From 10cab278e653f00bd8ec0ee0e82d30e5c7798042 Mon Sep 17 00:00:00 2001 From: bmeeks8 Date: Wed, 19 Feb 2014 14:08:14 -0500 Subject: BETA version of Suricata 1.4.6 IDS package v0.1 for pfSense. --- config/suricata/suricata_interfaces.php | 474 ++++++++++++++++++++++++++++++++ 1 file changed, 474 insertions(+) create mode 100644 config/suricata/suricata_interfaces.php (limited to 'config/suricata/suricata_interfaces.php') diff --git a/config/suricata/suricata_interfaces.php b/config/suricata/suricata_interfaces.php new file mode 100644 index 00000000..47a3ba11 --- /dev/null +++ b/config/suricata/suricata_interfaces.php @@ -0,0 +1,474 @@ + $i) { + if ($i['name'] == $autolist) { + unset($config['installedpackages']['suricata']['suppress']['item'][$k]); + break; + } + } + } + + // Finally delete the interface's config entry entirely + unset($a_nat[$rulei]); + } + conf_mount_ro(); + + /* If all the Suricata interfaces are removed, then unset the config array. */ + if (empty($a_nat)) + unset($a_nat); + + write_config(); + sleep(2); + + /* if there are no ifaces remaining do not create suricata.sh */ + if (!empty($config['installedpackages']['suricata']['rule'])) + suricata_create_rc(); + else { + conf_mount_rw(); + @unlink("{$rcdir}/suricata.sh"); + conf_mount_ro(); + } + + sync_suricata_package_config(); + + header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' ); + header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' ); + header( 'Cache-Control: no-store, no-cache, must-revalidate' ); + header( 'Cache-Control: post-check=0, pre-check=0', false ); + header( 'Pragma: no-cache' ); + header("Location: /suricata/suricata_interfaces.php"); + exit; + } + +} + +/* start/stop Barnyard2 */ +if ($_GET['act'] == 'bartoggle' && is_numeric($id)) { + $suricatacfg = $config['installedpackages']['suricata']['rule'][$id]; + $if_real = suricata_get_real_interface($suricatacfg['interface']); + $if_friendly = suricata_get_friendly_interface($suricatacfg['interface']); + + if (suricata_is_running($suricatacfg['uuid'], $if_real, 'barnyard2') == 'no') { + log_error("Toggle (barnyard starting) for {$if_friendly}({$suricatacfg['descr']})..."); + sync_suricata_package_config(); + suricata_barnyard_start($suricatacfg, $if_real); + } else { + log_error("Toggle (barnyard stopping) for {$if_friendly}({$suricatacfg['descr']})..."); + suricata_barnyard_stop($suricatacfg, $if_real); + } + + sleep(3); // So the GUI reports correctly + header("Location: /suricata/suricata_interfaces.php"); + exit; +} + +/* start/stop Suricata */ +if ($_GET['act'] == 'toggle' && is_numeric($id)) { + $suricatacfg = $config['installedpackages']['suricata']['rule'][$id]; + $if_real = suricata_get_real_interface($suricatacfg['interface']); + $if_friendly = suricata_get_friendly_interface($suricatacfg['interface']); + + if (suricata_is_running($suricatacfg['uuid'], $if_real) == 'yes') { + log_error("Toggle (suricata stopping) for {$if_friendly}({$suricatacfg['descr']})..."); + suricata_stop($suricatacfg, $if_real); + } else { + log_error("Toggle (suricata starting) for {$if_friendly}({$suricatacfg['descr']})..."); + // set flag to rebuild interface rules before starting Snort + $rebuild_rules = true; + sync_suricata_package_config(); + $rebuild_rules = false; + suricata_start($suricatacfg, $if_real); + } + sleep(3); // So the GUI reports correctly + header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' ); + header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' ); + header( 'Cache-Control: no-store, no-cache, must-revalidate' ); + header( 'Cache-Control: post-check=0, pre-check=0', false ); + header( 'Pragma: no-cache' ); + header("Location: /suricata/suricata_interfaces.php"); + exit; +} + +$pgtitle = "Services: Suricata Intrusion Detection System"; +include_once("head.inc"); + +?> + + +' . $pgtitle . '