From 5cb08a96dec952ae6e1fd657e6940ea79af4f8d8 Mon Sep 17 00:00:00 2001
From: bmeeks8 <bmeeks8@bellsouth.net>
Date: Wed, 19 Mar 2014 17:24:00 -0400
Subject: Add new Log Mgmt tab link and improve parameter checking.

---
 config/suricata/suricata_alerts.php           |  8 ++--
 config/suricata/suricata_app_parsers.php      |  7 +++-
 config/suricata/suricata_barnyard.php         | 27 +++---------
 config/suricata/suricata_define_vars.php      |  6 ++-
 config/suricata/suricata_download_updates.php |  1 +
 config/suricata/suricata_flow_stream.php      |  6 ++-
 config/suricata/suricata_global.php           | 60 +--------------------------
 config/suricata/suricata_interfaces.php       |  1 +
 config/suricata/suricata_interfaces_edit.php  |  8 +++-
 config/suricata/suricata_list_view.php        | 10 +++--
 config/suricata/suricata_logs_browser.php     |  7 ++--
 config/suricata/suricata_rules.php            |  3 +-
 config/suricata/suricata_rules_flowbits.php   |  2 +-
 config/suricata/suricata_rulesets.php         |  6 ++-
 config/suricata/suricata_suppress.php         |  1 +
 config/suricata/suricata_suppress_edit.php    | 13 +++---
 16 files changed, 59 insertions(+), 107 deletions(-)

diff --git a/config/suricata/suricata_alerts.php b/config/suricata/suricata_alerts.php
index 99241b7e..01d4daeb 100644
--- a/config/suricata/suricata_alerts.php
+++ b/config/suricata/suricata_alerts.php
@@ -121,11 +121,12 @@ function suricata_add_supplist_entry($suppress) {
 		return false;
 }
 
-if (is_numericint($_POST['instance']))
+if (isset($_POST['instance']) && is_numericint($_POST['instance']))
 	$instanceid = $_POST['instance'];
 // This is for the auto-refresh so we can  stay on the same interface
-if (is_numericint($_GET['instance']))
+elseif (isset($_GET['instance']) && is_numericint($_GET['instance']))
 	$instanceid = $_GET['instance'];
+
 if (is_null($instanceid))
 	$instanceid = 0;
 
@@ -355,7 +356,8 @@ if ($savemsg) {
 	$tab_array[] = array(gettext("Update Rules"), false, "/suricata/suricata_download_updates.php");
 	$tab_array[] = array(gettext("Alerts"), true, "/suricata/suricata_alerts.php");
 	$tab_array[] = array(gettext("Suppress"), false, "/suricata/suricata_suppress.php");
-	$tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php");
+	$tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php?instance={$instanceid}");
+	$tab_array[] = array(gettext("Logs Mgmt"), false, "/suricata/suricata_logs_mgmt.php");
 	display_top_tabs($tab_array);
 ?>
 </td></tr>
diff --git a/config/suricata/suricata_app_parsers.php b/config/suricata/suricata_app_parsers.php
index e8f20226..8d0bb4f4 100644
--- a/config/suricata/suricata_app_parsers.php
+++ b/config/suricata/suricata_app_parsers.php
@@ -33,9 +33,11 @@ require_once("/usr/local/pkg/suricata/suricata.inc");
 
 global $g, $rebuild_rules;
 
-$id = $_GET['id'];
-if (isset($_POST['id']))
+if (isset($_POST['id']) && is_numericint($_POST['id']))
 	$id = $_POST['id'];
+elseif (isset($_GET['id']) && is_numericint($_GET['id']))
+	$id = htmlspecialchars($_GET['id']);
+
 if (is_null($id))
 	$id = 0;
 
@@ -397,6 +399,7 @@ include_once("head.inc");
 	$tab_array[] = array(gettext("Alerts"), false, "/suricata/suricata_alerts.php?instance={$id}");
 	$tab_array[] = array(gettext("Suppress"), false, "/suricata/suricata_suppress.php");
 	$tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php?instance={$id}");
+	$tab_array[] = array(gettext("Logs Mgmt"), false, "/suricata/suricata_logs_mgmt.php");
 	display_top_tabs($tab_array);
 	echo '</td></tr>';
 	echo '<tr><td>';
diff --git a/config/suricata/suricata_barnyard.php b/config/suricata/suricata_barnyard.php
index e71dc261..850e4bed 100644
--- a/config/suricata/suricata_barnyard.php
+++ b/config/suricata/suricata_barnyard.php
@@ -33,9 +33,11 @@ require_once("/usr/local/pkg/suricata/suricata.inc");
 
 global $g, $rebuild_rules;
 
