}
// Validate the BOUNCE-TO Alias entries for correct format of their defined values. BOUNCE-TO ADDRESS must be
// a valid single IP, and BOUNCE-TO PORT must be either a single port value or a port range value. Provide
// detailed error messages for the user that explain any problems.
if ($_POST['ftp_client_bounce_to_net'] && $_POST['ftp_client_bounce_to_port']) {
if (!snort_is_single_addr_alias($_POST['ftp_client_bounce_to_net'])) {
$net = trim(filter_expand_alias($_POST['ftp_client_bounce_to_net']));
$net = preg_replace('/\\s+/', ',', $net);
$msg = gettext("The FTP Protocol BOUNCE-TO ADDRESS parameter must be a single IP network or address, ");
$msg .= gettext("so the supplied Alias must be defined as a single address or network in CIDR form. ");
$msg .= gettext("The Alias [ {$_POST['ftp_client_bounce_to_net']} ] is currently defined as [ {$net} ].");
$input_errors[] = $msg;
}
$port = trim(filter_expand_alias($_POST['ftp_client_bounce_to_port']));
$port = preg_replace('/\\s+/', ',', $port);
if (!is_port($port) && !is_portrange($port)) {
$msg = gettext("The FTP Protocol BOUNCE-TO PORT parameter must be a single port or port-range, ");
$msg .= gettext("so the supplied Alias must be defined as a single port or port-range value. ");
$msg .= gettext("The Alias [ {$_POST['ftp_client_bounce_to_port']} ] is currently defined as [ {$port} ].");
$input_errors[] = $msg;
}
}
$engine['bounce_to_net'] = $_POST['ftp_client_bounce_to_net'];
$engine['bounce_to_port'] = $_POST['ftp_client_bounce_to_port'];
$engine['telnet_cmds'] = $_POST['ftp_telnet_cmds'] ? 'yes' : 'no';
$engine['ignore_telnet_erase_cmds'] = $_POST['ftp_ignore_telnet_erase_cmds'] ? 'yes' : 'no';
$engine['bounce'] = $_POST['ftp_client_bounce_detect'] ? 'yes' : 'no';
$engine['max_resp_len'] = $_POST['ftp_max_resp_len'];
/* Can only have one "all" Bind_To address */
if ($engine['bind_to'] == "all" && $engine['name'] != "default") {
$input_errors[] = gettext("Only one default FTP Engine can be bound to all addresses.");
/* item is a normal alias type */
$wrongaliases = "";
$desc_fmt_err_found = false;
for ($x = 0; $x < 4999; $x++) {
if ($_POST["address{$x}"] != "") {
$_POST["address{$x}"] = trim($_POST["address{$x}"]);
if (is_alias($_POST["address{$x}"])) {
if (!alias_same_type($_POST["address{$x}"], $_POST['type'])) {
// But alias type network can include alias type urltable. Feature#1603.
if (!($_POST['type'] == 'network' && preg_match("/urltable/i", alias_get_type($_POST["address{$x}"])))) {
$wrongaliases .= " " . $_POST["address{$x}"];
}
}
} else {
if ($_POST['type'] == "port") {
if (!is_port($_POST["address{$x}"]) && !is_portrange($_POST["address{$x}"])) {
$input_errors[] = $_POST["address{$x}"] . " " . gettext("is not a valid port or alias.");
}
} else {
if ($_POST['type'] == "host" || $_POST['type'] == "network") {
if (is_subnet($_POST["address{$x}"]) || !is_ipaddr($_POST["address{$x}"]) && !is_hostname($_POST["address{$x}"]) && !is_iprange($_POST["address{$x}"])) {
$input_errors[] = sprintf(gettext('%1$s is not a valid %2$s alias.'), $_POST["address{$x}"], $_POST['type']);
}
}
}
}
if (is_iprange($_POST["address{$x}"])) {
list($startip, $endip) = explode('-', $_POST["address{$x}"]);
$rangesubnets = ip_range_to_subnet_array($startip, $endip);
$address = array_merge($address, $rangesubnets);
} else {
}
}
}
}
// Validate the input data expanded above.
foreach ($input_addresses as $idx => $input_address) {
if (is_alias($input_address)) {
if (!alias_same_type($input_address, $_POST['type'])) {
// But alias type network can include alias type urltable. Feature#1603.
