From 1ef295d754f838935412ddefc8d5fa00c51bcc1c Mon Sep 17 00:00:00 2001 From: Marcello Coutinho Date: Tue, 14 May 2013 00:38:49 -0300 Subject: snort - (re)include two level menu and change start stop icons to toggle status as well show current snort status --- config/snort/snort_alerts.php | 1 + config/snort/snort_barnyard.php | 26 +++- config/snort/snort_blocked.php | 1 + config/snort/snort_define_servers.php | 26 +++- config/snort/snort_download_updates.php | 1 + config/snort/snort_interfaces.php | 45 ++++-- config/snort/snort_interfaces_edit.php | 30 ++-- config/snort/snort_interfaces_global.php | 1 + config/snort/snort_interfaces_suppress.php | 1 + config/snort/snort_interfaces_suppress_edit.php | 14 ++ config/snort/snort_interfaces_whitelist.php | 1 + config/snort/snort_interfaces_whitelist_edit.php | 15 ++ config/snort/snort_preprocessors.php | 26 +++- config/snort/snort_rules.php | 30 ++-- config/snort/snort_rulesets.php | 32 +++-- config/snort/snort_sync.xml | 166 +++++++++++++++++++++++ 16 files changed, 352 insertions(+), 64 deletions(-) create mode 100755 config/snort/snort_sync.xml (limited to 'config') diff --git a/config/snort/snort_alerts.php b/config/snort/snort_alerts.php index eb0912c8..7919b1f2 100755 --- a/config/snort/snort_alerts.php +++ b/config/snort/snort_alerts.php @@ -200,6 +200,7 @@ if ($pconfig['arefresh'] == 'on') $tab_array[4] = array(gettext("Blocked"), false, "/snort/snort_blocked.php"); $tab_array[5] = array(gettext("Whitelists"), false, "/snort/snort_interfaces_whitelist.php"); $tab_array[6] = array(gettext("Suppress"), false, "/snort/snort_interfaces_suppress.php"); + $tab_array[7] = array(gettext("Sync"), false, "/pkg_edit.php?xml=snort/snort_sync.xml"); display_top_tabs($tab_array); ?> diff --git a/config/snort/snort_barnyard.php b/config/snort/snort_barnyard.php index e1de3efd..cf9fb4bd 100644 --- a/config/snort/snort_barnyard.php +++ b/config/snort/snort_barnyard.php @@ -150,14 +150,26 @@ function enable_change(enable_change) { '; + echo ' diff --git a/config/snort/snort_blocked.php b/config/snort/snort_blocked.php index bd7cabbc..40ef61a1 100644 --- a/config/snort/snort_blocked.php +++ b/config/snort/snort_blocked.php @@ -146,6 +146,7 @@ if ($pconfig['brefresh'] == 'on') $tab_array[4] = array(gettext("Blocked"), true, "/snort/snort_blocked.php"); $tab_array[5] = array(gettext("Whitelists"), false, "/snort/snort_interfaces_whitelist.php"); $tab_array[6] = array(gettext("Suppress"), false, "/snort/snort_interfaces_suppress.php"); + $tab_array[7] = array(gettext("Sync"), false, "/pkg_edit.php?xml=snort/snort_sync.xml"); display_top_tabs($tab_array); ?> diff --git a/config/snort/snort_define_servers.php b/config/snort/snort_define_servers.php index b1d71631..307dd8a8 100755 --- a/config/snort/snort_define_servers.php +++ b/config/snort/snort_define_servers.php @@ -166,14 +166,26 @@ if ($savemsg)
'; + $menu_iface=($if_friendly?substr($if_friendly,0,5)." ":"Iface "); $tab_array = array(); - $tab_array[] = array(gettext("Snort Interfaces"), false, "/snort/snort_interfaces.php"); - $tab_array[] = array(gettext("If Settings"), false, "/snort/snort_interfaces_edit.php?id={$id}"); - $tab_array[] = array(gettext("Categories"), false, "/snort/snort_rulesets.php?id={$id}"); - $tab_array[] = array(gettext("Rules"), false, "/snort/snort_rules.php?id={$id}"); - $tab_array[] = array(gettext("Variables"), false, "/snort/snort_define_servers.php?id={$id}"); - $tab_array[] = array(gettext("Preprocessors"), false, "/snort/snort_preprocessors.php?id={$id}"); - $tab_array[] = array(gettext("Barnyard2"), true, "/snort/snort_barnyard.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Settings"), false, "/snort/snort_interfaces_edit.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Categories"), false, "/snort/snort_rulesets.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Rules"), false, "/snort/snort_rules.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Variables"), false, "/snort/snort_define_servers.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Preprocessors"), false, "/snort/snort_preprocessors.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Barnyard2"), true, "/snort/snort_barnyard.php?id={$id}"); display_top_tabs($tab_array); ?>
