From 8e910fa46269ae3c933ad068ef2843b9dd9dda4e Mon Sep 17 00:00:00 2001 From: bmeeks8 Date: Wed, 5 Jun 2013 17:07:55 -0400 Subject: Fix SELECT ALL to not add all Snort rules when IPS Policy is set. --- config/snort/snort_rulesets.php | 125 ++++++++++++++++++++++------------------ 1 file changed, 69 insertions(+), 56 deletions(-) (limited to 'config/snort/snort_rulesets.php') diff --git a/config/snort/snort_rulesets.php b/config/snort/snort_rulesets.php index 62200ba4..fa3efc1b 100755 --- a/config/snort/snort_rulesets.php +++ b/config/snort/snort_rulesets.php @@ -112,12 +112,14 @@ else /* alert file */ if ($_POST["Submit"]) { - if ($_POST['ips_policy_enable'] == "on") + if ($_POST['ips_policy_enable'] == "on") { $a_nat[$id]['ips_policy_enable'] = 'on'; - else + $a_nat[$id]['ips_policy'] = $_POST['ips_policy']; + } + else { $a_nat[$id]['ips_policy_enable'] = 'off'; - - $a_nat[$id]['ips_policy'] = $_POST['ips_policy']; + unset($a_nat[$id]['ips_policy']); + } $enabled_items = ""; if (is_array($_POST['toenable'])) @@ -152,6 +154,15 @@ if ($_POST["Submit"]) { if ($_POST['unselectall']) { $a_nat[$id]['rulesets'] = ""; + if ($_POST['ips_policy_enable'] == "on") { + $a_nat[$id]['ips_policy_enable'] = 'on'; + $a_nat[$id]['ips_policy'] = $_POST['ips_policy']; + } + else { + $a_nat[$id]['ips_policy_enable'] = 'off'; + unset($a_nat[$id]['ips_policy']); + } + write_config(); sync_snort_package_config(); @@ -161,6 +172,16 @@ if ($_POST['unselectall']) { if ($_POST['selectall']) { $rulesets = array(); + + if ($_POST['ips_policy_enable'] == "on") { + $a_nat[$id]['ips_policy_enable'] = 'on'; + $a_nat[$id]['ips_policy'] = $_POST['ips_policy']; + } + else { + $a_nat[$id]['ips_policy_enable'] = 'off'; + unset($a_nat[$id]['ips_policy']); + } + if ($emergingdownload == 'on') { $files = glob("{$snortdir}/rules/emerging*.rules"); foreach ($files as $file) @@ -171,7 +192,9 @@ if ($_POST['selectall']) { foreach ($files as $file) $rulesets[] = basename($file); } - if ($snortdownload == 'on') { + + /* Include the Snort VRT rules only if enabled and no IPS policy is set */ + if ($snortdownload == 'on' && $a_nat[$id]['ips_policy_enable'] == 'off') { $files = glob("{$snortdir}/rules/snort*.rules"); foreach ($files as $file) $rulesets[] = basename($file); @@ -210,49 +233,6 @@ if ($savemsg) { ?> - -
@@ -271,14 +251,14 @@ function enable_change() echo ''; echo ' @@ -570,5 +550,38 @@ function enable_change() + + + -- cgit v1.2.3
'; $menu_iface=($if_friendly?substr($if_friendly,0,5)." ":"Iface "); - $tab_array = array(); - $tab_array[] = array($menu_iface . gettext("Settings"), false, "/snort/snort_interfaces_edit.php?id={$id}"); - $tab_array[] = array($menu_iface . gettext("Categories"), true, "/snort/snort_rulesets.php?id={$id}"); - $tab_array[] = array($menu_iface . gettext("Rules"), false, "/snort/snort_rules.php?id={$id}"); - $tab_array[] = array($menu_iface . gettext("Variables"), false, "/snort/snort_define_servers.php?id={$id}"); - $tab_array[] = array($menu_iface . gettext("Preprocessors"), false, "/snort/snort_preprocessors.php?id={$id}"); - $tab_array[] = array($menu_iface . gettext("Barnyard2"), false, "/snort/snort_barnyard.php?id={$id}"); - display_top_tabs($tab_array); + $tab_array = array(); + $tab_array[] = array($menu_iface . gettext("Settings"), false, "/snort/snort_interfaces_edit.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Categories"), true, "/snort/snort_rulesets.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Rules"), false, "/snort/snort_rules.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Variables"), false, "/snort/snort_define_servers.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Preprocessors"), false, "/snort/snort_preprocessors.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Barnyard2"), false, "/snort/snort_barnyard.php?id={$id}"); + display_top_tabs($tab_array); ?>