if (!($_POST['type'] == 'network' && preg_match("/urltable/i", alias_get_type($input_address)))) {
$wrongaliases .= " " . $input_address;
}
}
} else {
if ($_POST['type'] == "port") {
if (!is_port($input_address) && !is_portrange($input_address)) {
$input_errors[] = $input_address . " " . gettext("is not a valid port or alias.");
}
} else {
if ($_POST['type'] == "host" || $_POST['type'] == "network") {
if (is_subnet($input_address) || !is_ipaddr($input_address) && !is_hostname($input_address)) {
$input_errors[] = sprintf(gettext('%1$s is not a valid %2$s address, FQDN or alias.'), $input_address, $_POST['type']);
}
}
}
}
$tmpaddress = $input_address;
if ($_POST['type'] != "host" && is_ipaddr($input_address) && $input_address_subnet[$idx] != "") {
if (!is_subnet($input_address . "/" . $input_address_subnet[$idx])) {
$input_errors[] = sprintf(gettext('%s/%s is not a valid subnet.'), $input_address, $input_address_subnet[$idx]);
} else {
if ($_POST['sourceport']) {
$_POST['sourceport'] = trim($_POST['sourceport']);
}
if ($_POST['dstport']) {
$_POST['dstport'] = trim($_POST['dstport']);
}
if ($_POST['natport']) {
$_POST['natport'] = trim($_POST['natport']);
}
if ($protocol_uses_ports && $_POST['sourceport'] != "" && !(is_portoralias($_POST['sourceport']) || is_portrange($_POST['sourceport']))) {
$input_errors[] = gettext("A valid port or port alias must be supplied for the source port entry.");
}
if ($protocol_uses_ports && $_POST['dstport'] != "" && !(is_portoralias($_POST['dstport']) || is_portrange($_POST['dstport']))) {
$input_errors[] = gettext("A valid port or port alias must be supplied for the destination port entry.");
}
if ($protocol_uses_ports && $_POST['natport'] != "" && !(is_portoralias($_POST['natport']) || is_portrange($_POST['natport'])) && !isset($_POST['nonat'])) {
$input_errors[] = gettext("A valid port must be supplied for the NAT port entry.");
}
if ($_POST['source_type'] != "any" && $_POST['source_type'] != "(self)") {
if ($_POST['source'] && !is_ipaddroralias($_POST['source']) && $_POST['source'] != "any") {
$input_errors[] = gettext("A valid source must be specified.");
}
}
if ($_POST['source_subnet'] && !is_numericint($_POST['source_subnet'])) {
$input_errors[] = gettext("A valid source bit count must be specified.");
}
if ($_POST['destination_type'] != "any") {
if ($_POST['destination'] && !is_ipaddroralias($_POST['destination'])) {
$input_errors[] = gettext("A valid destination must be specified.");
}
}
$port = trim(filter_expand_alias($v['bounce_to_port']));
if (!empty($net) && !empty($port) && snort_is_single_addr_alias($v['bounce_to_net']) && (is_port($port) || is_portrange($port))) {
$port = preg_replace('/\\s+/', ',', $port);
// Change port range delimiter to comma for ftp_telnet client preprocessor
if (is_portrange($port)) {
$port = str_replace(":", ",", $port);
}
$buffer .= "\tbounce yes \\\n";
$buffer .= "\tbounce_to { {$net},{$port} }\n";
} else {
// One or both of the BOUNCE_TO alias values is not right,
// so figure out which and log an appropriate error.
