From 080fb922c15c959be4f0bd101d0cf3f529f0e866 Mon Sep 17 00:00:00 2001 From: bmeeks8 Date: Mon, 13 May 2013 16:58:53 -0400 Subject: Snort Pkg 2.5.8 Update - bug fixes and new features --- config/snort/snort_rules.php | 466 +++++++++++++++++++++---------------------- 1 file changed, 230 insertions(+), 236 deletions(-) (limited to 'config/snort/snort_rules.php') diff --git a/config/snort/snort_rules.php b/config/snort/snort_rules.php index 46c3c264..609eb052 100755 --- a/config/snort/snort_rules.php +++ b/config/snort/snort_rules.php @@ -67,7 +67,7 @@ function truncate($string, $length) { * truncation was necessary. * ********************************/ if (strlen($string) > $length) - $string = substr($string, 0, ($length - 3)) . "..."; + $string = substr($string, 0, ($length - 2)) . "..."; return $string; } @@ -300,17 +300,6 @@ function go() if (destination) location.href = destination; } -function popup(url) -{ - params = 'width='+screen.width; - params += ', height='+screen.height; - params += ', top=0, left=0' - params += ', fullscreen=yes'; - - newwin=window.open(url,'windowname4', params); - if (window.focus) {newwin.focus()} - return false; -} function wopen(url, name, w, h) { @@ -331,232 +320,237 @@ h += 96;
- - - - - - - + - -
- -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -"; - $textse = ""; - $iconb = "icon_reject_d.gif"; - } - elseif (($rules_map[$k1][$k2]['disabled'] == 1) && (!isset($enablesid[$sid]))) { - $textss = ""; - $textse = ""; - $iconb = "icon_block_d.gif"; - } - elseif (isset($enablesid[$sid])) { - $textss = $textse = ""; - $iconb = "icon_reject.gif"; - } - else { - $textss = $textse = ""; - $iconb = "icon_block.gif"; - } - - // Pick off the first section of the rule (prior to the start of the MSG field), - // and then use a REGX split to isolate the remaining fields into an array. - $tmp = substr($rules_map[$k1][$k2]['rule'], 0, strpos($rules_map[$k1][$k2]['rule'], "(")); - $tmp = trim(preg_replace('/^\s*#+\s*/', '', $tmp)); - $rule_content = preg_split('/[\s]+/', $tmp); - - $protocol = truncate($rule_content[1], 5); //protocol location - $source = truncate($rule_content[2], 13); //source location - $source_port = truncate($rule_content[3], 11); //source port location - $destination = truncate($rule_content[5], 13); //destination location - $destination_port = truncate($rule_content[6], 11); //destination port location - $message = snort_get_msg($rules_map[$k1][$k2]['rule']); - - echo " - - - - - - - "; + - - - -
  -
Category: - -
- 		- - - "?> -  
- - "?> -   - -  		 
  - - - - -  
 
  -    -    - -  
  -     - - - title="" width="17" height="17" border="0">
  
$textss - - - $textse - - $textss $sid $textse - - $textss $protocol $textse - - $textss $source $textse - - $textss $source_port $textse - - $textss $destination $textse - - $textss $destination_port $textse - - $textss $message $textse -
+ - - " width="17" height="17" border="0"> - -
-
- - - - - - - - - - - - - - - - - - -
- +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
      +
+ + + +
+ " title=" "/>   + " onclick="history.back()" title=""/>   + " onclick="return confirm('')" title=""/> +
+ + + + + + + + + + + +
" class="formbtn" + title=""/> + + "?> +   
+ "?> +   
" . + gettext("Snort must be restarted to activate any SID enable/disable changes."); ?>
+
+ + + + + + + + + + + + + + $rulem) { + foreach ($rulem as $k2 => $v) { + $sid = snort_get_sid($v['rule']); + $gid = snort_get_gid($v['rule']); + if (isset($disablesid[$sid])) { + $textss = ""; + $textse = ""; + $iconb = "icon_reject_d.gif"; + } + elseif (($v['disabled'] == 1) && (!isset($enablesid[$sid]))) { + $textss = ""; + $textse = ""; + $iconb = "icon_block_d.gif"; + } + elseif (isset($enablesid[$sid])) { + $textss = $textse = ""; + $iconb = "icon_reject.gif"; + } + else { + $textss = $textse = ""; + $iconb = "icon_block.gif"; + } + + // Pick off the first section of the rule (prior to the start of the MSG field), + // and then use a REGX split to isolate the remaining fields into an array. + $tmp = substr($v['rule'], 0, strpos($v['rule'], "(")); + $tmp = trim(preg_replace('/^\s*#+\s*/', '', $tmp)); + $rule_content = preg_split('/[\s]+/', $tmp); + + $protocol = truncate($rule_content[1], 5); //protocol location + $source = truncate($rule_content[2], 13); //source location + $source_port = truncate($rule_content[3], 12); //source port location + $destination = truncate($rule_content[5], 13); //destination location + $destination_port = truncate($rule_content[6], 12); //destination port location + $message = snort_get_msg($v['rule']); + + echo " + + + + + + + "; + ?> + + + +