-$id = $_GET['id'];
-if (isset($_POST['id']))
+if (isset($_POST['id']) && is_numericint($_POST['id']))
 	$id = $_POST['id'];
+elseif (isset($_GET['id']) && is_numericint($_GET['id']))
+	$id = htmlspecialchars($_GET['id']);
+
 if (is_null($id)) {
         header("Location: /suricata/suricata_interfaces.php");
         exit;
@@ -55,8 +57,6 @@ if (isset($id) && $a_nat[$id]) {
 		$pconfig['barnyard_dbpwd'] = base64_decode($a_nat[$id]['barnyard_dbpwd']);
 	if (empty($a_nat[$id]['barnyard_show_year']))
 		$pconfig['barnyard_show_year'] = "on";
-	if (empty($a_nat[$id]['unified2_log_limit']))
-		$pconfig['unified2_log_limit'] = "32";
 	if (empty($a_nat[$id]['barnyard_archive_enable']))
 		$pconfig['barnyard_archive_enable'] = "on";
 	if (empty($a_nat[$id]['barnyard_obfuscate_ip']))
@@ -85,12 +85,6 @@ if ($_POST['save']) {
 	    $_POST['barnyard_bro_ids_enable'] != 'on' && $_POST['barnyard_enable'] == "on")
 		$input_errors[] = gettext("You must enable at least one output option when using Barnyard2.");
 
-	// Validate unified2 log file limit
-	if ($_POST['barnyard_enable'] == 'on') {
-		if (!is_numericint($_POST['unified2_log_limit']) || $_POST['unified2_log_limit'] < 1)
-			$input_errors[] = gettext("The value for 'Unified2 Log Limit' must be a valid integer greater than zero.");
-	}
-
 	// Validate Sensor ID is a valid integer
 	if ($_POST['barnyard_enable'] == 'on') {
 		if (!is_numericint($_POST['barnyard_sensor_id']) || $_POST['barnyard_sensor_id'] < 0)
@@ -144,7 +138,6 @@ if ($_POST['save']) {
 
 		if ($_POST['barnyard_sensor_id']) $natent['barnyard_sensor_id'] = $_POST['barnyard_sensor_id']; else $natent['barnyard_sensor_id'] = '0';
 		if ($_POST['barnyard_sensor_name']) $natent['barnyard_sensor_name'] = $_POST['barnyard_sensor_name']; else unset($natent['barnyard_sensor_name']);
-		if ($_POST['unified2_log_limit']) $natent['unified2_log_limit'] = $_POST['unified2_log_limit']; else unset($natent['unified2_log_limit']);
 		if ($_POST['barnyard_dbhost']) $natent['barnyard_dbhost'] = $_POST['barnyard_dbhost']; else unset($natent['barnyard_dbhost']);
 		if ($_POST['barnyard_dbname']) $natent['barnyard_dbname'] = $_POST['barnyard_dbname']; else unset($natent['barnyard_dbname']);
 		if ($_POST['barnyard_dbuser']) $natent['barnyard_dbuser'] = $_POST['barnyard_dbuser']; else unset($natent['barnyard_dbuser']);
@@ -201,6 +194,7 @@ if ($_POST['save']) {
 		$pconfig['barnyard_syslog_proto'] = $_POST['barnyard_syslog_proto'];
 		$pconfig['barnyard_bro_ids_enable'] = $_POST['barnyard_bro_ids_enable'];
 