if (empty($net) || !snort_is_single_addr_alias($v['bounce_to_net'])) {
log_error("[snort] ERROR: illegal value for bounce_to Address Alias [{$v['bounce_to_net']}] for FTP client engine [{$v['name']}] ... omitting 'bounce_to' option for this client engine.");
}
if (empty($port) || !(is_port($port) || is_portrange($port))) {
log_error("[snort] ERROR: illegal value for bounce_to Port Alias [{$v['bounce_to_port']}] for FTP client engine [{$v['name']}] ... omitting 'bounce_to' option for this client engine.");
}
$buffer .= "\tbounce yes\n";
}
} else {
$buffer .= "\tbounce yes\n";
}
} else {
$buffer .= "\tbounce no\n";
}
// Add this FTP client engine to the master string
$ftp_client_engine .= "{$buffer}\n";
}
// Trim final trailing newline
rtrim($ftp_client_engine);
$desc_fmt_err_found = false;
if ($tab == "port") {
$alias_type = $tab;
} else {
$alias_type = "host";
}
foreach ($tocheck as $impline) {
$implinea = explode(" ", trim($impline), 2);
$impip = $implinea[0];
$impdesc = trim($implinea[1]);
if (strlen($impdesc) < 200) {
if (strpos($impdesc, "||") === false && substr($impdesc, 0, 1) != "|" && substr($impdesc, -1, 1) != "|") {
if ($tab == "port") {
// Port alias
if (!empty($impip)) {
if (is_port($impip) || is_portrange($impip)) {
$imported_ips[] = $impip;
$imported_descs[] = $impdesc;
} else {
$input_errors[] = sprintf(gettext("%s is not a valid port or port range."), $impip);
}
}
} else {
// IP alias - host or network
$iprange_type = is_iprange($impip);
if ($iprange_type == 4) {
list($startip, $endip) = explode('-', $impip);
$rangesubnets = ip_range_to_subnet_array($startip, $endip);
$imported_ips = array_merge($imported_ips, $rangesubnets);
$rangedescs = array_fill(0, count($rangesubnets), $impdesc);
$imported_descs = array_merge($imported_descs, $rangedescs);
if ($_POST['targetip']) {
$_POST['targetip'] = trim($_POST['targetip']);
}
if ($_POST['sourceport']) {
$_POST['sourceport'] = trim($_POST['sourceport']);
}
if ($_POST['dstport']) {
$_POST['dstport'] = trim($_POST['dstport']);
}
if ($_POST['natport']) {
$_POST['natport'] = trim($_POST['natport']);
}
if ($protocol_uses_ports && $_POST['sourceport'] != "" && !(is_portoralias($_POST['sourceport']) || is_portrange($_POST['sourceport']))) {
$input_errors[] = gettext("You must supply either a valid port or port alias for the source port entry.");
}
if ($protocol_uses_ports && $_POST['dstport'] != "" && !(is_portoralias($_POST['dstport']) || is_portrange($_POST['dstport']))) {
$input_errors[] = gettext("You must supply either a valid port or port alias for the destination port entry.");
}
if ($protocol_uses_ports && $_POST['natport'] != "" && !is_port($_POST['natport']) && !isset($_POST['nonat'])) {
$input_errors[] = gettext("You must supply a valid port for the NAT port entry.");
}
if ($_POST['source_type'] != "any" && $_POST['source_type'] != "(self)") {
if ($_POST['source'] && !is_ipaddroralias($_POST['source']) && $_POST['source'] != "any") {
$input_errors[] = gettext("A valid source must be specified.");
}
}
if ($_POST['source_subnet'] && !is_numericint($_POST['source_subnet'])) {
$input_errors[] = gettext("A valid source bit count must be specified.");
}
if ($_POST['destination_type'] != "any") {
if ($_POST['destination'] && !is_ipaddroralias($_POST['destination'])) {
}
if ($_POST['type'] == "network") {
if (!is_ipaddr($_POST['address'])) {
$input_errors[] = "Geçerli bir adres tanımlanmaldır.";
}
if (!is_numeric($_POST['address_subnet'])) {
$input_errors[] = "Geçerli bir subnet bit count tanımlanmalıdır.";
}
}
if ($_POST['type'] == "url") {
if (stristr($_POST['address'], "http") == false) {
$input_errors[] = "Bu kaynak için geçerli bir URL sağlamanız gerekir.";
}
}
if ($_POST['type'] == "port") {
if (!is_port($_POST['address']) && !is_portrange($_POST['address'])) {
$input_errors[] = "Lütfen port aralığı içinde geçerlibir port tanımlayınız.";
}
}
/* check for name conflicts */
foreach ($a_aliases as $alias) {
if (isset($id) && $a_aliases[$id] && $a_aliases[$id] === $alias) {
continue;
}
if ($alias['name'] == $_POST['name']) {
$input_errors[] = "Bu takma isimle bir tanımlama mevcuttur.";
break;
}
}
/* check for name interface description conflicts */
foreach ($config['interfaces'] as $interface) {
