echo ossim_error();
echo "<rows>\n<page>1</page>\n<total>0</total>\n</rows>\n";
exit;
}
if (!empty($order)) {
if ($order == 'order') {
$order = "policy_group.order";
}
$order .= POST('sortorder') == "asc" ? "" : " desc";
} else {
$order = "policy_group.order";
}
$total = 0;
$start = ($page - 1) * $rp;
$limit = "LIMIT {$start}, {$rp}";
$policygroup_list = Policy_group::get_list($conn, '', " and policy_group.id <> UNHEX('00000000000000000000000000000000') ORDER BY {$order} {$limit}");
if ($policygroup_list[0]) {
$total = $policygroup_list[0]->get_foundrows();
if ($total == 0) {
$total = count($policygroup_list);
}
}
$xml = "";
$xml .= "<rows>\n";
$xml .= "<page>{$page}</page>\n";
$xml .= "<total>{$total}</total>\n";
foreach ($policygroup_list as $policygrp) {
$id = $policygrp->get_group_id();
$xml .= "<row id='{$id}'>";
$xml .= "<cell><![CDATA[" . $policygrp->get_order() . "]]></cell>";
$pgname = $policygrp->get_name();
</h1>
<?php
require_once 'classes/Security.inc';
$id = POST('id');
$name = POST('name');
$descr = POST('descr');
ossim_valid($id, OSS_DIGIT, 'illegal:' . _("Policy group id"));
ossim_valid($name, OSS_ALPHA, OSS_PUNC, OSS_SPACE, 'illegal:' . _("Policy group name"));
ossim_valid($descr, OSS_ALPHA, OSS_PUNC, OSS_SPACE, OSS_NULLABLE, 'illegal:' . _("Description"));
if (ossim_error()) {
die(ossim_error());
}
if (POST('insert')) {
require_once 'ossim_db.inc';
require_once 'classes/Policy_group.inc';
$db = new ossim_db();
$conn = $db->connect();
Policy_group::update($conn, $id, $name, $descr);
$db->close($conn);
}
?>
<p> <?php
echo gettext("Policy group succesfully updated");
?>
</p>
<script>document.location.href="policygroup.php"</script>
</body>
</html>
$ctx = GET("ctx") != "" ? GET("ctx") : $_SESSION['policy_ctx'];
$reorder = GET("reorder");
if (empty($ctx)) {
$ctx = $ctx_prev;
}
ossim_valid($ctx, OSS_HEX, 'illegal:' . _("ctx"));
ossim_valid($reorder, OSS_DIGIT, OSS_NULLABLE, 'illegal:' . _("Policy Option"));
if (ossim_error()) {
die(ossim_error());
}
$_SESSION['policy_ctx'] = $ctx;
$conf = $GLOBALS["CONF"];
$server_logger_if_priority = is_null($conf->get_conf("server_logger_if_priority", false)) ? 0 : $conf->get_conf("server_logger_if_priority");
$engines = Session::get_engines_by_ctx($conn, $ctx);
if ($reorder) {
Policy_group::reassing_orders($conn, $ctx);
Policy::reassing_orders($conn, $ctx);
foreach ($engines as $engine) {
Policy::reassing_orders($conn, $engine);
}
}
//Retrieving the policy groups, for ctx and engines
$groups_ctx = Policy::get_policy_groups($conn, $ctx);
$groups_engine = array();
foreach ($engines as $engine) {
$aux_groups = Policy::get_policy_groups($conn, $engine, true);
$groups_engine = array_merge($groups_engine, $aux_groups);
}
$refresh = "";
$default = array("active" => array(_('Status'), 30, 'true', 'center', false), "order" => array(_('Ord'), 30, 'true', 'center', false), "descr" => array(_('Name'), 130, 'true', 'left', false), "source" => array(' <b>' . _('Source') . '</b> <img src="../pixmaps/tables/bullet_prev.png" border=0 align=absmiddle>', 150, 'false', 'left', false), "dest" => array(' <b>' . _('Destination') . '</b> <img src="../pixmaps/tables/bullet_next.png" border=0 align=absmiddle>', 150, 'false', 'left', false), "port_source" => array(_('Source Port'), 75, 'false', 