From 13656fde85d45e3533ba8dfdd8b3b173851d4f92 Mon Sep 17 00:00:00 2001 From: robiscool Date: Thu, 25 Mar 2010 11:55:53 -0700 Subject: snort-dev, upload binarries 8.0x32 and update to final RC. --- config/snort-dev/bin/8.0.x86/barnyard2 | Bin 0 -> 849388 bytes config/snort-dev/bin/8.0.x86/md5_files | 9 + config/snort-dev/bin/8.0.x86/md5_files~ | 9 + config/snort-dev/css/style2.css | 220 +- config/snort-dev/help_and_info.php | 390 +- config/snort-dev/images/footer.jpg | Bin 57412 -> 57411 bytes config/snort-dev/images/footer2.jpg | Bin 31879 -> 31878 bytes config/snort-dev/images/icon-table-sort-asc.png | Bin 2907 -> 2906 bytes config/snort-dev/images/icon-table-sort-desc.png | Bin 2914 -> 2913 bytes config/snort-dev/images/icon-table-sort.png | Bin 3026 -> 3025 bytes config/snort-dev/images/logo.jpg | Bin 74307 -> 74306 bytes config/snort-dev/javascript/jquery-1.3.2.js | 8752 ++++++++++----------- config/snort-dev/javascript/jquery.blockUI.js | 926 +-- config/snort-dev/javascript/sortableTable.js | 576 +- config/snort-dev/javascript/tabs.js | 244 +- config/snort-dev/snort.inc | 227 +- config/snort-dev/snort.sh | 0 config/snort-dev/snort_alerts.php | 6 +- config/snort-dev/snort_barnyard.php | 11 +- config/snort-dev/snort_blocked.php | 5 +- config/snort-dev/snort_check_for_rule_updates.php | 5 +- config/snort-dev/snort_define_servers.php | 10 +- config/snort-dev/snort_download_rules.php | 5 +- config/snort-dev/snort_help_info.php | 220 +- config/snort-dev/snort_interfaces.php | 247 +- config/snort-dev/snort_interfaces_edit.php | 132 +- config/snort-dev/snort_interfaces_global.php | 41 +- config/snort-dev/snort_preprocessors.php | 20 +- config/snort-dev/snort_rules.php | 17 +- config/snort-dev/snort_rules_edit.php | 486 +- config/snort-dev/snort_rulesets.php | 35 +- 31 files changed, 6323 insertions(+), 6270 deletions(-) create mode 100755 config/snort-dev/bin/8.0.x86/barnyard2 create mode 100644 config/snort-dev/bin/8.0.x86/md5_files create mode 100644 config/snort-dev/bin/8.0.x86/md5_files~ mode change 100755 => 100644 config/snort-dev/snort.sh (limited to 'config/snort-dev') diff --git a/config/snort-dev/bin/8.0.x86/barnyard2 b/config/snort-dev/bin/8.0.x86/barnyard2 new file mode 100755 index 00000000..43476338 Binary files /dev/null and b/config/snort-dev/bin/8.0.x86/barnyard2 differ diff --git a/config/snort-dev/bin/8.0.x86/md5_files b/config/snort-dev/bin/8.0.x86/md5_files new file mode 100644 index 00000000..3b283d80 --- /dev/null +++ b/config/snort-dev/bin/8.0.x86/md5_files @@ -0,0 +1,9 @@ +#For Freebsd 8.0 + + +MD5 (pcre-8.00.tbz) = 8a1ac82500efccefc6418856e27b6cc1 +MD5 (snort-2.8.5.3.tbz) = 826c15872c6d19bcbe2408fb34d165b9 +MD5 (perl-5.10.1.tbz) = f71020a8bd0f197c9bf70eb6d03b92af +MD5 (mysql-client-5.1.45.tbz) = 9cb5878ae922c3d4d0e31efe5712a90a +MD5 (barnyard2) = 4dbff13291a2b8c5018b7ab62f574bc8 + diff --git a/config/snort-dev/bin/8.0.x86/md5_files~ b/config/snort-dev/bin/8.0.x86/md5_files~ new file mode 100644 index 00000000..3b283d80 --- /dev/null +++ b/config/snort-dev/bin/8.0.x86/md5_files~ @@ -0,0 +1,9 @@ +#For Freebsd 8.0 + + +MD5 (pcre-8.00.tbz) = 8a1ac82500efccefc6418856e27b6cc1 +MD5 (snort-2.8.5.3.tbz) = 826c15872c6d19bcbe2408fb34d165b9 +MD5 (perl-5.10.1.tbz) = f71020a8bd0f197c9bf70eb6d03b92af +MD5 (mysql-client-5.1.45.tbz) = 9cb5878ae922c3d4d0e31efe5712a90a +MD5 (barnyard2) = 4dbff13291a2b8c5018b7ab62f574bc8 + diff --git a/config/snort-dev/css/style2.css b/config/snort-dev/css/style2.css index cd253de1..d7a1616c 100644 --- a/config/snort-dev/css/style2.css +++ b/config/snort-dev/css/style2.css @@ -1,111 +1,111 @@ -/* ----------------------------------- -general ------------------------------------ */ - -body -{ - margin: 0px; - padding: 0px; - font: 100%/1.4 helvetica, arial, sans-serif; - color: #444; - background: #fff; -} - -h1, h2, h3, h4, h5, h6 -{ - margin: 0 0 1em; - line-height: 1.1; -} - -h2, h3 { color: #003d5d; } -h2 { font-size: 218.75%; } - - -p -{ -margin-top: 35pt; -margin-right: 0pt; -margin-bottom: -25px; -margin-left: 0pt; -text-indent: 25px; -} - -img { border: none; } -a:link { color: #035389; } -a:visited { color: #09619C; } - -/* ----------------------------------- -Play Hide the tab ------------------------------------ */ - -div.items p:not(:target) {display: none} -div.items p:target {display: block} - - -/* ----------------------------------- -layout ------------------------------------ */ - -#container -{ - margin: 0 0px; - background: #fff; -} - -#header -{ - background: #fff; -} - -#header h1 { margin: 0; } - -#navigation -{ - float: left; - width: 100%; - background: #333; -} - -#navigation ul -{ - margin: 0; - padding: 0; -} - -#navigation ul li -{ - list-style-type: none; - display: inline; -} - -#navigation li a -{ - display: block; - float: left; - padding: 5px 10px; - color: #fff; - text-decoration: none; - border-right: 1px solid #fff; -} - -#navigation li a:hover -{ - background-color: #3366cc; - background-image: none; - background-repeat: repeat; - background-attachment: scroll; - background-position: 0% 0%; -} - -#content -{ - clear: left; - padding: 20px; -} - -#content h2 -{ - color: #000; - font-size: 160%; - margin: 0 0 .5em; +/* ----------------------------------- +general +----------------------------------- */ + +body +{ + margin: 0px; + padding: 0px; + font: 100%/1.4 helvetica, arial, sans-serif; + color: #444; + background: #fff; +} + +h1, h2, h3, h4, h5, h6 +{ + margin: 0 0 1em; + line-height: 1.1; +} + +h2, h3 { color: #003d5d; } +h2 { font-size: 218.75%; } + + +p +{ +margin-top: 35pt; +margin-right: 0pt; +margin-bottom: -25px; +margin-left: 0pt; +text-indent: 25px; +} + +img { border: none; } +a:link { color: #035389; } +a:visited { color: #09619C; } + +/* ----------------------------------- +Play Hide the tab +----------------------------------- */ + +div.items p:not(:target) {display: none} +div.items p:target {display: block} + + +/* ----------------------------------- +layout +----------------------------------- */ + +#container +{ + margin: 0 0px; + background: #fff; +} + +#header +{ + background: #fff; +} + +#header h1 { margin: 0; } + +#navigation +{ + float: left; + width: 100%; + background: #333; +} + +#navigation ul +{ + margin: 0; + padding: 0; +} + +#navigation ul li +{ + list-style-type: none; + display: inline; +} + +#navigation li a +{ + display: block; + float: left; + padding: 5px 10px; + color: #fff; + text-decoration: none; + border-right: 1px solid #fff; +} + +#navigation li a:hover +{ + background-color: #3366cc; + background-image: none; + background-repeat: repeat; + background-attachment: scroll; + background-position: 0% 0%; +} + +#content +{ + clear: left; + padding: 20px; +} + +#content h2 +{ + color: #000; + font-size: 160%; + margin: 0 0 .5em; } \ No newline at end of file diff --git a/config/snort-dev/help_and_info.php b/config/snort-dev/help_and_info.php index ff31d6d0..0f4a0c9f 100644 --- a/config/snort-dev/help_and_info.php +++ b/config/snort-dev/help_and_info.php @@ -1,196 +1,196 @@ - - - - -Help & Info - - - - - - - - - -
- - -
-
-