+		$pconfig['barnyard_sensor_id'] = $_POST['barnyard_sensor_id'];
 		$pconfig['barnyard_sensor_name'] = $_POST['barnyard_sensor_name'];
 		$pconfig['barnyard_dbhost'] = $_POST['barnyard_dbhost'];
 		$pconfig['barnyard_dbname'] = $_POST['barnyard_dbname'];
@@ -247,6 +241,7 @@ include_once("head.inc");
 	$tab_array[] = array(gettext("Alerts"), false, "/suricata/suricata_alerts.php?instance={$id}");
 	$tab_array[] = array(gettext("Suppress"), false, "/suricata/suricata_suppress.php");
 	$tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php?instance={$id}");
+	$tab_array[] = array(gettext("Logs Mgmt"), false, "/suricata/suricata_logs_mgmt.php");
 	display_top_tabs($tab_array);
 	echo '</td></tr>';
 	echo '<tr><td class="tabnavtbl">';
@@ -283,15 +278,6 @@ include_once("head.inc");
 					<?php echo gettext("Enable the year being shown in timestamps.  Default value is ") . "<strong>" . gettext("Checked") . "</strong>"; ?>
 				</td>
 			</tr>
-			<tr>
-				<td width="22%" valign="top" class="vncell"><?php echo gettext("Unified2 Log Limit"); ?></td>
-				<td width="78%" class="vtable">
-					<input name="unified2_log_limit" type="text" class="formfld unknown" 
-					id="unified2_log_limit" size="25" value="<?=htmlspecialchars($pconfig['unified2_log_limit']);?>"/>
-					&nbsp;<?php echo gettext("Log file size limit in megabytes (MB). Default is "); ?><strong><?=gettext("32 MB.");?></strong><br/>
-					<?php echo gettext("This sets the maximum size for a unified2 log file before it is rotated and a new one created."); ?>
-				</td>
-			</tr>
 			<tr>
 				<td width="22%" valign="top" class="vncell"><?php echo gettext("Archive Unified2 Logs"); ?></td>
 				<td width="78%" class="vtable">
@@ -590,7 +576,6 @@ function enable_change(enable_change) {
 	endis = !(document.iform.barnyard_enable.checked || enable_change);
 	// make sure a default answer is called if this is invoked.
 	endis2 = (document.iform.barnyard_enable);
-	document.iform.unified2_log_limit.disabled = endis;
 	document.iform.barnyard_archive_enable.disabled = endis;
 	document.iform.barnyard_show_year.disabled = endis;
 	document.iform.barnyard_dump_payload.disabled = endis;
diff --git a/config/suricata/suricata_define_vars.php b/config/suricata/suricata_define_vars.php
index e130e555..22b8ab3c 100644
--- a/config/suricata/suricata_define_vars.php
+++ b/config/suricata/suricata_define_vars.php
@@ -34,9 +34,10 @@ require_once("/usr/local/pkg/suricata/suricata.inc");
 
 global $g, $rebuild_rules;
 
-$id = $_GET['id'];
-if (isset($_POST['id']))
+if (isset($_POST['id']) && is_numericint($_POST['id']))
 	$id = $_POST['id'];
+elseif (isset($_GET['id']) && is_numericint($_GET['id']))
+	$id = htmlspecialchars($_GET['id']);
 if (is_null($id)) {
         header("Location: /suricata/suricata_interfaces.php");
         exit;
@@ -163,6 +164,7 @@ if ($savemsg)
 	$tab_array[] = array(gettext("Alerts"), false, "/suricata/suricata_alerts.php?instance={$id}");
 	$tab_array[] = array(gettext("Suppress"), false, "/suricata/suricata_suppress.php");
 	$tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php?instance={$id}");
+	$tab_array[] = array(gettext("Logs Mgmt"), false, "/suricata/suricata_logs_mgmt.php");
 	display_top_tabs($tab_array);
 	echo '</td></tr>';
 	echo '<tr><td class="tabnavtbl">';
diff --git a/config/suricata/suricata_download_updates.php b/config/suricata/suricata_download_updates.php
index bae467e4..188255c8 100644
--- a/config/suricata/suricata_download_updates.php
+++ b/config/suricata/suricata_download_updates.php
@@ -178,6 +178,7 @@ include_once("head.inc");
 	$tab_array[] = array(gettext("Alerts"), false, "/suricata/suricata_alerts.php");
 	$tab_array[] = array(gettext("Suppress"), false, "/suricata/suricata_suppress.php");
 	$tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php");
+	$tab_array[] = array(gettext("Logs Mgmt"), false, "/suricata/suricata_logs_mgmt.php");
         display_top_tabs($tab_array);
 ?>
 </td></tr>
diff --git a/config/suricata/suricata_flow_stream.php b/config/suricata/suricata_flow_stream.php
index 1a65ddfd..cc00f350 100644
--- a/config/suricata/suricata_flow_stream.php
+++ b/config/suricata/suricata_flow_stream.php
@@ -33,9 +33,10 @@ require_once("/usr/local/pkg/suricata/suricata.inc");
 
 global $g, $rebuild_rules;
 
-$id = $_GET['id'];
-if (isset($_POST['id']))
+if (isset($_POST['id']) && is_numericint($_POST['id']))
 	$id = $_POST['id'];
+elseif (isset($_GET['id']) && is_numericint($_GET['id']))
+	$id = htmlspecialchars($_GET['id']);
 if (is_null($id))
 	$id=0;
 
