: Global Settings"; +include_once("/usr/local/pkg/snort/snort_head.inc"); + +?> + + + + + + - -

    - +
    + +' . $pgtitle . '

    ';}?> +
    - + + + +
    -
    + +
    + + +
    + +
    - +
    @@ -378,6 +405,11 @@ include("head.inc");
    Please Choose The Type Of Rules You Wish To Download
    + + + + + diff --git a/config/snort/snort_interfaces_suppress.php b/config/snort/snort_interfaces_suppress.php index 9bde781d..b94075c7 100644 --- a/config/snort/snort_interfaces_suppress.php +++ b/config/snort/snort_interfaces_suppress.php @@ -35,7 +35,9 @@ POSSIBILITY OF SUCH DAMAGE. */ -require("guiconfig.inc"); +require_once("guiconfig.inc"); +require_once("/usr/local/pkg/snort/snort_gui.inc"); +require_once("/usr/local/pkg/snort/snort.inc"); if (!is_array($config['installedpackages']['snortglobal']['suppress']['item'])) @@ -84,13 +86,30 @@ if ($_GET['act'] == "del") { } $pgtitle = "Services: Snort: Suppression"; -include("head.inc"); +include("/usr/local/pkg/snort/snort_head.inc"); ?> - - -

    + + + + + + +
    + +' . $pgtitle . '

    ';}?> +

    @@ -98,19 +117,26 @@ include("head.inc"); - + + + +
    -
    + +
    + + +
    + +
    @@ -165,6 +191,9 @@ include("head.inc");

    + +
    + diff --git a/config/snort/snort_interfaces_suppress_edit.php b/config/snort/snort_interfaces_suppress_edit.php index 13c43b4e..f1339ffe 100644 --- a/config/snort/snort_interfaces_suppress_edit.php +++ b/config/snort/snort_interfaces_suppress_edit.php @@ -36,8 +36,8 @@ */ require_once("guiconfig.inc"); -require_once("/usr/local/pkg/snort/snort.inc"); require_once("/usr/local/pkg/snort/snort_gui.inc"); +require_once("/usr/local/pkg/snort/snort.inc"); if (!is_array($config['installedpackages']['snortglobal']['suppress']['item'])) $config['installedpackages']['snortglobal']['suppress']['item'] = array(); @@ -61,9 +61,7 @@ while ($suppress_uuid > 65535 || $suppress_uuid == 0) { if ($config['installedpackages']['snortglobal']['suppress']['item'][$id]['uuid'] != '') { $suppress_uuid = $config['installedpackages']['snortglobal']['suppress']['item'][$id]['uuid']; -} - -$pgtitle = "Services: Snort: Suppression: Edit $suppress_uuid"; +} $d_snort_suppress_dirty_path = '/var/run/snort_suppress.dirty'; @@ -164,23 +162,30 @@ if ($_POST['submit']) { } -include("head.inc"); +$pgtitle = "Services: Snort: Suppression: Edit $suppress_uuid"; +include("/usr/local/pkg/snort/snort_head.inc"); ?> "> - - - + jQuery(document).ready(function(){ + + //Examples of how to assign the ColorBox event to elements + jQuery(".example8").colorbox({width:"820px", height:"700px", iframe:true, overlayClose:false}); + + }); + + + -

    + +
    + +' . $pgtitle . '

    ';}?>
    @@ -213,19 +218,26 @@ font-size: 1.1em; ?> - + + + + \n \n \n @@ -405,15 +408,25 @@ $currentruleset = basename($rulefile); $ifname = strtoupper($pconfig['interface']); require("guiconfig.inc"); -include("head.inc"); +include("/usr/local/pkg/snort/snort_head.inc"); $pgtitle = "Snort: $id $iface_uuid $if_real Category: $currentruleset"; ?> - -

    + + +' . $pgtitle . '

