From 2eb7993da4ebb286b413fd50f2720a735bc4bcf8 Mon Sep 17 00:00:00 2001 From: robiscool Date: Wed, 18 Aug 2010 00:44:25 -0700 Subject: snort, fix home image link, add js_rowhelper from 2.0 upstearm --- config/snort/css/style.css | 18 ++++++ config/snort/images/new_tab_menu.png | Bin 3276 -> 3257 bytes config/snort/images/transparent.gif | Bin 0 -> 156 bytes config/snort/javascript/row_helper.js | 71 +++++++++++++++++++++++ config/snort/snort.inc | 5 +- config/snort/snort_alerts.php | 14 ++++- config/snort/snort_barnyard.php | 11 ++-- config/snort/snort_blocked.php | 25 +++++--- config/snort/snort_define_servers.php | 69 +++++++++++----------- config/snort/snort_download_updates.php | 15 ++--- config/snort/snort_gui.inc | 27 ++++++--- config/snort/snort_interfaces.php | 16 ++--- config/snort/snort_interfaces_edit.php | 29 ++++----- config/snort/snort_interfaces_global.php | 17 +++--- config/snort/snort_interfaces_suppress.php | 3 + config/snort/snort_interfaces_suppress_edit.php | 7 ++- config/snort/snort_interfaces_whitelist.php | 3 + config/snort/snort_interfaces_whitelist_edit.php | 23 ++++---- config/snort/snort_preprocessors.php | 27 +++++---- config/snort/snort_rules.php | 14 ++++- config/snort/snort_rulesets.php | 13 ++++- config/widget-snort/snort_alerts.inc | 2 +- pkg_config.7.xml | 2 +- pkg_config.8.xml | 2 +- 24 files changed, 287 insertions(+), 126 deletions(-) create mode 100644 config/snort/images/transparent.gif create mode 100644 config/snort/javascript/row_helper.js diff --git a/config/snort/css/style.css b/config/snort/css/style.css index 9c627971..b484966c 100644 --- a/config/snort/css/style.css +++ b/config/snort/css/style.css @@ -29,6 +29,24 @@ font-weight: bold; text-align: center } +/* hack fix the hard coded fbegin link */ +#header-left2 { +position: absolute; +background-position: center center; +height: 67px; +width: 147px; +top: -77px; +left: 8px; +float: left; +z-index:999; +} +#header-left2 #status-link2 { + position: relative; + top: 3px; + left: 2px; +} +/* end of fbegin hack */ + .body2 { font-family:arial; font-size:12px; diff --git a/config/snort/images/new_tab_menu.png b/config/snort/images/new_tab_menu.png index c27a3e53..f0e4cbeb 100644 Binary files a/config/snort/images/new_tab_menu.png and b/config/snort/images/new_tab_menu.png differ diff --git a/config/snort/images/transparent.gif b/config/snort/images/transparent.gif new file mode 100644 index 00000000..e7ccd741 Binary files /dev/null and b/config/snort/images/transparent.gif differ diff --git a/config/snort/javascript/row_helper.js b/config/snort/javascript/row_helper.js new file mode 100644 index 00000000..d8b4ffb4 --- /dev/null +++ b/config/snort/javascript/row_helper.js @@ -0,0 +1,71 @@ +// Global Variables +var rowname = new Array(4999); +var rowtype = new Array(4999); +var newrow = new Array(4999); +var rowsize = new Array(4999); + +for (i = 0; i < 4999; i++) { + rowname[i] = ''; + rowtype[i] = ''; + newrow[i] = ''; + rowsize[i] = '30'; +} + +var field_counter_js = 0; +var loaded = 0; +var is_streaming_progress_bar = 0; +var temp_streaming_text = ""; + +var addRowTo = (function() { + return (function (tableId) { + var d, tbody, tr, td, bgc, i, ii, j; + d = document; + tbody = d.getElementById(tableId).getElementsByTagName("tbody").item(0); + tr = d.createElement("tr"); + for (i = 0; i < field_counter_js; i++) { + td = d.createElement("td"); + if(rowtype[i] == 'textbox') { + td.innerHTML=" "; + } else if(rowtype[i] == 'select') { + td.innerHTML=" "; + } else if(rowtype[i] == 'select_source') { + td.innerHTML=" "; + } else { + td.innerHTML=" "; + } + tr.appendChild(td); + } + td = d.createElement("td"); + td.rowSpan = "1"; + + td.innerHTML = ''; + tr.appendChild(td); + tbody.appendChild(tr); + totalrows++; + }); +})(); + +function removeRow(el) { + var cel; + while (el && el.nodeName.toLowerCase() != "tr") + el = el.parentNode; + + if (el && el.parentNode) { + cel = el.getElementsByTagName("td").item(0); + el.parentNode.removeChild(el); + } +} + +function find_unique_field_name(field_name) { + // loop through field_name and strip off -NUMBER + var last_found_dash = 0; + for (var i = 0; i < field_name.length; i++) { + // is this a dash, if so, update + // last_found_dash + if (field_name.substr(i,1) == "-" ) + last_found_dash = i; + } + if (last_found_dash < 1) + return field_name; + return(field_name.substr(0,last_found_dash)); +} diff --git a/config/snort/snort.inc b/config/snort/snort.inc index d0488ccf..55f6c045 100644 --- a/config/snort/snort.inc +++ b/config/snort/snort.inc @@ -37,7 +37,7 @@ require_once("functions.inc"); require_once("filter.inc"); /* package version */ -$snort_package_version = 'Snort 2.8.6 pkg v. 1.32'; +$snort_package_version = 'Snort 2.8.6 pkg v. 1.33'; /* find out if were in 1.2.3-RELEASE */ $pfsense_ver_chk = exec('/bin/cat /etc/version'); @@ -619,11 +619,14 @@ function snort_postinstall() exec('/usr/bin/fetch http://www.pfsense.com/packages/config/snort/images/logo22.png'); exec('/usr/bin/fetch http://www.pfsense.com/packages/config/snort/images/new_tab_menu.png'); exec('/usr/bin/fetch http://www.pfsense.com/packages/config/snort/images/page_white_text.png'); + exec('/usr/bin/fetch http://www.pfsense.com/packages/config/snort/images/transparent.gif'); chdir ("/usr/local/www/snort/javascript/"); exec('/usr/bin/fetch http://www.pfsense.com/packages/config/snort/javascript/jquery.colorbox.js'); exec('/usr/bin/fetch http://www.pfsense.com/packages/config/snort/javascript/jquery-1.4.2.min.js'); exec('/usr/bin/fetch http://www.pfsense.com/packages/config/snort/javascript/mootools.js'); exec('/usr/bin/fetch http://www.pfsense.com/packages/config/snort/javascript/sortableTable.js'); + exec('/usr/bin/fetch http://www.pfsense.com/packages/config/snort/javascript/row_helper.js'); + /* install barnyard2 for 2.0 and 1.2.3 */ chdir ("/usr/local/bin/"); if ($pfsense_stable == 'yes') { diff --git a/config/snort/snort_alerts.php b/config/snort/snort_alerts.php index c7fd7088..0ee6a707 100644 --- a/config/snort/snort_alerts.php +++ b/config/snort/snort_alerts.php @@ -329,6 +329,9 @@ if ($pconfig['arefresh'] == 'on' || $pconfig['arefresh'] == '') } ?> + +
+
' . $pgtitle . '