@@ -443,6 +444,7 @@ include_once("head.inc");
 	$tab_array[] = array(gettext("Alerts"), false, "/suricata/suricata_alerts.php?instance={$id}");
 	$tab_array[] = array(gettext("Suppress"), false, "/suricata/suricata_suppress.php");
 	$tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php?instance={$id}");
+	$tab_array[] = array(gettext("Logs Mgmt"), false, "/suricata/suricata_logs_mgmt.php");
 	display_top_tabs($tab_array);
 	echo '</td></tr>';
 	echo '<tr><td>';
diff --git a/config/suricata/suricata_global.php b/config/suricata/suricata_global.php
index 99abc49b..938d6a97 100644
--- a/config/suricata/suricata_global.php
+++ b/config/suricata/suricata_global.php
@@ -41,23 +41,15 @@ $pconfig['etprocode'] = $config['installedpackages']['suricata']['config'][0]['e
 $pconfig['enable_etopen_rules'] = $config['installedpackages']['suricata']['config'][0]['enable_etopen_rules'];
 $pconfig['enable_etpro_rules'] = $config['installedpackages']['suricata']['config'][0]['enable_etpro_rules'];
 $pconfig['rm_blocked'] = $config['installedpackages']['suricata']['config'][0]['rm_blocked'];
-$pconfig['suricataloglimit'] = $config['installedpackages']['suricata']['config'][0]['suricataloglimit'];
-$pconfig['suricataloglimitsize'] = $config['installedpackages']['suricata']['config'][0]['suricataloglimitsize'];
 $pconfig['autoruleupdate'] = $config['installedpackages']['suricata']['config'][0]['autoruleupdate'];
 $pconfig['autoruleupdatetime'] = $config['installedpackages']['suricata']['config'][0]['autoruleupdatetime'];
 $pconfig['live_swap_updates'] = $config['installedpackages']['suricata']['config'][0]['live_swap_updates'];
 $pconfig['log_to_systemlog'] = $config['installedpackages']['suricata']['config'][0]['log_to_systemlog'];
-$pconfig['clearlogs'] = $config['installedpackages']['suricata']['config'][0]['clearlogs'];
 $pconfig['forcekeepsettings'] = $config['installedpackages']['suricata']['config'][0]['forcekeepsettings'];
 $pconfig['snortcommunityrules'] = $config['installedpackages']['suricata']['config'][0]['snortcommunityrules'];
 
-if (empty($pconfig['suricataloglimit']))
-	$pconfig['suricataloglimit'] = 'on';
 if (empty($pconfig['autoruleupdatetime']))
 	$pconfig['autoruleupdatetime'] = '00:30';
-if (empty($pconfig['suricataloglimitsize']))
-	// Set limit to 20% of slice that is unused */
-	$pconfig['suricataloglimitsize'] = round(exec('df -k /var | grep -v "Filesystem" | awk \'{print $4}\'') * .20 / 1024);
 
 if ($_POST['autoruleupdatetime']) {
 	if (!preg_match('/^([01]?[0-9]|2[0-3]):?([0-5][0-9])$/', $_POST['autoruleupdatetime']))
@@ -116,18 +108,7 @@ if (!$input_errors) {
 
 		$config['installedpackages']['suricata']['config'][0]['oinkcode'] = $_POST['oinkcode'];
 		$config['installedpackages']['suricata']['config'][0]['etprocode'] = $_POST['etprocode'];
-
 		$config['installedpackages']['suricata']['config'][0]['rm_blocked'] = $_POST['rm_blocked'];
-		if ($_POST['suricataloglimitsize']) {
-			$config['installedpackages']['suricata']['config'][0]['suricataloglimit'] = $_POST['suricataloglimit'];
-			$config['installedpackages']['suricata']['config'][0]['suricataloglimitsize'] = $_POST['suricataloglimitsize'];
-		} else {
-			$config['installedpackages']['suricata']['config'][0]['suricataloglimit'] = 'on';
-
-			/* code will set limit to 21% of slice that is unused */
-			$suricataloglimitDSKsize = round(exec('df -k /var | grep -v "Filesystem" | awk \'{print $4}\'') * .22 / 1024);
-			$config['installedpackages']['suricata']['config'][0]['suricataloglimitsize'] = $suricataloglimitDSKsize;
-		}
 		$config['installedpackages']['suricata']['config'][0]['autoruleupdate'] = $_POST['autoruleupdate'];
 
