From 5b7a1a95cd5a18180cfa3e83e65577a0b30583fa Mon Sep 17 00:00:00 2001 From: Renato Botelho Date: Tue, 24 Jul 2012 08:20:19 -0300 Subject: Remove gettext() calls from log_error(), it makes no sense to translate logs --- config/snort/snort_check_for_rule_updates.php | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) (limited to 'config') diff --git a/config/snort/snort_check_for_rule_updates.php b/config/snort/snort_check_for_rule_updates.php index 5b357cb7..689b3174 100644 --- a/config/snort/snort_check_for_rule_updates.php +++ b/config/snort/snort_check_for_rule_updates.php @@ -78,7 +78,7 @@ if ($snortdownload == 'on') { @file_put_contents("{$tmpfname}/{$snort_filename_md5}", $image); if (0 == filesize("{$tmpfname}/{$snort_filename_md5}")) { update_status(gettext("Please wait... You may only check for New Rules every 15 minutes...")); - log_error(gettext("Please wait... You may only check for New Rules every 15 minutes...")); + log_error("Please wait... You may only check for New Rules every 15 minutes..."); update_output_window(gettext("Rules are released every month from snort.org. You may download the Rules at any time.")); $snortdownload = 'off'; } else @@ -101,12 +101,12 @@ if ($snortdownload == 'on') { /* download snortrules file */ if ($snortdownload == 'on') { update_status(gettext("There is a new set of Snort.org rules posted. Downloading...")); - log_error(gettext("There is a new set of Snort.org rules posted. Downloading...")); + log_error("There is a new set of Snort.org rules posted. Downloading..."); download_file_with_progress_bar("http://www.snort.org/pub-bin/oinkmaster.cgi/{$oinkid}/{$snort_filename}", "{$tmpfname}/{$snort_filename}"); update_status(gettext("Done downloading rules file.")); if (300000 > filesize("{$tmpfname}/$snort_filename")){ update_output_window(gettext("Snort rules file downloaded failed...")); - log_error(gettext("Snort rules file downloaded failed...")); + log_error("Snort rules file downloaded failed..."); $snortdownload = 'off'; } } @@ -125,7 +125,7 @@ if ($emergingthreats == 'on') { $emerg_md5_check_old = file_get_contents("{$snortdir}/{$emergingthreats_filename_md5}"); if ($emerg_md5_check_new == $emerg_md5_check_old) { update_status(gettext("Emerging threat rules are up to date...")); - log_error(gettext("Emerging threat rules are up to date...")); + log_error("Emerging threat rules are up to date..."); $emergingthreats = 'off'; } } @@ -134,7 +134,7 @@ if ($emergingthreats == 'on') { /* download emergingthreats rules file */ if ($emergingthreats == "on") { update_status(gettext("There is a new set of Emergingthreats rules posted. Downloading...")); - log_error(gettext("There is a new set of Emergingthreats rules posted. Downloading...")); + log_error("There is a new set of Emergingthreats rules posted. Downloading..."); download_file_with_progress_bar("http://rules.emergingthreats.net/open/snort-{$emerging_threats_version}/emerging.rules.tar.gz", "{$tmpfname}/{$emergingthreats_filename}"); update_status(gettext('Done downloading Emergingthreats rules file.')); log_error("Emergingthreats rules file update downloaded succsesfully"); @@ -300,7 +300,7 @@ function snort_apply_customizations($snortcfg, $if_real) { return; else { update_status(gettext("Your set of configured rules are being copied...")); - log_error(gettext("Your set of configured rules are being copied...")); + log_error("Your set of configured rules are being copied..."); $enabled_rulesets_array = explode("||", $snortcfg['rulesets']); foreach($enabled_rulesets_array as $enabled_item) { @copy("{$snortdir}/rules/{$enabled_item}", "{$snortdir}/snort_{$snortcfg['uuid']}_{$if_real}/rules/{$enabled_item}"); @@ -398,9 +398,9 @@ if ($snortdownload == 'on' || $emergingthreats == 'on') { if (is_process_running("snort")) { exec("/bin/sh /usr/local/etc/rc.d/snort.sh restart"); update_output_window(gettext("Snort has restarted with your new set of rules...")); - log_error(gettext("Snort has restarted with your new set of rules...")); + log_error("Snort has restarted with your new set of rules..."); } else - log_error(gettext("Snort Rules update finished...")); + log_error("Snort Rules update finished..."); } update_status(gettext("The Rules update finished...")); -- cgit v1.2.3 From 52b44ab8f4781ebf82821fb4f2968aa360b7b87d Mon Sep 17 00:00:00 2001 From: Renato Botelho Date: Tue, 24 Jul 2012 10:28:14 -0300 Subject: Implement gettext() calls on strings --- config/snort/snort_alerts.php | 50 ++++----- config/snort/snort_barnyard.php | 36 +++---- config/snort/snort_blocked.php | 36 +++---- config/snort/snort_define_servers.php | 16 +-- config/snort/snort_download_updates.php | 22 ++-- config/snort/snort_interfaces.php | 54 +++++----- config/snort/snort_interfaces_edit.php | 112 +++++++++---------- config/snort/snort_interfaces_global.php | 94 ++++++++-------- config/snort/snort_interfaces_suppress.php | 22 ++-- config/snort/snort_interfaces_suppress_edit.php | 36 +++---- config/snort/snort_interfaces_whitelist.php | 22 ++-- config/snort/snort_interfaces_whitelist_edit.php | 54 +++++----- config/snort/snort_preprocessors.php | 130 +++++++++++------------ config/snort/snort_rules.php | 22 ++-- config/snort/snort_rulesets.php | 22 ++-- 15 files changed, 360 insertions(+), 368 deletions(-) (limited to 'config') diff --git a/config/snort/snort_alerts.php b/config/snort/snort_alerts.php index 663e7621..e0c2605d 100644 --- a/config/snort/snort_alerts.php +++ b/config/snort/snort_alerts.php @@ -197,11 +197,11 @@ if ($pconfig['arefresh'] == 'on') - - + + - + - + - + @@ -242,16 +242,16 @@ if ($pconfig['arefresh'] == 'on') - +
Last Alert Entries.Latest Alert Entries Are Listed First.
Instance to inspect

