From 31905aef52131b7067441f8f7902b343a4588f72 Mon Sep 17 00:00:00 2001 From: bmeeks8 Date: Tue, 9 Apr 2013 20:10:36 -0400 Subject: Update Snort to 2.5.5 - New features and bug fixes --- config/snort/snort_preprocessors.php | 103 ++++++++++++++++++++++++++++------- 1 file changed, 84 insertions(+), 19 deletions(-) (limited to 'config/snort/snort_preprocessors.php') diff --git a/config/snort/snort_preprocessors.php b/config/snort/snort_preprocessors.php index 7d0348e9..5cd5a408 100755 --- a/config/snort/snort_preprocessors.php +++ b/config/snort/snort_preprocessors.php @@ -34,7 +34,12 @@ require_once("guiconfig.inc"); require_once("/usr/local/pkg/snort/snort.inc"); -global $g; +global $g, $rebuild_rules; + +if (!is_array($config['installedpackages']['snortglobal'])) { + $config['installedpackages']['snortglobal'] = array(); +} +$vrt_enabled = $config['installedpackages']['snortglobal']['snortdownload']; if (!is_array($config['installedpackages']['snortglobal']['rule'])) { $config['installedpackages']['snortglobal']['rule'] = array(); @@ -77,6 +82,13 @@ if (isset($id) && $a_nat[$id]) { $pconfig['dnp3_preproc'] = $a_nat[$id]['dnp3_preproc']; $pconfig['modbus_preproc'] = $a_nat[$id]['modbus_preproc']; $pconfig['gtp_preproc'] = $a_nat[$id]['gtp_preproc']; + $pconfig['preproc_auto_rule_disable'] = $a_nat[$id]['preproc_auto_rule_disable']; + $pconfig['protect_preproc_rules'] = $a_nat[$id]['protect_preproc_rules']; + + /* If not using the Snort VRT rules, then disable */ + /* the Sensitive Data (sdf) preprocessor. */ + if ($vrt_enabled == "off") + $pconfig['sensitive_data'] = "off"; } if ($_POST) { @@ -120,6 +132,8 @@ if ($_POST) { $natent['sip_preproc'] = $_POST['sip_preproc'] ? 'on' : 'off'; $natent['modbus_preproc'] = $_POST['modbus_preproc'] ? 'on' : 'off'; $natent['gtp_preproc'] = $_POST['gtp_preproc'] ? 'on' : 'off'; + $natent['preproc_auto_rule_disable'] = $_POST['preproc_auto_rule_disable'] ? 'on' : 'off'; + $natent['protect_preproc_rules'] = $_POST['protect_preproc_rules'] ? 'on' : 'off'; if (isset($id) && $a_nat[$id]) $a_nat[$id] = $natent; @@ -132,8 +146,15 @@ if ($_POST) { write_config(); - $if_real = snort_get_real_interface($pconfig['interface']); - sync_snort_package_config(); + /* Set flag to rebuild rules for this interface */ + $rebuild_rules = "on"; + + /*************************************************/ + /* Update the snort conf file and rebuild the */ + /* rules for this interface. */ + /*************************************************/ + snort_generate_conf($natent); + $rebuild_rules = "off"; /* after click go to this page */ header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' ); @@ -191,22 +212,58 @@ include_once("head.inc"); - + + - + + - + + + + + + + + @@ -214,9 +271,10 @@ include_once("head.inc"); + "Normalize/Decode and detect HTTP traffic and protocol anomalies. Default is "); ?> + @@ -241,7 +299,7 @@ include_once("head.inc"); + + onClick="enable_change(false)"> + @@ -469,9 +528,14 @@ include_once("head.inc"); @@ -507,7 +571,8 @@ include_once("head.inc"); + +
-
+
-
-
onClick="enable_change(false)">
'on') echo "disabled"; ?> + onClick="enable_change(false)"> + + + + + +
 

+ ', ''); ?>
+
+ onClick="enable_change(false)"> ' . gettext("Not Checked."); ?>
+ + + + + +
  +
+
+ onClick="enable_change(false)">
- onClick="enable_change(false)">

+ onClick="enable_change(false)">
- +
+
 
-
-- cgit v1.2.3