 		/* Check and adjust format of Rule Update Starttime string to add colon and leading zero if necessary */
@@ -139,7 +120,6 @@ if (!$input_errors) {
 		$config['installedpackages']['suricata']['config'][0]['autoruleupdatetime'] = str_pad($_POST['autoruleupdatetime'], 4, "0", STR_PAD_LEFT);
 		$config['installedpackages']['suricata']['config'][0]['log_to_systemlog'] = $_POST['log_to_systemlog'] ? 'on' : 'off';
 		$config['installedpackages']['suricata']['config'][0]['live_swap_updates'] = $_POST['live_swap_updates'] ? 'on' : 'off';
-		$config['installedpackages']['suricata']['config'][0]['clearlogs'] = $_POST['clearlogs'] ? 'on' : 'off';
 		$config['installedpackages']['suricata']['config'][0]['forcekeepsettings'] = $_POST['forcekeepsettings'] ? 'on' : 'off';
 
 		$retval = 0;
@@ -190,6 +170,7 @@ if ($input_errors)
 	$tab_array[] = array(gettext("Alerts"), false, "/suricata/suricata_alerts.php");
 	$tab_array[] = array(gettext("Suppress"), false, "/suricata/suricata_suppress.php");
 	$tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php");
+	$tab_array[] = array(gettext("Logs Mgmt"), false, "/suricata/suricata_logs_mgmt.php");
         display_top_tabs($tab_array);
 ?>
 </td></tr>
@@ -323,39 +304,6 @@ if ($input_errors)
 <tr>
 	<td colspan="2" valign="top" class="listtopic"><?php echo gettext("General Settings"); ?></td>
 </tr>
-<tr>
-<?php $suricatalogCurrentDSKsize = round(exec('df -k /var | grep -v "Filesystem" | awk \'{print $4}\'') / 1024); ?>
-	<td width="22%" valign="top" class="vncell"><?php echo gettext("Log Directory Size " .
-	"Limit"); ?><br/>
-	<br/>
-	<br/>
-	<span class="red"><strong><?php echo gettext("Note:"); ?></strong></span><br/>
-	<?php echo gettext("Available space is"); ?> <strong><?php echo $suricatalogCurrentDSKsize; ?>&nbsp;MB</strong></td>
-	<td width="78%" class="vtable">
-		<table cellpadding="0" cellspacing="0">
-			<tr>
-				<td colspan="2"><input name="suricataloglimit" type="radio" id="suricataloglimit" value="on" 
-					<?php if($pconfig['suricataloglimit']=='on') echo 'checked'; ?>/><span class="vexpl">
-					<strong><?php echo gettext("Enable"); ?></strong> <?php echo gettext("directory size limit"); ?> (<strong><?php echo gettext("Default"); ?></strong>)</span></td>
-			</tr>
-			<tr>
-				<td colspan="2"><input name="suricataloglimit" type="radio" id="suricataloglimit" value="off" 
-					<?php if($pconfig['suricataloglimit']=='off') echo 'checked'; ?>/> <span class="vexpl"><strong><?php echo gettext("Disable"); ?></strong>
-					<?php echo gettext("directory size limit"); ?></span><br/>
-				<br/>
-				<span class="red"><strong><?php echo gettext("Warning:"); ?></strong></span> <?php echo gettext("Nanobsd " .
-				"should use no more than 10MB of space."); ?></td>
-			</tr>
-		</table>
-		<table width="100%" border="0" cellpadding="2" cellspacing="0">
-			<tr>
-				<td class="vexpl"><?php echo gettext("Size in ") . "<strong>" . gettext("MB:") . "</strong>";?>&nbsp;
-				<input name="suricataloglimitsize" type="text" class="formfld unknown" id="suricataloglimitsize" size="10" value="<?=htmlspecialchars($pconfig['suricataloglimitsize']);?>"/>
-				&nbsp;<?php echo gettext("Default is ") . "<strong>" . gettext("20%") . "</strong>" . gettext(" of available space.");?></td>
-			</tr>
-		</table>
-	</td>
-</tr>
 <tr style="display:none;">
 	<td width="22%" valign="top" class="vncell"><?php echo gettext("Remove Blocked Hosts Interval"); ?></td>
 	<td width="78%" class="vtable">
@@ -377,12 +325,6 @@ if ($input_errors)
 	<?php if ($config['installedpackages']['suricata']['config'][0]['log_to_systemlog']=="on") echo " checked"; ?>/>&nbsp;
 	<?php echo gettext("Copy Suricata messages to the firewall system log."); ?></td>
 </tr>
-<tr>
-	<td width="22%" valign="top" class="vncell"><?php echo gettext("Remove Suricata Log Files After Deinstall"); ?></td>
-	<td width="78%" class="vtable"><input name="clearlogs" id="clearlogs" type="checkbox" value="yes"
-	<?php if ($config['installedpackages']['suricata']['config'][0]['clearlogs']=="on") echo " checked"; ?>/>&nbsp;
-	<?php echo gettext("Suricata log files will be removed during package deinstallation."); ?></td>
-</tr>
 <tr>
 	<td width="22%" valign="top" class="vncell"><?php echo gettext("Keep Suricata Settings After Deinstall"); ?></td>
 	<td width="78%" class="vtable"><input name="forcekeepsettings" id="forcekeepsettings" type="checkbox" value="yes"
diff --git a/config/suricata/suricata_interfaces.php b/config/suricata/suricata_interfaces.php
index 5e5d8c44..e8125986 100644
--- a/config/suricata/suricata_interfaces.php
+++ b/config/suricata/suricata_interfaces.php
@@ -166,6 +166,7 @@ include_once("head.inc");
 		$tab_array[] = array(gettext("Alerts"), false, "/suricata/suricata_alerts.php");
 		$tab_array[] = array(gettext("Suppress"), false, "/suricata/suricata_suppress.php");
 		$tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php");
+		$tab_array[] = array(gettext("Logs Mgmt"), false, "/suricata/suricata_logs_mgmt.php");
 		display_top_tabs($tab_array);
 	?>
 	</td>
diff --git a/config/suricata/suricata_interfaces_edit.php b/config/suricata/suricata_interfaces_edit.php
index 389566a2..fbb78aa2 100644
--- a/config/suricata/suricata_interfaces_edit.php
+++ b/config/suricata/suricata_interfaces_edit.php
@@ -40,9 +40,9 @@ if (!is_array($config['installedpackages']['suricata']['rule']))
 	$config['installedpackages']['suricata']['rule'] = array();
 $a_rule = &$config['installedpackages']['suricata']['rule'];
 