    ';}?> + + + +
    + + + "; @@ -459,17 +472,22 @@ function popup(url)
    -
    + +
    + + +
    + +
    @@ -307,6 +319,10 @@ font-size: 1.1em;
    + + + + \ No newline at end of file diff --git a/config/snort/snort_interfaces_whitelist.php b/config/snort/snort_interfaces_whitelist.php index 3dd8f4dc..53c095d4 100644 --- a/config/snort/snort_interfaces_whitelist.php +++ b/config/snort/snort_interfaces_whitelist.php @@ -35,7 +35,9 @@ POSSIBILITY OF SUCH DAMAGE. */ -require("guiconfig.inc"); +require_once("guiconfig.inc"); +require_once("/usr/local/pkg/snort/snort_gui.inc"); +require_once("/usr/local/pkg/snort/snort.inc"); if (!is_array($config['installedpackages']['snortglobal']['whitelist']['item'])) @@ -84,13 +86,30 @@ if ($_GET['act'] == "del") { } $pgtitle = "Services: Snort: Whitelist"; -include("head.inc"); +include("/usr/local/pkg/snort/snort_head.inc"); ?> - -

    + + + + + +
    + +' . $pgtitle . '

    ';}?> +

    @@ -98,19 +117,25 @@ include("head.inc"); - + + +
    -
    + +
    + + +
    + +
    @@ -175,6 +200,9 @@ include("head.inc");

    + +
    + diff --git a/config/snort/snort_interfaces_whitelist_edit.php b/config/snort/snort_interfaces_whitelist_edit.php index 57365c9b..20758d32 100644 --- a/config/snort/snort_interfaces_whitelist_edit.php +++ b/config/snort/snort_interfaces_whitelist_edit.php @@ -36,8 +36,8 @@ */ require_once("guiconfig.inc"); -require_once("/usr/local/pkg/snort/snort.inc"); require_once("/usr/local/pkg/snort/snort_gui.inc"); +require_once("/usr/local/pkg/snort/snort.inc"); if (!is_array($config['installedpackages']['snortglobal']['whitelist']['item'])) $config['installedpackages']['snortglobal']['whitelist']['item'] = array(); @@ -61,9 +61,7 @@ while ($whitelist_uuid > 65535 || $whitelist_uuid == 0) { if ($config['installedpackages']['snortglobal']['whitelist']['item'][$id]['uuid'] != '') { $whitelist_uuid = $config['installedpackages']['snortglobal']['whitelist']['item'][$id]['uuid']; -} - -$pgtitle = "Services: Snort: Whitelist: Edit $whitelist_uuid"; +} $d_snort_whitelist_dirty_path = '/var/run/snort_whitelist.dirty'; @@ -235,17 +233,31 @@ if ($_POST['submit']) { } } -include("head.inc"); +$pgtitle = "Services: Snort: Whitelist: Edit $whitelist_uuid"; +include("/usr/local/pkg/snort/snort_head.inc"); ?> "> - + jQuery(document).ready(function(){ + + //Examples of how to assign the ColorBox event to elements + jQuery(".example8").colorbox({width:"820px", height:"700px", iframe:true, overlayClose:false}); + + }); + + + - +
    + + + -

    +' . $pgtitle . '

    ';}?>
    @@ -290,19 +302,25 @@ include("head.inc"); ?> - + + +
    -
    + +
    + + +
    + +
    @@ -472,6 +490,9 @@ include("head.inc"); loaded = ; + + + \ No newline at end of file diff --git a/config/snort/snort_preprocessors.php b/config/snort/snort_preprocessors.php index 85de29b6..58a13f24 100644 --- a/config/snort/snort_preprocessors.php +++ b/config/snort/snort_preprocessors.php @@ -32,8 +32,8 @@ require_once("guiconfig.inc"); -require_once("/usr/local/pkg/snort/snort.inc"); require_once("/usr/local/pkg/snort/snort_gui.inc"); +require_once("/usr/local/pkg/snort/snort.inc"); if (!is_array($config['installedpackages']['snortglobal']['rule'])) { $config['installedpackages']['snortglobal']['rule'] = array(); @@ -255,30 +255,23 @@ $d_snortconfdirty_path = "/var/run/snort_conf_{$snort_uuid}_{$if_real}.dirty"; } $pgtitle = "Snort: Interface $id$if_real Preprocessors and Flow"; -include("head.inc"); +include("/usr/local/pkg/snort/snort_head.inc"); ?> - +' . $pgtitle . '

