. * Copyright (C) 2003-2004 Manuel Kasper . * Copyright (C) 2006 Scott Ullrich * Copyright (C) 2009 Robert Zelaya Sr. Developer * Copyright (C) 2012 Ermal Luci * All rights reserved. * * Adapted for Suricata by: * Copyright (C) 2014 Bill Meeks * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are met: * 1. Redistributions of source code must retain the above copyright notice, * this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. */ require_once("guiconfig.inc"); require_once("/usr/local/pkg/suricata/suricata.inc"); /* Define some locally required variables from Suricata constants */ $suricatadir = SURICATADIR; $suricata_rules_upd_log = RULES_UPD_LOGFILE; $snortdownload = $config['installedpackages']['suricata']['config'][0]['enable_vrt_rules']; $emergingthreats = $config['installedpackages']['suricata']['config'][0]['enable_etopen_rules']; $etpro = $config['installedpackages']['suricata']['config'][0]['enable_etpro_rules']; $snortcommunityrules = $config['installedpackages']['suricata']['config'][0]['snortcommunityrules']; /* Get last update information if available */ if (!empty($config['installedpackages']['suricata']['config'][0]['last_rule_upd_time'])) $last_rule_upd_time = date('M-d Y H:i', $config['installedpackages']['suricata']['config'][0]['last_rule_upd_time']); else $last_rule_upd_time = gettext("Unknown"); if (!empty($config['installedpackages']['suricata']['config'][0]['last_rule_upd_status'])) $last_rule_upd_status = htmlspecialchars($config['installedpackages']['suricata']['config'][0]['last_rule_upd_status']); else $last_rule_upd_status = gettext("Unknown"); $snort_rules_file = VRT_DNLD_FILENAME; $snort_community_rules_filename = GPLV2_DNLD_FILENAME; if ($etpro == "on") { $emergingthreats_filename = ETPRO_DNLD_FILENAME; $et_name = "Emerging Threats Pro Rules"; } else { $emergingthreats_filename = ET_DNLD_FILENAME; $et_name = "Emerging Threats Open Rules"; } /* quick md5 chk of downloaded rules */ if ($snortdownload == 'on') { $snort_org_sig_chk_local = 'Not Downloaded'; $snort_org_sig_date = 'Not Downloaded'; } else { $snort_org_sig_chk_local = 'Not Enabled'; $snort_org_sig_date = 'Not Enabled'; } if (file_exists("{$suricatadir}{$snort_rules_file}.md5")){ $snort_org_sig_chk_local = file_get_contents("{$suricatadir}{$snort_rules_file}.md5"); $snort_org_sig_date = date(DATE_RFC850, filemtime("{$suricatadir}{$snort_rules_file}.md5")); } if ($etpro == "on" || $emergingthreats == "on") { $emergingt_net_sig_chk_local = 'Not Downloaded'; $emergingt_net_sig_date = 'Not Downloaded'; } else { $emergingt_net_sig_chk_local = 'Not Enabled'; $emergingt_net_sig_date = 'Not Enabled'; } if (file_exists("{$suricatadir}{$emergingthreats_filename}.md5")) { $emergingt_net_sig_chk_local = file_get_contents("{$suricatadir}{$emergingthreats_filename}.md5"); $emergingt_net_sig_date = date(DATE_RFC850, filemtime("{$suricatadir}{$emergingthreats_filename}.md5")); } if ($snortcommunityrules == 'on') { $snort_community_sig_chk_local = 'Not Downloaded'; $snort_community_sig_sig_date = 'Not Downloaded'; } else { $snort_community_sig_chk_local = 'Not Enabled'; $snort_community_sig_sig_date = 'Not Enabled'; } if (file_exists("{$suricatadir}{$snort_community_rules_filename}.md5")) { $snort_community_sig_chk_local = file_get_contents("{$suricatadir}{$snort_community_rules_filename}.md5"); $snort_community_sig_sig_date = date(DATE_RFC850, filemtime("{$suricatadir}{$snort_community_rules_filename}.md5")); } /* Check for postback to see if we should clear the update log file. */ if ($_POST['clear']) { if (file_exists("{$suricata_rules_upd_log}")) mwexec("/bin/rm -f {$suricata_rules_upd_log}"); } if ($_POST['check']) { // Go see if new updates for rule sets are available header("Location: /suricata/suricata_download_rules.php"); exit; } if ($_POST['force']) { // Mount file system R/W since we need to remove files conf_mount_rw(); // Remove the existing MD5 signature files to force a download if (file_exists("{$suricatadir}{$emergingthreats_filename}.md5")) @unlink("{$suricatadir}{$emergingthreats_filename}.md5"); if (file_exists("{$suricatadir}{$snort_community_rules_filename}.md5")) @unlink("{$suricatadir}{$snort_community_rules_filename}.md5"); if (file_exists("{$suricatadir}{$snort_rules_file}.md5")) @unlink("{$suricatadir}{$snort_rules_file}.md5"); // Revert file system to R/O. conf_mount_ro(); // Go download the updates header("Location: /suricata/suricata_download_rules.php"); exit; } /* check for logfile */ if (file_exists("{$suricata_rules_upd_log}")) $suricata_rules_upd_log_chk = 'yes'; else $suricata_rules_upd_log_chk = 'no'; if ($_POST['view']&& $suricata_rules_upd_log_chk == 'yes') { $contents = @file_get_contents($suricata_rules_upd_log); if (empty($contents)) $input_errors[] = gettext("Unable to read log file: {$suricata_rules_upd_log}"); } if ($_POST['hide']) $contents = ""; $pgtitle = gettext("Suricata: Update Rules Set Files"); include_once("head.inc"); ?>

Snort VRT Rules
Snort GPLv2 Community Rules


    

  Global Settings Tab' . gettext(' to select rule types.'); ?>


" name="check" id="check" class="formbtn" title=""/>     " name="force" id="force" class="formbtn" title="" onclick="return confirm('');"/>


" name="hide" id="hide" class="formbtn" title=""/> " name="view" id="view" class="formbtn" title=""/>      " name="clear" id="clear" class="formbtn" title="" onClick="return confirm('Are you sure you want to delete the log contents?\nOK to confirm, or CANCEL to quit');"/>







 " . gettext(" and ") . "" . gettext("EmergingThreats.net") . "" . gettext(" will go down from time to time. Please be patient."); ?>