<?php /* * snort_passlist_edit.php * Copyright (C) 2004 Scott Ullrich * Copyright (C) 2011-2012 Ermal Luci * Copyright (C) 2015 Bill Meeks * All rights reserved. * * originially part of m0n0wall (http://m0n0.ch/wall) * Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>. * All rights reserved. * * modified for the pfsense snort package * Copyright (C) 2009-2010 Robert Zelaya. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are met: * * 1. Redistributions of source code must retain the above copyright notice, * this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. */ require_once("guiconfig.inc"); require_once("/usr/local/pkg/snort/snort.inc"); $pconfig = array(); if ($_POST['cancel']) { header("Location: /snort/snort_passlist.php"); exit; } if (!is_array($config['installedpackages']['snortglobal']['whitelist'])) $config['installedpackages']['snortglobal']['whitelist'] = array(); if (!is_array($config['installedpackages']['snortglobal']['whitelist']['item'])) $config['installedpackages']['snortglobal']['whitelist']['item'] = array(); $a_passlist = &$config['installedpackages']['snortglobal']['whitelist']['item']; if (isset($_POST['id']) && is_numericint($_POST['id'])) $id = $_POST['id']; elseif (isset($_GET['id']) && is_numericint($_GET['id'])) { $id = htmlspecialchars($_GET['id']); } /* Should never be called without identifying list index, so bail */ if (is_null($id)) { header("Location: /snort/snort_passlist.php"); exit; } if (isset($id) && isset($a_passlist[$id])) { /* Retrieve saved settings */ $pconfig['name'] = $a_passlist[$id]['name']; $pconfig['uuid'] = $a_passlist[$id]['uuid']; $pconfig['address'] = $a_passlist[$id]['address']; $pconfig['descr'] = html_entity_decode($a_passlist[$id]['descr']); $pconfig['localnets'] = $a_passlist[$id]['localnets']; // $pconfig['wanips'] = $a_passlist[$id]['wanips']; $pconfig['wangateips'] = $a_passlist[$id]['wangateips']; $pconfig['wandnsips'] = $a_passlist[$id]['wandnsips']; $pconfig['vips'] = $a_passlist[$id]['vips']; $pconfig['vpnips'] = $a_passlist[$id]['vpnips']; } // Check for returned "selected alias" if action is import if ($_GET['act'] == "import") { // Retrieve previously typed values we passed to SELECT ALIAS page $pconfig['name'] = htmlspecialchars($_GET['name']); $pconfig['uuid'] = htmlspecialchars($_GET['uuid']); $pconfig['address'] = htmlspecialchars($_GET['address']); $pconfig['descr'] = htmlspecialchars($_GET['descr']); $pconfig['localnets'] = htmlspecialchars($_GET['localnets'])? 'yes' : 'no'; // $pconfig['wanips'] = htmlspecialchars($_GET['wanips'])? 'yes' : 'no'; $pconfig['wangateips'] = htmlspecialchars($_GET['wangateips'])? 'yes' : 'no'; $pconfig['wandnsips'] = htmlspecialchars($_GET['wandnsips'])? 'yes' : 'no'; $pconfig['vips'] = htmlspecialchars($_GET['vips'])? 'yes' : 'no'; $pconfig['vpnips'] = htmlspecialchars($_GET['vpnips'])? 'yes' : 'no'; // Now retrieve the "selected alias" returned from SELECT ALIAS page if ($_GET['varname'] == "address" && isset($_GET['varvalue'])) $pconfig[$_GET['varname']] = htmlspecialchars($_GET['varvalue']); } /* If no entry for this passlist, then create a UUID and treat it like a new list */ if (!isset($a_passlist[$id]['uuid']) && empty($pconfig['uuid'])) { $passlist_uuid = 0; while ($passlist_uuid > 65535 || $passlist_uuid == 0) { $passlist_uuid = mt_rand(1, 65535); $pconfig['uuid'] = $passlist_uuid; $pconfig['name'] = "passlist_{$passlist_uuid}"; } } elseif (!empty($pconfig['uuid'])) { $passlist_uuid = $pconfig['uuid']; } else $passlist_uuid = $a_passlist[$id]['uuid']; /* returns true if $name is a valid name for a pass list file name or ip */ function is_validpasslistname($name) { if (!is_string($name)) return false; if (!preg_match("/[^a-zA-Z0-9\_\.\/]/", $name)) return true; return false; } if ($_POST['save']) { unset($input_errors); $pconfig = $_POST; /* input validation */ $reqdfields = explode(" ", "name"); $reqdfieldsn = explode(",", "Name"); $pf_version=substr(trim(file_get_contents("/etc/version")),0,3); if ($pf_version < 2.1) $input_errors = eval('do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); return $input_errors;'); else do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if(strtolower($_POST['name']) == "defaultpasslist") $input_errors[] = gettext("Pass List file names may not be named defaultpasslist."); if (is_validpasslistname($_POST['name']) == false) $input_errors[] = gettext("Pass List file name may only