- Snort Package is a GUI based front-end for Sourcefire\'s Snort ® IDS/IPS software. The Snort Package goal is to be - the best open-source GUI to manage multiple snort sensors and multiple rule snapshots. The project other goal is to be a highly competitive GUI for - network monitoring for both private and enterprise use. Lastly, this project software development should bring programmers and users together to create - software. -

-

- What is Snort ? Used by fortune 500 companies and goverments Snort is the most widely deployed IDS/IPS technology worldwide. It features rules based logging and - can perform content searching/matching in addition to being used to detect a variety of other attacks and probes, such as buffer overflows, stealth port - scans, CGI attacks, SMB probes, and much more. -

-

- Requirements :
- Minimum requirement 256 mb ram, 500 MHz CPU.
- Recommended 500 mb ram, 1 Ghz CPU.
- The more rules you run the more memory you need.
- The more interfaces you select the more memory you need.

- Development is done on a Alix 2D3 system (500 MHz AMD Geode LX800 CPU 256MB DDR DRAM). -

-
-
-

-About Me

-Coming soon............ - -

-
-
-

-Services

-Coming soon............ -

-
-
-

-Change Log

-Coming soon............ -

-
-
-

-PfSense is brought to you by a dedicated group of developers who are security and network professionals by trade. The following people are active developers of the pfSense project. -Username is listed in parenthesis (generally also the person\'s forum username, IRC nickname, etc.).

- -Main Snort-dev Package Developer
-Robert Zelaya

- -Founders
-In alphabetical order

- -Chris Buechler (cmb)
-Scott Ullrich (sullrich)

- -Active Developers
-Listed in order of seniority along with date of first contribution.

- -Bill Marquette (billm) - February 2005
-Holger Bauer (hoba) - May 2005
-Erik Kristensen (ekristen) - August 2005
-Seth Mos (smos) - November 2005
-Scott Dale (sdale) - December 2006
-Martin Fuchs (mfuchs) - June 2007
-Ermal Luçi (ermal) - January 2008
-Matthew Grooms (mgrooms) - July 2008
-Mark Crane (mcrane) - October 2008
-Jim Pingle (jim-p) - February 2009
-Rob Zelaya (robiscool) - March 2009
-Renato Botelho (rbgarga) - May 2009

- -FreeBSD Developer Assistance
-We would like to thank the following FreeBSD developers for their assistance.

- -Max Laier (mlaier)
-Christian S.J. Peron (csjp)
-Andrew Thompson (thompsa)
-Bjoern A. Zeeb (bz)

- -among many others who help us directly, and everyone who contributes to FreeBSD.

- -Inactive Developers
-The following individuals are no longer active contributors, having moved on because of other commitments, or employers forbidding contributions. We thank them for their past contributions.

- -Daniel Berlin (dberlin)
-Daniel Haischt (dsh)
-Espen Johansen (lsf)
-Scott Kamp (dingo)
-Bachman Kharazmi (bkw)
-Fernando Tarlá Cardoso Lemos (fernando)
-Kyle Mott (kyle)
-Colin Smith (colin)
-

-
-
-

-Heros

-Coming soon............ -

-
-
-

-=========================
- -Q: Do you have a quick install tutorial and tabs explanation.
- -A: Yes.
- - http://doc.pfsense.org/index.php/Setup_Snort_Package
- -=========================
- -Q: What interfaces can snort listen on ?
- -A: Right now all WAN interfaces and LAN interfaces. But if you select a LAN interface you may need to adjust the snort rules to use the LAN interface.
- -==========================
- -Q: What logs does the snort package keep. ?
- -A: Most of the snort logs are keept in the /var/log/snort.
- Snorts syslogs\' are saved to the /var/log/snort/snort_sys_0ng0.
- -==========================
- -Q: What is the best Performance setting ? or Snort is using 90% cpu and all my memory.
- -A: Depends how much memory you have and how many rules you want to run.; lowmem for systems with less than 256 mb memory, ac-bnfa for systems
- with over 256 mb of memory. The other options are; ac high memory, best performance, ac-std moderate memory, high performance,acs small
- memory, moderate performance,ac-banded small memory,moderate performance,ac-sparsebands small memory, high performance.
- - Short version: For most people ac-bnfa is the best setting.
- -=========================
- -Q: What is the Oinkmaster code ? How do I get the code ?
- -A: The Oinkmaster code is your personal password in order to download snort rules.
- You get a Oinkmaster code when you register with snort.org. It is free to register.
- Goto https://www.snort.org/signup to get your personal code.
- -=========================
- -Q: What is the Snort.org subscriber option? How do I become a Snort.org subscriber?
- -A: Snort.org subscribers get the the latest rule updates 30 days faster than registered users.
- Goto http://www.snort.org/vrt/buy-a-subscription/. - It is highly suggested that you get a paid subscription so that you can always have the latest rules.
- -=========================
- -Q: When did you start working on the snort package.
- -A: I started working on the snort package in May 2009.
-

-
-
- - -'; + + + + +Help & Info + + + + + + + + + +
+ + +
+
+

+ Snort Package is a GUI based front-end for Sourcefire\'s Snort ® IDS/IPS software. The Snort Package goal is to be + the best open-source GUI to manage multiple snort sensors and multiple rule snapshots. The project other goal is to be a highly competitive GUI for + network monitoring for both private and enterprise use. Lastly, this project software development should bring programmers and users together to create + software. +

+

+ What is Snort ? Used by fortune 500 companies and goverments Snort is the most widely deployed IDS/IPS technology worldwide. It features rules based logging and + can perform content searching/matching in addition to being used to detect a variety of other attacks and probes, such as buffer overflows, stealth port + scans, CGI attacks, SMB probes, and much more. +

+

+ Requirements :
+ Minimum requirement 256 mb ram, 500 MHz CPU.
+ Recommended 500 mb ram, 1 Ghz CPU.
+ The more rules you run the more memory you need.
+ The more interfaces you select the more memory you need.

