From a24a4b892ab43748529285254566ad48b05aed3e Mon Sep 17 00:00:00 2001 From: Scott Ullrich Date: Sat, 9 Dec 2006 19:26:58 +0000 Subject: Add Snort rule activation/deactivation/edit support. Written and submitted by: Scott Dale /snort_download_rules.php - Snort Rulesets + Snort Categories /snort_rulesets.php + + Snort Rules + /snort_rules.php + Snort Blocked /snort_blocked.php diff --git a/packages/snort/snort_advanced.xml b/packages/snort/snort_advanced.xml index c11d40f3..cf29f93d 100644 --- a/packages/snort/snort_advanced.xml +++ b/packages/snort/snort_advanced.xml @@ -13,9 +13,13 @@ /snort_download_rules.php - Snort Rulesets + Snort Categories /snort_rulesets.php + + Snort Rules + /snort_rules.php + Snort Blocked /snort_blocked.php diff --git a/packages/snort/snort_alerts.php b/packages/snort/snort_alerts.php index ca3c8bdd..6455966a 100644 --- a/packages/snort/snort_alerts.php +++ b/packages/snort/snort_alerts.php @@ -62,10 +62,11 @@ include("head.inc"); + + + +

+ + + + + + + + + + +
+ +
+
+ + + + +
+ + + + + + + + + + + + + + Category: "; + + //string for populating category select + $currentruleset = substr($file, 27); + ?> + + + + + "; + $textse = ""; + $iconb = "icon_block_d.gif"; + } + else + { + $textss = $textse = ""; + $iconb = "icon_block.gif"; + } + + $rule_content = explode(' ', $tempstring); + + $protocol = $rule_content[$counter2];//protocol location + $counter2++; + $source = $rule_content[$counter2];//source location + $counter2++; + $source_port = $rule_content[$counter2];//source port location + $counter2 = $counter2+2; + $destination = $rule_content[$counter2];//destination location + $counter2++; + $destination_port = $rule_content[$counter2];//destination port location + + $message = get_middle($tempstring, 'msg:"', '";', 0); + + echo ""; + echo ""; + + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + ?> + +
"; + ?> +
 SIDProtoSourcePortDestinationPortMessage
"; + echo $textss; + ?> + + "; + + + echo ""; + echo $textss; + echo $sid; + echo $textse; + echo ""; + echo $textss; + echo $protocol; + $printcounter++; + echo $textse; + echo ""; + echo $textss; + echo $source; + echo $textse; + echo ""; + echo $textss; + echo $source_port; + echo $textse; + echo ""; + echo $textss; + echo $destination; + echo $textse; + echo ""; + echo $textss; + echo $destination_port; + echo $textse; + echo " + "; + ?> + + + + + +
+
+
+ + + + + + + + + + + + + +
Rule Enabled
Rule Disabled
+

+ +

+
+ + + + + + + + + diff --git a/packages/snort/snort_rules_edit.php b/packages/snort/snort_rules_edit.php new file mode 100644 index 00000000..69c5dfa1 --- /dev/null +++ b/packages/snort/snort_rules_edit.php @@ -0,0 +1,202 @@ + + + + + +

+ + + + + + + +
+ +
+
+ + + + +
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Enabled: >
SID:
Protocol:
Source:
Source Port:
Direction:
Destination:
Destination Port:
Message:
Content:
Classtype:
Revision:
 
   
+
+
+
+ + + + \ No newline at end of file diff --git a/packages/snort/snort_rulesets.php b/packages/snort/snort_rulesets.php index 3d14dce6..885f2a61 100644 --- a/packages/snort/snort_rulesets.php +++ b/packages/snort/snort_rulesets.php @@ -56,7 +56,7 @@ $enabled_rulesets = $config['installedpackages']['snort']['rulesets']; if($enabled_rulesets) $enabled_rulesets_array = split("\|\|", $enabled_rulesets); -$pgtitle = "Snort: Snort Rulesets"; +$pgtitle = "Snort: Categories"; include("head.inc"); ?> @@ -76,8 +76,9 @@ include("head.inc"); "; echo ""; echo ""; - echo "{$file}"; + echo "{$file}"; echo ""; //echo ""; //echo "description"; @@ -144,7 +145,7 @@ include("head.inc"); -

NOTE: You can click on a ruleset name to load the file in the pfSense text editor in a new window/tab. +

NOTE: You can click on a ruleset name to edit the ruleset. diff --git a/packages/snort/snort_whitelist.xml b/packages/snort/snort_whitelist.xml index 1a85c9c8..6845f0cf 100644 --- a/packages/snort/snort_whitelist.xml +++ b/packages/snort/snort_whitelist.xml @@ -15,9 +15,13 @@ /snort_download_rules.php - Snort Rulesets + Snort Categories /snort_rulesets.php + + Snort Rules + /snort_rules.php + Snort Blocked /snort_blocked.php -- cgit v1.2.3