'; + echo ' diff --git a/config/snort/snort_download_updates.php b/config/snort/snort_download_updates.php index f2250236..4e312f22 100755 --- a/config/snort/snort_download_updates.php +++ b/config/snort/snort_download_updates.php @@ -118,6 +118,7 @@ h += 96; $tab_array[4] = array(gettext("Blocked"), false, "/snort/snort_blocked.php"); $tab_array[5] = array(gettext("Whitelists"), false, "/snort/snort_interfaces_whitelist.php"); $tab_array[6] = array(gettext("Suppress"), false, "/snort/snort_interfaces_suppress.php"); + $tab_array[7] = array(gettext("Sync"), false, "/pkg_edit.php?xml=snort/snort_sync.xml"); display_top_tabs($tab_array); ?> diff --git a/config/snort/snort_interfaces.php b/config/snort/snort_interfaces.php index 4c21cdd9..a2523872 100755 --- a/config/snort/snort_interfaces.php +++ b/config/snort/snort_interfaces.php @@ -184,6 +184,7 @@ if ($pfsense_stable == 'yes')
'; + $menu_iface=($if_friendly?substr($if_friendly,0,5)." ":"Iface "); $tab_array = array(); - $tab_array[] = array(gettext("Snort Interfaces"), false, "/snort/snort_interfaces.php"); - $tab_array[] = array(gettext("If Settings"), false, "/snort/snort_interfaces_edit.php?id={$id}"); - $tab_array[] = array(gettext("Categories"), false, "/snort/snort_rulesets.php?id={$id}"); - $tab_array[] = array(gettext("Rules"), false, "/snort/snort_rules.php?id={$id}"); - $tab_array[] = array(gettext("Variables"), true, "/snort/snort_define_servers.php?id={$id}"); - $tab_array[] = array(gettext("Preprocessors"), false, "/snort/snort_preprocessors.php?id={$id}"); - $tab_array[] = array(gettext("Barnyard2"), false, "/snort/snort_barnyard.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext(" Settings"), false, "/snort/snort_interfaces_edit.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Categories"), false, "/snort/snort_rulesets.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Rules"), false, "/snort/snort_rules.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Variables"), true, "/snort/snort_define_servers.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Preprocessors"), false, "/snort/snort_preprocessors.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Barnyard2"), false, "/snort/snort_barnyard.php?id={$id}"); display_top_tabs($tab_array); ?>
@@ -240,15 +242,28 @@ foreach ($a_nat as $natent): ?> /* convert fake interfaces to real and check if iface is up */ /* There has to be a smarter way to do this */ $if_real = snort_get_real_interface($natent['interface']); + $natend_friendly= snort_get_friendly_interface($natent['interface']); $snort_uuid = $natent['uuid']; - if (snort_is_running($snort_uuid, $if_real) == 'no') - $iconfn = 'pass'; - else + if (snort_is_running($snort_uuid, $if_real) == 'no'){ $iconfn = 'block'; - if (snort_is_running($snort_uuid, $if_real, 'barnyard2') == 'no') - $biconfn = 'pass'; - else + $iconfn_msg1 = 'Snort is not running on '; + $iconfn_msg2 = '. Click to start.'; + } + else{ + $iconfn = 'pass'; + $iconfn_msg1 = 'Snort is running on '; + $iconfn_msg = '. Click to stop.'; + } + if (snort_is_running($snort_uuid, $if_real, 'barnyard2') == 'no'){ $biconfn = 'block'; + $biconfn_msg1 = 'Barnyard2 is not running on '; + $biconfn_msg2 = '. Click to start.'; + } + else{ + $biconfn = 'pass'; + $biconfn_msg1 = 'Barnyard2 is running on '; + $biconfn_msg2 = '. Click to stop.'; + } /* See if interface has any rules defined and set boolean flag */ $no_rules = true; @@ -271,7 +286,7 @@ foreach ($a_nat as $natent): ?