From e042d18d244832f0c6fa3ce44c175346eb5bef6b Mon Sep 17 00:00:00 2001 From: robiscool Date: Fri, 22 Jul 2011 11:43:29 -0700 Subject: snort-dev, jQuery update call backs, update rule db tab --- config/snort-dev/javascript/snort_globalsend.js | 6 +- config/snort-dev/snort_download_rules.inc | 1 + config/snort-dev/snort_interfaces_edit.php | 10 +- config/snort-dev/snort_interfaces_rules.php | 143 ++++++++++++++++------- config/snort-dev/snort_interfaces_rules_edit.php | 120 +++++++++++++------ config/snort-dev/snort_json_post.php | 35 ++---- config/snort-dev/snort_new.inc | 25 ++++ 7 files changed, 230 insertions(+), 110 deletions(-) (limited to 'config') diff --git a/config/snort-dev/javascript/snort_globalsend.js b/config/snort-dev/javascript/snort_globalsend.js index a613dd46..07416a74 100644 --- a/config/snort-dev/javascript/snort_globalsend.js +++ b/config/snort-dev/javascript/snort_globalsend.js @@ -143,7 +143,7 @@ jQuery(document).ready(function() { this.css("top", 70 + "px"); this.css("left", ((jQuery(window).width() - this.outerWidth()) / 2) + jQuery(window).scrollLeft() + "px"); return this; - } + }; //--------------------------- START select all code --------------------------- @@ -372,8 +372,8 @@ jQuery(document).ready(function() { // Clean up Waiting code finnish(); - if (data.snortUnhideTabs === 'true'){ - jQuery('.hide_newtabmenu').show(); + if (data.snortMiscTabCall === 'true'){ + jQuery.fn.miscTabCall(); // call tab misc functions } if (data.snortreset) {location.reload();} // hard refresh diff --git a/config/snort-dev/snort_download_rules.inc b/config/snort-dev/snort_download_rules.inc index df292a94..e6a22477 100644 --- a/config/snort-dev/snort_download_rules.inc +++ b/config/snort-dev/snort_download_rules.inc @@ -206,6 +206,7 @@ function reapplyRuleSettings_run($sidRule_array) // sed -i '' "s/^# \(.*sid:1225;.*\)/\1/" /usr/local/etc/snort/snortDBrules/DB/RAjFYOrC04D6/rules/snort_x11.rules // disable a sid // sed -i '' "s/^\(alert.*sid:1225;.*\)/# \1/" /usr/local/etc/snort/snortDBrules/DB/RAjFYOrC04D6/rules/snort_x11.rules + // grep "^alert.*sid:.*;" rules/emerging-worm.rules | grep -oh "\w*sid:[0-9][^*;]\w*" | awk -F: '{print $2}' } diff --git a/config/snort-dev/snort_interfaces_edit.php b/config/snort-dev/snort_interfaces_edit.php index a501aa34..7d710fe5 100644 --- a/config/snort-dev/snort_interfaces_edit.php +++ b/config/snort-dev/snort_interfaces_edit.php @@ -90,6 +90,12 @@ if (!is_array($a_suppresslist)) { // start a jQuery sand box jQuery(document).ready(function() { + // misc call after a good save + jQuery.fn.miscTabCall = function () { + jQuery('.hide_newtabmenu').show(); + jQuery('#interface').attr("disabled", true); + }; + // START disable option for snort_interfaces_edit.php endis = !(jQuery('input[name=enable]:checked').val()); @@ -229,7 +235,7 @@ jQuery(document).ready(function() { Interface - - +
- +
- +
- - - - - - - - - - - - - - - - - + +
File NameDescription
-   - - - - - - -
- - - - -
-
- - - - - -
 
-
+ + + -
File NameDescription
-
+ + + + + +
+ + + + + + + + + + + + + '; + }else{ + $deleteObject = ''; + } + ?> + + + + + + + + + + +
Default + Default rule database  + + + + + + +
+ + + +
+
+   + + + + + + +
+ + + +
+
+ + + + + + + +
 
+ + @@ -178,8 +228,11 @@ $a_rules = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'All', ''); Note:

- Here you can create rule databases that can be used on multiple interfaces.
- Please note that you must restart a running rule so that changes can take effect.
+ Here you can create rule databases that can be used on multiple interfaces.

+ + Please note that you must restart a running rule so that changes can take effect.

+ + You may only delete rule databases that are not asigned to an interface.

