From 07cf2c4b20230ddedee1bf9dddc1e7cd407385f5 Mon Sep 17 00:00:00 2001 From: Renato Botelho Date: Thu, 5 Feb 2015 10:02:24 -0200 Subject: Packages repo cleanup: - Drop support for pfSense < 2 - Remove archive/, old files can be reached using git - Remove old and unused packages - Move stale files from config subdir to a package subdir --- config/widget-snort/snort_alerts.js | 90 -------------- config/widget-snort/snort_alerts.widget.php | 180 ---------------------------- config/widget-snort/widget-snort.inc | 29 ----- config/widget-snort/widget-snort.xml | 70 ----------- 4 files changed, 369 deletions(-) delete mode 100644 config/widget-snort/snort_alerts.js delete mode 100644 config/widget-snort/snort_alerts.widget.php delete mode 100644 config/widget-snort/widget-snort.inc delete mode 100644 config/widget-snort/widget-snort.xml (limited to 'config/widget-snort') diff --git a/config/widget-snort/snort_alerts.js b/config/widget-snort/snort_alerts.js deleted file mode 100644 index c5c743df..00000000 --- a/config/widget-snort/snort_alerts.js +++ /dev/null @@ -1,90 +0,0 @@ - -var snortlines = Array(); -var snorttimer; -var snortupdateDelay = 22000; -var snortisBusy = false; -var snortisPaused = false; - -function snort_alerts_fetch_new_rules_callback(callback_data) { - if(snortisPaused) - return; - - var data_split; - var new_data_to_add = Array(); - var data = callback_data.content; - - data_split = data.split("\n"); - - for(var x=0; x' + row_split[7]+ ''; - line += '' + row_split[3] + '
' + row_split[4] + ''; - line += '' + 'Pri : ' + row_split[1] + '
' + 'Cat : ' + row_split[2] + ''; - new_data_to_add[new_data_to_add.length] = line; - } - snort_alerts_update_div_rows(new_data_to_add); - snortisBusy = false; -} -function snort_alerts_update_div_rows(data) { - if(snortisPaused) - return; - - var isIE = navigator.appName.indexOf('Microsoft') != -1; - var isSafari = navigator.userAgent.indexOf('Safari') != -1; - var isOpera = navigator.userAgent.indexOf('Opera') != -1; - var rulestable = document.getElementById('snort_alerts'); - var rows = rulestable.getElementsByTagName('tr'); - var showanim = 1; - if (isIE) { - showanim = 0; - } - //alert(data.length); - for(var x=0; x 0; i--) { - nextrecord = i + 1; - if(nextrecord < numrows) - rows[nextrecord].innerHTML = rows[i].innerHTML; - } - } - var item = document.getElementById('snort-firstrow'); - if(x == data.length-1) { - /* nothing */ - showanim = false; - } else { - showanim = false; - } - if (showanim) { - item.style.display = 'none'; - item.innerHTML = data[x]; - new Effect.Appear(item); - } else { - item.innerHTML = data[x]; - } - } - /* rechedule AJAX interval */ - snorttimer = setInterval('snort_alerts_fetch_new_rules()', snortupdateDelay); -} -function snort_alerts_toggle_pause() { - if(snortisPaused) { - snortisPaused = false; - snort_alerts_fetch_new_rules(); - } else { - snortisPaused = true; - } -} -/* start local AJAX engine */ -snorttimer = setInterval('snort_alerts_fetch_new_rules()', snortupdateDelay); diff --git a/config/widget-snort/snort_alerts.widget.php b/config/widget-snort/snort_alerts.widget.php deleted file mode 100644 index ddf8ac59..00000000 --- a/config/widget-snort/snort_alerts.widget.php +++ /dev/null @@ -1,180 +0,0 @@ - $val){ - $offset = 0; - $found = false; - foreach ($temp_array as $tmp_key => $tmp_val) { - if (!$found and strtolower($val[$subkey]) > strtolower($tmp_val[$subkey])) { - $temp_array = array_merge((array)array_slice($temp_array,0,$offset), array($key => $val), array_slice($temp_array,$offset)); - $found = true; - }; - $offset++; - }; - if (!$found) $temp_array = array_merge($temp_array, array($key => $val)); - }; - - if ($sort_ascending) { - $array = array_reverse($temp_array); - } else $array = $temp_array; - /* below is the complement for empty array test */ - return true; -}; - -/* check if firewall widget variable is set */ -$nentries = $config['widgets']['widget_snort_display_lines']; -if (!isset($nentries) || $nentries < 0) $nentries = 5; - -if(isset($_POST['widget_snort_display_lines'])) { - $config['widgets']['widget_snort_display_lines'] = $_POST['widget_snort_display_lines']; - write_config("Saved Snort Alerts Widget Displayed Lines Parameter via Dashboard"); - header("Location: ../../index.php"); -} - -/* check if Snort include file exists before we use it */ -if (file_exists("/usr/local/pkg/snort/snort.inc")) { - require_once("/usr/local/pkg/snort/snort.inc"); - - /* retrieve