    ';}?> + + -

    - + +
    + - +
    ' . "\n"; +echo '' . "\n"; +echo '' . "\n"; +echo '
    ' . "\n"; } ?> @@ -480,6 +476,8 @@ if($id != "")
    +
    + diff --git a/config/snort/snort_rules.php b/config/snort/snort_rules.php index b5fa2fb2..d61b4131 100644 --- a/config/snort/snort_rules.php +++ b/config/snort/snort_rules.php @@ -64,8 +64,8 @@ $iface_uuid = $a_nat[$id]['uuid']; $isrulesfolderempty = exec("ls -A /usr/local/etc/snort/snort_{$iface_uuid}_{$if_real}/rules/*.rules"); if ($isrulesfolderempty == "") { -include("head.inc"); -include("./snort_fbegin.inc"); +include("/usr/local/pkg/snort/snort_head.inc"); +include("fbegin.inc"); echo ""; @@ -75,15 +75,18 @@ echo "\n
    \n"; - $tab_array = array(); - $tab_array[] = array("Snort Interfaces", false, "/snort/snort_interfaces.php"); - $tab_array[] = array("If Settings", false, "/snort/snort_interfaces_edit.php?id={$id}"); - $tab_array[] = array("Categories", false, "/snort/snort_rulesets.php?id={$id}"); - $tab_array[] = array("Rules", true, "/snort/snort_rules.php?id={$id}"); - $tab_array[] = array("Servers", false, "/snort/snort_define_servers.php?id={$id}"); - $tab_array[] = array("Preprocessors", false, "/snort/snort_preprocessors.php?id={$id}"); - $tab_array[] = array("Barnyard2", false, "/snort/snort_barnyard.php?id={$id}"); - display_top_tabs($tab_array); +echo '
    ' . "\n"; +echo '' . "\n"; +echo '' . "\n"; +echo '
    ' . "\n"; echo "
    @@ -682,6 +700,8 @@ function popup(url)
    + ' . "\n"; +echo '' . "\n"; +echo '' . "\n"; +echo '' . "\n"; ?> +
    +
    + diff --git a/config/snort/snort_rules_edit.php b/config/snort/snort_rules_edit.php index d1239d25..f111536f 100644 --- a/config/snort/snort_rules_edit.php +++ b/config/snort/snort_rules_edit.php @@ -1,4 +1,3 @@ -#!/usr/local/bin/php 0 ) { + $contents2 = fread($filehandle, filesize($file)); +}else{ + $contents2 = ''; +} //close handler fclose ($filehandle); @@ -146,7 +149,7 @@ if ($_POST) //write the new .rules file write_rule_file($splitcontents, $file); - header("Location: /snort/snort_rules_edit.php?id=$id&openruleset=$file&ids=$ids"); + header("Location: /snort/snort_view_edit.php?id=$id&openruleset=$file&ids=$ids"); } } @@ -162,81 +165,63 @@ $pgtitle = array(gettext("Advanced"), gettext("File Editor"));
    -
    + - + +
    - : - /> - - /> - + ' . "\n"; + + echo 'Disable original rule :'; + + + echo ' + + +
    - + +
    -
    - +
    +
    '; + + } + ?> +
    - +
    +
    - - - - - - - - - - - - - + diff --git a/config/snort/snort_rulesets.php b/config/snort/snort_rulesets.php index 6d5d7332..f872fffb 100644 --- a/config/snort/snort_rulesets.php +++ b/config/snort/snort_rulesets.php @@ -28,9 +28,9 @@ POSSIBILITY OF SUCH DAMAGE. */ -require("guiconfig.inc"); -include_once("/usr/local/pkg/snort/snort.inc"); +require_once("guiconfig.inc"); require_once("/usr/local/pkg/snort/snort_gui.inc"); +require_once("/usr/local/pkg/snort/snort.inc"); if (!is_array($config['installedpackages']['snortglobal']['rule'])) { @@ -66,8 +66,8 @@ $pgtitle = "Snort: Interface $id $iface_uuid $if_real Categories"; $isrulesfolderempty = exec("ls -A /usr/local/etc/snort/snort_{$iface_uuid}_{$if_real}/rules/*.rules"); if ($isrulesfolderempty == "") { -include("head.inc"); -include("./snort_fbegin.inc"); +include("/usr/local/pkg/snort/snort_head.inc"); +include("fbegin.inc"); echo "

