From 2a3aeed08e7197c55bf6ed132391555261e5aaa7 Mon Sep 17 00:00:00 2001 From: robiscool Date: Wed, 13 Jun 2012 01:51:49 -0700 Subject: snort-dev2, re-add snort-dev2, undo tactless move --- config/snort-dev2/snort_interfaces.php | 437 +++++++++++++++++++++++++++++++++ 1 file changed, 437 insertions(+) create mode 100644 config/snort-dev2/snort_interfaces.php (limited to 'config/snort-dev2/snort_interfaces.php') diff --git a/config/snort-dev2/snort_interfaces.php b/config/snort-dev2/snort_interfaces.php new file mode 100644 index 00000000..86a9aff6 --- /dev/null +++ b/config/snort-dev2/snort_interfaces.php @@ -0,0 +1,437 @@ +. +Copyright (C) 2008-2009 Robert Zelaya. +Copyright (C) 2011 Ermal Luci +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + +1. Redistributions of source code must retain the above copyright notice, +this list of conditions and the following disclaimer. + +2. Redistributions in binary form must reproduce the above copyright +notice, this list of conditions and the following disclaimer in the +documentation and/or other materials provided with the distribution. + +THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, +INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY +AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, +OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. +*/ + +$nocsrf = true; +require_once("guiconfig.inc"); +require_once("/usr/local/pkg/snort/snort_gui.inc"); +require_once("/usr/local/pkg/snort/snort.inc"); + +global $g; + +$id = $_GET['id']; +if (isset($_POST['id'])) + $id = $_POST['id']; + +if (!is_array($config['installedpackages']['snortglobal']['rule'])) + $config['installedpackages']['snortglobal']['rule'] = array(); +$a_nat = &$config['installedpackages']['snortglobal']['rule']; +$id_gen = count($config['installedpackages']['snortglobal']['rule']); + +if (isset($_POST['del_x'])) { + /* delete selected rules */ + if (is_array($_POST['rule'])) { + conf_mount_rw(); + foreach ($_POST['rule'] as $rulei) { + + /* convert fake interfaces to real */ + $if_real = snort_get_real_interface($a_nat[$rulei]['interface']); + $snort_uuid = $a_nat[$rulei]['uuid']; + + Running_Stop($snort_uuid,$if_real, $rulei); + + unset($a_nat[$rulei]); + } + conf_mount_ro(); + + write_config(); + sleep(2); + + /* if there are no ifaces do not create snort.sh */ + if (!empty($config['installedpackages']['snortglobal']['rule'])) + create_snort_sh(); + else { + conf_mount_rw(); + exec('/bin/rm /usr/local/etc/rc.d/snort.sh'); + conf_mount_ro(); + } + + sync_snort_package_config(); + + header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' ); + header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' ); + header( 'Cache-Control: no-store, no-cache, must-revalidate' ); + header( 'Cache-Control: post-check=0, pre-check=0', false ); + header( 'Pragma: no-cache' ); + header("Location: /snort/snort_interfaces.php"); + exit; + } + +} + + +/* start/stop snort */ +if ($_GET['act'] == 'toggle' && is_numeric($id)) { + + $if_real = snort_get_real_interface($config['installedpackages']['snortglobal']['rule'][$id]['interface']); + $snort_uuid = $config['installedpackages']['snortglobal']['rule'][$id]['uuid']; + + /* Log Iface stop */ + exec("/usr/bin/logger -p daemon.info -i -t SnortStartup 'Toggle for {$snort_uuid}_{$if_real}...'"); + + sync_snort_package_config(); + + $tester2 = Running_Ck($snort_uuid, $if_real, $id); + + if ($tester2 == 'yes') { + Running_Stop($snort_uuid, $if_real, $id); + + header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' ); + header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' ); + header( 'Cache-Control: no-store, no-cache, must-revalidate' ); + header( 'Cache-Control: post-check=0, pre-check=0', false ); + header( 'Pragma: no-cache' ); + + } else { + Running_Start($snort_uuid, $if_real, $id); + + header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' ); + header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' ); + header( 'Cache-Control: no-store, no-cache, must-revalidate' ); + header( 'Cache-Control: post-check=0, pre-check=0', false ); + header( 'Pragma: no-cache' ); + } + sleep(4); // So the GUI reports correctly + header("Location: /snort/snort_interfaces.php"); + exit; +} + + +$pgtitle = "Services: $snort_package_version"; +include_once("head.inc"); + +?> + + +' . $pgtitle . '

'; +?> + + + +
+'; + + if($savemsg) + print_info_box_np2("{$savemsg}"); + else { + print_info_box_np2(' + The Snort configuration has changed for one or more interfaces.
+ You must apply the changes in order for them to take effect.
+ '); + } + } +?> + + + + + + +
+ +
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
  IfSnortPerformanceBlockBarnyard2Description + + + + + +
+
+ + + + + + + + +   + + + + + +
+ +
+ + + + +
+
+
+
+ +
+ + + + +
+
+ + + + +
Note:
+ This is the Snort Menu where you can see an over + view of all your interface settings.
+ Please edit the Global Settings tab before adding + an interface.
+
+ Warning:
+ New settings will not take effect until interface restart. +
+
+ Click on the icon to add a + interface.                                            Click + on the icon to start + snort and barnyard2.
+ Click on the icon to edit a + interface and settings.                       Click + on the icon to stop + snort and barnyard2.
+ Click on the icon to + delete a interface and settings.
+
+ +
+ + "") { + echo ""; + } + ?>
+ + +
+
+
+ + + +
SNORT registered � by Sourcefire, Inc, Barnyard2 +registered � by securixlive.com, Orion registered � by Robert Zelaya, +Emergingthreats registered � by emergingthreats.net, Mysql registered � +by Mysql.com
+ + + + + + + + -- cgit v1.2.3