. * Copyright (C) 2003-2004 Manuel Kasper . * Copyright (C) 2006 Scott Ullrich * Copyright (C) 2009 Robert Zelaya Sr. Developer * Copyright (C) 2012 Ermal Luci * All rights reserved. * * Adapted for Suricata by: * Copyright (C) 2014 Bill Meeks * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are met: * 1. Redistributions of source code must retain the above copyright notice, * this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. */ require_once("guiconfig.inc"); require_once("/usr/local/pkg/suricata/suricata.inc"); global $g, $config, $rebuild_rules; $suricatadir = SURICATADIR; $pconfig = array(); // Grab saved settings from configuration if (!is_array($config['installedpackages']['suricata']['rule'])) $config['installedpackages']['suricata']['rule'] = array(); $a_nat = &$config['installedpackages']['suricata']['rule']; $pconfig['auto_manage_sids'] = $config['installedpackages']['suricata']['config'][0]['auto_manage_sids']; // Hard-code the path where SID Mods Lists are stored // and disregard any user-supplied path element. $sidmods_path = SID_MODS_PATH; // Set default to not show SID modification lists editor controls $sidmodlist_edit_style = "display: none;"; if (!empty($_POST)) $pconfig = $_POST; function suricata_is_sidmodslist_active($sidlist) { /***************************************************** * This function checks all the configured Suricata * * interfaces to see if the passed SID Mods List is * * used by an interface. * * * * Returns: TRUE if List is in use * * FALSE if List is not in use * *****************************************************/ global $g, $config; if (!is_array($config['installedpackages']['suricata']['rule'])) return FALSE; foreach ($config['installedpackages']['suricata']['rule'] as $rule) { if ($rule['enable_sid_file'] == $sidlist) { return TRUE; } if ($rule['disable_sid_file'] == $sidlist) { return TRUE; } if ($rule['modify_sid_file'] == $sidlist) { return TRUE; } } return FALSE; } if (isset($_POST['upload'])) { if ($_FILES["sidmods_fileup"]["error"] == UPLOAD_ERR_OK) { $tmp_name = $_FILES["sidmods_fileup"]["tmp_name"]; $name = basename($_FILES["sidmods_fileup"]["name"]); move_uploaded_file($tmp_name, "{$sidmods_path}{$name}"); } else $input_errors[] = gettext("Failed to upload file {$_FILES["sidmods_fileup"]["name"]}"); } if (isset($_POST['sidlist_delete']) && isset($_POST['sidlist_fname'])) { if (!suricata_is_sidmodslist_active(basename($_POST['sidlist_fname']))) unlink_if_exists($sidmods_path . basename($_POST['sidlist_fname'])); else $input_errors[] = gettext("This SID Mods List is currently assigned to an interface and cannot be deleted."); } if (isset($_POST['sidlist_edit']) && isset($_POST['sidlist_fname'])) { $file = $sidmods_path . basename($_POST['sidlist_fname']); $data = file_get_contents($file); if ($data !== FALSE) { $sidmodlist_data = htmlspecialchars($data); $sidmodlist_edit_style = "display: table-row-group;"; $sidmodlist_name = basename($_POST['sidlist_fname']); unset($data); } else { $input_errors[] = gettext("An error occurred reading the file."); } } if (isset($_POST['save']) && isset($_POST['sidlist_data'])) { if (strlen(basename($_POST['sidlist_name'])) > 0) { $file = $sidmods_path . basename($_POST['sidlist_name']); $data = str_replace("\r\n", "\n", $_POST['sidlist_data']); file_put_contents($file, $data); unset($data); } else { $input_errors[] = gettext("You must provide a valid filename for the SID Mods List."); $sidmodlist_edit_style = "display: table-row-group;"; } } if (isset($_POST['save_auto_sid_conf'])) { $config['installedpackages']['suricata']['config'][0]['auto_manage_sids'] = $pconfig['auto_manage_sids'] ? "on" : "off"; // Grab the