    "; if($pfsense_stable == 'yes'){echo $pgtitle;} @@ -79,16 +79,19 @@ echo " \n \n \n \n @@ -174,13 +177,23 @@ $enabled_rulesets = $a_nat[$id]['rulesets']; if($enabled_rulesets) $enabled_rulesets_array = split("\|\|", $enabled_rulesets); -include("head.inc"); +include("/usr/local/pkg/snort/snort_head.inc"); ?> - -

    + + +' . $pgtitle . '

    ';}?> + + + +
    + + + "; @@ -217,17 +230,22 @@ echo "
    @@ -288,7 +306,9 @@ echo " -

    NOTE: You can click on a ruleset name to edit the ruleset. +

    NOTE: You can click on a ruleset name to edit the ruleset.

    + + diff --git a/pkg_config.7.xml b/pkg_config.7.xml index cef6aa2e..1c7f7682 100755 --- a/pkg_config.7.xml +++ b/pkg_config.7.xml @@ -410,7 +410,7 @@ mysql-client-5.1.44_1.tbz snort-2.8.6_1.tbz http://www.pfsense.com/packages/config/snort/snort.xml - 2.8.6 pkg v. 1.31 + 2.8.6 pkg v. 1.32 1.2.3 Stable /snort.xml diff --git a/pkg_config.8.xml b/pkg_config.8.xml index 3ba5739e..6e0fc8d1 100755 --- a/pkg_config.8.xml +++ b/pkg_config.8.xml @@ -299,7 +299,7 @@ /usr/ports/databases/mysql51-client /usr/ports/security/snort http://www.pfsense.com/packages/config/snort/snort.xml - 2.8.6 pkg v. 1.31 + 2.8.6 pkg v. 1.32 2.0 Stable /snort.xml -- cgit v1.2.3
    \n"; - - $tab_array = array(); - $tab_array[] = array("Snort Interfaces", false, "/snort/snort_interfaces.php"); - $tab_array[] = array("If Settings", false, "/snort/snort_interfaces_edit.php?id={$id}"); - $tab_array[] = array("Categories", true, "/snort/snort_rulesets.php?id={$id}"); - $tab_array[] = array("Rules", false, "/snort/snort_rules.php?id={$id}"); - $tab_array[] = array("Servers", false, "/snort/snort_define_servers.php?id={$id}"); - $tab_array[] = array("Preprocessors", false, "/snort/snort_preprocessors.php?id={$id}"); - $tab_array[] = array("Barnyard2", false, "/snort/snort_barnyard.php?id={$id}"); - display_top_tabs($tab_array); + +echo '
    ' . "\n"; +echo '' . "\n"; +echo '' . "\n"; +echo '
    ' . "\n"; echo "
    + ' . "\n"; +echo '' . "\n"; +echo '' . "\n"; +echo '' . "\n"; ?> +