-if ($_POST['id'])
+if (isset($_POST['id']) && is_numericint($_POST['id']))
 	$id = $_POST['id'];
-elseif ($_GET['id']);
+elseif (isset($_GET['id']) && is_numericint($_GET['id']));
 	$id = htmlspecialchars($_GET['id'], ENT_QUOTES | ENT_HTML401);
 
 if (is_null($id))
@@ -81,6 +81,9 @@ elseif (isset($id) && !isset($a_rule[$id])) {
 	foreach ($ifaces as $i) {
 		if (!in_array($i, $ifrules)) {
 			$pconfig['interface'] = $i;
+			$pconfig['enable'] = 'on';
+			$pconfig['descr'] = strtoupper($i);
+			$pconfig['inspect_recursion_limit'] = '3000';
 			break;
 		}
 	}
@@ -333,6 +336,7 @@ if ($savemsg) {
 	$tab_array[] = array(gettext("Alerts"), false, "/suricata/suricata_alerts.php?instance={$id}");
 	$tab_array[] = array(gettext("Suppress"), false, "/suricata/suricata_suppress.php");
 	$tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php?instance={$id}");
+	$tab_array[] = array(gettext("Logs Mgmt"), false, "/suricata/suricata_logs_mgmt.php");
 	display_top_tabs($tab_array);
 	echo '</td></tr>';
 	echo '<tr><td class="tabnavtbl">';
diff --git a/config/suricata/suricata_list_view.php b/config/suricata/suricata_list_view.php
index 2ff121f2..b6616909 100644
--- a/config/suricata/suricata_list_view.php
+++ b/config/suricata/suricata_list_view.php
@@ -34,9 +34,11 @@ global $g, $config;
 
 $contents = '';
 