  + + title="" width="17" height="17" border="0">
$textss + + + $textse + + $textss $sid $textse + + $textss $protocol $textse + + $textss $source $textse + + $textss $source_port $textse + + $textss $destination $textse + + $textss $destination_port $textse + + $textss $message $textse + + " width="17" height="17" border="0"> +
+
+ + + + + + + + + + + + + + + + + +
+
- - +
-- cgit v1.2.3 From 1ef295d754f838935412ddefc8d5fa00c51bcc1c Mon Sep 17 00:00:00 2001 From: Marcello Coutinho Date: Tue, 14 May 2013 00:38:49 -0300 Subject: snort - (re)include two level menu and change start stop icons to toggle status as well show current snort status --- config/snort/snort_rules.php | 30 +++++++++++++++++++++--------- 1 file changed, 21 insertions(+), 9 deletions(-) (limited to 'config/snort/snort_rules.php') diff --git a/config/snort/snort_rules.php b/config/snort/snort_rules.php index 609eb052..cbb1fe50 100755 --- a/config/snort/snort_rules.php +++ b/config/snort/snort_rules.php @@ -322,15 +322,27 @@ h += 96; '; + echo ' -
'; + $menu_iface=($if_friendly?substr($if_friendly,0,5)." ":"Iface ");; + $tab_array = array(); + $tab_array[] = array($menu_iface . gettext("Settings"), false, "/snort/snort_interfaces_edit.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Categories"), false, "/snort/snort_rulesets.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Rules"), true, "/snort/snort_rules.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Variables"), false, "/snort/snort_define_servers.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Preprocessors"), false, "/snort/snort_preprocessors.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Barnyard2"), false, "/snort/snort_barnyard.php?id={$id}"); + display_top_tabs($tab_array); ?>
-- cgit v1.2.3 From 3de5c81b8c8ea9c4357b70f5aed33b8a6aad8e68 Mon Sep 17 00:00:00 2001 From: bmeeks8 Date: Tue, 14 May 2013 18:53:23 -0400 Subject: Add table layout style to fix word-wrapping in long cells. --- config/snort/snort_rules.php | 35 +++++++++++++++++------------------ 1 file changed, 17 insertions(+), 18 deletions(-) (limited to 'config/snort/snort_rules.php') diff --git a/config/snort/snort_rules.php b/config/snort/snort_rules.php index cbb1fe50..f737bc1d 100755 --- a/config/snort/snort_rules.php +++ b/config/snort/snort_rules.php @@ -431,18 +431,17 @@ h += 96;
- +
- - - + + + - + - + - - - - - "; ?> -- cgit v1.2.3 From 95074b228255ad3105cd7de8ea159d0015af5daf Mon Sep 17 00:00:00 2001 From: bmeeks8 Date: Thu, 16 May 2013 19:41:12 -0400 Subject: Tweak HTML for tables to improve word-wrapping and column layouts. --- config/snort/snort_rules.php | 81 ++++++++++++++++++++++++++++++++------------ 1 file changed, 60 insertions(+), 21 deletions(-) (limited to 'config/snort/snort_rules.php') diff --git a/config/snort/snort_rules.php b/config/snort/snort_rules.php index f737bc1d..bd31473c 100755 --- a/config/snort/snort_rules.php +++ b/config/snort/snort_rules.php @@ -71,6 +71,38 @@ function truncate($string, $length) { return $string; } +function add_title_attribute($tag, $title) { + + /******************************** + * This function adds a "title" * + * attribute to the passed tag * + * and sets the value to the * + * value specified by "$title". * + ********************************/ + $result = ""; + if (empty($tag)) { + // If passed an empty element tag, then + // just create a tag with title + $result = ""; + } + else { + // Find the ending ">" for the element tag + $pos = strpos($tag, ">"); + if ($pos !== false) { + // We found the ">" delimter, so add "title" + // attribute and close the element tag + $result = substr($tag, 0, $pos) . " title=\"" . $title . "\">"; + } + else { + // We did not find the ">" delimiter, so + // something is wrong, just return the + // tag "as-is" + $result = $tag; + } + } + return $result; +} + /* convert fake interfaces to real */ $if_real = snort_get_real_interface($pconfig['interface']); $snort_uuid = $a_rule[$id]['uuid']; @@ -348,7 +380,7 @@ h += 96;
