function snort_copy_rules($files, $snortdir, $snort_uuid, $if_real)
{
if (empty($files)) {
return;
}
conf_mount_rw();
foreach ($files as $file) {
if (!file_exists("{$snortdir}/snort_{$snort_uuid}_{$if_real}/rules/{$file}")) {
@copy("{$snortdir}/rules/{$file}", "{$snortdir}/snort_{$snort_uuid}_{$if_real}/rules/{$file}");
}
if (substr($file, -9) == ".so.rules") {
$slib = substr($enabled_item, 6, -6);
if (!file_exists("{$snortdir}/snort_{$snort_uuid}_{$if_real}/dynamicrules/{$slib}")) {
@copy("/usr/local/lib/snort/dynamicrules/{$file}", "{$snortdir}/snort_{$snort_uuid}_{$if_real}/dynamicrules/{$slib}");
}
}
}
conf_mount_ro();
}
unset($wancfg['mediaopt']);
} else {
$mediaopts = explode(' ', $_POST['mediaopt']);
if ($mediaopts[0] != '') {
$wancfg['media'] = $mediaopts[0];
}
if ($mediaopts[1] != '') {
$wancfg['mediaopt'] = $mediaopts[1];
} else {
unset($wancfg['mediaopt']);
}
}
if (isset($wancfg['wireless'])) {
handle_wireless_post();
}
conf_mount_ro();
write_config();
if (file_exists("{$g['tmp_path']}/.interfaces.apply")) {
$toapplylist = unserialize(file_get_contents("{$g['tmp_path']}/.interfaces.apply"));
} else {
$toapplylist = array();
}
$toapplylist[$if]['ifcfg'] = $old_wancfg;
$toapplylist[$if]['ppps'] = $old_ppps;
file_put_contents("{$g['tmp_path']}/.interfaces.apply", serialize($toapplylist));
mark_subsystem_dirty('interfaces');
/* regenerate cron settings/crontab file */
configure_cron();
header("Location: interfaces.php?if={$if}");
exit;
}
function read_body_firmware($ch, $string)
{
global $fout, $file_size, $downloaded, $counter, $version, $latest_version, $current_installed_pfsense_version;
$length = strlen($string);
$downloaded += intval($length);
$downloadProgress = round(100 * (1 - $downloaded / $file_size), 0);
$downloadProgress = 100 - $downloadProgress;
$a = $file_size;
$b = $downloaded;
$c = $downloadProgress;
$text = " Snort download in progress\\n";
$text .= "----------------------------------------------------\\n";
$text .= " Downloaded : {$b}\\n";
$text .= "----------------------------------------------------\\n";
$counter++;
if ($counter > 150) {
update_output_window($text);
update_progress_bar($downloadProgress);
flush();
$counter = 0;
}
conf_mount_rw();
fwrite($fout, $string);
conf_mount_ro();
return $length;
}
function show_recordings()
{
conf_mount_rw();
safe_mkdir("/etc/phpshellsessions");
if ($recording) {
conf_mount_ro();
}
echo "==> Sessions available for playback are:\n";
system("cd /etc/phpshellsessions && ls /etc/phpshellsessions");
echo "==> end of list.\n";
}
function snort_add_supplist_entry($suppress)
{
/************************************************/
/* Adds the passed entry to the Suppress List */
/* for the active interface. If a Suppress */
/* List is defined for the interface, it is */
/* used. If no list is defined, a new default */
/* list is created using the interface name. */
/* */
/* On Entry: */
/* $suppress --> suppression entry text */
/* */
/* Returns: */
/* TRUE if successful or FALSE on failure */
/************************************************/
global $config, $a_instance, $instanceid;
if (!is_array($config['installedpackages']['snortglobal']['suppress'])) {
$config['installedpackages']['snortglobal']['suppress'] = array();
}
if (!is_array($config['installedpackages']['snortglobal']['suppress']['item'])) {
$config['installedpackages']['snortglobal']['suppress']['item'] = array();
}
$a_suppress =& $config['installedpackages']['snortglobal']['suppress']['item'];
$found_list = false;
/* If no Suppress List is set for the interface, then create one with the interface name */
if (empty($a_instance[$instanceid]['suppresslistname']) || $a_instance[$instanceid]['suppresslistname'] == 'default') {