';}?> @@ -354,7 +357,7 @@ if ($pconfig['arefresh'] == 'on' || $pconfig['arefresh'] == '') -
+
@@ -633,7 +636,14 @@ if (is_array($alerts_array)) - + + -' . $pgtitle . '

';}?> + +
+' . $pgtitle . '

';}?>
-
- +
+
@@ -466,7 +468,7 @@ echo "$snort_interfaces_css\n";
   
- +
- + - + - + - + - + - + - + - + - + - + - + - + @@ -743,7 +746,7 @@ echo '' . "\n"; - + diff --git a/config/snort/snort_interfaces_global.php b/config/snort/snort_interfaces_global.php index 41a55a12..daa50cbf 100644 --- a/config/snort/snort_interfaces_global.php +++ b/config/snort/snort_interfaces_global.php @@ -263,6 +263,9 @@ include_once("fbegin.inc"); echo $snort_general_css; ?> + +
+
' . $pgtitle . '

';}?> @@ -298,7 +301,7 @@ echo $snort_general_css;
- + - + - + - + - + - + diff --git a/config/snort/snort_interfaces_suppress.php b/config/snort/snort_interfaces_suppress.php index b94075c7..ac0b8623 100644 --- a/config/snort/snort_interfaces_suppress.php +++ b/config/snort/snort_interfaces_suppress.php @@ -106,6 +106,9 @@ include("fbegin.inc"); echo $snort_general_css; ?> + +
+
' . $pgtitle . '