-$id = $_GET['id'];
-$wlist = $_GET['wlist'];
-$type = $_GET['type'];
+if (isset($_GET['id']) && is_numericint($_GET['id']))
+	$id = htmlspecialchars($_GET['id']);
+
+$wlist = htmlspecialchars($_GET['wlist']);
+$type = htmlspecialchars($_GET['type']);
 
 if (isset($id) && isset($wlist)) {
 	$a_rule = $config['installedpackages']['suricata']['rule'][$id];
@@ -86,7 +88,7 @@ $pgtitle = array(gettext("Suricata"), gettext(ucfirst($type) . " Viewer"));
 		<tr>
 			<td colspan="2" valign="top" class="label">
 			<div style="background: #eeeeee; width:100%; height:100%;" id="textareaitem"><!-- NOTE: The opening *and* the closing textarea tag must be on the same line. -->
-			<textarea style="width:100%; height:100%;" readonly wrap="off" rows="25" cols="80" name="code2"><?=$contents;?></textarea>
+			<textarea style="width:100%; height:100%;" readonly wrap="off" rows="25" cols="80" name="code2"><?=htmlspecialchars($contents);?></textarea>
 			</div>
 			</td>
 		</tr>
diff --git a/config/suricata/suricata_logs_browser.php b/config/suricata/suricata_logs_browser.php
index f9c34ed0..53530881 100644
--- a/config/suricata/suricata_logs_browser.php
+++ b/config/suricata/suricata_logs_browser.php
@@ -30,10 +30,10 @@
 require_once("guiconfig.inc");
 require_once("/usr/local/pkg/suricata/suricata.inc");
 
-if ($_POST['instance'])
+if (isset($_POST['instance']) && is_numericint($_POST['instance']))
 	$instanceid = $_POST['instance'];
-if ($_GET['instance'])
-	$instanceid = $_GET['instance'];
+elseif (isset($_GET['instance']) && is_numericint($_GET['instance']))
+	$instanceid = htmlspecialchars($_GET['instance']);
 if (empty($instanceid))
 	$instanceid = 0;
 
@@ -131,6 +131,7 @@ if ($input_errors) {
 		$tab_array[] = array(gettext("Alerts"), false, "/suricata/suricata_alerts.php?instance={$instanceid}");
 		$tab_array[] = array(gettext("Suppress"), false, "/suricata/suricata_suppress.php");
 		$tab_array[] = array(gettext("Logs Browser"), true, "/suricata/suricata_logs_browser.php");
+		$tab_array[] = array(gettext("Logs Mgmt"), false, "/suricata/suricata_logs_mgmt.php");
 		display_top_tabs($tab_array);
 	?>
 	</td>
diff --git a/config/suricata/suricata_rules.php b/config/suricata/suricata_rules.php
index 567c29ea..5883ed8e 100644
--- a/config/suricata/suricata_rules.php
+++ b/config/suricata/suricata_rules.php
@@ -40,7 +40,7 @@ if (!is_array($config['installedpackages']['suricata']['rule']))
 	$config['installedpackages']['suricata']['rule'] = array();
 $a_rule = &$config['installedpackages']['suricata']['rule'];
 
-if (isset($_POST['id']))
+if (isset($_POST['id']) && is_numericint($_POST['id']))
 	$id = $_POST['id'];
 elseif (isset($_GET['id']) && is_numericint($_GET['id']))
 	$id = htmlspecialchars($_GET['id']);
@@ -391,6 +391,7 @@ if ($savemsg) {
 		$tab_array[] = array(gettext("Alerts"), false, "/suricata/suricata_alerts.php?instance={$id}");
 		$tab_array[] = array(gettext("Suppress"), false, "/suricata/suricata_suppress.php");
 		$tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php?instance={$id}");
+		$tab_array[] = array(gettext("Logs Mgmt"), false, "/suricata/suricata_logs_mgmt.php");
 		display_top_tabs($tab_array);
 		echo '</td></tr>';
 		echo '<tr><td class="tabnavtbl">';
diff --git a/config/suricata/suricata_rules_flowbits.php b/config/suricata/suricata_rules_flowbits.php
index 6470ff4b..1907cbeb 100644
--- a/config/suricata/suricata_rules_flowbits.php
+++ b/config/suricata/suricata_rules_flowbits.php
@@ -41,7 +41,7 @@ if (!is_array($config['installedpackages']['suricata']['rule'])) {
 }
 $a_nat = &$config['installedpackages']['suricata']['rule'];
 
-if (isset($_POST['id']))
+if (isset($_POST['id']) && is_numericint($_POST['id']))
 	$id = $_POST['id'];
 elseif (isset($_GET['id']) && is_numericint($_GET['id']))
 	$id = htmlspecialchars($_GET['id']);
diff --git a/config/suricata/suricata_rulesets.php b/config/suricata/suricata_rulesets.php
index 4365de4b..e607acc1 100644
--- a/config/suricata/suricata_rulesets.php
+++ b/config/suricata/suricata_rulesets.php
@@ -44,9 +44,10 @@ if (!is_array($config['installedpackages']['suricata']['rule'])) {
 }
 $a_nat = &$config['installedpackages']['suricata']['rule'];
 
