0) { $btn_view_flowb_rules = " title=\"" . gettext("View flowbit-required rules") . "\""; } else $btn_view_flowb_rules = " disabled"; } else $btn_view_flowb_rules = " disabled"; // If a Snort VRT policy is enabled and selected, remove all Snort VRT // rules from the configured rule sets to allow automatic selection. if ($a_nat[$id]['ips_policy_enable'] == 'on') { if (isset($a_nat[$id]['ips_policy'])) { $disable_vrt_rules = "disabled"; $enabled_sets = explode("||", $a_nat[$id]['rulesets']); foreach ($enabled_sets as $k => $v) { if (substr($v, 0, 6) == "snort_") unset($enabled_sets[$k]); } $a_nat[$id]['rulesets'] = implode("||", $enabled_sets); } } else $disable_vrt_rules = ""; if ($_POST["Submit"]) { if ($_POST['ips_policy_enable'] == "on") { $a_nat[$id]['ips_policy_enable'] = 'on'; $a_nat[$id]['ips_policy'] = $_POST['ips_policy']; } else { $a_nat[$id]['ips_policy_enable'] = 'off'; unset($a_nat[$id]['ips_policy']); } $enabled_items = ""; if (is_array($_POST['toenable'])) $enabled_items = implode("||", $_POST['toenable']); else $enabled_items = $_POST['toenable']; $a_nat[$id]['rulesets'] = $enabled_items; if ($_POST['autoflowbits'] == "on") $a_nat[$id]['autoflowbitrules'] = 'on'; else { $a_nat[$id]['autoflowbitrules'] = 'off'; if (file_exists("{$snortdir}/snort_{$snort_uuid}_{$if_real}/rules/{$flowbit_rules_file}")) @unlink("{$snortdir}/snort_{$snort_uuid}_{$if_real}/rules/{$flowbit_rules_file}"); } write_config(); /*************************************************/ /* Update the snort conf file and rebuild the */ /* rules for this interface. */ /*************************************************/ $rebuild_rules = true; snort_generate_conf($a_nat[$id]); $rebuild_rules = false; /* Soft-restart Snort to live-load new rules */ snort_reload_config($a_nat[$id]); header("Location: /snort/snort_rulesets.php?id=$id"); exit; } if ($_POST['unselectall']) { $a_nat[$id]['rulesets'] = ""; if ($_POST['ips_policy_enable'] == "on") { $a_nat[$id]['ips_policy_enable'] = 'on'; $a_nat[$id]['ips_policy'] = $_POST['ips_policy']; } else { $a_nat[$id]['ips_policy_enable'] = 'off'; unset($a_nat[$id]['ips_policy']); } write_config(); sync_snort_package_config(); header("Location: /snort/snort_rulesets.php?id=$id"); exit; } if ($_POST['selectall']) { $rulesets = array(); if ($_POST['ips_policy_enable'] == "on") { $a_nat[$id]['ips_policy_enable'] = 'on'; $a_nat[$id]['ips_policy'] = $_POST['ips_policy']; } else { $a_nat[$id]['ips_policy_enable'] = 'off'; unset($a_nat[$id]['ips_policy']); } if ($emergingdownload == 'on') { $files = glob("{$snortdir}/rules/" . ET_OPEN_FILE_PREFIX . "*.rules"); foreach ($files as $file) $rulesets[] = basename($file); } elseif ($etpro == 'on') { $files = glob("{$snortdir}/rules/" . ET_PRO_FILE_PREFIX . "*.rules"); foreach ($files as $file) $rulesets[] = basename($file); } if ($snortcommunitydownload == 'on') { $files = glob("{$snortdir}/rules/" . GPL_FILE_PREFIX . "community.rules"); foreach ($files as $file) $rulesets[] = basename($file); } /* Include the Snort VRT rules only if enabled and no IPS policy is set */ if ($snortdownload == 'on' && $a_nat[$id]['ips_policy_enable'] == 'off') { $files = glob("{$snortdir}/rules/" . VRT_FILE_PREFIX . "*.rules"); foreach ($files as $file) $rulesets[] = basename($file); } $a_nat[$id]['rulesets'] = implode("||", $rulesets); write_config(); sync_snort_package_config(); header("Location: /snort/snort_rulesets.php?id=$id"); exit; } $enabled_rulesets_array = explode("||", $a_nat[$id]['rulesets']); $if_friendly = snort_get_friendly_interface($pconfig['interface']); $pgtitle = gettext("Snort: Interface {$if_friendly} - Categories"); include_once("head.inc"); ?> ' . $pgtitle . '