   @@ -482,39 +481,39 @@ h += 96; $tmp = trim(preg_replace('/^\s*#+\s*/', '', $tmp)); $rule_content = preg_split('/[\s]+/', $tmp); - $protocol = truncate($rule_content[1], 5); //protocol location - $source = truncate($rule_content[2], 13); //source location - $source_port = truncate($rule_content[3], 12); //source port location - $destination = truncate($rule_content[5], 13); //destination location - $destination_port = truncate($rule_content[6], 12); //destination port location + $protocol = truncate($rule_content[1], 6); //protocol location + $source = truncate($rule_content[2], 14); //source location + $source_port = truncate($rule_content[3], 10); //source port location + $destination = truncate($rule_content[5], 14); //destination location + $destination_port = truncate($rule_content[6], 10); //destination port location $message = snort_get_msg($v['rule']); - echo "
$textss + echo "
$textss $textse + $textss $sid $textse + $textss $protocol $textse $textss $source $textse + $textss $source_port $textse $textss $destination $textse + $textss $destination_port $textse + $textss $message $textse
- + @@ -396,7 +428,7 @@ h += 96; - + - +
@@ -429,19 +461,19 @@ h += 96;
- + - + - + - - - "; ?> -- cgit v1.2.3 From e8f8b0ab273baa1d772ec914c51e242c3ff22f56 Mon Sep 17 00:00:00 2001 From: bmeeks8 Date: Wed, 22 May 2013 12:20:35 -0400 Subject: Fix various HTML style issues to tidy up GUI. --- config/snort/snort_rules.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'config/snort/snort_rules.php') diff --git a/config/snort/snort_rules.php b/config/snort/snort_rules.php index c5ccb018..2ef529b9 100755 --- a/config/snort/snort_rules.php +++ b/config/snort/snort_rules.php @@ -352,7 +352,7 @@ h += 96;
  @@ -481,11 +513,18 @@ h += 96; $tmp = trim(preg_replace('/^\s*#+\s*/', '', $tmp)); $rule_content = preg_split('/[\s]+/', $tmp); - $protocol = truncate($rule_content[1], 6); //protocol location - $source = truncate($rule_content[2], 14); //source location - $source_port = truncate($rule_content[3], 10); //source port location - $destination = truncate($rule_content[5], 14); //destination location - $destination_port = truncate($rule_content[6], 10); //destination port location + // Create custom tags for the fields we truncate so we can + // have a "title" attribute for tooltips to show the full string. + $srcspan = add_title_attribute($textss, $rule_content[2]); + $srcprtspan = add_title_attribute($textss, $rule_content[3]); + $dstspan = add_title_attribute($textss, $rule_content[5]); + $dstprtspan = add_title_attribute($textss, $rule_content[6]); + + $protocol = $rule_content[1]; //protocol field + $source = truncate($rule_content[2], 14); //source field + $source_port = truncate($rule_content[3], 10); //source port field + $destination = truncate($rule_content[5], 14); //destination field + $destination_port = truncate($rule_content[6], 10); //destination port field $message = snort_get_msg($v['rule']); echo "
$textss @@ -495,26 +534,26 @@ h += 96; title='" . gettext("Click to toggle enabled/disabled state") . "'> $textse - $textss $sid $textse + + {$textss}{$sid}{$textse} - $textss $protocol $textse + {$textss}{$protocol}{$textse} - $textss $source $textse + {$srcspan}{$source}{$textse} - $textss $source_port $textse + + {$srcprtspan}{$source_port}{$textse} - $textss $destination $textse + {$dstspan}{$destination}{$textse} - $textss $destination_port $textse + + {$dstprtspan}{$destination_port}{$textse} - $textss $message $textse + {$textss}{$message}{$textse} -- cgit v1.2.3 From e80695def53d0c55a0c79108f3d207a938249786 Mon Sep 17 00:00:00 2001 From: bmeeks8 Date: Tue, 21 May 2013 22:00:03 -0400 Subject: HTML edits to fix table layout in Firefox and Chrome. --- config/snort/snort_rules.php | 57 +++++++++++++++++++++++++++----------------- 1 file changed, 35 insertions(+), 22 deletions(-) (limited to 'config/snort/snort_rules.php') diff --git a/config/snort/snort_rules.php b/config/snort/snort_rules.php index bd31473c..c5ccb018 100755 --- a/config/snort/snort_rules.php +++ b/config/snort/snort_rules.php @@ -465,23 +465,35 @@ h += 96;
- - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + title="" width="17" height="17" border="0"> + + $rulem) { @@ -527,37 +539,37 @@ h += 96; $destination_port = truncate($rule_content[6], 10); //destination port field $message = snort_get_msg($v['rule']); - echo " - - - - - - "; ?> -
  +
  - title="" width="17" height="17" border="0"> -
$textss + echo "
$textss $textse + {$textss}{$sid}{$textse} + {$textss}{$protocol}{$textse} + {$srcspan}{$source}{$textse} + {$srcprtspan}{$source_port}{$textse} + {$dstspan}{$destination}{$textse} + {$dstprtspan}{$destination_port}{$textse} {$textss}{$message}{$textse} - + " width="17" height="17" border="0"> @@ -568,6 +580,7 @@ h += 96; } unset($rulem, $v); ?> +
- -
+
- +
+ @@ -612,6 +612,7 @@ h += 96;
+
-- cgit v1.2.3