+ Development is done on a Alix 2D3 system (500 MHz AMD Geode LX800 CPU 256MB DDR DRAM). +

+
+
+

+About Me

+Coming soon............ + +

+
+
+

+Services

+Coming soon............ +

+
+
+

+Change Log

+Coming soon............ +

+
+
+

+PfSense is brought to you by a dedicated group of developers who are security and network professionals by trade. The following people are active developers of the pfSense project. +Username is listed in parenthesis (generally also the person\'s forum username, IRC nickname, etc.).

+ +Main Snort-dev Package Developer
+Robert Zelaya

+ +Founders
+In alphabetical order

+ +Chris Buechler (cmb)
+Scott Ullrich (sullrich)

+ +Active Developers
+Listed in order of seniority along with date of first contribution.

+ +Bill Marquette (billm) - February 2005
+Holger Bauer (hoba) - May 2005
+Erik Kristensen (ekristen) - August 2005
+Seth Mos (smos) - November 2005
+Scott Dale (sdale) - December 2006
+Martin Fuchs (mfuchs) - June 2007
+Ermal Luçi (ermal) - January 2008
+Matthew Grooms (mgrooms) - July 2008
+Mark Crane (mcrane) - October 2008
+Jim Pingle (jim-p) - February 2009
+Rob Zelaya (robiscool) - March 2009
+Renato Botelho (rbgarga) - May 2009

+ +FreeBSD Developer Assistance
+We would like to thank the following FreeBSD developers for their assistance.

+ +Max Laier (mlaier)
+Christian S.J. Peron (csjp)
+Andrew Thompson (thompsa)
+Bjoern A. Zeeb (bz)

+ +among many others who help us directly, and everyone who contributes to FreeBSD.

+ +Inactive Developers
+The following individuals are no longer active contributors, having moved on because of other commitments, or employers forbidding contributions. We thank them for their past contributions.

+ +Daniel Berlin (dberlin)
+Daniel Haischt (dsh)
+Espen Johansen (lsf)
+Scott Kamp (dingo)
+Bachman Kharazmi (bkw)
+Fernando Tarlá Cardoso Lemos (fernando)
+Kyle Mott (kyle)
+Colin Smith (colin)
+

+
+
+

+Heros

+Coming soon............ +

+
+
+

+=========================
+ +Q: Do you have a quick install tutorial and tabs explanation.
+ +A: Yes.
+ + http://doc.pfsense.org/index.php/Setup_Snort_Package
+ +=========================
+ +Q: What interfaces can snort listen on ?
+ +A: Right now all WAN interfaces and LAN interfaces. But if you select a LAN interface you may need to adjust the snort rules to use the LAN interface.
+ +==========================
+ +Q: What logs does the snort package keep. ?
+ +A: Most of the snort logs are keept in the /var/log/snort.
+ Snorts syslogs\' are saved to the /var/log/snort/snort_sys_0ng0.
+ +==========================
+ +Q: What is the best Performance setting ? or Snort is using 90% cpu and all my memory.
+ +A: Depends how much memory you have and how many rules you want to run.; lowmem for systems with less than 256 mb memory, ac-bnfa for systems
+ with over 256 mb of memory. The other options are; ac high memory, best performance, ac-std moderate memory, high performance,acs small
+ memory, moderate performance,ac-banded small memory,moderate performance,ac-sparsebands small memory, high performance.
+ + Short version: For most people ac-bnfa is the best setting.
+ +=========================
+ +Q: What is the Oinkmaster code ? How do I get the code ?
+ +A: The Oinkmaster code is your personal password in order to download snort rules.
+ You get a Oinkmaster code when you register with snort.org. It is free to register.
+ Goto https://www.snort.org/signup to get your personal code.
+ +=========================
+ +Q: What is the Snort.org subscriber option? How do I become a Snort.org subscriber?
+ +A: Snort.org subscribers get the the latest rule updates 30 days faster than registered users.
+ Goto http://www.snort.org/vrt/buy-a-subscription/. + It is highly suggested that you get a paid subscription so that you can always have the latest rules.
+ +=========================
+ +Q: When did you start working on the snort package.
+ +A: I started working on the snort package in May 2009.
+