Choose which instance alerts you want to inspect. +
Save or Remove Logs - All - log files will be saved. + - Warning: all log files will be deleted. +
Auto Refresh and Log View - Refresh > - Default is ON. + ', '', '', ''); ?> - Enter the number of log entries to view. Default is 250. + ', '', '', ''); ?>
- - - - - - - - - - + + + + + + + + + + - \"Delete\""; + \"Delete\""; } /* IP SRC Port */ $alert_src_p = $fields[7]; @@ -291,7 +291,7 @@ if (file_exists("/var/log/snort/snort_{$if_real}{$snort_uuid}/alert")) { $alert_ip_dst = $fields[8]; if (isset($tmpblocked[$fields[8]])) { $alert_ip_dst .= " - \"Delete\""; + \"Delete\""; } /* IP DST Port */ $alert_dst_p = $fields[9]; @@ -313,7 +313,7 @@ if (file_exists("/var/log/snort/snort_{$if_real}{$snort_uuid}/alert")) { + title='" . gettext("click to add to suppress list") . "'>\n"; diff --git a/config/snort/snort_barnyard.php b/config/snort/snort_barnyard.php index 71d355f9..ccbe3c26 100644 --- a/config/snort/snort_barnyard.php +++ b/config/snort/snort_barnyard.php @@ -162,40 +162,40 @@ function enable_change(enable_change) { @@ -134,11 +134,11 @@ if($pfsense_stable == 'yes'){echo '

' . $pgtitle . '

';}
DatePRIPROTOCLASSSRCSRCPORTDSTDSTPORTSIDDESCRIPTION
{$alert_descr}
- + - + +
+ - + - + +
+ - + - + + @@ -205,9 +205,9 @@ function enable_change(enable_change) { - +
General Barnyard2 - Settings
Enable onClick="enable_change(false)"> - Enable Barnyard2
- This will enable barnyard2 for this interface. You will also have to set the database credentials.
Mysql Settings
Log to a Mysql Database
- Example: output database: alert, mysql, - dbname=snort user=snort host=localhost password=xyz
- Example: output database: log, mysql, dbname=snort user=snort - host=localhost password=xyz
Advanced Settings
Advanced configuration - pass through
- Arguments here will be automatically inserted into the running - barnyard2 configuration.
 