-$id = $_GET['id'];
-if (isset($_POST['id']))
+if (isset($_POST['id']) && is_numericint($_POST['id']))
 	$id = $_POST['id'];
+elseif (isset($_GET['id']) && is_numericint($_GET['id']))
+	$id = htmlspecialchars($_GET['id']);
 if (is_null($id))
 	$id = 0;
 
@@ -255,6 +256,7 @@ if ($savemsg) {
 	$tab_array[] = array(gettext("Alerts"), false, "/suricata/suricata_alerts.php?instance={$id}");
 	$tab_array[] = array(gettext("Suppress"), false, "/suricata/suricata_suppress.php");
 	$tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php?instance={$id}");
+	$tab_array[] = array(gettext("Logs Mgmt"), false, "/suricata/suricata_logs_mgmt.php");
 	display_top_tabs($tab_array);
 	echo '</td></tr>';
 	echo '<tr><td class="tabnavtbl">';
diff --git a/config/suricata/suricata_suppress.php b/config/suricata/suricata_suppress.php
index 12227f3d..1b833276 100644
--- a/config/suricata/suricata_suppress.php
+++ b/config/suricata/suricata_suppress.php
@@ -125,6 +125,7 @@ if ($input_errors) {
 	$tab_array[] = array(gettext("Alerts"), false, "/suricata/suricata_alerts.php");
 	$tab_array[] = array(gettext("Suppress"), true, "/suricata/suricata_suppress.php");
 	$tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php");
+	$tab_array[] = array(gettext("Logs Mgmt"), false, "/suricata/suricata_logs_mgmt.php");
 	display_top_tabs($tab_array);
 ?>
 </td>
diff --git a/config/suricata/suricata_suppress_edit.php b/config/suricata/suricata_suppress_edit.php
index 3d5bad27..aad67a95 100644
--- a/config/suricata/suricata_suppress_edit.php
+++ b/config/suricata/suricata_suppress_edit.php
@@ -40,9 +40,10 @@ if (!is_array($config['installedpackages']['suricata']['suppress']['item']))
 	$config['installedpackages']['suricata']['suppress']['item'] = array();
 $a_suppress = &$config['installedpackages']['suricata']['suppress']['item'];
 
-$id = $_GET['id'];
-if (isset($_POST['id']))
+if (isset($_POST['id']) && is_numericint($_POST['id']))
 	$id = $_POST['id'];
+elseif (isset($_GET['id']) && is_numericint($_GET['id']))
+	$id = htmlspecialchars($_GET['id']);
 
 /* returns true if $name is a valid name for a whitelist file name or ip */
 function is_validwhitelistname($name) {
@@ -69,7 +70,7 @@ if (isset($id) && $a_suppress[$id]) {
 		$pconfig['uuid'] = uniqid();
 }
 
-if ($_POST['submit']) {
+if ($_POST['save']) {
 	unset($input_errors);
 	$pconfig = $_POST;
 
@@ -139,11 +140,13 @@ if ($savemsg)
 <tr><td>
 <?php
         $tab_array = array();
-	$tab_array[] = array(gettext("Interfaces"), false, "/suricata/suricata_interfaces.php");
+	$tab_array[] = array(gettext("Suricata Interfaces"), false, "/suricata/suricata_interfaces.php");
 	$tab_array[] = array(gettext("Global Settings"), false, "/suricata/suricata_global.php");
 	$tab_array[] = array(gettext("Update Rules"), false, "/suricata/suricata_download_updates.php");
 	$tab_array[] = array(gettext("Alerts"), false, "/suricata/suricata_alerts.php");
 	$tab_array[] = array(gettext("Suppress"), true, "/suricata/suricata_suppress.php");
+	$tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php");
+	$tab_array[] = array(gettext("Logs Mgmt"), false, "/suricata/suricata_logs_mgmt.php");
         display_top_tabs($tab_array);
 ?>
 </td></tr>
@@ -193,7 +196,7 @@ if ($savemsg)
 	</td>
 </tr>
 <tr>
-	<td colspan="2"><input id="submit" name="submit" type="submit" 
+	<td colspan="2"><input id="save" name="save" type="submit" 
 		class="formbtn" value="Save" />&nbsp;&nbsp;<input id="cancelbutton" 
 		name="cancelbutton" type="button" class="formbtn" value="Cancel" 
 		onclick="history.back();"/> <?php if (isset($id) && $a_suppress[$id]): ?>
-- 
cgit v1.2.3