+
+
+ + +'; ?> \ No newline at end of file diff --git a/config/snort-dev/images/footer.jpg b/config/snort-dev/images/footer.jpg index 0cf9675a..4af05707 100644 Binary files a/config/snort-dev/images/footer.jpg and b/config/snort-dev/images/footer.jpg differ diff --git a/config/snort-dev/images/footer2.jpg b/config/snort-dev/images/footer2.jpg index 37bdb18e..3332e085 100644 Binary files a/config/snort-dev/images/footer2.jpg and b/config/snort-dev/images/footer2.jpg differ diff --git a/config/snort-dev/images/icon-table-sort-asc.png b/config/snort-dev/images/icon-table-sort-asc.png index 330b3c1f..0c127919 100644 Binary files a/config/snort-dev/images/icon-table-sort-asc.png and b/config/snort-dev/images/icon-table-sort-asc.png differ diff --git a/config/snort-dev/images/icon-table-sort-desc.png b/config/snort-dev/images/icon-table-sort-desc.png index dc8a92bb..5c52f2d0 100644 Binary files a/config/snort-dev/images/icon-table-sort-desc.png and b/config/snort-dev/images/icon-table-sort-desc.png differ diff --git a/config/snort-dev/images/icon-table-sort.png b/config/snort-dev/images/icon-table-sort.png index 389169ab..3cae604b 100644 Binary files a/config/snort-dev/images/icon-table-sort.png and b/config/snort-dev/images/icon-table-sort.png differ diff --git a/config/snort-dev/images/logo.jpg b/config/snort-dev/images/logo.jpg index 75abf478..fa01d818 100644 Binary files a/config/snort-dev/images/logo.jpg and b/config/snort-dev/images/logo.jpg differ diff --git a/config/snort-dev/javascript/jquery-1.3.2.js b/config/snort-dev/javascript/jquery-1.3.2.js index ac191058..59b71d25 100644 --- a/config/snort-dev/javascript/jquery-1.3.2.js +++ b/config/snort-dev/javascript/jquery-1.3.2.js @@ -1,4376 +1,4376 @@ -/*! - * jQuery JavaScript Library v1.3.2 - * http://jquery.com/ - * - * Copyright (c) 2009 John Resig - * Dual licensed under the MIT and GPL licenses. - * http://docs.jquery.com/License - * - * Date: 2009-02-19 17:34:21 -0500 (Thu, 19 Feb 2009) - * Revision: 6246 - */ -(function(){ - -var - // Will speed up references to window, and allows munging its name. - window = this, - // Will speed up references to undefined, and allows munging its name. - undefined, - // Map over jQuery in case of overwrite - _jQuery = window.jQuery, - // Map over the $ in case of overwrite - _$ = window.$, - - jQuery = window.jQuery = window.$ = function( selector, context ) { - // The jQuery object is actually just the init constructor 'enhanced' - return new jQuery.fn.init( selector, context ); - }, - - // A simple way to check for HTML strings or ID strings - // (both of which we optimize for) - quickExpr = /^[^<]*(<(.|\s)+>)[^>]*$|^#([\w-]+)$/, - // Is it a simple selector - isSimple = /^.[^:#\[\.,]*$/; - -jQuery.fn = jQuery.prototype = { - init: function( selector, context ) { - // Make sure that a selection was provided - selector = selector || document; - - // Handle $(DOMElement) - if ( selector.nodeType ) { - this[0] = selector; - this.length = 1; - this.context = selector; - return this; - } - // Handle HTML strings - if ( typeof selector === "string" ) { - // Are we dealing with HTML string or an ID? - var match = quickExpr.exec( selector ); - - // Verify a match, and that no context was specified for #id - if ( match && (match[1] || !context) ) { - - // HANDLE: $(html) -> $(array) - if ( match[1] ) - selector = jQuery.clean( [ match[1] ], context ); - - // HANDLE: $("#id") - else { - var elem = document.getElementById( match[3] ); - - // Handle the case where IE and Opera return items - // by name instead of ID - if ( elem && elem.id != match[3] ) - return jQuery().find( selector ); - - // Otherwise, we inject the element directly into the jQuery object - var ret = jQuery( elem || [] ); - ret.context = document; - ret.selector = selector; - return ret; - } - - // HANDLE: $(expr, [context]) - // (which is just equivalent to: $(content).find(expr) - } else - return jQuery( context ).find( selector ); - - // HANDLE: $(function) - // Shortcut for document ready - } else if ( jQuery.isFunction( selector ) ) - return jQuery( document ).ready( selector ); - - // Make sure that old selector state is passed along - if ( selector.selector && selector.context ) { - this.selector = selector.selector; - this.context = selector.context; - } - - return this.setArray(jQuery.isArray( selector ) ? - selector : - jQuery.makeArray(selector)); - }, - - // Start with an empty selector - selector: "", - - // The current version of jQuery being used - jquery: "1.3.2", - - // The number of elements contained in the matched element set - size: function() { - return this.length; - }, - - // Get the Nth element in the matched element set OR - // Get the whole matched element set as a clean array - get: function( num ) { - return num === undefined ? - - // Return a 'clean' array - Array.prototype.slice.call( this ) : - - // Return just the object - this[ num ]; - }, - - // Take an array of elements and push it onto the stack - // (returning the new matched element set) - pushStack: function( elems, name, selector ) { - // Build a new jQuery matched element set - var ret = jQuery( elems ); - - // Add the old object onto the stack (as a reference) - ret.prevObject = this; - - ret.context = this.context; - - if ( name === "find" ) - ret.selector = this.selector + (this.selector ? " " : "") + selector; - else if ( name ) - ret.selector = this.selector + "." + name + "(" + selector + ")"; - - // Return the newly-formed element set - return ret; - }, - - // Force the current matched set of elements to become - // the specified array of elements (destroying the stack in the process) - // You should use pushStack() in order to do this, but maintain the stack - setArray: function( elems ) { - // Resetting the length to 0, then using the native Array push - // is a super-fast way to populate an object with array-like properties - this.length = 0; - Array.prototype.push.apply( this, elems ); - - return this; - }, - - // Execute a callback for every element in the matched set. - // (You can seed the arguments with an array of args, but this is - // only used internally.) - each: function( callback, args ) { - return jQuery.each( this, callback, args ); - }, - - // Determine the position of an element within - // the matched set of elements - index: function( elem ) { - // Locate the position of the desired element - return jQuery.inArray( - // If it receives a jQuery object, the first element is used - elem && elem.jquery ? elem[0] : elem - , this ); - }, - - attr: function( name, value, type ) { - var options = name; - - // Look for the case where we're accessing a style value - if ( typeof name === "string" ) - if ( value === undefined ) - return this[0] && jQuery[ type || "attr" ]( this[0], name ); - - else { - options = {}; - options[ name ] = value; - } - - // Check to see if we're setting style values - return this.each(function(i){ - // Set all the styles - for ( name in options ) - jQuery.attr( - type ? - this.style : - this, - name, jQuery.prop( this, options[ name ], type, i, name ) - ); - }); - }, - - css: function( key, value ) { - // ignore negative width and height values - if ( (key == 'width' || key == 'height') && parseFloat(value) < 0 ) - value = undefined; - return this.attr( key, value, "curCSS" ); - }, - - text: function( text ) { - if ( typeof text !