';} /* Display message */ if ($input_errors) { print_input_errors($input_errors); // TODO: add checks } if ($savemsg) { print_info_box($savemsg); } ?>
'; echo '
'; $menu_iface=($if_friendly?substr($if_friendly,0,5)." ":"Iface "); $tab_array = array(); $tab_array[] = array($menu_iface . gettext("Settings"), false, "/snort/snort_interfaces_edit.php?id={$id}"); $tab_array[] = array($menu_iface . gettext("Categories"), true, "/snort/snort_rulesets.php?id={$id}"); $tab_array[] = array($menu_iface . gettext("Rules"), false, "/snort/snort_rules.php?id={$id}"); $tab_array[] = array($menu_iface . gettext("Variables"), false, "/snort/snort_define_servers.php?id={$id}"); $tab_array[] = array($menu_iface . gettext("Preprocessors"), false, "/snort/snort_preprocessors.php?id={$id}"); $tab_array[] = array($menu_iface . gettext("Barnyard2"), false, "/snort/snort_barnyard.php?id={$id}"); display_top_tabs($tab_array); ?>

',$snortdir,''); ?>

' . gettext("Updates") . '' . gettext(" tab to download the rules configured on the ") . '' . gettext("Global") . '' . gettext(" tab."); ?>
\n"; if (!empty($emergingrules[$j])) { $file = $emergingrules[$j]; echo "\n"; echo "\n"; } else echo "\n"; if (!empty($snortrules[$j])) { $file = $snortrules[$j]; echo "\n"; echo "\n"; } else echo "\n"; if (!empty($snortsorules[$j])) { $file = $snortsorules[$j]; echo "\n"; echo "\n"; } else echo "\n"; echo "\n"; } ?>

/>   
 
/>   
  " . gettext("Note: ") . "" . gettext("Auto-enabled rules generating unwanted alerts should have their GID:SID added to the Suppression List for the interface."); ?>

onClick="enable_change()"/>  
  " . gettext("Note: ") . "" . gettext("You must be using the Snort VRT rules to use this option."); ?>
  
 

"/> "/> "/>
/>
"; if(is_array($enabled_rulesets_array)) { if(in_array($file, $enabled_rulesets_array)) $CHECKED = " checked=\"checked\""; else $CHECKED = ""; } else $CHECKED = ""; echo " \n\n"; echo "\n"; if (empty($CHECKED)) echo $file; else echo "{$file}\n"; echo "
"; if(is_array($enabled_rulesets_array)) { if (!empty($disable_vrt_rules)) $CHECKED = $disable_vrt_rules; elseif(in_array($file, $enabled_rulesets_array)) $CHECKED = " checked=\"checked\""; else $CHECKED = ""; } else $CHECKED = ""; echo " \n\n"; echo "\n"; if (empty($CHECKED) || $CHECKED == "disabled") echo $file; else echo "{$file}\n"; echo "
"; if(is_array($enabled_rulesets_array)) { if (!empty($disable_vrt_rules)) $CHECKED = $disable_vrt_rules; elseif(in_array($file, $enabled_rulesets_array)) $CHECKED = " checked=\"checked\""; else $CHECKED = ""; } else $CHECKED = ""; echo " \n\n"; echo "\n"; echo $file; echo "
 
"/>