Beispiel #1
0
function directives_select()
{
    $conf = $GLOBALS['CONF'];
    $engine_id = $conf->get_conf('default_engine_id');
    $directive_editor = new Directive_editor($engine_id);
    $dirs = $directive_editor->get_categories();
    $select = "<select id='linkname' name='newlinkname' style='width:300px'>";
    if (is_array($dirs) && count($dirs) > 0) {
        foreach ($dirs as $dir) {
            $dir = $dir['directives'];
            $dir = is_array($dir) ? $dir : array();
            foreach ($dir as $did => $ddata) {
                $name = strlen($ddata['name']) > 60 ? substr($ddata['name'], 0, 57) . "..." : $ddata['name'];
                $select .= "<option value='{$did}' title='" . $ddata['name'] . "'>" . $name;
            }
        }
    } else {
        $select .= "<option value=''>" . _('No items found') . "</option>";
    }
    $select .= "</select>";
    return $select;
}
Beispiel #2
0
require_once 'av_init.php';
Session::logcheck("configuration-menu", "CorrelationDirectives");
$directive_id = GET('directive_id');
$file = GET('file');
$engine_id = GET('engine_id');
$rule = GET('rule');
$mode = GET('mode');
ossim_valid($directive_id, OSS_DIGIT, 'illegal:' . _("Directive ID"));
ossim_valid($file, OSS_ALPHA, OSS_DOT, OSS_SCORE, 'illegal:' . _("XML File"));
ossim_valid($engine_id, OSS_HEX, OSS_SCORE, 'illegal:' . _("Engine ID"));
ossim_valid($rule, OSS_DIGIT, '\\-', OSS_NULLABLE, 'illegal:' . _("Rule ID"));
ossim_valid($mode, OSS_ALPHA, OSS_NULLABLE, 'illegal:' . _("Mode"));
if (ossim_error()) {
    die(ossim_error());
}
$directive_editor = new Directive_editor($engine_id);
$filepath = file_exists($directive_editor->engine_path . "/" . $file) ? $directive_editor->engine_path . "/" . $file : $directive_editor->main_path . "/" . $file;
if (preg_match("/^\\d+-\\d+-\\d+\$/", $rule)) {
    if (GET('mode') == "delete") {
        $dom = $directive_editor->get_xml($filepath, "DOMXML");
        $direct = $directive_editor->getDirectiveFromXML($dom, $directive_id);
        $tab_rules = $direct->rules;
        $directive_editor->delrule($rule, &$tab_rules);
        if (!$directive_editor->save_xml($filepath, $dom, "DOMXML")) {
            echo "<!-- ERRORDELETE -->";
        }
    } elseif (GET('mode') == "copy") {
        $dom = $directive_editor->get_xml($filepath, "DOMXML");
        $direct = $directive_editor->getDirectiveFromXML($dom, $directive_id);
        $tab_rules = $direct->rules;
        list($id_dir, $id_rule, $id_father) = explode("-", $rule);
	<script type="text/javascript">
	var params          = new Array();
	params['xml']       = "<?php 
    echo $xml_file;
    ?>
";
    params['directive'] = "<?php 
    echo $directive_id;
    ?>
";
    params['reload']    = true;
	parent.GB_hide(params);
	</script><?php 
    exit;
}
$directive_editor = new Directive_editor($engine_id);
$rule = $directive_editor->get_rule($directive_id, $xml_file, $rule_id);
$db = new ossim_db();
$conn = $db->connect();
$plugin_list = Plugin::get_list($conn);
if ($plugin_list == "") {
    $plugin_list = array();
}
$plugin_names = array();
$plugin_list_order = array();
foreach ($plugin_list as $plugin) {
    $plugin_names[$plugin->get_id()] = $plugin->get_name();
    $plugin_list_order[strtolower($plugin->get_name()) . ";" . $plugin->get_id()] = $plugin;
    if ($rule->plugin_id == $plugin->get_id()) {
        $plugin_type = $plugin->get_type();
    }
//$fields = explode("_-_", base64_decode("dGltZV9vdXRfLV81MDAwMDEtMi0xXy1fNTAwMDAxXy1fdXNlci54bWxfLV8xMA=="));
$attrib = $fields[0];
$rule = $fields[1];
$dir_id = $fields[2];
$file = $fields[3];
ossim_valid($engine_id, OSS_HEX, '\\-', 'illegal:' . _("Engine ID"));
ossim_valid($rule, OSS_DIGIT, '\\-', 'illegal:' . _("Rule ID"));
ossim_valid($dir_id, OSS_DIGIT, 'illegal:' . _("Directive ID"));
ossim_valid($file, OSS_ALPHA, OSS_PUNC, 'illegal:' . _("File"));
if (ossim_error()) {
    die(ossim_error());
}
$file = "user.xml";
// Force to user.xml as no other can be written
// Get current value
$directive_editor = new Directive_editor($engine_id);
$rule_aux = $directive_editor->get_rule($dir_id, $file, $rule);
