. * All rights reserved. * * modified for the pfsense snort package * Copyright (C) 2009-2010 Robert Zelaya. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are met: * * 1. Redistributions of source code must retain the above copyright notice, * this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. */ require_once("guiconfig.inc"); require_once("/usr/local/pkg/snort/snort.inc"); if ($_POST['cancel']) { header("Location: /snort/snort_passlist.php"); exit; } if (!is_array($config['installedpackages']['snortglobal']['whitelist'])) $config['installedpackages']['snortglobal']['whitelist'] = array(); if (!is_array($config['installedpackages']['snortglobal']['whitelist']['item'])) $config['installedpackages']['snortglobal']['whitelist']['item'] = array(); $a_passlist = &$config['installedpackages']['snortglobal']['whitelist']['item']; if (isset($_POST['id']) && is_numericint($_POST['id'])) $id = $_POST['id']; elseif (isset($_GET['id']) && is_numericint($_GET['id'])) $id = htmlspecialchars($_GET['id']); /* Should never be called without identifying list index, so bail */ if (is_null($id)) { header("Location: /snort/snort_interfaces_whitelist.php"); exit; } /* If no entry for this passlist, then create a UUID and treat it like a new list */ if (!isset($a_passlist[$id]['uuid'])) { $passlist_uuid = 0; while ($passlist_uuid > 65535 || $passlist_uuid == 0) { $passlist_uuid = mt_rand(1, 65535); $pconfig['uuid'] = $passlist_uuid; $pconfig['name'] = "passlist_{$passlist_uuid}"; } } else $passlist_uuid = $a_passlist[$id]['uuid']; /* returns true if $name is a valid name for a pass list file name or ip */ function is_validpasslistname($name) { if (!is_string($name)) return false; if (!preg_match("/[^a-zA-Z0-9\_\.\/]/", $name)) return true; return false; } if (isset($id) && $a_passlist[$id]) { /* old settings */ $pconfig = array(); $pconfig['name'] = $a_passlist[$id]['name']; $pconfig['uuid'] = $a_passlist[$id]['uuid']; $pconfig['detail'] = $a_passlist[$id]['detail']; $pconfig['address'] = $a_passlist[$id]['address']; $pconfig['descr'] = html_entity_decode($a_passlist[$id]['descr']); $pconfig['localnets'] = $a_passlist[$id]['localnets']; $pconfig['wanips'] = $a_passlist[$id]['wanips']; $pconfig['wangateips'] = $a_passlist[$id]['wangateips']; $pconfig['wandnsips'] = $a_passlist[$id]['wandnsips']; $pconfig['vips'] = $a_passlist[$id]['vips']; $pconfig['vpnips'] = $a_passlist[$id]['vpnips']; } // Check for returned "selected alias" if action is import if ($_GET['act'] == "import") { if ($_GET['varname'] == "address" && isset($_GET['varvalue'])) $pconfig[$_GET['varname']] = htmlspecialchars($_GET['varvalue']); } if ($_POST['save']) { unset($input_errors); $pconfig = $_POST; /* input validation */ $reqdfields = explode(" ", "name"); $reqdfieldsn = explode(",", "Name"); $pf_version=substr(trim(file_get_contents("/etc/version")),0,3); if ($pf_version < 2.1) $input_errors = eval('do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); return $input_errors;'); else do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if(strtolower($_POST['name']) == "defaultpasslist") $input_errors[] = gettext("Pass List file names may not be named defaultpasslist."); if (is_validpasslistname($_POST['name']) == false) $input_errors[] = gettext("Pass List file name may only consist of the characters \"a-z, A-Z, 0-9 and _\". Note: No Spaces or dashes. Press Cancel to reset."); /* check for name conflicts */ foreach ($a_passlist as $w_list) { if (isset($id) && ($a_passlist[$id]) && ($a_passlist[$id] === $w_list)) continue; if ($w_list['name'] == $_POST['name']) { $input_errors[] = gettext("A Pass List file name with this name already exists."); break; } } if ($_POST['address']) if (!is_alias($_POST['address'])) $input_errors[] = gettext("A valid alias must be provided"); if (!$input_errors) { $w_list = array(); /* post user input */ $w_list['name'] = $_POST['name']; $w_list['uuid'] = $passlist_uuid; $w_list['localnets'] = $_POST['localnets']? 'yes' : 'no'; $w_list['wanips'] = $_POST['wanips']? 'yes' : 'no'; $w_list['wangateips'] = $_POST['wangateips']? 'yes' : 'no'; $w_list['wandnsips'] = $_POST['wandnsips']? 'yes' : 'no'; $w_list['vips'] = $_POST['vips']? 'yes' : 'no'; $w_list['vpnips'] = $_POST['vpnips']? 'yes' : 'no'; $w_list['address'] = $_POST['address']; $w_list['descr'] = mb_convert_encoding($_POST['descr'],"HTML-ENTITIES","auto"); $w_list['detail'] = $final_address_details; if (isset($id) && $a_passlist[$id]) $a_passlist[$id] = $w_list; else $a_passlist[] = $w_list; write_config("Snort pkg: modified PASS LIST {$w_list['name']}."); /* create pass list and homenet file, then sync files */ sync_snort_package_config(); header("Location: /snort/snort_passlist.php"); exit; } } $pgtitle = gettext("Snort: Pass List Edit - {$pconfig['name']}"); include_once("head.inc"); ?>

  

/>
/>
/>
/>
/>
/>
    "/>