== "object" && text != null ) - return this.empty().append( (this[0] && this[0].ownerDocument || document).createTextNode( text ) ); - - var ret = ""; - - jQuery.each( text || this, function(){ - jQuery.each( this.childNodes, function(){ - if ( this.nodeType != 8 ) - ret += this.nodeType != 1 ? - this.nodeValue : - jQuery.fn.text( [ this ] ); - }); - }); - - return ret; - }, - - wrapAll: function( html ) { - if ( this[0] ) { - // The elements to wrap the target around - var wrap = jQuery( html, this[0].ownerDocument ).clone(); - - if ( this[0].parentNode ) - wrap.insertBefore( this[0] ); - - wrap.map(function(){ - var elem = this; - - while ( elem.firstChild ) - elem = elem.firstChild; - - return elem; - }).append(this); - } - - return this; - }, - - wrapInner: function( html ) { - return this.each(function(){ - jQuery( this ).contents().wrapAll( html ); - }); - }, - - wrap: function( html ) { - return this.each(function(){ - jQuery( this ).wrapAll( html ); - }); - }, - - append: function() { - return this.domManip(arguments, true, function(elem){ - if (this.nodeType == 1) - this.appendChild( elem ); - }); - }, - - prepend: function() { - return this.domManip(arguments, true, function(elem){ - if (this.nodeType == 1) - this.insertBefore( elem, this.firstChild ); - }); - }, - - before: function() { - return this.domManip(arguments, false, function(elem){ - this.parentNode.insertBefore( elem, this ); - }); - }, - - after: function() { - return this.domManip(arguments, false, function(elem){ - this.parentNode.insertBefore( elem, this.nextSibling ); - }); - }, - - end: function() { - return this.prevObject || jQuery( [] ); - }, - - // For internal use only. - // Behaves like an Array's method, not like a jQuery method. - push: [].push, - sort: [].sort, - splice: [].splice, - - find: function( selector ) { - if ( this.length === 1 ) { - var ret = this.pushStack( [], "find", selector ); - ret.length = 0; - jQuery.find( selector, this[0], ret ); - return ret; - } else { - return this.pushStack( jQuery.unique(jQuery.map(this, function(elem){ - return jQuery.find( selector, elem ); - })), "find", selector ); - } - }, - - clone: function( events ) { - // Do the clone - var ret = this.map(function(){ - if ( !jQuery.support.noCloneEvent && !jQuery.isXMLDoc(this) ) { - // IE copies events bound via attachEvent when - // using cloneNode. Calling detachEvent on the - // clone will also remove the events from the orignal - // In order to get around this, we use innerHTML. - // Unfortunately, this means some modifications to - // attributes in IE that are actually only stored - // as properties will not be copied (such as the - // the name attribute on an input). - var html = this.outerHTML; - if ( !html ) { - var div = this.ownerDocument.createElement("div"); - div.appendChild( this.cloneNode(true) ); - html = div.innerHTML; - } - - return jQuery.clean([html.replace(/ jQuery\d+="(?:\d+|null)"/g, "").replace(/^\s*/, "")])[0]; - } else - return this.cloneNode(true); - }); - - // Copy the events from the original to the clone - if ( events === true ) { - var orig = this.find("*").andSelf(), i = 0; - - ret.find("*").andSelf().each(function(){ - if ( this.nodeName !== orig[i].nodeName ) - return; - - var events = jQuery.data( orig[i], "events" ); - - for ( var type in events ) { - for ( var handler in events[ type ] ) { - jQuery.event.add( this, type, events[ type ][ handler ], events[ type ][ handler ].data ); - } - } - - i++; - }); - } - - // Return the cloned set - return ret; - }, - - filter: function( selector ) { - return this.pushStack( - jQuery.isFunction( selector ) && - jQuery.grep(this, function(elem, i){ - return selector.call( elem, i ); - }) || - - jQuery.multiFilter( selector, jQuery.grep(this, function(elem){ - return elem.nodeType === 1; - }) ), "filter", selector ); - }, - - closest: function( selector ) { - var pos = jQuery.expr.match.POS.test( selector ) ? jQuery(selector) : null, - closer = 0; - - return this.map(function(){ - var cur = this; - while ( cur && cur.ownerDocument ) { - if ( pos ? pos.index(cur) > -1 : jQuery(cur).is(selector) ) { - jQuery.data(cur, "closest", closer); - return cur; - } - cur = cur.parentNode; - closer++; - } - }); - }, - - not: function( selector ) { - if ( typeof selector === "string" ) - // test special case where just one selector is passed in - if ( isSimple.test( selector ) ) - return this.pushStack( jQuery.multiFilter( selector, this, true ), "not", selector ); - else - selector = jQuery.multiFilter( selector, this ); - - var isArrayLike = selector.length && selector[selector.length - 1] !== undefined && !selector.nodeType; - return this.filter(function() { - return isArrayLike ? jQuery.inArray( this, selector ) < 0 : this != selector; - }); - }, - - add: function( selector ) { - return this.pushStack( jQuery.unique( jQuery.merge( - this.get(), - typeof selector === "string" ? - jQuery( selector ) : - jQuery.makeArray( selector ) - ))); - }, - - is: function( selector ) { - return !!selector && jQuery.multiFilter( selector, this ).length > 0; - }, - - hasClass: function( selector ) { - return !!selector && this.is( "." + selector ); - }, - - val: function( value ) { - if ( value === undefined ) { - var elem = this[0]; - - if ( elem ) { - if( jQuery.nodeName( elem, 'option' ) ) - return (elem.attributes.value || {}).specified ? elem.value : elem.text; - - // We need to handle select boxes special - if ( jQuery.nodeName( elem, "select" ) ) { - var index = elem.selectedIndex, - values = [], - options = elem.options, - one = elem.type == "select-one"; - - // Nothing was selected - if ( index < 0 ) - return null; - - // Loop through all the selected options - for ( var i = one ? index : 0, max = one ? index + 1 : options.length; i < max; i++ ) { - var option = options[ i ]; - - if ( option.selected ) { - // Get the specifc value for the option - value = jQuery(option).val(); - - // We don't need an array for one selects - if ( one ) - return value; - - // Multi-Selects return an array - values.push( value ); - } - } - - return values; - } - - // Everything else, we just grab the value - return (elem.value || "").replace(/\r/g, ""); - - } - - return undefined; - } - - if ( typeof value === "number" ) - value += ''; - - return this.each(function(){ - if ( this.nodeType != 1 ) - return; - - if ( jQuery.isArray(value) && /radio|checkbox/.test( this.type ) ) - this.checked = (jQuery.inArray(this.value, value) >= 0 || - jQuery.inArray(this.name, value) >= 0); - - else if ( jQuery.nodeName( this, "select" ) ) { - var values = jQuery.makeArray(value); - - jQuery( "option", this ).each(function(){ - this.selected = (jQuery.inArray( this.value, values ) >= 0 || - jQuery.inArray( this.text, values ) >= 0); - }); - - if ( !values.length ) - this.selectedIndex = -1; - - } else - this.value = value; - }); - }, - - html: function( value ) { - return value === undefined ? - (this[0] ? - this[0].innerHTML.replace(/ jQuery\d+="(?:\d+|null)"/g, "") : - null) : - this.empty().append( value ); - }, - - replaceWith: function( value ) { - return this.after( value ).remove(); - }, - - eq: function( i ) { - return this.slice( i, +i + 1 ); - }, - - slice: function() { - return this.pushStack( Array.prototype.slice.apply( this, arguments ), - "slice", Array.prototype.slice.call(arguments).join(",") ); - }, - - map: function( callback ) { - return this.pushStack( jQuery.map(this, function(elem, i){ - return callback.call( elem, i, elem ); - })); - }, - - andSelf: function() { - return this.add( this.prevObject ); - }, - - domManip: function( args, table, callback ) { - if ( this[0] ) { - var fragment = (this[0].ownerDocument || this[0]).createDocumentFragment(), - scripts = jQuery.clean( args, (this[0].ownerDocument || this[0]), fragment ), - first = fragment.firstChild; - - if ( first ) - for ( var i = 0, l = this.length; i < l; i++ ) - callback.call( root(this[i], first), this.length > 1 || i > 0 ? - fragment.cloneNode(true) : fragment ); - - if ( scripts ) - jQuery.each( scripts, evalScript ); - } - - return this; - - function root( elem, cur ) { - return table && jQuery.nodeName(elem, "table") && jQuery.nodeName(cur, "tr") ? - (elem.getElementsByTagName("tbody")[0] || - elem.appendChild(elem.ownerDocument.createElement("tbody"))) : - elem; - } - } -}; - -// Give the init function the jQuery prototype for later instantiation -jQuery.fn.init.prototype = jQuery.fn; - -function evalScript( i, elem ) { - if ( elem.src ) - jQuery.ajax({ - url: elem.src, - async: false, - dataType: "script" - }); - - else - jQuery.globalEval( elem.text || elem.textContent || elem.innerHTML || "" ); - - if ( elem.parentNode ) - elem.parentNode.removeChild( elem ); -} - -function now(){ - return +new Date; -} - -jQuery.extend = jQuery.fn.extend = function() { - // copy reference to target object - var target = arguments[0] || {}, i = 1, length = arguments.length, deep = false, options; - - // Handle a deep copy situation - if ( typeof target === "boolean" ) { - deep = target; - target = arguments[1] || {}; - // skip the boolean and the target - i = 2; - } - - // Handle case when target is a string or something (possible in deep copy) - if ( typeof target !== "object" && !jQuery.isFunction(target) ) - target = {}; - - // extend jQuery itself if only one argument is passed - if ( length == i ) { - target = this; - --i; - } - - for ( ; i < length; i++ ) - // Only deal with non-null/undefined values - if ( (options = arguments[ i ]) != null ) - // Extend the base object - for ( var name in options ) { - var src = target[ name ], copy = options[ name ]; - - // Prevent never-ending loop - if ( target === copy ) - continue; - - // Recurse if we're merging object values - if ( deep && copy && typeof copy === "object" && !copy.nodeType ) - target[ name ] = jQuery.extend( deep, - // Never move original objects, clone them - src || ( copy.length != null ? [ ] : { } ) - , copy ); - - // Don't bring in undefined values - else if ( copy !