From 46ba3729b4bbf7dd321fc3555677a66c67f4c784 Mon Sep 17 00:00:00 2001
From: bmeeks8 <bmeeks8@bellsouth.net>
Date: Thu, 4 Sep 2014 16:28:27 -0400
Subject: Add new GUI control for setting interface promisc mode on/off.

---
 config/suricata/suricata_generate_yaml.php   |  5 +++++
 config/suricata/suricata_interfaces_edit.php | 13 +++++++++++++
 config/suricata/suricata_migrate_config.php  |  8 ++++++++
 config/suricata/suricata_yaml_template.inc   |  1 +
 4 files changed, 27 insertions(+)

(limited to 'config')

diff --git a/config/suricata/suricata_generate_yaml.php b/config/suricata/suricata_generate_yaml.php
index 0715471d..8e3e538c 100644
--- a/config/suricata/suricata_generate_yaml.php
+++ b/config/suricata/suricata_generate_yaml.php
@@ -165,6 +165,11 @@ if ($suricatacfg['delayed_detect'] == 'on')
 else
 	$delayed_detect = "no";
 
+if ($suricatacfg['intf_promisc_mode'] == 'on')
+	$intf_promisc_mode = "yes";
+else
+	$intf_promisc_mode = "no";
+
 // Add interface-specific blocking settings
 if ($suricatacfg['blockoffenders'] == 'on')
 	$suri_blockoffenders = "yes";
diff --git a/config/suricata/suricata_interfaces_edit.php b/config/suricata/suricata_interfaces_edit.php
index ff21b48f..e1e6675f 100644
--- a/config/suricata/suricata_interfaces_edit.php
+++ b/config/suricata/suricata_interfaces_edit.php
@@ -169,6 +169,8 @@ if (empty($pconfig['eve_log_files']))
 	$pconfig['eve_log_files'] = "on";
 if (empty($pconfig['eve_log_ssh']))
 	$pconfig['eve_log_ssh'] = "on";
+if (empty($pconfig['intf_promisc_mode']))
+	$pconfig['intf_promisc_mode'] = "on";
 
 // See if creating a new interface by duplicating an existing one
 if (strcasecmp($action, 'dup') == 0) {
@@ -300,6 +302,7 @@ if ($_POST["save"] && !$input_errors) {
 		if ($_POST['eve_log_files'] == "on") { $natent['eve_log_files'] = 'on'; }else{ $natent['eve_log_files'] = 'off'; }
 		if ($_POST['eve_log_ssh'] == "on") { $natent['eve_log_ssh'] = 'on'; }else{ $natent['eve_log_ssh'] = 'off'; }
 		if ($_POST['delayed_detect'] == "on") { $natent['delayed_detect'] = 'on'; }else{ $natent['delayed_detect'] = 'off'; }
+		if ($_POST['intf_promisc_mode'] == "on") { $natent['intf_promisc_mode'] = 'on'; }else{ $natent['intf_promisc_mode'] = 'off'; }
 		if ($_POST['configpassthru']) $natent['configpassthru'] = base64_encode(str_replace("\r\n", "\n", $_POST['configpassthru'])); else unset($natent['configpassthru']);
 
 		$if_real = get_real_interface($natent['interface']);
@@ -367,6 +370,7 @@ if ($_POST["save"] && !$input_errors) {
 			$natent['enable_midstream_sessions'] = 'off';
 			$natent['enable_async_sessions'] = 'off';
 			$natent['delayed_detect'] = 'off';
+			$natent['intf_promisc_mode'] = 'on';
 
 			$natent['asn1_max_frames'] = '256';
 			$natent['dns_global_memcap'] = "16777216";
@@ -884,6 +888,14 @@ if ($savemsg) {
 			<?php echo gettext("Suricata will build list of signatures after packet capture threads have started.  Default is ") . 
 			"<strong>" . gettext("Not Checked") . "</strong>."; ?></td>
 	</tr>
+	<tr>
+		<td width="22%" valign="top" class="vncell"><?php echo gettext("Promiscuous Mode"); ?></td>
+		<td width="78%" class="vtable">
+			<input name="intf_promisc_mode" id="intf_promisc_mode" type="checkbox" value="on"
+			<?php if ($pconfig['intf_promisc_mode'] == "on") echo " checked"; ?>/>
+			<?php echo gettext("Suricata will place the monitored interface in promiscuous mode when checked.  Default is ") . 
+			"<strong>" . gettext("Checked") . "</strong>."; ?></td>
+	</tr>
 	<tr>
 		<td colspan="2" class="listtopic"><?php echo gettext("Networks " . "Suricata Should Inspect and Protect"); ?></td>
 	</tr>
@@ -1197,6 +1209,7 @@ function enable_change(enable_change) {
 	document.iform.btnPasslist.disabled=endis;
 	document.iform.btnSuppressList.disabled=endis;
 	document.iform.delayed_detect.disabled=endis;
+	document.iform.intf_promisc_mode.disabled=endis;
 }
 
 function wopen(url, name, w, h) {
diff --git a/config/suricata/suricata_migrate_config.php b/config/suricata/suricata_migrate_config.php
index abbdcf64..ba13155b 100644
--- a/config/suricata/suricata_migrate_config.php
+++ b/config/suricata/suricata_migrate_config.php
@@ -123,6 +123,14 @@ foreach ($rule as &$r) {
 		$updated_cfg = true;
 	}
 
+	/***********************************************************/
+	/* Add new interface promisc mode value and default 'on'.  */
+	/***********************************************************/
+	if (empty($pconfig['intf_promisc_mode'])) {
+		$pconfig['intf_promisc_mode'] = "on";
+		$updated_cfg = true;
+	}
+
 	/***********************************************************/
 	/* Add new HTTP Log Extended Info setting if not present   */
 	/***********************************************************/
diff --git a/config/suricata/suricata_yaml_template.inc b/config/suricata/suricata_yaml_template.inc
index e75a1148..82c449d3 100644
--- a/config/suricata/suricata_yaml_template.inc
+++ b/config/suricata/suricata_yaml_template.inc
@@ -256,6 +256,7 @@ logging:
 pcap:
   - interface: {$if_real}
     checksum-checks: auto
+    promisc: {$intf_promisc_mode}
 
 # For FreeBSD ipfw(8) divert(4) support.
 #   ipfw add 100 divert 8000 ip from any to any
-- 
cgit v1.2.3