$current_value = $rule_aux->{$attrib};
// Timeout
if ($attrib == "time_out") {
    ossim_valid($value, OSS_DIGIT, 'noneNONE', OSS_NULLABLE, 'illegal:' . $attrib);
    if (preg_match("/^none\$/i", $value)) {
        $value = "";
    } elseif ($value != "" && !preg_match("/^none\$/i", $value) && !preg_match("/^\\d+\$/", $value)) {
        $another_error = _("Timeout must have a numeric value or None");
    }
    if ($value == "") {
        $value = "None";
    }
    // Occurrence
} elseif ($attrib == "occurrence") {
Beispiel #5
0
}
if (GET('msg_success') == 1) {
    $msg_success = _("Directive successfully saved");
}
$conf = $GLOBALS["CONF"];
if ($engine_id == "") {
    $engine_id = $conf->get_conf("default_engine_id", false);
}
$found = 0;
// Default engine is not allowed by CTX user perms
if (Session::get_ctx_where() != "" && Session::is_pro() && !Acl::entityAllowed(strtoupper(str_replace("-", "", $engine_id)))) {
    if ($_SESSION['_user_vision']['ctx'] != "") {
        $engine_id = Util::uuid_format($_SESSION['_user_vision']['ctx']);
    }
}
$directive_editor = new Directive_editor($engine_id);
// Default toggle User Contributed
if ($toggled == "") {
    $toggled = "user.xml";
}
if (POST('delete_directive_id') != "") {
    $toggled = POST('file');
    ossim_valid(POST('delete_directive_id'), OSS_DIGIT, 'illegal:' . _("Directive ID"));
    ossim_valid(POST('file'), OSS_ALPHA, OSS_PUNC, 'illegal:' . _("File"));
    if (ossim_error()) {
        die(ossim_error());
    }
    if ($directive_editor->delete_directive(POST('delete_directive_id'), POST('file'))) {
        $msg_success = _("The directive was successfully deleted");
    } else {
        $msg_error = _("Unable to delete this directive");
Beispiel #6
0
	</tr>
	<tr>
		<td colspan="3"></td>
	</tr>
	<tr>
		<td colspan="3" align="center"><input type="button" value="<?php 
echo _('Close');
?>
" onclick="parent.GB_close()"/></td>
	</tr>
</table>

</body>
</html>
<?php 
$directive_editor = new Directive_editor($engine_id);
$conf = $GLOBALS["CONF"];
if (Session::is_pro() && $conf->get_conf("alienvault_mssp", false) == "1" && count($available_engines = $directive_editor->get_available_engines()) > 1) {
    $engines = $available_engines;
} else {
    $engines = array(_MAIN_PATH . "/{$engine_id}" => "Default");
}
$errors = array();
foreach ($engines as $engine_dir => $engine_name) {
    $engine_id = preg_replace("/.*\\/([a-f0-9\\-]+)/", "\\1", $engine_dir);
    if (count($engines) > 1) {
        echo "<script type='text/javascript'>\$('#msg').html('{$engine_name}');</script>";
    }
    $_errors = $directive_editor->test($engine_id);
    foreach ($_errors as $error) {
        $errors[] = $error;
Beispiel #7
0
            params['directive'] = "<?php 
        echo $directive_id;
        ?>
";
            params['reload']    = true;
            params['edited']    = true; //This param is for the greybox in alarm detail

			parent.GB_hide(params);
		</script>
	<?php 
    } else {
        header("Location:wizard_rule.php?level=1&directive_id={$id}&id={$id}-1-0&engine_id={$engine_id}&xml_file={$file}&reloadindex=1&from_directive=1&directive_name={$name}&directive_prio={$prio}&directive_intent={$intent}&directive_strategy={$strategy}&directive_method={$method}");
    }
    exit;
}
$directive_editor = new Directive_editor($engine_id);
if ($directive_id != "") {
    $filepath = $directive_editor->engine_path . "/" . $file;
    $dom = $directive_editor->get_xml($filepath, "DOMXML");
    $directive = $directive_editor->getDirectiveFromXML($dom, $directive_id);
    list($directive_intent, $directive_strategy, $directive_method) = $directive_editor->get_directive_intent($directive_id, "array");
}
$intent_list = $directive_editor->get_intent_list();
$strategy_list = $directive_editor->get_strategy_list();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link type="text/css" rel="stylesheet" href="../style/av_common.css?t=<?php 
echo Util::get_css_id();
?>
*
*
* On Debian GNU/Linux systems, the complete text of the GNU General
* Public License can be found in `/usr/share/common-licenses/GPL-2'.