 Note: +
- Please save your settings befor you click start.
diff --git a/config/snort/snort_blocked.php b/config/snort/snort_blocked.php index babb6bea..10d0bb60 100644 --- a/config/snort/snort_blocked.php +++ b/config/snort/snort_blocked.php @@ -153,30 +153,30 @@ if ($pconfig['brefresh'] == 'on') - - + + - + - + @@ -185,9 +185,9 @@ if ($pconfig['brefresh'] == 'on') cellpadding="0" cellspacing="0"> - - - + + +  {$blocked_ip} + \"Delete\"\n"; } diff --git a/config/snort/snort_define_servers.php b/config/snort/snort_define_servers.php index c5328c21..20917d00 100644 --- a/config/snort/snort_define_servers.php +++ b/config/snort/snort_define_servers.php @@ -177,7 +177,7 @@ if ($savemsg) diff --git a/config/snort/snort_interfaces_suppress.php b/config/snort/snort_interfaces_suppress.php index 0efc7fa3..93d3f2dc 100644 --- a/config/snort/snort_interfaces_suppress.php +++ b/config/snort/snort_interfaces_suppress.php @@ -86,8 +86,8 @@ if($pfsense_stable == 'yes'){echo '

' . $pgtitle . '

';} @@ -126,7 +126,7 @@ if($pfsense_stable == 'yes'){echo '

' . $pgtitle . '

';} + width="17" height="17" border="0" title="">
Last - Blocked.This page lists hosts that have - been blocked by Snort.    
Save or Remove Hosts - All - blocked hosts will be saved. Warning: - all hosts will be removed. + +
Auto Refresh and Log View - Refresh > - Default is ON. ', '', '', ''); ?> Enter the - number of blocked entries to view. Default is 500. + size="5" value=""> ', '', '', ''); ?>
#IPAlert DescriptionRemove
 {$blocked_desc} - \"Delete\"
- + $server): @@ -189,18 +189,18 @@ if ($savemsg) $value = htmlspecialchars($pconfig["def_{$key}"]); ?> - + - + $server): @@ -211,12 +211,12 @@ if ($savemsg) $value = htmlspecialchars($pconfig["def_{$key}"]); ?> - + diff --git a/config/snort/snort_download_updates.php b/config/snort/snort_download_updates.php index 90943a30..4c4202a8 100644 --- a/config/snort/snort_download_updates.php +++ b/config/snort/snort_download_updates.php @@ -98,7 +98,7 @@ include_once("head.inc");

- INSTALLED SIGNATURE RULESET
+

SNORT.ORG >>>   
@@ -117,22 +117,22 @@ include_once("head.inc");

- UPDATE YOUR RULES
+

Update Rules    
+

- WARNING:  No rule types have been selected for download. "Global Settings Tab"
'; + ' . gettext("WARNING:") . '  ' . gettext('No rule types have been selected for download. "Global Settings Tab"') . '
'; echo '

' . "\n"; } else { echo ' -
' . "\n"; +
' . "\n"; } @@ -150,17 +150,17 @@ include_once("head.inc");

- VIEW UPDATE LOG
+

Update Log    \n"; + \n"; }else{ echo " - \n"; + \n"; } ?> @@ -178,9 +178,9 @@ include_once("head.inc");