consist of the characters \"a-z, A-Z, 0-9 and _\". Note: No Spaces or dashes. Press Cancel to reset."); /* check for name conflicts */ foreach ($a_passlist as $p_list) { if (isset($id) && ($a_passlist[$id]) && ($a_passlist[$id] === $p_list)) continue; if ($p_list['name'] == $_POST['name']) { $input_errors[] = gettext("A Pass List file name with this name already exists."); break; } } if ($_POST['address']) { if (!is_alias($_POST['address'])) $input_errors[] = gettext("A valid alias must be provided."); if (is_alias($_POST['address']) && trim(filter_expand_alias($_POST['address'])) == "") $input_errors[] = gettext("FQDN aliases are not supported in Snort."); } if (!$input_errors) { $p_list = array(); /* post user input */ $p_list['name'] = $_POST['name']; $p_list['uuid'] = $passlist_uuid; $p_list['localnets'] = $_POST['localnets']? 'yes' : 'no'; // $p_list['wanips'] = $_POST['wanips']? 'yes' : 'no'; $p_list['wangateips'] = $_POST['wangateips']? 'yes' : 'no'; $p_list['wandnsips'] = $_POST['wandnsips']? 'yes' : 'no'; $p_list['vips'] = $_POST['vips']? 'yes' : 'no'; $p_list['vpnips'] = $_POST['vpnips']? 'yes' : 'no'; $p_list['address'] = $_POST['address']; $p_list['descr'] = mb_convert_encoding($_POST['descr'],"HTML-ENTITIES","auto"); if (isset($id) && $a_passlist[$id]) $a_passlist[$id] = $p_list; else $a_passlist[] = $p_list; write_config("Snort pkg: modified PASS LIST {$p_list['name']}."); /* create pass list and homenet file, then sync files */ conf_mount_rw(); sync_snort_package_config(); conf_mount_ro(); header("Location: /snort/snort_passlist.php"); exit; } } $pgtitle = gettext("Snort: Pass List Edit - {$pconfig['name']}"); include_once("head.inc"); ?> <body link="#0000CC" vlink="#0000CC" alink="#0000CC" > <?php include("fbegin.inc"); if ($input_errors) print_input_errors($input_errors); if ($savemsg) print_info_box($savemsg); ?> <script type="text/javascript" src="/javascript/autosuggest.js"> </script> <script type="text/javascript" src="/javascript/suggestions.js"> </script> <form action="snort_passlist_edit.php" method="post" name="iform" id="iform"> <input name="id" type="hidden" value="<?=$id;?>" /> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr><td> <?php $tab_array = array(); $tab_array[0] = array(gettext("Snort Interfaces"), false, "/snort/snort_interfaces.php"); $tab_array[1] = array(gettext("Global Settings"), false, "/snort/snort_interfaces_global.php"); $tab_array[2] = array(gettext("Updates"), false, "/snort/snort_download_updates.php"); $tab_array[3] = array(gettext("Alerts"), false, "/snort/snort_alerts.php"); $tab_array[4] = array(gettext("Blocked"), false, "/snort/snort_blocked.php"); $tab_array[5] = array(gettext("Pass Lists"), true, "/snort/snort_passlist.php"); $tab_array[6] = array(gettext("Suppress"), false, "/snort/snort_interfaces_suppress.php"); $tab_array[7] = array(gettext("IP Lists"), false, "/snort/snort_ip_list_mgmt.php"); $tab_array[8] = array(gettext("SID Mgmt"), false, "/snort/snort_sid_mgmt.php"); $tab_array[9] = array(gettext("Log Mgmt"), false, "/snort/snort_log_mgmt.php"); $tab_array[10] = array(gettext("Sync"), false, "/pkg_edit.php?xml=snort/snort_sync.xml"); display_top_tabs($tab_array,true); ?> </td> </tr> <tr><td><div id="mainarea"> <table id="maintable" class="tabcont" width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> <td colspan="2" valign="top" class="listtopic"><?php echo gettext("Add the name and " . "description of the file."); ?></td> </tr> <tr> <td valign="top" class="vncellreq"><?php echo gettext("Name"); ?></td> <td class="vtable"><input name="name" type="text" id="name" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['name']);?>" /> <br /> <span class="vexpl"> <?php echo gettext("The list name may only consist of the " . "characters \"a-z, A-Z, 0-9 and _\"."); ?> <span class="red"><?php echo gettext("Note:"); ?> </span> <?php echo gettext("No Spaces or dashes."); ?> </span></td> </tr> <tr> <td width="22%" valign="top" class="vncell"><?php echo gettext("Description"); ?></td> <td width="78%" class="vtable"><input name="descr" type="text" class="formfld unknown" id="descr" size="40" value="<?=$pconfig['descr'];?>" /> <br /> <span class="vexpl"> <?php echo gettext("You may enter a description here for your " . "reference (not parsed)."); ?> </span></td> </tr> <tr> <td colspan="2" valign="top" class="listtopic"><?php echo gettext("Add auto-generated IP Addresses."); ?