From af5566164c9b0b412962c26b831e78c499f53281 Mon Sep 17 00:00:00 2001 From: bmeeks8 Date: Fri, 28 Feb 2014 20:41:37 -0500 Subject: Bug fixes and enhancements for v0.2-BETA in Suricata pkg. --- config/suricata/suricata_interfaces_edit.php | 38 ++++++++-------------------- 1 file changed, 11 insertions(+), 27 deletions(-) (limited to 'config/suricata/suricata_interfaces_edit.php') diff --git a/config/suricata/suricata_interfaces_edit.php b/config/suricata/suricata_interfaces_edit.php index 6dbf9412..d7b5a8cb 100644 --- a/config/suricata/suricata_interfaces_edit.php +++ b/config/suricata/suricata_interfaces_edit.php @@ -40,9 +40,9 @@ if (!is_array($config['installedpackages']['suricata']['rule'])) $config['installedpackages']['suricata']['rule'] = array(); $a_rule = &$config['installedpackages']['suricata']['rule']; -if ($_GET['id'] && is_numeric($_GET['id'])); +if ($_GET['id']); $id = htmlspecialchars($_GET['id'], ENT_QUOTES | ENT_HTML401); -if ($_POST['id'] && is_numeric($_POST['id'])) +if ($_POST['id']) $id = $_POST['id']; if (is_null($id)) $id = 0; @@ -130,8 +130,8 @@ if ($_POST["save"]) { if (!$_POST['interface']) $input_errors[] = gettext("Choosing an Interface is mandatory!"); - if ($_POST['max_pending_packets'] < 1 || $_POST['max_pending_packets'] > 65535) - $input_errors[] = gettext("The value for Maximum-Pending-Packets must be between 1 and 65,535!"); + if ($_POST['max_pending_packets'] < 1 || $_POST['max_pending_packets'] > 65000) + $input_errors[] = gettext("The value for Maximum-Pending-Packets must be between 1 and 65,000!"); if (!empty($_POST['max_pcap_log_size']) && !is_numeric($_POST['max_pcap_log_size'])) $input_errors[] = gettext("The value for 'Max Packet Log Size' must be numbers only. Do not include any alphabetic characters."); @@ -146,15 +146,6 @@ if ($_POST["save"]) { $natent['enable'] = $_POST['enable'] ? 'on' : 'off'; $natent['uuid'] = $pconfig['uuid']; - // See if the HOME_NET, EXTERNAL_NET, or SUPPRESS LIST values were changed - $suricata_reload = false; - if ($_POST['homelistname'] && ($_POST['homelistname'] <> $natent['homelistname'])) - $suricata_reload = true; - if ($_POST['externallistname'] && ($_POST['externallistname'] <> $natent['externallistname'])) - $suricata_reload = true; - if ($_POST['suppresslistname'] && ($_POST['suppresslistname'] <> $natent['suppresslistname'])) - $suricata_reload = true; - if ($_POST['descr']) $natent['descr'] = $_POST['descr']; else $natent['descr'] = strtoupper($natent['interface']); if ($_POST['max_pcap_log_size']) $natent['max_pcap_log_size'] = $_POST['max_pcap_log_size']; else unset($natent['max_pcap_log_size']); if ($_POST['max_pcap_log_files']) $natent['max_pcap_log_files'] = $_POST['max_pcap_log_files']; else unset($natent['max_pcap_log_files']); @@ -253,7 +244,7 @@ if ($_POST["save"]) { $natent['libhtp_policy']['item'][] = $default; // Enable the basic default rules for the interface - $natent['rulesets'] = "decoder-events.rules||files.rules||http-events.rules||smtp-events.rules||stream-events.rules"; + $natent['rulesets'] = "decoder-events.rules||files.rules||http-events.rules||smtp-events.rules||stream-events.rules||tls-events.rules"; // Adding a new interface, so set flag to build new rules $rebuild_rules = true; @@ -272,15 +263,6 @@ if ($_POST["save"]) { // Update suricata.conf and suricata.sh files for this interface sync_suricata_package_config(); - /*******************************************************/ - /* Signal Suricata to reload configuration if we changed */ - /* HOME_NET, EXTERNAL_NET or Suppress list values. */ - /* The function only signals a running Suricata instance */ - /* to safely reload these parameters. */ - /*******************************************************/ - if ($suricata_reload == true) - suricata_reload_config($natent, "USR2"); - header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' ); header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' ); header( 'Cache-Control: no-store, no-cache, must-revalidate' ); @@ -319,7 +301,7 @@ if ($savemsg) { $tab_array[] = array(gettext("Update Rules"), false, "/suricata/suricata_download_updates.php"); $tab_array[] = array(gettext("Alerts"), false, "/suricata/suricata_alerts.php?instance={$id}"); $tab_array[] = array(gettext("Suppress"), false, "/suricata/suricata_suppress.php"); - $tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php"); + $tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php?instance={$id}"); display_top_tabs($tab_array); echo ''; echo ''; @@ -521,7 +503,9 @@ if ($savemsg) {   " . - gettext("1024") . "."; ?>

+ gettext("1024") . "."; ?>

" . + gettext("Warning: ") . "" . gettext("Setting this too high can lead to degradation and a possible system crash by exhausting available memory.") ?> @@ -557,7 +541,7 @@ if ($savemsg) {    " . gettext("Default") . "" . gettext(" is ") . "" . gettext("AC") . ""; ?>.

- +
@@ -587,7 +571,7 @@ if ($savemsg) { gettext("3000") . "."; ?>

- + -- cgit v1.2.3