diff --git a/config/snort/snort_interfaces.php b/config/snort/snort_interfaces.php index 67a7257d..1e155e82 100644 --- a/config/snort/snort_interfaces.php +++ b/config/snort/snort_interfaces.php @@ -165,10 +165,10 @@ if ($pfsense_stable == 'yes') if($savemsg) print_info_box_np("{$savemsg}"); else { - print_info_box_np(' - The Snort configuration has changed for one or more interfaces.
- You must apply the changes in order for them to take effect.
- '); + print_info_box_np(gettext( + 'The Snort configuration has changed for one or more interfaces.
' . + 'You must apply the changes in order for them to take effect.
' + )); } } ?> @@ -194,12 +194,12 @@ if ($pfsense_stable == 'yes') cellspacing="0"> - - - - - - + + + + + +
Define Servers
Define
- Default value: ""
Leave - blank for default value. + ""
Define Ports
Define
- Default value: ""
Leave - blank for default value. + ""
- NOTE:  Snort.org and Emergingthreats.net - will go down from time to time. Please be patient. +   
 IfSnortPerformanceBlockBarnyard2Description @@ -248,7 +248,7 @@ if ($pfsense_stable == 'yes') echo " "; + title='" . gettext('click to toggle start/stop snort') . "'>"; } else echo strtoupper("disabled"); ?> @@ -286,7 +286,7 @@ if ($pfsense_stable == 'yes') echo " "; + title='" . gettext('click to toggle start/stop barnyard') . "'>"; } else echo strtoupper("disabled"); ?> @@ -300,7 +300,7 @@ if ($pfsense_stable == 'yes') + width="17" height="17" border="0" title="">
@@ -313,10 +313,10 @@ if ($pfsense_stable == 'yes')
" border="0">" onclick="return confirm('Do you really want to delete the selected Snort Rule?')">
@@ -336,35 +336,35 @@ if ($pfsense_stable == 'yes') -
Note:
- This is the Snort Menu where you can see an over - view of all your interface settings.
- Please edit the Global Settings tab before adding - an interface.
+
+ Snort Menu where you can see an over ' . + 'view of all your interface settings.
' . + 'Please edit the Global Settings tab before adding ' . + 'an interface.'); ?>

- Warning:
- New settings will not take effect until interface restart. +
+

Click on the icon to add a + width="17" height="17" border="0" title=""> icon to add a interface.                                            Click on the icon to start + width="13" height="13" border="0" title=""> icon to start snort and barnyard2.
Click on the icon to edit a + width="17" height="17" border="0" title=""> icon to edit a interface and settings.                       Click on the icon to stop + width="13" height="13" border="0" title=""> icon to stop snort and barnyard2.
Click on the icon to + width="17" height="17" border="0" title=""> icon to delete a interface and settings.
diff --git a/config/snort/snort_interfaces_edit.php b/config/snort/snort_interfaces_edit.php index 1c7f9cfb..f47a055e 100644 --- a/config/snort/snort_interfaces_edit.php +++ b/config/snort/snort_interfaces_edit.php @@ -197,23 +197,23 @@ function enable_change(enable_change) {
- + - + - + +
+

- + +

- + - + - + +
 
 
+  
- + +  
 
+  
- + + - + - + - + - + +
 

  - + - + + - + - + -
General Settings
Enable   -   Enable or Disable\n"; +   " . gettext("Enable or Disable") . "\n"; ?>
Interface
- Choose which interface this rule applies to.
- Hint: in most cases, you'll want to use WAN here.
Description
- You may enter a description here for your - reference (not parsed).
Memory Performance
- Lowmem and ac-bnfa are recommended for low end - systems, Ac: high memory, best performance, ac-std: moderate - memory,high performance, acs: small memory, moderateperformance, - ac-banded: small memory,moderate performance, ac-sparsebands: small - memory, high performance. +
Choose the networks - snort should inspect and whitelist.
Home net
- Choose the home net you will like this rule to - use.
 
Note: Default home - net adds only local networks.
- Hint: Most users add a list of - friendly ips that the firewall cant see.
External net
- Choose the external net you will like this rule - to use.  
Note: Default - external net, networks that are not home net.
- Hint: Most users should leave this - setting at default.
Block offenders onClick="enable_blockoffenders()">
- Checking this option will automatically block hosts that generate a - Snort alert.
Kill states > -
Should firewall states be killed for the blocked ip +
>
Which ip to block -
Which ip extracted from the packet you want to block +
Whitelist
- Choose the whitelist you will like this rule to - use.
 
Note:
 Default - whitelist adds only local networks.
- Note:
 This option will only be used when block offenders is on. +
 

 
+
 
Suppression and filtering
- Choose the suppression or filtering file you - will like this rule to use.
 
