From 6f28da9d753b1538006cfa9c3488a4949c0cdd9d Mon Sep 17 00:00:00 2001
From: robiscool <robrob2626@yahoo.com>
Date: Sat, 17 Oct 2009 16:40:07 -0700
Subject: snort-dev, start snort-inline gui base

---
 config/snort-dev/bkup/snort_threshold.xml | 129 ++++++++++++++++++++++++++++++
 1 file changed, 129 insertions(+)
 create mode 100644 config/snort-dev/bkup/snort_threshold.xml

(limited to 'config/snort-dev/bkup/snort_threshold.xml')

diff --git a/config/snort-dev/bkup/snort_threshold.xml b/config/snort-dev/bkup/snort_threshold.xml
new file mode 100644
index 00000000..f9075d3d
--- /dev/null
+++ b/config/snort-dev/bkup/snort_threshold.xml
@@ -0,0 +1,129 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
+<packagegui>
+        <copyright>
+        <![CDATA[
+/* $Id$ */
+/* ========================================================================== */
+/*
+    authng.xml
+    part of pfSense (http://www.pfSense.com)
+    Copyright (C) 2007 to whom it may belong
+    All rights reserved.
+
+    Based on m0n0wall (http://m0n0.ch/wall)
+    Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+    All rights reserved.
+                                                                              */
+/* ========================================================================== */
+/*
+    Redistribution and use in source and binary forms, with or without
+    modification, are permitted provided that the following conditions are met:
+
+     1. Redistributions of source code must retain the above copyright notice,
+        this list of conditions and the following disclaimer.
+
+     2. Redistributions in binary form must reproduce the above copyright
+        notice, this list of conditions and the following disclaimer in the
+        documentation and/or other materials provided with the distribution.
+
+    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+    POSSIBILITY OF SUCH DAMAGE.
+                                                                              */
+/* ========================================================================== */
+        ]]>
+        </copyright>
+    <description>Describe your package here</description>
+    <requirements>Describe your package requirements here</requirements>
+    <faq>Currently there are no FAQ items provided.</faq>
+	<name>snort-threshold</name>
+	<version>0.1.0</version>
+	<title>Snort: Alert Thresholding and Suppression</title>
+	<include_file>/usr/local/pkg/snort.inc</include_file>
+	<!-- Menu is where this packages menu will appear -->
+	<tabs>
+		<tab>
+			<text>Settings</text>
+			<url>/pkg_edit.php?xml=snort.xml&amp;id=0</url>
+		</tab>
+		<tab>
+			<text>Update Rules</text>
+			<url>/snort_download_rules.php</url>
+		</tab>
+		<tab>
+			<text>Categories</text>
+			<url>/snort_rulesets.php</url>
+		</tab>
+		<tab>
+			<text>Rules</text>
+			<url>/snort_rules.php</url>
+		</tab>
+		<tab>
+			<text>Servers</text>
+			<url>/pkg_edit.php?xml=snort_define_servers.xml&amp;id=0</url>
+		</tab>
+		<tab>
+			<text>Blocked</text>
+			<url>/snort_blocked.php</url>
+		</tab>
+		<tab>
+			<text>Whitelist</text>
+			<url>/pkg.php?xml=snort_whitelist.xml</url>
+		</tab>
+		<tab>
+			<text>Threshold</text>
+			<url>/pkg.php?xml=snort_threshold.xml</url>
+			<active/>
+		</tab>
+		<tab>
+			<text>Alerts</text>
+			<url>/snort_alerts.php</url>
+		</tab>
+		<tab>
+			<text>Advanced</text>
+			<url>/pkg_edit.php?xml=snort_advanced.xml&amp;id=0</url>
+		</tab>		
+	</tabs>
+	<adddeleteeditpagefields>
+		<columnitem>
+			<fielddescr>Thresholding or Suppression Rule</fielddescr>
+			<fieldname>threshrule</fieldname>
+		</columnitem>
+		<columnitem>
+			<fielddescr>Description</fielddescr>
+			<fieldname>description</fieldname>
+		</columnitem>
+	</adddeleteeditpagefields>
+	<fields>
+		<field>
+			<fielddescr>Thresholding or Suppression Rule</fielddescr>
+			<fieldname>threshrule</fieldname>
+			<description>Enter the Rule. Example; "suppress gen_id 125, sig_id 4" or "threshold gen_id 1, sig_id 1851, type limit, track by_src, count 1, seconds 60"</description>
+			<type>input</type>
+			<size>40</size>
+		</field>
+		<field>
+			<fielddescr>Description</fielddescr>
+			<fieldname>description</fieldname>
+			<description>Enter the description for this item</description>
+			<type>input</type>
+			<size>60</size>
+		</field>
+	</fields>
+	<custom_php_command_before_form>
+	</custom_php_command_before_form>
+	<custom_delete_php_command>
+	</custom_delete_php_command>
+	<custom_php_resync_config_command>
+		create_snort_conf();
+	</custom_php_resync_config_command>
+</packagegui>
\ No newline at end of file
-- 
cgit v1.2.3