== undefined ) - target[ name ] = copy; - - } - - // Return the modified object - return target; -}; - -// exclude the following css properties to add px -var exclude = /z-?index|font-?weight|opacity|zoom|line-?height/i, - // cache defaultView - defaultView = document.defaultView || {}, - toString = Object.prototype.toString; - -jQuery.extend({ - noConflict: function( deep ) { - window.$ = _$; - - if ( deep ) - window.jQuery = _jQuery; - - return jQuery; - }, - - // See test/unit/core.js for details concerning isFunction. - // Since version 1.3, DOM methods and functions like alert - // aren't supported. They return false on IE (#2968). - isFunction: function( obj ) { - return toString.call(obj) === "[object Function]"; - }, - - isArray: function( obj ) { - return toString.call(obj) === "[object Array]"; - }, - - // check if an element is in a (or is an) XML document - isXMLDoc: function( elem ) { - return elem.nodeType === 9 && elem.documentElement.nodeName !== "HTML" || - !!elem.ownerDocument && jQuery.isXMLDoc( elem.ownerDocument ); - }, - - // Evalulates a script in a global context - globalEval: function( data ) { - if ( data && /\S/.test(data) ) { - // Inspired by code by Andrea Giammarchi - // http://webreflection.blogspot.com/2007/08/global-scope-evaluation-and-dom.html - var head = document.getElementsByTagName("head")[0] || document.documentElement, - script = document.createElement("script"); - - script.type = "text/javascript"; - if ( jQuery.support.scriptEval ) - script.appendChild( document.createTextNode( data ) ); - else - script.text = data; - - // Use insertBefore instead of appendChild to circumvent an IE6 bug. - // This arises when a base node is used (#2709). - head.insertBefore( script, head.firstChild ); - head.removeChild( script ); - } - }, - - nodeName: function( elem, name ) { - return elem.nodeName && elem.nodeName.toUpperCase() == name.toUpperCase(); - }, - - // args is for internal usage only - each: function( object, callback, args ) { - var name, i = 0, length = object.length; - - if ( args ) { - if ( length === undefined ) { - for ( name in object ) - if ( callback.apply( object[ name ], args ) === false ) - break; - } else - for ( ; i < length; ) - if ( callback.apply( object[ i++ ], args ) === false ) - break; - - // A special, fast, case for the most common use of each - } else { - if ( length === undefined ) { - for ( name in object ) - if ( callback.call( object[ name ], name, object[ name ] ) === false ) - break; - } else - for ( var value = object[0]; - i < length && callback.call( value, i, value ) !== false; value = object[++i] ){} - } - - return object; - }, - - prop: function( elem, value, type, i, name ) { - // Handle executable functions - if ( jQuery.isFunction( value ) ) - value = value.call( elem, i ); - - // Handle passing in a number to a CSS property - return typeof value === "number" && type == "curCSS" && !exclude.test( name ) ? - value + "px" : - value; - }, - - className: { - // internal only, use addClass("class") - add: function( elem, classNames ) { - jQuery.each((classNames || "").split(/\s+/), function(i, className){ - if ( elem.nodeType == 1 && !jQuery.className.has( elem.className, className ) ) - elem.className += (elem.className ? " " : "") + className; - }); - }, - - // internal only, use removeClass("class") - remove: function( elem, classNames ) { - if (elem.nodeType == 1) - elem.className = classNames !== undefined ? - jQuery.grep(elem.className.split(/\s+/), function(className){ - return !jQuery.className.has( classNames, className ); - }).join(" ") : - ""; - }, - - // internal only, use hasClass("class") - has: function( elem, className ) { - return elem && jQuery.inArray( className, (elem.className || elem).toString().split(/\s+/) ) > -1; - } - }, - - // A method for quickly swapping in/out CSS properties to get correct calculations - swap: function( elem, options, callback ) { - var old = {}; - // Remember the old values, and insert the new ones - for ( var name in options ) { - old[ name ] = elem.style[ name ]; - elem.style[ name ] = options[ name ]; - } - - callback.call( elem ); - - // Revert the old values - for ( var name in options ) - elem.style[ name ] = old[ name ]; - }, - - css: function( elem, name, force, extra ) { - if ( name == "width" || name == "height" ) { - var val, props = { position: "absolute", visibility: "hidden", display:"block" }, which = name == "width" ? [ "Left", "Right" ] : [ "Top", "Bottom" ]; - - function getWH() { - val = name == "width" ? elem.offsetWidth : elem.offsetHeight; - - if ( extra === "border" ) - return; - - jQuery.each( which, function() { - if ( !extra ) - val -= parseFloat(jQuery.curCSS( elem, "padding" + this, true)) || 0; - if ( extra === "margin" ) - val += parseFloat(jQuery.curCSS( elem, "margin" + this, true)) || 0; - else - val -= parseFloat(jQuery.curCSS( elem, "border" + this + "Width", true)) || 0; - }); - } - - if ( elem.offsetWidth !== 0 ) - getWH(); - else - jQuery.swap( elem, props, getWH ); - - return Math.max(0, Math.round(val)); - } - - return jQuery.curCSS( elem, name, force ); - }, - - curCSS: function( elem, name, force ) { - var ret, style = elem.style; - - // We need to handle opacity special in IE - if ( name == "opacity" && !jQuery.support.opacity ) { - ret = jQuery.attr( style, "opacity" ); - - return ret == "" ? - "1" : - ret; - } - - // Make sure we're using the right name for getting the float value - if ( name.match( /float/i ) ) - name = styleFloat; - - if ( !force && style && style[ name ] ) - ret = style[ name ]; - - else if ( defaultView.getComputedStyle ) { - - // Only "float" is needed here - if ( name.match( /float/i ) ) - name = "float"; - - name = name.replace( /([A-Z])/g, "-$1" ).toLowerCase(); - - var computedStyle = defaultView.getComputedStyle( elem, null ); - - if ( computedStyle ) - ret = computedStyle.getPropertyValue( name ); - - // We should always get a number back from opacity - if ( name == "opacity" && ret == "" ) - ret = "1"; - - } else if ( elem.currentStyle ) { - var camelCase = name.replace(/\-(\w)/g, function(all, letter){ - return letter.toUpperCase(); - }); - - ret = elem.currentStyle[ name ] || elem.currentStyle[ camelCase ]; - - // From the awesome hack by Dean Edwards - // http://erik.eae.net/archives/2007/07/27/18.54.15/#comment-102291 - - // If we're not dealing with a regular pixel number - // but a number that has a weird ending, we need to convert it to pixels - if ( !/^\d+(px)?$/i.test( ret ) && /^\d/.test( ret ) ) { - // Remember the original values - var left = style.left, rsLeft = elem.runtimeStyle.left; - - // Put in the new values to get a computed value out - elem.runtimeStyle.left = elem.currentStyle.left; - style.left = ret || 0; - ret = style.pixelLeft + "px"; - - // Revert the changed values - style.left = left; - elem.runtimeStyle.left = rsLeft; - } - } - - return ret; - }, - - clean: function( elems, context, fragment ) { - context = context || document; - - // !context.createElement fails in IE with an error but returns typeof 'object' - if ( typeof context.createElement === "undefined" ) - context = context.ownerDocument || context[0] && context[0].ownerDocument || document; - - // If a single string is passed in and it's a single tag - // just do a createElement and skip the rest - if ( !fragment && elems.length === 1 && typeof elems[0] === "string" ) { - var match = /^<(\w+)\s*\/?>$/.exec(elems[0]); - if ( match ) - return [ context.createElement( match[1] ) ]; - } - - var ret = [], scripts = [], div = context.createElement("div"); - - jQuery.each(elems, function(i, elem){ - if ( typeof elem === "number" ) - elem += ''; - - if ( !elem ) - return; - - // Convert html string into DOM nodes - if ( typeof elem === "string" ) { - // Fix "XHTML"-style tags in all browsers - elem = elem.replace(/(<(\w+)[^>]*?)\/>/g, function(all, front, tag){ - return tag.match(/^(abbr|br|col|img|input|link|meta|param|hr|area|embed)$/i) ? - all : - front + ">"; - }); - - // Trim whitespace, otherwise indexOf won't work as expected - var tags = elem.replace(/^\s+/, "").substring(0, 10).toLowerCase(); - - var wrap = - // option or optgroup - !tags.indexOf("", "" ] || - - !tags.indexOf("", "" ] || - - tags.match(/^<(thead|tbody|tfoot|colg|cap)/) && - [ 1, "", "
" ] || - - !tags.indexOf("", "" ] || - - // matched above - (!tags.indexOf("", "" ] || - - !tags.indexOf("", "" ] || - - // IE can't serialize and -