> id="frd" ondblclick="document.location='snort_interfaces_edit.php?id=';"> - @@ -417,9 +434,7 @@ foreach ($a_nat as $natent): ?> an interface and settings. - diff --git a/config/snort/snort_interfaces_edit.php b/config/snort/snort_interfaces_edit.php index 71cdc185..36bc628d 100755 --- a/config/snort/snort_interfaces_edit.php +++ b/config/snort/snort_interfaces_edit.php @@ -182,15 +182,27 @@ include_once("head.inc");
echo " "; + title='" . gettext($iconfn_msg1.$natend_friendly.$iconfn_msg2) . "'>"; echo ($no_rules) ? " " : ""; } else echo strtoupper("disabled"); @@ -325,7 +340,7 @@ foreach ($a_nat as $natent): ?> echo " "; + title='" . gettext($biconfn_msg1.$natend_friendly.$biconfn_msg2) . "'>"; } else echo strtoupper("disabled"); ?> @@ -406,9 +421,11 @@ foreach ($a_nat as $natent): ?>   Click on the "> icon to start - snort and barnyard2. + "> + "> icons will show current + snort and barnyard2 status.
  Click on the "> icon to stop - snort and barnyard2. + Click on the status icons to toggle snort and barnyard2 status.
'; + echo ' diff --git a/config/snort/snort_interfaces_suppress.php b/config/snort/snort_interfaces_suppress.php index 32f2f6ba..30c5c2c0 100644 --- a/config/snort/snort_interfaces_suppress.php +++ b/config/snort/snort_interfaces_suppress.php @@ -79,6 +79,7 @@ if($pfsense_stable == 'yes'){echo '

' . $pgtitle . '

';} $tab_array[4] = array(gettext("Blocked"), false, "/snort/snort_blocked.php"); $tab_array[5] = array(gettext("Whitelists"), false, "/snort/snort_interfaces_whitelist.php"); $tab_array[6] = array(gettext("Suppress"), true, "/snort/snort_interfaces_suppress.php"); + $tab_array[7] = array(gettext("Sync"), false, "/pkg_edit.php?xml=snort/snort_sync.xml"); display_top_tabs($tab_array); ?> diff --git a/config/snort/snort_interfaces_suppress_edit.php b/config/snort/snort_interfaces_suppress_edit.php index 1d2ad225..0042863c 100644 --- a/config/snort/snort_interfaces_suppress_edit.php +++ b/config/snort/snort_interfaces_suppress_edit.php @@ -141,6 +141,20 @@ if ($savemsg) ?>
'; + $tab_array = array(); + $menu_iface=($if_friendly?substr($if_friendly,0,5)." ":"Iface "); + $tab_array[] = array($menu_iface . gettext("Settings"), true, "/snort/snort_interfaces_edit.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Categories"), false, "/snort/snort_rulesets.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Rules"), false, "/snort/snort_rules.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Variables"), false, "/snort/snort_define_servers.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Preprocessors"), false, "/snort/snort_preprocessors.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Barnyard2"), false, "/snort/snort_barnyard.php?id={$id}"); + display_top_tabs($tab_array); ?>
diff --git a/config/snort/snort_interfaces_global.php b/config/snort/snort_interfaces_global.php index 3c544436..29217604 100644 --- a/config/snort/snort_interfaces_global.php +++ b/config/snort/snort_interfaces_global.php @@ -142,6 +142,7 @@ function enable_snort_vrt(btn) { $tab_array[4] = array(gettext("Blocked"), false, "/snort/snort_blocked.php"); $tab_array[5] = array(gettext("Whitelists"), false, "/snort/snort_interfaces_whitelist.php"); $tab_array[6] = array(gettext("Suppress"), false, "/snort/snort_interfaces_suppress.php"); + $tab_array[7] = array(gettext("Sync"), false, "/pkg_edit.php?xml=snort/snort_sync.xml"); display_top_tabs($tab_array); ?>