SID Mods config for the interfaces from the form's controls array foreach ($_POST['sid_state_order'] as $k => $v) { $a_nat[$k]['sid_state_order'] = $v; } foreach ($_POST['enable_sid_file'] as $k => $v) { if ($v == "None") { unset($a_nat[$k]['enable_sid_file']); continue; } $a_nat[$k]['enable_sid_file'] = $v; } foreach ($_POST['disable_sid_file'] as $k => $v) { if ($v == "None") { unset($a_nat[$k]['disable_sid_file']); continue; } $a_nat[$k]['disable_sid_file'] = $v; } foreach ($_POST['modify_sid_file'] as $k => $v) { if ($v == "None") { unset($a_nat[$k]['modify_sid_file']); continue; } $a_nat[$k]['modify_sid_file'] = $v; } // Write the new configuration write_config("Suricata pkg: updated automatic SID management settings."); $intf_msg = ""; // If any interfaces were marked for restart, then do it if (is_array($_POST['torestart'])) { foreach ($_POST['torestart'] as $k) { // Update the suricata.yaml file and // rebuild rules for this interface. $rebuild_rules = true; conf_mount_rw(); suricata_generate_yaml($a_nat[$k]); conf_mount_ro(); $rebuild_rules = false; // Signal Suricata to "live reload" the rules suricata_reload_config($a_nat[$k]); $intf_msg .= convert_friendly_interface_to_friendly_descr($a_nat[$k]['interface']) . ", "; } $savemsg = gettext("Changes were applied to these interfaces: " . trim($intf_msg, ' ,') . " and Suricata signaled to live-load the new rules."); } } if (isset($_POST['sidlist_dnload']) && isset($_POST['sidlist_fname'])) { $file = $sidmods_path . basename($_POST['sidlist_fname']); if (file_exists($file)) { ob_start(); //important or other posts will fail if (isset($_SERVER['HTTPS'])) { header('Pragma: '); header('Cache-Control: '); } else { header("Pragma: private"); header("Cache-Control: private, must-revalidate"); } header("Content-Type: application/octet-stream"); header("Content-length: " . filesize($file)); header("Content-disposition: attachment; filename = " . basename($file)); ob_end_clean(); //important or other post will fail readfile($file); } else $savemsg = gettext("Unable to locate the file specified!"); } if (isset($_POST['sidlist_dnload_all_x'])) { $save_date = exec('/bin/date "+%Y-%m-%d-%H-%M-%S"'); $file_name = "suricata_sid_conf_files_{$save_date}.tar.gz"; exec("cd {$sidmods_path} && /usr/bin/tar -czf /tmp/{$file_name} *"); if (file_exists("/tmp/{$file_name}")) { ob_start(); //important or other posts will fail if (isset($_SERVER['HTTPS'])) { header('Pragma: '); header('Cache-Control: '); } else { header("Pragma: private"); header("Cache-Control: private, must-revalidate"); } header("Content-Type: application/octet-stream"); header("Content-length: " . filesize("/tmp/{$file_name}")); header("Content-disposition: attachment; filename = {$file_name}"); ob_end_clean(); //important or other post will fail readfile("/tmp/{$file_name}"); // Clean up the temp file @unlink("/tmp/{$file_name}"); } else $savemsg = gettext("An error occurred while creating the gzip archive!"); } // Get all files in the SID Mods Lists sub-directory as an array // Leave this as the last thing before spewing the page HTML // so we can pick up any changes made to files in code above. $sidmodfiles = return_dir_as_array($sidmods_path); $sidmodselections = array_merge(Array( "None" ), $sidmodfiles); $pgtitle = gettext("Suricata: SID Management"); include_once("head.inc"); ?>
onclick="enable_sid_conf();" /> " . gettext("Not Checked") . "";?>.

');" src="../themes//images/icons/icon_x.gif" width="17" height="17" border="0" title=""/>
 
  " title="" />   " onClick="document.getElementById('sidlist_editor').style.display='none';" title="" />
 





    
    
    
    
    
$natent): ?>
" />
 
" title="" />