';}?> diff --git a/config/snort/snort_interfaces_suppress_edit.php b/config/snort/snort_interfaces_suppress_edit.php index f1339ffe..6a88ce1b 100644 --- a/config/snort/snort_interfaces_suppress_edit.php +++ b/config/snort/snort_interfaces_suppress_edit.php @@ -183,6 +183,9 @@ include("fbegin.inc"); echo $snort_general_css; ?> + +
+
' . $pgtitle . '

';}?> @@ -245,7 +248,7 @@ echo $snort_general_css;
- + - +
Note: @@ -500,7 +502,7 @@ if ($pkg['tabs'] <> "") { -

+


- Snort is a registered trademark of Sourcefire, Inc, Barnyard2 is a registered trademark of securixlive.com, Orion copyright Robert Zelaya, - Emergingthreats is a registered trademark of emergingthreats.net, Mysql is a registered trademark of Mysql.com + SNORT registered ® by Sourcefire, Inc, Barnyard2 registered ® by securixlive.com, Orion registered ® by Robert Zelaya, + Emergingthreats registered ® by emergingthreats.net, Mysql registered ® by Mysql.com
+ +
+
@@ -528,7 +531,7 @@ echo '
' . "\n"; 		General Settings
InterfaceInterface   @@ -545,7 +548,7 @@ echo '' . "\n";
InterfaceInterface
DescriptionDescription
You may enter a description here for your reference (not parsed).
Memory PerformanceMemory Performance Choose the networks snort should inspect and whitelist.
Home netHome net
External netExternal net
Block offendersBlock offenders onClick="enable_change(false)">
Checking this option will automatically block hosts that generate a Snort alert.
WhitelistWhitelist
Suppression and filteringSuppression and filtering Choose the types of logs snort should create.
Send alerts to main System logsSend alerts to main System logs onClick="enable_change(false)">
Snort will send Alerts to the Pfsense system logs.
Log to a Tcpdump fileLog to a Tcpdump file onClick="enable_change(false)">
Snort will log packets to a tcpdump-formatted file. The file then can be analyzed by an application such as Wireshark which understands pcap file formats. WARNING: File may become large.
Log Alerts to a snort unified2 fileLog Alerts to a snort unified2 file onClick="enable_change(false)">
Snort will log Alerts to a file in the UNIFIED2 format. This is a requirement for barnyard2.		Arguments here will be automatically inserted into the snort configuration.
Advanced configuration pass throughAdvanced configuration pass through
Please Choose The Type Of Rules You Wish To Download
Install Snort.org rulesInstall Snort.org rules @@ -321,19 +324,19 @@ echo $snort_general_css; - +
Oinkmaster code
CodeCode
Obtain a snort.org Oinkmaster code and paste here.
Install Emergingthreats rulesInstall Emergingthreats rules onClick="enable_change(false)">
Emerging Threats is an open source community that produces fastest moving and diverse Snort Rules.
Update rules automaticallyUpdate rules automatically
Remove blocked hosts everyRemove blocked hosts every
Alerts file description typeAlerts file description type
Keep snort settings after deinstallKeep snort settings after deinstall onClick="enable_change(false)">
Settings will not be removed during deinstall.		Add the name and description of the file.
NameName
@@ -255,7 +258,7 @@ echo $snort_general_css;
DescriptionDescription
diff --git a/config/snort/snort_interfaces_whitelist.php b/config/snort/snort_interfaces_whitelist.php index 53c095d4..54ee844d 100644 --- a/config/snort/snort_interfaces_whitelist.php +++ b/config/snort/snort_interfaces_whitelist.php @@ -106,6 +106,9 @@ include("fbegin.inc"); echo $snort_general_css; ?> + +
+
' . $pgtitle . '

';}?> diff --git a/config/snort/snort_interfaces_whitelist_edit.php b/config/snort/snort_interfaces_whitelist_edit.php index 20758d32..4056f992 100644 --- a/config/snort/snort_interfaces_whitelist_edit.php +++ b/config/snort/snort_interfaces_whitelist_edit.php @@ -254,9 +254,12 @@ include("fbegin.inc"); echo $snort_general_css; ?> + +
+
- +