></td> </tr> <tr> <td width="22%" valign="top" class="vncell"><?php echo gettext("Local Networks"); ?></td> <td width="78%" class="vtable"><input name="localnets" type="checkbox" id="localnets" size="40" value="yes" <?php if($pconfig['localnets'] == 'yes'){ echo "checked";} if($pconfig['localnets'] == ''){ echo "checked";} ?> /> <span class="vexpl"> <?php echo gettext("Add firewall Local Networks to the list (excluding WAN)."); ?> </span></td> </tr> <tr> <td width="22%" valign="top" class="vncell"><?php echo gettext("WAN Gateways"); ?></td> <td width="78%" class="vtable"><input name="wangateips" type="checkbox" id="wangateips" size="40" value="yes" <?php if($pconfig['wangateips'] == 'yes'){ echo "checked";} if($pconfig['wangateips'] == ''){ echo "checked";} ?> /> <span class="vexpl"> <?php echo gettext("Add WAN Gateways to the list."); ?> </span></td> </tr> <tr> <td width="22%" valign="top" class="vncell"><?php echo gettext("WAN DNS servers"); ?></td> <td width="78%" class="vtable"><input name="wandnsips" type="checkbox" id="wandnsips" size="40" value="yes" <?php if($pconfig['wandnsips'] == 'yes'){ echo "checked";} if($pconfig['wandnsips'] == ''){ echo "checked";} ?> /> <span class="vexpl"> <?php echo gettext("Add WAN DNS servers to the list."); ?> </span></td> </tr> <tr> <td width="22%" valign="top" class="vncell"><?php echo gettext("Virtual IP Addresses"); ?></td> <td width="78%" class="vtable"><input name="vips" type="checkbox" id="vips" size="40" value="yes" <?php if($pconfig['vips'] == 'yes'){ echo "checked";} if($pconfig['vips'] == ''){ echo "checked";} ?> /> <span class="vexpl"> <?php echo gettext("Add Virtual IP Addresses to the list."); ?> </span></td> </tr> <tr> <td width="22%" valign="top" class="vncell"><?php echo gettext("VPNs"); ?></td> <td width="78%" class="vtable"><input name="vpnips" type="checkbox" id="vpnips" size="40" value="yes" <?php if($pconfig['vpnips'] == 'yes'){ echo "checked";} if($pconfig['vpnips'] == ''){ echo "checked";} ?> /> <span class="vexpl"> <?php echo gettext("Add VPN Addresses to the list."); ?> </span></td> </tr> <tr> <td colspan="2" valign="top" class="listtopic"><?php echo gettext("Add custom IP Addresses from configured Aliases."); ?></td> </tr> <tr> <td width="22%" valign="top" class="vncell"> <?php echo gettext("Assigned Aliases:"); ?> </td> <td width="78%" class="vtable"> <input autocomplete="off" name="address" type="text" class="formfldalias" id="address" size="30" value="<?=htmlspecialchars($pconfig['address']);?>" title="<?=trim(filter_expand_alias($pconfig['address']));?>"/> <input type="button" class="formbtns" value="Aliases" onclick="selectAlias();" title="<?php echo gettext("Select an existing IP alias");?>"/> </td> </tr> <tr> <td width="22%" valign="top"> </td> <td width="78%"> <input id="save" name="save" type="submit" class="formbtn" value="Save" /> <input id="cancel" name="cancel" type="submit" class="formbtn" value="Cancel" /> </td> </tr> </table> </div> </td></tr> </table> </form> <script type="text/javascript"> <?php $isfirst = 0; $aliases = ""; $addrisfirst = 0; $aliasesaddr = ""; if(isset($config['aliases']['alias']) && is_array($config['aliases']['alias'])) foreach($config['aliases']['alias'] as $alias_name) { if ($alias_name['type'] != "host" && $alias_name['type'] != "network") continue; if($addrisfirst == 1) $aliasesaddr .= ","; $aliasesaddr .= "'" . $alias_name['name'] . "'"; $addrisfirst = 1; } ?> var addressarray=new Array(<?php echo $aliasesaddr; ?>); function createAutoSuggest() { <?php echo "objAlias = new AutoSuggestControl(document.getElementById('address'), new StateSuggestions(addressarray));\n"; ?> } setTimeout("createAutoSuggest();", 500); function selectAlias() { var loc; var fields = [ "name", "descr", "localnets", "wanips", "wangateips", "wandnsips", "vips", "vpnips", "address" ]; // Scrape current form field values and add to // the select alias URL as a query string. var loc = 'snort_select_alias.php?id=<?=$id;?>&act=import&type=host|network'; loc = loc + '&varname=address&multi_ip=yes'; loc = loc + '&returl=<?=urlencode($_SERVER['PHP_SELF']);?>'; loc = loc + '&uuid=<?=$passlist_uuid;?>'; // Iterate over just the specific form fields we want to pass to // the select alias URL. fields.forEach(function(entry) { var tmp = $(entry).serialize(); if (tmp.length > 0) loc = loc + '&' + tmp; }); window.parent.location = loc; } </script> <?php include("fend.inc"); ?> </body> </html>