From d3635ba6e576bac2d6d4fee57a0734d1db2903da Mon Sep 17 00:00:00 2001 From: robiscool Date: Fri, 23 Apr 2010 01:34:48 -0700 Subject: snort, add whightlist.php, add options for homenet, externalnet, and whitelist, misc --- config/snort/snort_interfaces_edit.php | 106 ++++++++++++++++++++++++++++++++- 1 file changed, 105 insertions(+), 1 deletion(-) (limited to 'config/snort/snort_interfaces_edit.php') diff --git a/config/snort/snort_interfaces_edit.php b/config/snort/snort_interfaces_edit.php index b63bbfbd..8cc97a75 100644 --- a/config/snort/snort_interfaces_edit.php +++ b/config/snort/snort_interfaces_edit.php @@ -134,6 +134,9 @@ if (isset($id) && $a_nat[$id]) { $pconfig['descr'] = $a_nat[$id]['descr']; $pconfig['performance'] = $a_nat[$id]['performance']; $pconfig['blockoffenders7'] = $a_nat[$id]['blockoffenders7']; + $pconfig['whitelistname'] = $a_nat[$id]['whitelistname']; + $pconfig['homelistname'] = $a_nat[$id]['homelistname']; + $pconfig['externallistname'] = $a_nat[$id]['externallistname']; $pconfig['snortalertlogtype'] = $a_nat[$id]['snortalertlogtype']; $pconfig['alertsystemlog'] = $a_nat[$id]['alertsystemlog']; $pconfig['tcpdumplog'] = $a_nat[$id]['tcpdumplog']; @@ -233,6 +236,9 @@ if ($_POST["Submit"]) { $natent['performance'] = $_POST['performance'] ? $_POST['performance'] : $pconfig['performance']; /* if post = on use on off or rewrite the conf */ if ($_POST['blockoffenders7'] == "on") { $natent['blockoffenders7'] = on; }else{ $natent['blockoffenders7'] = off; } if ($_POST['enable'] == "") { $natent['blockoffenders7'] = $pconfig['blockoffenders7']; } + $natent['whitelistname'] = $_POST['whitelistname'] ? $_POST['whitelistname'] : $pconfig['whitelistname']; + $natent['homelistname'] = $_POST['homelistname'] ? $_POST['homelistname'] : $pconfig['homelistname']; + $natent['externallistname'] = $_POST['externallistname'] ? $_POST['externallistname'] : $pconfig['externallistname']; $natent['snortalertlogtype'] = $_POST['snortalertlogtype'] ? $_POST['snortalertlogtype'] : $pconfig['snortalertlogtype']; if ($_POST['alertsystemlog'] == "on") { $natent['alertsystemlog'] = on; }else{ $natent['alertsystemlog'] = off; } if ($_POST['enable'] == "") { $natent['alertsystemlog'] = $pconfig['alertsystemlog']; } if ($_POST['tcpdumplog'] == "on") { $natent['tcpdumplog'] = on; }else{ $natent['tcpdumplog'] = off; } if ($_POST['enable'] == "") { $natent['tcpdumplog'] = $pconfig['tcpdumplog']; } @@ -306,6 +312,9 @@ if ($_POST["Submit"]) { touch("$d_snortconfdirty_path"); + /* if snort.sh crashed this will remove the pid */ + exec('/bin/rm /tmp/snort.sh.pid'); + header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' ); header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' ); header( 'Cache-Control: no-store, no-cache, must-revalidate' ); @@ -338,7 +347,7 @@ if ($_POST["Submit"]) { if ($_POST["Submit3"]) { - Running_Stop($snort_uuid, $if_real, $id); + Running_Stop($snort_uuid, $if_real, $id); header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' ); header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' ); @@ -562,12 +571,107 @@ if ($a_nat[$id]['interface'] != '') { + Home net + +
+ Choose the home net you will like this rule to use. +  Note: Default home net adds only local networks.
+ Hint: Most users add a list of friendly ips that the firewall cant see. + + + External net + +
+ Choose the external net you will like this rule to use. +  Note: Default external net, networks that are not home net.
+ Hint: Most users should leave this setting at default. + + Block offenders onClick="enable_change(false)">
Checking this option will automatically block hosts that generate a Snort alert. + Whitelist + +
+ Choose the whitelist you will like this rule to use. +  Note: Default whitelist adds only local networks. + + Send alerts to main System logs onClick="enable_change(false)">
-- cgit v1.2.3