From 6f28da9d753b1538006cfa9c3488a4949c0cdd9d Mon Sep 17 00:00:00 2001 From: robiscool Date: Sat, 17 Oct 2009 16:40:07 -0700 Subject: snort-dev, start snort-inline gui base --- config/snort-dev/snort_interfaces.php | 296 ++++++++++++++++++++++++++++++++++ 1 file changed, 296 insertions(+) create mode 100644 config/snort-dev/snort_interfaces.php (limited to 'config/snort-dev/snort_interfaces.php') diff --git a/config/snort-dev/snort_interfaces.php b/config/snort-dev/snort_interfaces.php new file mode 100644 index 00000000..065ec0dc --- /dev/null +++ b/config/snort-dev/snort_interfaces.php @@ -0,0 +1,296 @@ +. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +require("guiconfig.inc"); + +if (!is_array($config['installedpackages']['snortglobal'])) + $config['installedpackages']['snortglobal'] = array(); + +$a_nat = &$config['installedpackages']['snortglobal']; + +/* if a custom message has been passed along, lets process it */ +if ($_GET['savemsg']) + $savemsg = $_GET['savemsg']; + +if ($_POST) { + + $pconfig = $_POST; + + if ($_POST['apply']) { + + write_config(); + + $retval = 0; + + if(stristr($retval, "error") <> true) + $savemsg = get_std_save_message($retval); + else + $savemsg = $retval; + + unlink_if_exists("/tmp/config.cache"); + $retval |= filter_configure(); + + if ($retval == 0) { + if (file_exists($d_natconfdirty_path)) + unlink($d_natconfdirty_path); + if (file_exists($d_filterconfdirty_path)) + unlink($d_filterconfdirty_path); + } + + } +} + +if (isset($_POST['del_x'])) { + /* delete selected rules */ + if (is_array($_POST['rule']) && count($_POST['rule'])) { + foreach ($_POST['rule'] as $rulei) { + $target = $rule['target']; + $helpers = exec("/bin/ps awwux | grep pftpx | grep \"{$target}\" | grep -v grep | awk '{ print \$2 }'"); + if($helpers) { + /* kill ftp proxy helper */ + mwexec("/bin/kill {$helpers}"); + } + unset($a_nat[$rulei]); + } + write_config(); + touch($d_natconfdirty_path); + header("Services: snort_interfaces.php"); + exit; + } + +} else { + /* yuck - IE won't send value attributes for image buttons, while Mozilla does - so we use .x/.y to find move button clicks instead... */ + unset($movebtn); + foreach ($_POST as $pn => $pd) { + if (preg_match("/move_(\d+)_x/", $pn, $matches)) { + $movebtn = $matches[1]; + break; + } + } + /* move selected rules before this rule */ + if (isset($movebtn) && is_array($_POST['rule']) && count($_POST['rule'])) { + $a_nat_new = array(); + + /* copy all rules < $movebtn and not selected */ + for ($i = 0; $i < $movebtn; $i++) { + if (!in_array($i, $_POST['rule'])) + $a_nat_new[] = $a_nat[$i]; + } + + /* copy all selected rules */ + for ($i = 0; $i < count($a_nat); $i++) { + if ($i == $movebtn) + continue; + if (in_array($i, $_POST['rule'])) + $a_nat_new[] = $a_nat[$i]; + } + + /* copy $movebtn rule */ + if ($movebtn < count($a_nat)) + $a_nat_new[] = $a_nat[$movebtn]; + + /* copy all rules > $movebtn and not selected */ + for ($i = $movebtn+1; $i < count($a_nat); $i++) { + if (!in_array($i, $_POST['rule'])) + $a_nat_new[] = $a_nat[$i]; + } + $a_nat = $a_nat_new; + write_config(); + touch($d_natconfdirty_path); + header("Services: snort_interfaces.php"); + exit; + } +} + +$pgtitle = "Services: Snort 2.8.4.1_5 pkg v. 1.7"; +include("head.inc"); + +?> + + +

+
+ +

+The NAT configuration has been changed.
You must apply the changes in order for them to take effect."); + else + print_info_box_np("The NAT configuration has been changed.
You must apply the changes in order for them to take effect."); +?> + + + + + + +
+ +
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
  IfInlineInline portInline port rangeBlock HostsBarnyard2Description + + + + + +
+
+ + + + + + + + (ext.: " . $natent['external-address'] . ")"; + else + echo "
(ext.: " . find_interface_ip(convert_friendly_interface_to_real_interface_name($natent['interface'])) . ")"; + ?> + 		+ + + + + +   + + + + + + + + + +
+
+ + + + + + + + +
+
+
+
+ +

Note:
Snort Inline mode is disabled and in private testing. Snort Inline release target is pfSense 2.0.

+ + + + "") { + echo ""; +} +?> + +
+ + + -- cgit v1.2.3