diff --git a/config/snort-dev/snort_interfaces_rules_edit.php b/config/snort-dev/snort_interfaces_rules_edit.php index 6fa1c60d..6cc7dbb0 100644 --- a/config/snort-dev/snort_interfaces_rules_edit.php +++ b/config/snort-dev/snort_interfaces_rules_edit.php @@ -45,11 +45,6 @@ require_once("guiconfig.inc"); require_once("/usr/local/pkg/snort/snort_new.inc"); require_once("/usr/local/pkg/snort/snort_gui.inc"); -// set page vars -if (isset($_GET['uuid'])) { - $uuid = $_GET['uuid']; -} - if (isset($_GET['rdbuuid'])) { $rdbuuid = $_GET['rdbuuid']; }else{ @@ -57,33 +52,88 @@ if (isset($_GET['rdbuuid'])) { $rdbuuid = $ruledbname_pre1['ruledbname']; } -$a_list = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'uuid', $rdbuuid); +if ($rdbuuid !== 'default') { + $a_list = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'uuid', $rdbuuid); + + // $a_list returns empty use defaults + if ($a_list == '') { + + $a_list = array( + 'id' => '', + 'date' => date(U), + 'uuid' => $rdbuuid, + 'ruledbname' => '', + 'description' => '' + + ); + + } -// $a_list returns empty use defaults -if ($a_list == '') -{ - - $a_list = array( - 'id' => '', - 'date' => date(U), - 'uuid' => $rdbuuid, - 'ruledbnamename' => '', - 'description' => '' +} + +if ($rdbuuid === 'default') { + + // $a_list returns empty use defaults + if ($a_list == '') { + + $a_list = array( + 'id' => '1', + 'date' => date(U), + 'uuid' => $rdbuuid, + 'ruledbname' => 'default', + 'description' => 'Default database' + + ); + + } - ); - } +if ( !empty($a_list['id']) ) { + $disabled = 'disabled="disabled"'; +}else{ + $disabled = ''; +} +if ( $rdbuuid === 'default' ) { + $disabled_ckbox = 'disabled="disabled"'; +}else{ + $disabled_ckbox = ''; +} $pgtitle = 'Services: Snort: Rules: Edit: ' . $rdbuuid; include('/usr/local/pkg/snort/snort_head.inc'); ?> - - + + + + @@ -134,7 +184,7 @@ if ($a_list == '')
@@ -162,26 +212,18 @@ if ($a_list == '') - - - - - + @@ -197,10 +239,16 @@ if ($a_list == '')
Add the name and description of the rule DB
RuleDB -   - "> -   Enable or Disable -
Name -
+ />
The list name may only consist of the characters a-z, A-Z and 0-9. Note: No Spaces.
Description -
+ />
You may enter a description here for your reference (not parsed).
- - - - + + + + + '; + } + ?> diff --git a/config/snort-dev/snort_json_post.php b/config/snort-dev/snort_json_post.php index 986493b5..359dd23a 100644 --- a/config/snort-dev/snort_json_post.php +++ b/config/snort-dev/snort_json_post.php @@ -54,7 +54,7 @@ if(isset($_POST['__csrf_magic'])) { function snortJsonReturnCode($returnStatus) { if ($returnStatus == true) { - echo '{"snortgeneralsettings":"success","snortUnhideTabs":"true"}'; + echo '{"snortgeneralsettings":"success","snortMiscTabCall":"true"}'; return true; }else{ echo '{"snortgeneralsettings":"fail"}'; @@ -250,29 +250,16 @@ if ($_POST['snortSaveSettings'] == 1) { * make dir for the new iface, if iface exists or rule dir has changed redo soft link * may need to move this as a func to new_snort.inc */ - - $newSnortDir = 'sn_' . $_POST['uuid']; - $pathToSnortDir = '/usr/local/etc/snort'; - - // creat iface dir and ifcae rules dir - if (!is_dir("{$pathToSnortDir}/{$newSnortDir}")) { - createNewIfaceDir($pathToSnortDir, $newSnortDir); - } //end of mkdir - - // change the rule path - if (is_dir("{$pathToSnortDir}/{$newSnortDir}")) { - - $snortCurrentRuleDbName = snortSql_fetchAllSettings('snortDB', 'snortIfaces', 'uuid', $_POST['uuid']); - - if ($_POST['ruledbname'] !== $snortCurrentRuleDbName['ruledbname'] || !file_exists("{$pathToSnortDir}/{$newSnortDir}/rules")) { - - // NOTE: use full paths or link rm will not work, Freebsd love - exec("/bin/rm {$pathToSnortDir}/{$newSnortDir}/rules"); - exec("/bin/ln -s /usr/local/etc/snort/snortDBrules/DB/{$_POST['ruledbname']}/rules {$pathToSnortDir}/{$newSnortDir}/rules"); - - } - - } + $newSnortDir = 'sn_' . $_POST['uuid']; + $pathToSnortDir = '/usr/local/etc/snort'; + + // creat iface dir and ifcae rules dir + if (!is_dir("{$pathToSnortDir}/{$newSnortDir}")) { + createNewIfaceDir($pathToSnortDir, $newSnortDir); + } //end of mkdir + + snortRulesCreateSoftlink(); + } SnortIfaces_Snort_Interfaces_edit(); diff --git a/config/snort-dev/snort_new.inc b/config/snort-dev/snort_new.inc index ffc88348..bba9b93d 100644 --- a/config/snort-dev/snort_new.inc +++ b/config/snort-dev/snort_new.inc @@ -61,6 +61,31 @@ if (file_exists('/usr/local/pkg/snort/snortDBtemp')) { exec('/bin/cp /usr/local/pkg/snort/snortDBtemp /var/snort/snortDBtemp'); } +/* +* make dir for the new iface, if iface exists or rule dir has changed redo soft link +*/ +function snortRulesCreateSoftlink() +{ + $newSnortDir = 'sn_' . $_POST['uuid']; + $pathToSnortDir = '/usr/local/etc/snort'; + + // change the rule path + if (is_dir("{$pathToSnortDir}/{$newSnortDir}")) { + + $snortCurrentRuleDbName = snortSql_fetchAllSettings('snortDB', 'snortIfaces', 'uuid', $_POST['uuid']); + + if ($_POST['ruledbname'] !== $snortCurrentRuleDbName['ruledbname'] || !file_exists("{$pathToSnortDir}/{$newSnortDir}/rules")) { + + // NOTE: use full paths or link rm will not work, Freebsd love + exec("/bin/rm {$pathToSnortDir}/{$newSnortDir}/rules"); + exec("/bin/ln -s /usr/local/etc/snort/snortDBrules/DB/{$_POST['ruledbname']}/rules {$pathToSnortDir}/{$newSnortDir}/rules"); + + } + + } +} + + // Wites selected sig to file function snortSidStringRuleEditGUI() { -- cgit v1.2.3