Note:
 Default - option disables suppression and filtering.
Checksum checking > -
If ticked checksum checking on snort will be disabled to improve performance. -
Most of this is already done on the firewall/filter level +
> +
>
Send alerts to main - System logs onClick="enable_change(false)">
- Snort will send Alerts to the firewall's system logs.
Arguments here will - be automatically inserted into the snort configuration.
Advanced configuration pass through @@ -431,9 +431,9 @@ function enable_change(enable_change) {
 Note:
+

- Please save your settings before you click start. +
diff --git a/config/snort/snort_interfaces_global.php b/config/snort/snort_interfaces_global.php index 6974a9c3..0642211c 100644 --- a/config/snort/snort_interfaces_global.php +++ b/config/snort/snort_interfaces_global.php @@ -129,30 +129,30 @@ if ($input_errors) 		- + - + - + + - + +
+ - + - + :
+ MB - + +
+ - + + - +
Please Choose The - Type Of Rules You Wish To Download
Install Snort.org rules + ', ''); ?> + target="_blank"> @@ -160,72 +160,72 @@ if ($input_errors)
> - Do NOT Install
> Install - Basic Rules or Premium rules
+ >
         Sign Up for a - Basic Rule Account
+ href="https://www.snort.org/signup" target="_blank">
         Sign Up for Sourcefire VRT Certified Premium - Rules. This Is Highly Recommended
 
- + - + +
Oinkmaster code
Code
- Obtain a snort.org Oinkmaster code and paste here.
Install Emergingthreats - rules' , ''); ?> >
- Emerging Threats is an open source community that produces fastest - moving and diverse Snort Rules.
Update rules - automatically
- Please select the update times for rules.
- Hint: in most cases, every 12 hours is a good choice.
General Settings
Log Directory Size - Limit
+


- Note:
- Available space is MB		 + () + : @@ -233,41 +233,41 @@ if ($input_errors)
> - Enable directory size limit (Default)
> Disable - directory size limit
+> +

- Warning: Nanobsd - should use no more than 10MB of space.
 
- + + 20%
Size in MB MB - Default is 20% of available space.
Remove blocked hosts - every
- Please select the amount of time you would like - hosts to be blocked for.
- Hint: in most cases, 1 hour is a good choice.
Keep snort settings - after deinstall >
- Settings will not be removed during deinstall.
@@ -277,10 +277,10 @@ if ($input_errors)
 Note:
- Changing any settings on this page will affect all - interfaces. Please, double check if your oink code is correct and - the type of snort.org account you hold.
+
- - + + @@ -106,12 +106,12 @@ if($pfsense_stable == 'yes'){echo '

' . $pgtitle . '

';} + width="17" height="17" border="0" title=""> + width="17" height="17" border="0" title="">
File NameDescription
')">
Note: -

Here you can create event filtering and - suppression for your snort package rules.
- Please note that you must restart a running rule so that changes can - take effect.

 +


+

diff --git a/config/snort/snort_interfaces_suppress_edit.php b/config/snort/snort_interfaces_suppress_edit.php index 45f47a46..782b9784 100644 --- a/config/snort/snort_interfaces_suppress_edit.php +++ b/config/snort/snort_interfaces_suppress_edit.php @@ -147,19 +147,19 @@ if ($savemsg) Add the name and description of the file. - Name +
- The list name may only consist of the - characters a-z, A-Z and 0-9. Note: No - Spaces. + + - Description +
- You may enter a description here for your - reference (not parsed). + @@ -167,30 +167,30 @@ if ($savemsg) - +
   NOTE: -   The threshold keyword - is deprecated as of version 2.8.5. Use the event_filter keyword - instead. +   
- Apply suppression or - filters to rules. Valid keywords are 'suppress', 'event_filter' and - 'rate_filter'. + - Example 1; + suppress gen_id 1, sig_id 1852, track by_src, ip 10.1.1.54
- Example 2; event_filter gen_id 1, sig_id 1851, type limit, + event_filter gen_id 1, sig_id 1851, type limit, track by_src, count 1, seconds 60
- Example 3; rate_filter gen_id 135, sig_id 1, track by_src, + rate_filter gen_id 135, sig_id 1, track by_src, count 100, seconds 1, new_action log, timeout 10 -  Advanced pass through +   diff --git a/config/snort/snort_interfaces_whitelist.php b/config/snort/snort_interfaces_whitelist.php index 294deef2..f90cbe1f 100644 --- a/config/snort/snort_interfaces_whitelist.php +++ b/config/snort/snort_interfaces_whitelist.php @@ -124,12 +124,12 @@ if ($savemsg) print_info_box($savemsg); + width="17" height="17" border="0" title=""> ')"> + width="17" height="17" border="0" title=""> @@ -144,7 +144,7 @@ if ($savemsg) print_info_box($savemsg); + width="17" height="17" border="0" title=""> @@ -156,13 +156,13 @@ if ($savemsg) print_info_box($savemsg);
- +
Note: -

