From c1717f2d9752d19c54e86e1bcb6cb81f5b253710 Mon Sep 17 00:00:00 2001
From: bmeeks8
Date: Mon, 24 Feb 2014 00:45:10 -0500
Subject: Bug fixes and replace $_GET with $_POST where possible.
---
config/suricata/suricata_rulesets.php | 60 ++++++++++++-----------------------
1 file changed, 21 insertions(+), 39 deletions(-)
(limited to 'config/suricata/suricata_rulesets.php')
diff --git a/config/suricata/suricata_rulesets.php b/config/suricata/suricata_rulesets.php
index a1609d6c..e15818d5 100644
--- a/config/suricata/suricata_rulesets.php
+++ b/config/suricata/suricata_rulesets.php
@@ -43,10 +43,8 @@ $a_nat = &$config['installedpackages']['suricata']['rule'];
$id = $_GET['id'];
if (isset($_POST['id']))
$id = $_POST['id'];
-if (is_null($id)) {
- header("Location: /suricata/suricata_interfaces.php");
- exit;
-}
+if (is_null($id))
+ $id = 0;
if (isset($id) && $a_nat[$id]) {
$pconfig['enable'] = $a_nat[$id]['enable'];
@@ -117,9 +115,7 @@ if ($a_nat[$id]['ips_policy_enable'] == 'on') {
else
$disable_vrt_rules = "";
-/* alert file */
-if ($_POST["Submit"]) {
-
+if ($_POST["save"]) {
if ($_POST['ips_policy_enable'] == "on") {
$a_nat[$id]['ips_policy_enable'] = 'on';
$a_nat[$id]['ips_policy'] = $_POST['ips_policy'];
@@ -129,11 +125,12 @@ if ($_POST["Submit"]) {
unset($a_nat[$id]['ips_policy']);
}
- $enabled_items = "";
+ // Always start with the default events and files rules
+ $enabled_items = "decoder-events.rules||files.rules||http-events.rules||smtp-events.rules||stream-events.rules";
if (is_array($_POST['toenable']))
- $enabled_items = implode("||", $_POST['toenable']);
+ $enabled_items .= "||" . implode("||", $_POST['toenable']);
else
- $enabled_items = $_POST['toenable'];
+ $enabled_items .= "||{$_POST['toenable']}";
$a_nat[$id]['rulesets'] = $enabled_items;
@@ -155,12 +152,12 @@ if ($_POST["Submit"]) {
suricata_generate_yaml($a_nat[$id]);
$rebuild_rules = false;
- header("Location: /suricata/suricata_rulesets.php?id=$id");
- exit;
+ /* Signal Suricata to "live reload" the rules */
+ suricata_reload_config($a_nat[$id]);
}
-
-if ($_POST['unselectall']) {
- $a_nat[$id]['rulesets'] = "";
+elseif ($_POST['unselectall']) {
+ // Remove all but the default events and files rules
+ $a_nat[$id]['rulesets'] = "decoder-events.rules||files.rules||http-events.rules||smtp-events.rules||stream-events.rules";
if ($_POST['ips_policy_enable'] == "on") {
$a_nat[$id]['ips_policy_enable'] = 'on';
@@ -173,13 +170,10 @@ if ($_POST['unselectall']) {
write_config();
sync_suricata_package_config();
-
- header("Location: /suricata/suricata_rulesets.php?id=$id");
- exit;
}
-
-if ($_POST['selectall']) {
- $rulesets = array();
+elseif ($_POST['selectall']) {
+ // Start with the required default events and files rules
+ $rulesets = array( "decoder-events.rules", "files.rules", "http-events.rules", "smtp-events.rules", "stream-events.rules" );
if ($_POST['ips_policy_enable'] == "on") {
$a_nat[$id]['ips_policy_enable'] = 'on';
@@ -218,9 +212,6 @@ if ($_POST['selectall']) {
write_config();
sync_suricata_package_config();
-
- header("Location: /suricata/suricata_rulesets.php?id=$id");
- exit;
}
$enabled_rulesets_array = explode("||", $a_nat[$id]['rulesets']);
@@ -234,7 +225,6 @@ include_once("head.inc");
' . $pgtitle . '
';}
/* Display message */
if ($input_errors) {
@@ -282,9 +272,8 @@ if ($savemsg) {
$isrulesfolderempty = glob("{$suricatadir}rules/*.rules");
$iscfgdirempty = array();
if (file_exists("{$suricatadir}suricata_{$suricata_uuid}_{$if_real}/rules/custom.rules"))
- $iscfgdirempty = (array)("{$suricatadir}suricata_{$suricata_uuid}_{$if_real}/rules/custom.rules");
- if (empty($isrulesfolderempty)):
-?>
+ $iscfgdirempty = (array)("{$suricatadir}suricata_{$suricata_uuid}_{$if_real}/rules/custom.rules"); ?>
+
',$suricatadir,''); ?>
@@ -294,14 +283,7 @@ if ($savemsg) {
'' . gettext(" tab."); ?>
|
-
+
@@ -531,7 +513,7 @@ if ($savemsg) {
|
- "/> |
+ "/>
@@ -581,7 +563,7 @@ function enable_change()
for (var i = 0; i < document.iform.elements.length; i++) {
if (document.iform.elements[i].type == 'checkbox') {
var str = document.iform.elements[i].value;
- if (str.substr(0,6) == "suricata_")
+ if (str.substr(0,6) == "snort_")
document.iform.elements[i].disabled = !(endis);
}
}
--
cgit v1.2.3