+
+ +
diff --git a/config/snort/snort_interfaces_whitelist.php b/config/snort/snort_interfaces_whitelist.php index a925ad45..27f48e16 100644 --- a/config/snort/snort_interfaces_whitelist.php +++ b/config/snort/snort_interfaces_whitelist.php @@ -85,6 +85,7 @@ if ($savemsg) print_info_box($savemsg); $tab_array[4] = array(gettext("Blocked"), false, "/snort/snort_blocked.php"); $tab_array[5] = array(gettext("Whitelists"), true, "/snort/snort_interfaces_whitelist.php"); $tab_array[6] = array(gettext("Suppress"), false, "/snort/snort_interfaces_suppress.php"); + $tab_array[7] = array(gettext("Sync"), false, "/pkg_edit.php?xml=snort/snort_sync.xml"); display_top_tabs($tab_array); ?> diff --git a/config/snort/snort_interfaces_whitelist_edit.php b/config/snort/snort_interfaces_whitelist_edit.php index 2f2afdad..4559f1b5 100644 --- a/config/snort/snort_interfaces_whitelist_edit.php +++ b/config/snort/snort_interfaces_whitelist_edit.php @@ -170,6 +170,21 @@ if ($savemsg)
+ +
+ +
diff --git a/config/snort/snort_preprocessors.php b/config/snort/snort_preprocessors.php index 705dfe24..14e51ed3 100755 --- a/config/snort/snort_preprocessors.php +++ b/config/snort/snort_preprocessors.php @@ -394,14 +394,26 @@ include_once("head.inc");
'; + echo ' diff --git a/config/snort/snort_rules.php b/config/snort/snort_rules.php index 609eb052..cbb1fe50 100755 --- a/config/snort/snort_rules.php +++ b/config/snort/snort_rules.php @@ -322,15 +322,27 @@ h += 96;
'; + $menu_iface=($if_friendly?substr($if_friendly,0,5)." ":"Iface "); $tab_array = array(); - $tab_array[] = array(gettext("Snort Interfaces"), false, "/snort/snort_interfaces.php"); - $tab_array[] = array(gettext("If Settings"), false, "/snort/snort_interfaces_edit.php?id={$id}"); - $tab_array[] = array(gettext("Categories"), false, "/snort/snort_rulesets.php?id={$id}"); - $tab_array[] = array(gettext("Rules"), false, "/snort/snort_rules.php?id={$id}"); - $tab_array[] = array(gettext("Variables"), false, "/snort/snort_define_servers.php?id={$id}"); - $tab_array[] = array(gettext("Preprocessors"), true, "/snort/snort_preprocessors.php?id={$id}"); - $tab_array[] = array(gettext("Barnyard2"), false, "/snort/snort_barnyard.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Settings"), false, "/snort/snort_interfaces_edit.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Categories"), false, "/snort/snort_rulesets.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Rules"), false, "/snort/snort_rules.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Variables"), false, "/snort/snort_define_servers.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Preprocessors"), true, "/snort/snort_preprocessors.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Barnyard2"), false, "/snort/snort_barnyard.php?id={$id}"); display_top_tabs($tab_array); ?>
'; + echo '
'; + $menu_iface=($if_friendly?substr($if_friendly,0,5)." ":"Iface ");; + $tab_array = array(); + $tab_array[] = array($menu_iface . gettext("Settings"), false, "/snort/snort_interfaces_edit.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Categories"), false, "/snort/snort_rulesets.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Rules"), true, "/snort/snort_rules.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Variables"), false, "/snort/snort_define_servers.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Preprocessors"), false, "/snort/snort_preprocessors.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Barnyard2"), false, "/snort/snort_barnyard.php?id={$id}"); + display_top_tabs($tab_array); ?>