snort variables */ - if (!is_array($config['installedpackages']['snortglobal']['rule'])) - $config['installedpackages']['snortglobal']['rule'] = array(); - $a_instance = &$config['installedpackages']['snortglobal']['rule']; - - /* read log file(s) */ - $counter=0; - foreach ($a_instance as $instanceid => $instance) { - $snort_uuid = $a_instance[$instanceid]['uuid']; - $if_real = snort_get_real_interface($a_instance[$instanceid]['interface']); - - /* make sure alert file exists */ - if (file_exists("/var/log/snort/snort_{$if_real}{$snort_uuid}/alert")) { - exec("tail -n{$nentries} /var/log/snort/snort_{$if_real}{$snort_uuid}/alert > /tmp/alert_{$snort_uuid}"); - if (file_exists("/tmp/alert_{$snort_uuid}")) { - $tmpblocked = array_flip(snort_get_blocked_ips()); - - /* 0 1 2 3 4 5 6 7 8 9 10 11 12 */ - /* File format timestamp,sig_generator,sig_id,sig_rev,msg,proto,src,srcport,dst,dstport,id,classification,priority */ - $fd = fopen("/tmp/alert_{$snort_uuid}", "r"); - while (($fields = fgetcsv($fd, 1000, ',', '"')) !== FALSE) { - if(count($fields) < 11) - continue; - - $snort_alerts[$counter]['instanceid'] = $a_instance[$instanceid]['interface']; - // fields[0] is the timestamp. Reverse its date order to YY/MM/DD for proper sorting - $tmp = substr($fields[0],6,2) . '/' . substr($fields[0],0,2) . '/' . substr($fields[0],3,2); - $snort_alerts[$counter]['timestamp'] = str_replace(substr($fields[0],0,8),$tmp,$fields[0]); - $snort_alerts[$counter]['timeonly'] = substr($fields[0], strpos($fields[0], '-')+1, -8); - $snort_alerts[$counter]['dateonly'] = substr($fields[0], 0, strpos($fields[0], '-')); - $snort_alerts[$counter]['src'] = $fields[6]; - $snort_alerts[$counter]['srcport'] = $fields[7]; - $snort_alerts[$counter]['dst'] = $fields[8]; - $snort_alerts[$counter]['dstport'] = $fields[9]; - $snort_alerts[$counter]['priority'] = $fields[12]; - $snort_alerts[$counter]['category'] = $fields[11]; - $counter++; - }; - fclose($fd); - @unlink("/tmp/alert_{$snort_uuid}"); - }; - }; - }; - - /* sort the array */ - if (isset($config['syslog']['reverse'])) { - sksort($snort_alerts, 'timestamp', false); - } else { - sksort($snort_alerts, 'timestamp', true); - }; -} else { - $msg = gettext("The Snort package is not installed."); -} - -/* display the result */ -?> - - - - - - - - - - - - - - - - "); - $counter++; - if($counter >= $nentries) break; - } -} else { - if (!empty($msg)) { - echo (" - - "); - } -} -?> - -
IF/DateSrc/DstDetails
" . $alert['instanceid'] . "
" . $alert['timeonly'] . " " . $alert['dateonly'] . "		" . $alert['src'] . ":" . $alert['srcport'] . "
" . $alert['dst'] . ":" . $alert['dstport'] . "		Pri : " . $alert['priority'] . "
Cat : " . $alert['category'] . "

{$msg}
- - - - diff --git a/config/widget-snort/widget-snort.inc b/config/widget-snort/widget-snort.inc deleted file mode 100644 index b9cfbeac..00000000 --- a/config/widget-snort/widget-snort.inc +++ /dev/null @@ -1,29 +0,0 @@ - $widget) { - if (strstr($widget, "snort_alerts-container")) - unset($widgetlist[$key]); - } - $config['widgets']['sequence'] = implode(",", $widgetlist); - write_config(); - } - - /* Remove our associated files */ - unlink("/usr/local/www/widgets/include/widget-snort.inc"); - unlink("/usr/local/www/widgets/widgets/snort_alerts.widget.php"); - unlink("/usr/local/www/widgets/javascript/snort_alerts.js"); -} -?> diff --git a/config/widget-snort/widget-snort.xml b/config/widget-snort/widget-snort.xml deleted file mode 100644 index 959f9529..00000000 --- a/config/widget-snort/widget-snort.xml +++ /dev/null @@ -1,70 +0,0 @@ - - - - - - . - All rights reserved. - */ -/* ========================================================================== */ -/* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ -/* ========================================================================== */ - ]]> - - Snort widget add-on for Dashboard package - Dashboard package and Snort - Currently there are no FAQ items provided. - widget-snort - 0.3.6 - Widget - Snort - /usr/local/www/widgets/include/widget-snort.inc - - /usr/local/www/widgets/javascript/ - 0644 - https://packages.pfsense.org/packages/config/widget-snort/snort_alerts.js - - - /usr/local/www/widgets/widgets/ - 0644 - https://packages.pfsense.org/packages/config/widget-snort/snort_alerts.widget.php - - - /usr/local/www/widgets/include/ - 0644 - https://packages.pfsense.org/packages/config/widget-snort/widget-snort.inc - - - widget_snort_uninstall(); - - -- cgit v1.2.3