+

@@ -549,7 +515,7 @@ if ($a_nat[$id]['interface'] != '') { Log to a Tcpdump file onClick="enable_change(false)">
- Snort will log packets to a tcpdump-formatted file. The file then can be analyzed by an application such as Wireshark which understands pcap file formats. WARNING: File may become large. + Snort will log packets to a tcpdump-formatted file. The file then can be analyzed by an application such as Wireshark which understands pcap file formats. WARNING: File may become large. Log Alerts to a snort unified2 file diff --git a/config/snort-dev/snort_interfaces_global.php b/config/snort-dev/snort_interfaces_global.php index 95b55517..de1ff812 100644 --- a/config/snort-dev/snort_interfaces_global.php +++ b/config/snort-dev/snort_interfaces_global.php @@ -33,8 +33,8 @@ */ $pgtitle = "Services: Snort: Global Settings"; -require("guiconfig.inc"); -require("/usr/local/pkg/snort/snort.inc"); +require_once("guiconfig.inc"); +require_once("/usr/local/pkg/snort/snort.inc"); /* make things short */ $pconfig['snortdownload'] = $config['installedpackages']['snortglobal']['snortdownload']; @@ -57,34 +57,7 @@ if ($_POST) { if ($_POST['enable']) { -// if ($_POST['timeout'] && (!is_numeric($_POST['timeout']) || ($_POST['timeout'] < 1))) { -// $input_errors[] = "The timeout must be at least 1 minute."; -// } -// if ($_POST['idletimeout'] && (!is_numeric($_POST['idletimeout']) || ($_POST['idletimeout'] < 1))) { -// $input_errors[] = "The idle timeout must be at least 1 minute."; -// } -// if (($_POST['radiusip'] && !is_ipaddr($_POST['radiusip']))) { -// $input_errors[] = "A valid IP address must be specified. [".$_POST['radiusip']."]"; -// } -// if (($_POST['radiusip2'] && !is_ipaddr($_POST['radiusip2']))) { -// $input_errors[] = "A valid IP address must be specified. [".$_POST['radiusip2']."]"; -// } -// if (($_POST['radiusport'] && !is_port($_POST['radiusport']))) { -// $input_errors[] = "A valid port number must be specified. [".$_POST['radiusport']."]"; -// } -// if (($_POST['radiusport2'] && !is_port($_POST['radiusport2']))) { -// $input_errors[] = "A valid port number must be specified. [".$_POST['radiusport2']."]"; -// } -// if (($_POST['radiusacctport'] && !is_port($_POST['radiusacctport']))) { -// $input_errors[] = "A valid port number must be specified. [".$_POST['radiusacctport']."]"; -// } -// if ($_POST['maxproc'] && (!is_numeric($_POST['maxproc']) || ($_POST['maxproc'] < 4) || ($_POST['maxproc'] > 100))) { -// $input_errors[] = "The total maximum number of concurrent connections must be between 4 and 100."; -// } -// $mymaxproc = $_POST['maxproc'] ? $_POST['maxproc'] : 16; -// if ($_POST['maxprocperip'] && (!is_numeric($_POST['maxprocperip']) || ($_POST['maxprocperip'] > $mymaxproc))) { -// $input_errors[] = "The maximum number of concurrent connections per client IP address may not be larger than the global maximum."; -// } +/* TODO:a dd check user input code. */ } @@ -250,16 +223,10 @@ include("head.inc"); Please choose the type of Alert logging you will like see in your alert file.
Hint: Best pratice is to chose full logging. WARNING: On change, alert file will be cleared. - - Associate events on Blocked tab - - onClick="enable_change(false)">
- Checking this option will automatically associate the blocked reason from the snort alerts file. -   - + diff --git a/config/snort-dev/snort_preprocessors.php b/config/snort-dev/snort_preprocessors.php index 8072484d..08fe2f03 100644 --- a/config/snort-dev/snort_preprocessors.php +++ b/config/snort-dev/snort_preprocessors.php @@ -30,16 +30,9 @@ POSSIBILITY OF SUCH DAMAGE. */ -/* -TODO: Nov 12 09 -Clean this code up its ugly -Important add error checking - -*/ - -require("guiconfig.inc"); -require("/usr/local/pkg/snort/snort.inc"); +require_once("guiconfig.inc"); +require_once("/usr/local/pkg/snort/snort.inc"); if (!is_array($config['installedpackages']['snortglobal']['rule'])) { $config['installedpackages']['snortglobal']['rule'] = array(); @@ -96,7 +89,7 @@ if (isset($id) && $a_nat[$id]) { $pconfig['def_imap_servers'] = $a_nat[$id]['def_imap_servers']; $pconfig['def_imap_ports'] = $a_nat[$id]['def_imap_ports']; $pconfig['def_sip_proxy_ip'] = $a_nat[$id]['def_sip_proxy_ip']; - $pconfig['ip def_sip_proxy_ports'] = $a_nat[$id]['ip def_sip_proxy_ports']; + $pconfig['def_sip_proxy_ports'] = $a_nat[$id]['def_sip_proxy_ports']; $pconfig['def_auth_ports'] = $a_nat[$id]['def_auth_ports']; $pconfig['def_finger_ports'] = $a_nat[$id]['def_finger_ports']; $pconfig['def_irc_ports'] = $a_nat[$id]['def_irc_ports']; @@ -171,7 +164,7 @@ if ($_POST) { if ($pconfig['def_imap_servers'] != "") { $natent['def_imap_servers'] = $pconfig['def_imap_servers']; } if ($pconfig['def_imap_ports'] != "") { $natent['def_imap_ports'] = $pconfig['def_imap_ports']; } if ($pconfig['def_sip_proxy_ip'] != "") { $natent['def_sip_proxy_ip'] = $pconfig['def_sip_proxy_ip']; } - if ($pconfig['ip def_sip_proxy_ports'] != "") { $natent['ip def_sip_proxy_ports'] = $pconfig['ip def_sip_proxy_ports']; } + if ($pconfig['def_sip_proxy_ports'] != "") { $natent['def_sip_proxy_ports'] = $pconfig['def_sip_proxy_ports']; } if ($pconfig['def_auth_ports'] != "") { $natent['def_auth_ports'] = $pconfig['def_auth_ports']; } if ($pconfig['def_finger_ports'] != "") { $natent['def_finger_ports'] = $pconfig['def_finger_ports']; } if ($pconfig['def_irc_ports'] != "") { $natent['def_irc_ports'] = $pconfig['def_irc_ports']; } @@ -207,6 +200,7 @@ if ($_POST) { /* enable this if you want the user to aprove changes */ // touch($d_natconfdirty_path); + sync_snort_package_all(); write_config(); @@ -327,10 +321,10 @@ if($id != "") Normalize/Decode RPC traffic and detects Back Orifice traffic on the network. - Enable
FTP & Telnet Normalizer + Enable
FTP and Telnet Normalizer onClick="enable_change(false)">
- Normalize/Decode FTP & Telnet traffic and protocol anomalies. + Normalize/Decode FTP and Telnet traffic and protocol anomalies. Enable
SMTP Normalizer diff --git a/config/snort-dev/snort_rules.php b/config/snort-dev/snort_rules.php index 99e932b7..9d0cc89c 100644 --- a/config/snort-dev/snort_rules.php +++ b/config/snort-dev/snort_rules.php @@ -27,10 +27,11 @@ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -require("guiconfig.inc"); -require("config.inc"); -require("/usr/local/pkg/snort/snort_gui.inc"); -require("/usr/local/pkg/snort/snort.inc"); + + +require_once("guiconfig.inc"); +require_once("/usr/local/pkg/snort/snort_gui.inc"); +require_once("/usr/local/pkg/snort/snort.inc"); if (!is_array($config['installedpackages']['snortglobal']['rule'])) { $config['installedpackages']['snortglobal']['rule'] = array(); @@ -453,7 +454,7 @@ function popup(url) return false; } // --> - @@ -590,7 +591,8 @@ function popup(url) $textss\n"; ?> - onClick="enable_change(false)"> + + @@ -662,7 +664,8 @@ function popup(url)
- + + 
	