diff --git a/config/snort/snort_rulesets.php b/config/snort/snort_rulesets.php index 4a7380b1..f9fb6aa8 100755 --- a/config/snort/snort_rulesets.php +++ b/config/snort/snort_rulesets.php @@ -257,16 +257,28 @@ function enable_change() '; + echo ' diff --git a/config/snort/snort_sync.xml b/config/snort/snort_sync.xml new file mode 100755 index 00000000..30d935ee --- /dev/null +++ b/config/snort/snort_sync.xml @@ -0,0 +1,166 @@ + + + + + +. +All rights reserved. +*/ +/* ========================================================================== */ +/* +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + +1. Redistributions of source code MUST retain the above copyright notice, +this list of conditions and the following disclaimer. + +2. Redistributions in binary form MUST reproduce the above copyright +notice, this list of conditions and the following disclaimer in the +documentation and/or other materials provided with the distribution. + +THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, +INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY +AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, +OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. +*/ +/* ========================================================================== */ +]]> + + Describe your package requirements here + Currently there are no FAQ items provided. + snortsync + 1.3_1 pkg v.1.9 + Proxy server snort: XMLRPC Sync + + + + Snort Interfaces + /snort/snort_interfaces.php + + + Global Settings + /snort/snort_interfaces_global.php + + + Updates + /snort/snort_download_updates.php + + + Alerts + /snort/snort_alerts.php + + + Blocked + /snort/snort_blocked.php + + + Whitelists + /snort/snort_interfaces_whitelist.php + + + Suppress + /snort/snort_interfaces_suppress.php + + + Sync + /pkg_edit.php?xml=snort_sync.xml&id=0 + + + + + + Snort XMLRPC Sync + listtopic + + + Enable Sync + varsyncenablexmlrpc + + Important: While using "Sync to hosts defined below", only sync from host A to B, A to C but do not enable XMLRPC sync to A. This will result in a loop!]]> + select + + auto + + + + + + + + XMLRPC timeout + varsynctimeout + + input + 150 + 5 + + + + Destination Server + none + rowhelper + + + Enable + varsyncdestinenable + checkbox + + + GUI Protocol + varsyncprotocol + http or https]]> + select + HTTP + + + + + + + GUI IP-Address + varsyncipaddress + + input + 15 + + + GUI Port + varsyncport + + input + 3 + + + GUI Admin Password + varsyncpassword + + password + 20 + + + + + + snort_resync(); + + + snort_resync(); + + -- cgit v1.2.3 From 68970450506e68d97398e0f39709e175434cd55b Mon Sep 17 00:00:00 2001 From: Marcello Coutinho Date: Tue, 14 May 2013 01:48:53 -0300 Subject: snort - include sync code Current status: it replicates xml config, but It's not calling all snort functions after config save. --- config/snort/snort.inc | 154 +++++++++++++++++++++++++++++++++++++++++++- config/snort/snort_sync.xml | 12 ++-- 2 files changed, 159 insertions(+), 7 deletions(-) (limited to 'config') diff --git a/config/snort/snort.inc b/config/snort/snort.inc index 236cb107..430e5a95 100755 --- a/config/snort/snort.inc +++ b/config/snort/snort.inc @@ -34,6 +34,7 @@ require_once("pfsense-utils.inc"); require_once("config.inc"); require_once("functions.inc"); require_once("service-utils.inc"); +require_once("pkg-utils.inc"); // Needed on 2.0 because of filter_get_vpns_list() require_once("filter.inc"); @@ -887,7 +888,9 @@ function sync_snort_package_config() { snort_rules_up_install_cron($snortglob['autorulesupdate7'] != "never_up" ? true : false); configure_cron(); - + + snort_sync_on_changes(); + conf_mount_ro(); } @@ -3040,4 +3043,153 @@ EOD; unset($home_net, $external_net, $vardef, $portvardef); } +/* Uses XMLRPC to synchronize the changes to a remote node */ +function snort_sync_on_changes() { + global $config, $g; + if (is_array($config['installedpackages']['snortsync']['config'])){ + $snort_sync=$config['installedpackages']['snortsync']['config'][0]; + $synconchanges = $snort_sync['varsynconchanges']; + $synctimeout = $snort_sync['varsynctimeout']; + switch ($synconchanges){ + case "manual": + if (is_array($snort_sync[row])){ + $rs=$snort_sync[row]; + } + else{ + log_error("[snort] xmlrpc sync is enabled but there is no hosts to push snort config."); + return; + } + break; + case "auto": + if (is_array($config['installedpackages']['carpsettings']) && is_array($config['installedpackages']['carpsettings']['config'])){ + $system_carp=$config['installedpackages']['carpsettings']['config'][0]; + $rs[0]['varsyncipaddress']=$system_carp['synchronizetoip']; + $rs[0]['varsyncusername']=$system_carp['username']; + $rs[0]['varsyncpassword']=$system_carp['password']; + if ($system_carp['synchronizetoip'] ==""){ + log_error("[snort] xmlrpc sync is enabled but there is no system backup hosts to push snort config."); + return; + } + } + else{ + log_error("[snort] xmlrpc sync is enabled but there is no system backup hosts to push snort config."); + return; + } + break; + default: + return; + break; + } + if (is_array($rs)){ + log_error("[snort] xmlrpc sync is starting."); + foreach($rs as $sh){ + $sync_to_ip = $sh['varsyncipaddress']; + $password = $sh['varsyncpassword']; + if($sh['varsyncusername']) + $username = $sh['varsyncusername']; + else + $username = 'admin'; + if($password && $sync_to_ip) + snort_do_xmlrpc_sync($sync_to_ip, $username, $password,$synctimeout); + } + log_error("[snort] xmlrpc sync is ending."); + } + } +} +/* Do the actual XMLRPC sync */ +function snort_do_xmlrpc_sync($sync_to_ip, $username, $password, $synctimeout) { + global $config, $g; + + if(!$username) + return; + + if(!$password) + return; + + if(!$sync_to_ip) + return; + + if(!$synctimeout) + $synctimeout=150; + + + $xmlrpc_sync_neighbor = $sync_to_ip; + if($config['system']['webgui']['protocol'] != "") { + $synchronizetoip = $config['system']['webgui']['protocol']; + $synchronizetoip .= "://"; + } + $port = $config['system']['webgui']['port']; + /* if port is empty lets rely on the protocol selection */ + if($port == "") { + if($config['system']['webgui']['protocol'] == "http") + $port = "80"; + else + $port = "443"; + } + $synchronizetoip .= $sync_to_ip; + + /* xml will hold the sections to sync */ + $xml = array(); + $xml['snortglobal'] = $config['installedpackages']['snortglobal']; + /* assemble xmlrpc payload */ + $params = array( + XML_RPC_encode($password), + XML_RPC_encode($xml) + ); + + /* set a few variables needed for sync code borrowed from filter.inc */ + $url = $synchronizetoip; + log_error("Beginning snort XMLRPC sync to {$url}:{$port}."); + $method = 'pfsense.merge_installedpackages_section_xmlrpc'; + $msg = new XML_RPC_Message($method, $params); + $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); + $cli->setCredentials($username, $password); + if($g['debug']) + $cli->setDebug(1); + /* send our XMLRPC message and timeout after defined sync timeout value*/ + $resp = $cli->send($msg, $synctimeout); + if(!$resp) { + $error = "A communications error occurred while attempting snort XMLRPC sync with {$url}:{$port}."; + log_error($error); + file_notice("sync_settings", $error, "snort Settings Sync", ""); + } elseif($resp->faultCode()) { + $cli->setDebug(1); + $resp = $cli->send($msg, $synctimeout); + $error = "An error code was received while attempting snort XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); + log_error($error); + file_notice("sync_settings", $error, "snort Settings Sync", ""); + } else { + log_error("snort XMLRPC sync successfully completed with {$url}:{$port}."); + } + + /* tell squid to reload our settings on the destination sync host. */ + $method = 'pfsense.exec_php'; + $execcmd = "require_once('/usr/local/pkg/snort/snort.inc');\n"; + $execcmd .