'on' && $_POST['barnyard_enable'] == "on") { if (empty($_POST['barnyard_syslog_dport']) || !is_numeric($_POST['barnyard_syslog_dport'])) $input_errors[] = gettext("Please provide a valid number between 1 and 65535 for the Syslog Remote Port."); if (empty($_POST['barnyard_syslog_rhost'])) $input_errors[] = gettext("Please provide a valid hostname or IP address for the Syslog Remote Host."); } // Validate inputs if Bro-IDS output enabled if ($_POST['barnyard_bro_ids_enable'] == 'on' && $_POST['barnyard_enable'] == "on") { if (empty($_POST['barnyard_bro_ids_dport']) || !is_numeric($_POST['barnyard_bro_ids_dport'])) $input_errors[] = gettext("Please provide a valid number between 1 and 65535 for the Bro-IDS Remote Port."); if (empty($_POST['barnyard_bro_ids_rhost'])) $input_errors[] = gettext("Please provide a valid hostname or IP address for the Bro-IDS Remote Host."); } // if no errors write to conf if (!$input_errors) { $natent = array(); /* repost the options already in conf */ $natent = $pconfig; $natent['barnyard_enable'] = $_POST['barnyard_enable'] ? 'on' : 'off'; $natent['barnyard_show_year'] = $_POST['barnyard_show_year'] ? 'on' : 'off'; $natent['barnyard_archive_enable'] = $_POST['barnyard_archive_enable'] ? 'on' : 'off'; $natent['barnyard_dump_payload'] = $_POST['barnyard_dump_payload'] ? 'on' : 'off'; $natent['barnyard_obfuscate_ip'] = $_POST['barnyard_obfuscate_ip'] ? 'on' : 'off'; $natent['barnyard_mysql_enable'] = $_POST['barnyard_mysql_enable'] ? 'on' : 'off'; $natent['barnyard_syslog_enable'] = $_POST['barnyard_syslog_enable'] ? 'on' : 'off'; $natent['barnyard_syslog_local'] = $_POST['barnyard_syslog_local'] ? 'on' : 'off'; $natent['barnyard_bro_ids_enable'] = $_POST['barnyard_bro_ids_enable'] ? 'on' : 'off'; $natent['barnyard_disable_sig_ref_tbl'] = $_POST['barnyard_disable_sig_ref_tbl'] ? 'on' : 'off'; $natent['barnyard_syslog_opmode'] = $_POST['barnyard_syslog_opmode']; $natent['barnyard_syslog_proto'] = $_POST['barnyard_syslog_proto']; if ($_POST['barnyard_sensor_id']) $natent['barnyard_sensor_id'] = $_POST['barnyard_sensor_id']; else $natent['barnyard_sensor_id'] = '0'; if ($_POST['barnyard_sensor_name']) $natent['barnyard_sensor_name'] = $_POST['barnyard_sensor_name']; else unset($natent['barnyard_sensor_name']); if ($_POST['barnyard_dbhost']) $natent['barnyard_dbhost'] = $_POST['barnyard_dbhost']; else unset($natent['barnyard_dbhost']); if ($_POST['barnyard_dbname']) $natent['barnyard_dbname'] = $_POST['barnyard_dbname']; else unset($natent['barnyard_dbname']); if ($_POST['barnyard_dbuser']) $natent['barnyard_dbuser'] = $_POST['barnyard_dbuser']; else unset($natent['barnyard_dbuser']); if ($_POST['barnyard_dbpwd']) $natent['barnyard_dbpwd'] = base64_encode($_POST['barnyard_dbpwd']); else unset($natent['barnyard_dbpwd']); if ($_POST['barnyard_syslog_rhost']) $natent['barnyard_syslog_rhost'] = $_POST['barnyard_syslog_rhost']; else unset($natent['barnyard_syslog_rhost']); if ($_POST['barnyard_syslog_dport']) $natent['barnyard_syslog_dport'] = $_POST['barnyard_syslog_dport']; else $natent['barnyard_syslog_dport'] = '514'; if ($_POST['barnyard_syslog_facility']) $natent['barnyard_syslog_facility'] = $_POST['barnyard_syslog_facility']; else $natent['barnyard_syslog_facility'] = 'LOG_USER'; if ($_POST['barnyard_syslog_priority']) $natent['barnyard_syslog_priority'] = $_POST['barnyard_syslog_priority']; else $natent['barnyard_syslog_priority'] = 'LOG_INFO'; if ($_POST['barnyard_bro_ids_rhost']) $natent['barnyard_bro_ids_rhost'] = $_POST['barnyard_bro_ids_rhost']; else unset($natent['barnyard_bro_ids_rhost']); if ($_POST['barnyard_bro_ids_dport']) $natent['barnyard_bro_ids_dport'] = $_POST['barnyard_bro_ids_dport']; else $natent['barnyard_bro_ids_dport'] = '47760'; if ($_POST['barnconfigpassthru']) $natent['barnconfigpassthru'] = base64_encode($_POST['barnconfigpassthru']); else unset($natent['barnconfigpassthru']); $a_nat[$id] = $natent; write_config(); // No need to rebuild rules for Barnyard2 changes $rebuild_rules = false; sync_suricata_package_config(); // If disabling Barnyard2 on the interface, stop any // currently running instance. If an instance is // running, signal it to reload the configuration. // If Barnyard2 is enabled but not running, start it. if ($a_nat[$id]['barnyard_enable'] == "off") { suricata_barnyard_stop($a_nat[$id], get_real_interface($a_nat[$id]['interface'])); } elseif ($a_nat[$id]['barnyard_enable'] == "on") { if (suricata_is_running($a_nat[$id]['uuid'], get_real_interface($a_nat[$id]['interface']), "barnyard2")) suricata_barnyard_reload_config($a_nat[$id], "HUP"); else { // Notify user a Suricata restart is required if enabling Barnyard2 for the first time $savemsg = gettext("NOTE: you must restart Suricata on this interface to activate unified2 logging for Barnyard2."); } } $pconfig = $natent; } else { // We had errors, so save previous field data to prevent retyping $pconfig = $_POST; } } $if_friendly = convert_friendly_interface_to_friendly_descr($a_nat[$id]['interface']); $pgtitle = gettext("Suricata: Interface {$if_friendly} - Barnyard2 Settings"); include_once("head.inc"); ?>