. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are met: * * 1. Redistributions of source code must retain the above copyright notice, * this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. */ require_once("guiconfig.inc"); require_once("/usr/local/pkg/snort/snort.inc"); /* Define some locally required variables from Snort constants */ $snortdir = SNORTDIR; $snort_rules_upd_log = RULES_UPD_LOGFILE; /* Grab the Snort binary version programmatically and */ /* use it to construct the proper Snort VRT rules */ /* tarball filename. Fallback to a safe default if */ /* we fail. */ $snortver = array(); exec("/usr/local/bin/snort -V 2>&1 |/usr/bin/grep Version | /usr/bin/cut -c20-26", $snortver); if (empty($snortver[0])) $snortver[0] = "2.9.5.5"; $snortver[0] = str_replace(".", "", $snortver[0]); $snort_rules_file = "snortrules-snapshot-{$snortver[0]}.tar.gz"; $snort_community_rules_filename = GPLV2_DNLD_FILENAME; $snortdownload = $config['installedpackages']['snortglobal']['snortdownload']; $emergingthreats = $config['installedpackages']['snortglobal']['emergingthreats']; $etpro = $config['installedpackages']['snortglobal']['emergingthreats_pro']; $snortcommunityrules = $config['installedpackages']['snortglobal']['snortcommunityrules']; /* Get last update information if available */ if (!empty($config['installedpackages']['snortglobal']['last_rule_upd_time'])) $last_rule_upd_time = date('M-d Y H:i', $config['installedpackages']['snortglobal']['last_rule_upd_time']); else $last_rule_upd_time = gettext("Unknown"); if (!empty($config['installedpackages']['snortglobal']['last_rule_upd_status'])) $last_rule_upd_status = htmlspecialchars($config['installedpackages']['snortglobal']['last_rule_upd_status']); else $last_rule_upd_status = gettext("Unknown"); if ($etpro == "on") { $emergingthreats_filename = ETPRO_DNLD_FILENAME; $et_name = "Emerging Threats Pro Rules"; } else { $emergingthreats_filename = ET_DNLD_FILENAME; $et_name = "Emerging Threats Open Rules"; } /* quick md5 chk of downloaded rules */ if ($snortdownload == 'on') { $snort_org_sig_chk_local = 'Not Downloaded'; $snort_org_sig_date = 'Not Downloaded'; } else { $snort_org_sig_chk_local = 'Not Enabled'; $snort_org_sig_date = 'Not Enabled'; } if (file_exists("{$snortdir}/{$snort_rules_file}.md5") && $snortdownload == 'on') { $snort_org_sig_chk_local = file_get_contents("{$snortdir}/{$snort_rules_file}.md5"); $snort_org_sig_date = date(DATE_RFC850, filemtime("{$snortdir}/{$snort_rules_file}.md5")); } if ($etpro == "on" || $emergingthreats == "on") { $emergingt_net_sig_chk_local = 'Not Downloaded'; $emergingt_net_sig_date = 'Not Downloaded'; } else { $emergingt_net_sig_chk_local = 'Not Enabled'; $emergingt_net_sig_date = 'Not Enabled'; } if (file_exists("{$snortdir}/{$emergingthreats_filename}.md5") && ($etpro == "on" || $emergingthreats == "on")) { $emergingt_net_sig_chk_local = file_get_contents("{$snortdir}/{$emergingthreats_filename}.md5"); $emergingt_net_sig_date = date(DATE_RFC850, filemtime("{$snortdir}/{$emergingthreats_filename}.md5")); } if ($snortcommunityrules == 'on') { $snort_community_sig_chk_local = 'Not Downloaded'; $snort_community_sig_sig_date = 'Not Downloaded'; } else { $snort_community_sig_chk_local = 'Not Enabled'; $snort_community_sig_sig_date = 'Not Enabled'; } if (file_exists("{$snortdir}/{$snort_community_rules_filename}.md5") && $snortcommunityrules == 'on') { $snort_community_sig_chk_local = file_get_contents("{$snortdir}/{$snort_community_rules_filename}.md5"); $snort_community_sig_sig_date = date(DATE_RFC850, filemtime("{$snortdir}/{$snort_community_rules_filename}.md5")); } /* Check for postback to see if we should clear the update log file. */ if (isset($_POST['clear'])) { if (file_exists("{$snort_rules_upd_log}")) mwexec("/bin/rm -f {$snort_rules_upd_log}"); } if (isset($_POST['check'])) { header("Location: /snort/snort_download_rules.php"); exit; } if ($_POST['force']) { // Mount file system R/W since we need to remove files conf_mount_rw(); // Remove the existing MD5 signature files to force a download if (file_exists("{$snortdir}/{$emergingthreats_filename}.md5")) @unlink("{$snortdir}/{$emergingthreats_filename}.md5"); if (file_exists("{$snortdir}/{$snort_community_rules_filename}.md5")) @unlink("{$snortdir}/{$snort_community_rules_filename}.md5"); if (file_exists("{$snortdir}/{$snort_rules_file}.md5")) @unlink("{$snortdir}/{$snort_rules_file}.md5"); // Revert file system to R/O. conf_mount_ro(); // Go download the updates header("Location: /snort/snort_download_rules.php"); exit; } /* check for logfile */ $snort_rules_upd_logfile_chk = 'no'; if (file_exists("{$snort_rules_upd_log}")) $snort_rules_upd_logfile_chk = 'yes'; if ($_POST['view']&& $snort_rules_upd_logfile_chk == 'yes') { $contents = @file_get_contents($snort_rules_upd_log); if (empty($contents)) $input_errors[] = gettext("Unable to read log file: {$snort_rules_upd_log}"); } if ($_POST['hide']) $contents = ""; $pgtitle = gettext("Snort: Updates"); include_once("head.inc"); ?>