                                 

 								

                         
diff --git a/config/snort-dev/snort_rules_edit.php b/config/snort-dev/snort_rules_edit.php
index 412024d8..b770867f 100644
--- a/config/snort-dev/snort_rules_edit.php
+++ b/config/snort-dev/snort_rules_edit.php
@@ -1,243 +1,243 @@
-#!/usr/local/bin/php
- "") {
-	if($_POST['highlight'] == "yes" or
-	  $_POST['highlight'] == "enabled") {
-		$highlight = "yes";
-	} else {
-		$highlight = "no";
-	}
-} else {
-	$highlight = "no";
-}
-
-if($_POST['rows'] <> "")
-	$rows = $_POST['rows'];
-else
-	$rows = 1;
-
-if($_POST['cols'] <> "")
-	$cols = $_POST['cols'];
-else
-	$cols = 66;
-
-if ($_POST)
-{
-	if ($_POST['save']) {
-		
-		/* get the changes */
-	    $rule_content2 = $_POST['code'];
-	
-		//copy string into file array for writing
-	    $splitcontents[$lineid] = $rule_content2;
-	
-	    //write the new .rules file
-	    write_rule_file($splitcontents, $file);
-		
-		header("Location: /snort/snort_rules_edit.php?id=$id&openruleset=$file&ids=$ids");	
-		
-	}
-}
-
-$pgtitle = array(gettext("Advanced"), gettext("File Editor"));
-
-//
-?>
-
-
-
-
-
-	
-		
-	
-

-			

-				
-				
-					
-						
-					
-				

-							 
-							

-							:
-							 />
-							
-							 />
-							
-						

-				
-					
-						
-					
-				

-							

-							
-							
-							

-						

-				
-					
-						
-					
-				

-							

-							
-							
-							

-						

-				
-			

-		

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+#!/usr/local/bin/php
+ "") {
+	if($_POST['highlight'] == "yes" or
+	  $_POST['highlight'] == "enabled") {
+		$highlight = "yes";
+	} else {
+		$highlight = "no";
+	}
+} else {
+	$highlight = "no";
+}
+
+if($_POST['rows'] <> "")
+	$rows = $_POST['rows'];
+else
+	$rows = 1;
+
+if($_POST['cols'] <> "")
+	$cols = $_POST['cols'];
+else
+	$cols = 66;
+
+if ($_POST)
+{
+	if ($_POST['save']) {
+		
+		/* get the changes */
+	    $rule_content2 = $_POST['code'];
+	
+		//copy string into file array for writing
+	    $splitcontents[$lineid] = $rule_content2;
+	
+	    //write the new .rules file
+	    write_rule_file($splitcontents, $file);
+		
+		header("Location: /snort/snort_rules_edit.php?id=$id&openruleset=$file&ids=$ids");	
+		
+	}
+}
+
+$pgtitle = array(gettext("Advanced"), gettext("File Editor"));
+
+//
+?>
+
+
+
+
+
+	
+		
+	
+

+			

+				
+				
+					
+						
+					
+				

+							 
+							

+							:
+							 />
+							
+							 />
+							
+						

+				
+					
+						
+					
+				

+							

+							
+							
+							

+						

+				
+					
+						
+					
+				

+							

+							
+							
+							

+						

+				
+			

+		

+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/config/snort-dev/snort_rulesets.php b/config/snort-dev/snort_rulesets.php
index dc3320fe..da8f6646 100644
--- a/config/snort-dev/snort_rulesets.php
+++ b/config/snort-dev/snort_rulesets.php
@@ -33,7 +33,15 @@ require_once("filter.inc");
 require_once("service-utils.inc");
 include_once("/usr/local/pkg/snort/snort.inc");
 
+/* firephp*/
+require_once('../FirePHPCore/FirePHP.class.php');
+require_once('../FirePHPCore/fb.php');
+ob_start();
+$firephp =& FirePHP::getInstance(true);
+$firephp->setEnabled(true);
 
+fb('Hello, world', FirePHP);
+/* firephp end */
 
 if (!is_array($config['installedpackages']['snortglobal']['rule'])) {
 	$config['installedpackages']['snortglobal']['rule'] = array();
@@ -57,16 +65,12 @@ if (isset($id) && $a_nat[$id]) {
 /* convert fake interfaces to real */
 $if_real = convert_friendly_interface_to_real_interface_name($pconfig['interface']);
 
-//if(!is_dir("/usr/local/etc/snort/rules"))
-//	exec('mkdir /usr/local/etc/snort/rules/');
 
 $iface_uuid = $a_nat[$id]['uuid'];
 
 $pgtitle = "Snort: Interface $id $iface_uuid $if_real Categories";
 
 
-
-
 /* Check if the rules dir is empy if so warn the user */
 /* TODO give the user the option to delete the installed rules rules */
 $isrulesfolderempty = exec("ls -A /usr/local/etc/snort/snort_{$iface_uuid}_{$if_real}/rules/*.rules");
@@ -77,12 +81,12 @@ include("fbegin.inc");
 
 echo "
";
 if($pfsense_stable == 'yes'){echo $pgtitle;}
+fb($pfsense_stable, FirePHP);
 echo "
\n";
 
 echo "";
 
-echo "\n
-\n
+echo "
 \n
    \n
    		
\n";
@@ -143,10 +147,15 @@ if($_POST) {
 	}
 	$a_nat[$id]['rulesets'] = $enabled_items;
 	write_config();
-//	stop_service("snort");
-//	create_snort_conf();
-//	sleep(2);
-//	start_service("snort");
+		header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' );
+		header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' );
+		header( 'Cache-Control: no-store, no-cache, must-revalidate' );
+		header( 'Cache-Control: post-check=0, pre-check=0', false );
+		header( 'Pragma: no-cache' );
+		sleep(2);
+		sync_snort_package_all();
+		fb("$id, $if_real", FirePHP);
+		header("Location: /snort/snort_rulesets.php?id=$id");
 	$savemsg = "The snort ruleset selections have been saved.";
 }
 
@@ -160,15 +169,13 @@ include("head.inc");
 
 
 
-

+

 ";
 
 ?>
 
-
-
 
 
@@ -221,7 +228,7 @@ echo "";
 		echo "";
 		echo "";
 		//echo "

    
";
-		echo "{$file}";
+		echo "{$file}";
 		echo "";
 		//echo "description";
-- 
cgit v1.2.3