= "sync_snort_package_config();"; + /* assemble xmlrpc payload */ + $params = array( + XML_RPC_encode($password), + XML_RPC_encode($execcmd) + ); + + log_error("snort XMLRPC reload data {$url}:{$port}."); + $msg = new XML_RPC_Message($method, $params); + $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); + $cli->setCredentials($username, $password); + $resp = $cli->send($msg, $synctimeout); + if(!$resp) { + $error = "A communications error occurred while attempting snort XMLRPC sync with {$url}:{$port} (pfsense.exec_php)."; + log_error($error); + file_notice("sync_settings", $error, "snort Settings Sync", ""); + } elseif($resp->faultCode()) { + $cli->setDebug(1); + $resp = $cli->send($msg, $synctimeout); + $error = "An error code was received while attempting snort XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); + log_error($error); + file_notice("sync_settings", $error, "snort Settings Sync", ""); + } else { + log_error("snort XMLRPC reload data success with {$url}:{$port} (pfsense.exec_php)."); + } + +} ?> diff --git a/config/snort/snort_sync.xml b/config/snort/snort_sync.xml index 30d935ee..5bfeba12 100755 --- a/config/snort/snort_sync.xml +++ b/config/snort/snort_sync.xml @@ -46,9 +46,9 @@ POSSIBILITY OF SUCH DAMAGE. Describe your package requirements here Currently there are no FAQ items provided. snortsync - 1.3_1 pkg v.1.9 + 1.0 Proxy server snort: XMLRPC Sync - + /usr/local/pkg/snort/snort.inc Snort Interfaces @@ -80,7 +80,7 @@ POSSIBILITY OF SUCH DAMAGE. Sync - /pkg_edit.php?xml=snort_sync.xml&id=0 + /pkg_edit.php?xml=snort/snort_sync.xml @@ -91,7 +91,7 @@ POSSIBILITY OF SUCH DAMAGE. Enable Sync - varsyncenablexmlrpc + varsynconchanges Important: While using "Sync to hosts defined below", only sync from host A to B, A to C but do not enable XMLRPC sync to A. This will result in a loop!]]> select @@ -158,9 +158,9 @@ POSSIBILITY OF SUCH DAMAGE. - snort_resync(); + write_config();snort_sync_on_changes(); - snort_resync(); + write_config();snort_sync_on_changes(); -- cgit v1.2.3 From 2ac73febaa378f102c7192f3d401b4f153acd45b Mon Sep 17 00:00:00 2001 From: Marcello Coutinho Date: Tue, 14 May 2013 01:52:55 -0300 Subject: snort - fix small typo --- config/snort/snort_interfaces.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'config') diff --git a/config/snort/snort_interfaces.php b/config/snort/snort_interfaces.php index a2523872..c2a66f98 100755 --- a/config/snort/snort_interfaces.php +++ b/config/snort/snort_interfaces.php @@ -252,7 +252,7 @@ foreach ($a_nat as $natent): ?> else{ $iconfn = 'pass'; $iconfn_msg1 = 'Snort is running on '; - $iconfn_msg = '. Click to stop.'; + $iconfn_msg2 = '. Click to stop.'; } if (snort_is_running($snort_uuid, $if_real, 'barnyard2') == 'no'){ $biconfn = 'block'; -- cgit v1.2.3
-
'; + $menu_iface=($if_friendly?substr($if_friendly,0,5)." ":"Iface "); + $tab_array = array(); + $tab_array[] = array($menu_iface . gettext("Settings"), false, "/snort/snort_interfaces_edit.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Categories"), true, "/snort/snort_rulesets.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Rules"), false, "/snort/snort_rules.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Variables"), false, "/snort/snort_define_servers.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Preprocessors"), false, "/snort/snort_preprocessors.php?id={$id}"); + $tab_array[] = array($menu_iface . gettext("Barnyard2"), false, "/snort/snort_barnyard.php?id={$id}"); + display_top_tabs($tab_array); ?>