Here you can create whitelist files for your - snort package rules.
- Please add all the ips or networks you want to protect against snort - block decisions.
- Remember that the default whitelist only includes local networks.
- Be careful, it is very easy to get locked out of you system.

 +


+
+
+

diff --git a/config/snort/snort_interfaces_whitelist_edit.php b/config/snort/snort_interfaces_whitelist_edit.php index c86f60d3..378530ba 100644 --- a/config/snort/snort_interfaces_whitelist_edit.php +++ b/config/snort/snort_interfaces_whitelist_edit.php @@ -99,10 +99,10 @@ if ($_POST['submit']) { do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); if(strtolower($_POST['name']) == "defaultwhitelist") - $input_errors[] = "Whitelist file names may not be named defaultwhitelist."; + $input_errors[] = gettext("Whitelist file names may not be named defaultwhitelist."); if (is_validwhitelistname($_POST['name']) == false) - $input_errors[] = "Whitelist file name may only consist of the characters a-z, A-Z and 0-9 _. Note: No Spaces. Press Cancel to reset."; + $input_errors[] = gettext("Whitelist file name may only consist of the characters a-z, A-Z and 0-9 _. Note: No Spaces. Press Cancel to reset."); /* check for name conflicts */ foreach ($a_whitelist as $w_list) { @@ -110,14 +110,14 @@ if ($_POST['submit']) { continue; if ($w_list['name'] == $_POST['name']) { - $input_errors[] = "A whitelist file name with this name already exists."; + $input_errors[] = gettext("A whitelist file name with this name already exists."); break; } } if ($_POST['address']) if (!is_alias($_POST['address'])) - $input_errors[] = "A valid alias need to be provided"; + $input_errors[] = gettext("A valid alias need to be provided"); if (!$input_errors) { $w_list = array(); @@ -171,70 +171,68 @@ if ($savemsg) - + - + + + - + + - + - + + - + + - + + - + + - + + - +
Add the name and - description of the file.
Name
- The list name may only consist of the - characters a-z, A-Z and 0-9. Note: No - Spaces.
Description
- You may enter a description here for your - reference (not parsed).
Add auto generated - ips.
WAN IPs /> - Add WAN IPs to the list.
Wan Gateways /> - Add WAN Gateways to the list.
Wan DNS servers /> - Add WAN DNS servers to the list.
Virtual IP Addresses /> - Add Virtual IP Addresses to the list.
VPNs /> - Add VPN Addresses to the list.
Add your own custom - ips.
-
Alias of IP's
+
diff --git a/config/snort/snort_preprocessors.php b/config/snort/snort_preprocessors.php index dc68db3f..dc9ae809 100644 --- a/config/snort/snort_preprocessors.php +++ b/config/snort/snort_preprocessors.php @@ -162,184 +162,178 @@ include_once("head.inc"); - +
+
- + - + + onClick="enable_change(false)"> - + - + + onClick="enable_change(false)"> - + - + - + - + - + - + + - + + - + + - + + - + + - + + - + + - + + - + - + @@ -350,9 +344,9 @@ include_once("head.inc"); - +
 Note: + >
- Rules may be dependent on preprocessors!
- Defaults will be used when there is no user input.
Performance - Statistics
Enable - onClick="enable_change(false)"> Performance Statistics for this - interface.
HTTP Inspect Settings
Enable - onClick="enable_change(false)"> Use HTTP Inspect to - Normalize/Decode and detect HTTP traffic and protocol anomalies.
HTTP server flow depth + value=""> -1 " . + "to 1460 (-1 disables HTTP " . + "inspect, 0 enables all HTTP inspect)"); ?>
-1 - to 1460 (-1 disables HTTP - inspect, 0 enables all HTTP inspect)