$s_list = array();
$s_list['uuid'] = uniqid();
$s_list['name'] = $a_instance[$instanceid]['interface'] . "suppress" . "_" . $s_list['uuid'];
$s_list['descr'] = "Auto-generated list for Alert suppression";
$s_list['suppresspassthru'] = base64_encode($suppress);
$a_suppress[] = $s_list;
$a_instance[$instanceid]['suppresslistname'] = $s_list['name'];
$found_list = true;
$list_name = $s_list['name'];
} else {
/* If we get here, a Suppress List is defined for the interface so see if we can find it */
foreach ($a_suppress as $a_id => $alist) {
if ($alist['name'] == $a_instance[$instanceid]['suppresslistname']) {
$found_list = true;
$list_name = $alist['name'];
if (!empty($alist['suppresspassthru'])) {
$tmplist = base64_decode($alist['suppresspassthru']);
$tmplist .= "\n{$suppress}";
$alist['suppresspassthru'] = base64_encode($tmplist);
$a_suppress[$a_id] = $alist;
} else {
$alist['suppresspassthru'] = base64_encode($suppress);
$a_suppress[$a_id] = $alist;
}
}
}
}
/* If we created a new list or updated an existing one, save the change, */
/* tell Snort to load it, and return true; otherwise return false. */
if ($found_list) {
write_config("Snort pkg: modified Suppress List {$list_name}.");
conf_mount_rw();
sync_snort_package_config();
conf_mount_ro();
snort_reload_config($a_instance[$instanceid]);
return true;
} else {
return false;
}
}
function reset_snortgeneralsettingsFunc()
{
conf_mount_rw();
reset_snortgeneralsettings();
conf_mount_ro();
}
function zfszpool_process_updatenotification($mode, $data)
{
global $config;
$retval = 0;
switch ($mode) {
case UPDATENOTIFY_MODE_NEW:
$retval = zfs_zpool_configure($data);
break;
case UPDATENOTIFY_MODE_MODIFIED:
$retval = zfs_zpool_properties($data);
break;
case UPDATENOTIFY_MODE_DIRTY:
$cnid = array_search_ex($data, $config['zfs']['pools']['pool'], "uuid");
if (FALSE !== $cnid) {
zfs_zpool_destroy($data);
unset($config['zfs']['pools']['pool'][$cnid]);
write_config();
// remove existing pool cache
conf_mount_rw();
unlink_if_exists("{$g['cf_path']}/boot/zfs/zpool.cache");
conf_mount_ro();
}
break;
}
return $retval;
}
function write_db($stm, $table, $days)
{
global $postfix_dir, $config, $g;
conf_mount_rw();
$do_sync = array();
print "writing to database...";
foreach ($days as $day) {
if (strlen($stm[$day]) > 10 && is_array($config['installedpackages']['postfixsync']['config'])) {
foreach ($config['installedpackages']['postfixsync']['config'] as $rs) {
foreach ($rs['row'] as $sh) {
$sync_to_ip = $sh['ipaddress'];
$sync_type = $sh['sync_type'];
$password = $sh['password'];
$sql_file = '/var/db/postfix/' . $sync_to_ip . '.sql';
${$sync_to_ip} = "";
if (file_exists($sql_file)) {
${$sync_to_ip} = file_get_contents($sql_file);
}
if ($sync_to_ip && $sync_type == "share") {
${$sync_to_ip} .= serialize(array('day' => $day, 'sql' => base64_encode(gzcompress($stm[$day] . "COMMIT;", 9)))) . "\n";
if (!in_array($sync_to_ip, $do_sync)) {
$do_sync[] = $sync_to_ip;
}
}
}
}
/* Write local db file */
create_db($day . ".db");
if ($debug) {
print "writing to local db {$day}...";
}
$dbhandle = sqlite_open($postfix_dir . $day . ".db", 0666, $error);
if (!$dbhandle) {
die($error);
}
//file_put_contents("/tmp/" . $key . '-' . $update['day'] . ".sql", gzuncompress(base64_decode($update['sql'])), LOCK_EX);
$ok = sqlite_exec($dbhandle, $stm[$day] . "COMMIT;", $error);
if (!$ok) {
print "Cannot execute query. {$error}\n" . $stm[$day] . "COMMIT;\n";
} elseif ($debug) {
print "ok\n";
}
sqlite_close($dbhandle);
}
}
/* Write updated sql files */
if (count($do_sync) > 0) {
foreach ($do_sync as $ip) {
file_put_contents('/var/db/postfix/' . $ip . '.sql', ${$ip}, LOCK_EX);
}
}
conf_mount_ro();
/* Write local file */
}