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck("configuration-menu", "CorrelationDirectives");
$login = Session::get_session_user();
$db = new ossim_db();
$conn = $db->connect();
$action = POST('action');
$data = POST('data');
ossim_valid($action, OSS_DIGIT, 'illegal:' . _('Action'));
if (ossim_error() === TRUE) {
    die(ossim_error());
}
if ($action != '' && isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
    switch ($action) {
        case 1:
            $response = Directive_editor::restart_directives();
            break;
        default:
            $response['error'] = true;
            $response['msg'] = 'Wrong Option Chosen';
    }
    echo json_encode($response);
}
$db->close($conn);
 if (ossim_error()) {
     die(ossim_error());
 }
 // Secondary validation
 if (!Directive_editor::valid_directive_port(POST("port_from")) || !Directive_editor::valid_directive_port(POST("port_from_list"))) {
     $error = TRUE;
     $error_msg[] = _('Invalid source port value');
 }
 if (!Directive_editor::valid_directive_port(POST("port_to")) || !Directive_editor::valid_directive_port(POST("port_to_list"))) {
     $error = TRUE;
     $error_msg[] = _('Invalid destination port value');
 }
 if ($error) {
     die(ossim_error(implode('<br>', $error_msg)));
 }
 $directive_editor = new Directive_editor($engine_id);
 $attributes = array("name" => stripslashes(POST("name")), "plugin_id" => POST("plugin_id"), "type" => POST("type"), "plugin_sid" => POST("plugin_sid"), "product" => POST("product"), "category" => POST("category"), "subcategory" => POST("subcategory"), "entity" => POST("entity"), "from" => POST("from"), "port_from" => POST("port_from"), "to" => POST("to"), "port_to" => POST("port_to"), "from_rep" => POST("from_rep"), "to_rep" => POST("to_rep"), "from_rep_min_pri" => POST("from_rep_min_pri"), "to_rep_min_pri" => POST("to_rep_min_pri"), "from_rep_min_rel" => POST("from_rep_min_rel"), "to_rep_min_rel" => POST("to_rep_min_rel"), "protocol" => $protocol, "sensor" => POST("sensor"), "occurrence" => POST("occurrence"), "time_out" => POST("time_out"), "reliability" => POST("reliability"), "condition" => POST("condition"), "value" => POST("value"), "interval" => POST("interval"), "absolute" => POST("absolute"), "sticky" => POST("sticky"), "sticky_different" => POST("sticky_different"), "userdata1" => utf8_encode(stripslashes(POST("userdata1"))), "userdata2" => utf8_encode(stripslashes(POST("userdata2"))), "userdata3" => utf8_encode(stripslashes(POST("userdata3"))), "userdata4" => utf8_encode(stripslashes(POST("userdata4"))), "userdata5" => utf8_encode(stripslashes(POST("userdata5"))), "userdata6" => utf8_encode(stripslashes(POST("userdata6"))), "userdata7" => utf8_encode(stripslashes(POST("userdata7"))), "userdata8" => utf8_encode(stripslashes(POST("userdata8"))), "userdata9" => utf8_encode(stripslashes(POST("userdata9"))), "filename" => POST("filename"), "username" => utf8_encode(POST("username")), "password" => POST("password"));
 $rule = new Directive_rule(POST('id'), POST('level'), "", $attributes);
 $file = $directive_editor->engine_path . "/" . POST('xml_file');
 $directive_error = false;
 if (POST('from_directive') != "") {
     $dom = $directive_editor->get_xml($file, "DOMXML");
     $node = $dom->createElement('directive');
     $node->setAttribute('id', POST('directive_id'));
     $node->setAttribute('name', POST('directive_name'));
     $node->setAttribute('priority', POST('directive_prio'));
     $dom->appendChild($node);
     if (!$directive_editor->save_xml($file, $dom, "DOMXML", false)) {
         // DTD Validation = false
         $directive_error = true;
     } else {
Beispiel #10
0
function delete_engine($conn, $data)
{
    $id = $data['engine'];
    ossim_valid($id, OSS_HEX, 'illegal:' . _('Engine ID'));
    if (ossim_error()) {
        $info_error = _('Error') . ': ' . ossim_get_error();
        ossim_clean_error();
        $return['error'] = TRUE;
        $return['msg'] = $info_error;
        return $return;
    }
    if ($id == Session::get_default_engine($conn)) {
        $return['error'] = TRUE;
        $return['msg'] = _('It is not allowed to delete the default engine');
        return $return;
    }
    $contexts = Acl::get_contexts_by_engine($conn, $id);
    if (count($contexts) > 0) {
        $return['error'] = TRUE;
        $return['msg'] = _('There are contexts asociated to this engine. You are not allowed to delete this engine');
        return $return;
    }
    Acl::delete_entities($conn, $id);
    Alarm::delete_from_taxonomy($conn, $id);
    $id = Util::uuid_format($id);
    if (is_dir(_MAIN_PATH . "/{$id}")) {
        Directive_editor::remove_engine($id);
    }
    Web_indicator::set_on('Reload_servers');
    $return['error'] = FALSE;
    $return['data'] = '';
    return $return;
}