- Amount of HTTP server response payload to inspect. Snort's - performance may increase by adjusting this value.
- Setting this value too low may cause false negatives. Values above 0 - are specified in bytes. Default value is 0
+
+ 0"); ?>
Stream5 Settings
Max Queued Bytes + 1024, Maximum is 1073741824 " . + "( default value is 1048576, 0 " . + "means Maximum )"); ?>
- Minimum is 1024, Maximum is 1073741824 - ( default value is 1048576, 0 - means Maximum )
- The number of bytes to be queued for reassembly for TCP sessions in - memory. Default value is 1048576
+ 1048576"); ?>
Max Queued Segs + 2, Maximum is 1073741824 " . + "( default value is 2621, 0 means " . + "Maximum )"); ?>
- Minimum is 2, Maximum is 1073741824 - ( default value is 2621, 0 means - Maximum )
- The number of segments to be queued for reassembly for TCP sessions - in memory. Default value is 2621
+ 2621"); ?>
General Preprocessor - Settings
Enable
- RPC Decode and Back Orifice detector
+ 		onClick="enable_change(false)">
- Normalize/Decode RPC traffic and detects Back Orifice traffic on the - network.
Enable
- FTP and Telnet Normalizer
+ 		onClick="enable_change(false)">
- Normalize/Decode FTP and Telnet traffic and protocol anomalies.
Enable
- SMTP Normalizer
+ 		onClick="enable_change(false)">
- Normalize/Decode POP protocol for enforcement and buffer overflows.
Enable
- SMTP Normalizer
+ 		onClick="enable_change(false)">
- Normalize/Decode IMAP protocol for enforcement and buffer overflows.
Enable
- SMTP Normalizer
+ 		onClick="enable_change(false)">
- Normalize/Decode SMTP protocol for enforcement and buffer overflows.
Enable
- Portscan Detection
+ 		onClick="enable_change(false)">
- Detects various types of portscans and portsweeps.
Enable
- DCE/RPC2 Detection
+ 		onClick="enable_change(false)">
- The DCE/RPC preprocessor detects and decodes SMB and DCE/RPC - traffic.
Enable
- DNS Detection
+ 		onClick="enable_change(false)">
- The DNS preprocessor decodes DNS Response traffic and detects some - vulnerabilities.
Enable
SSL Data
onClick="enable_change(false)">
- SSL data searches for irregularities during SSL protocol exchange +
Enable
Sensitive Data
onClick="enable_change(false)">
- Sensisitive data searches for CC or SS# in data +
 Note: +
- Please save your settings before you click Start.
diff --git a/config/snort/snort_rules.php b/config/snort/snort_rules.php index 768469d1..c8a38ddb 100644 --- a/config/snort/snort_rules.php +++ b/config/snort/snort_rules.php @@ -280,13 +280,13 @@ function popup(url)   - SID - Proto - Source - Port - Destination - Port - Message + + + + + + +   + title='" . gettext("click to toggle enabled/disabled status") . "'> $textse @@ -370,7 +370,7 @@ function popup(url) + title="" width="17" height="17" border="0"> @@ -392,13 +392,13 @@ function popup(url) - Rule Enabled + - Rule Disabled + diff --git a/config/snort/snort_rulesets.php b/config/snort/snort_rulesets.php index 5434470e..cfaa7d18 100644 --- a/config/snort/snort_rulesets.php +++ b/config/snort/snort_rulesets.php @@ -204,8 +204,8 @@ if ($savemsg) { ?> - # The rules directory is empty. /rules
- Please go to the updates page to download/fetch the rules configured. +
+ - Check the rulesets that you would like Snort to load at startup.

+



@@ -231,18 +231,18 @@ if ($savemsg) {   - Enabled - + + - Emerging rules have not been enabled + - Enabled - - Enabled - + + + + - Snort rules have not been enabled +