'center', false), "port_dest" => array(_('Dest Port'), 70, 'false', 'center', false), "plugin_group" => array(_('Event Types'), 90, 'false', 'center', false), "sensors" => array(_('Sensors'), 80, 'false', 'center', false), "time_range" => array(_('Time Range'), 150, 'false', 'center', false), "targets" => array(_('Targets'), 70, 'false', 'center', false), "SIM" => array(_('SIEM'), 25, 'false', 'center', false), "priority" => array(_('Set Priority'), 40, 'true', 'center', false), "qualify" => array(_('Risk Assessment'), 30, 'false', 'center', false), "correlate" => array(_('Logical Correlation'), 30, 'false', 'center', false), "cross correlate" => array(_('Cross-correlation'), 30, 'false', 'center', false), "store" => array(_('SQL Storage'), 30, 'false', 'center', false), "SEM" => array(_('Logger'), 25, 'false', 'center', false), "Sign" => array(_('Sign'), 25, 'false', 'center', false), "resend_events" => array(_('R. Events'), 30, 'false', 'center', false));
$def_eng_layout = $default;
<td class="left nobborder"><span><?php
echo _("Policy Group");
?>
: *</span></td>
<td class="left nobborder">
<select name="group" style="width:200px" id="groups" onchange="">
<?php
if ($group == "0") {
?>
<option value='0' selected="selected"><?php
echo _("Default Policy Group");
?>
</option>
<?php
} else {
$name = Policy_group::get_name_by_id($conn, $group);
echo "<option value='{$group}' selected='selected'>{$name}</option>";
}
?>
</select>
</td>
</tr>
</table>
</td>
</tr>
</table>
</div>
<div id='policy_resume'>
if (ossim_error()) {
die(ossim_error());
}
//Policygroup Variables
$name = '';
$ctx = '';
$ctx_name = _('Select an Entity');
$descr = '';
//If the id is not empty, we are gonna edit a policy group, otherwise we're gonna create a new one
if (!empty($id)) {
if ($id == '00000000000000000000000000000000') {
echo ossim_error(_("You cannot modify the default group."), AV_NOTICE);
exit;
}
//retrieving policygroup info...
$policy_groups = Policy_group::get_list($conn, '', " AND id=UNHEX('{$id}')");
if (!isset($policy_groups[0])) {
exit;
}
$name = $policy_groups[0]->get_name();
$ctx = $policy_groups[0]->get_ctx();
$descr = $policy_groups[0]->get_descr();
if ($pro) {
$ctx_name = Acl::get_entity_name($conn, $ctx);
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title> <?php
<a href="<?php
echo $_SERVER["SCRIPT_NAME"] . "?id={$id}&confirm=yes";
?>
"><?php
echo _("Yes");
?>
</a>
<a href="policy.php"><?php
echo _("No");
?>
</a>
</p>
<?php
}
$ids = explode(",", $id);
foreach ($ids as $id) {
if ($id != "") {
Policy_group::delete($conn, $id);
}
}
$db->close();
?>
<p> <?php
echo _("Policy group deleted");
?>
</p>
</body>
</html>
<?php
require_once 'classes/Security.inc';
$name = POST('name');
$descr = POST('descr');
ossim_valid($name, OSS_ALPHA, OSS_PUNC, OSS_SPACE, 'illegal:' . _("Policy group name"));
ossim_valid($descr, OSS_ALPHA, OSS_PUNC, OSS_SPACE, OSS_NULLABLE, 'illegal:' . _("Description"));
if (ossim_error()) {
die(ossim_error());
}
if (POST('insert')) {
require_once 'ossim_db.inc';
require_once 'classes/Policy_group.inc';
$db = new ossim_db();
$conn = $db->connect();
Policy_group::insert($conn, $name, $descr);
$db->close($conn);
}
?>
<p> <?php
echo gettext("Policy group succesfully inserted");
?>
</p>
<?php
if ($_SESSION["menu_sopc"] == "Policy") {
?>
<script>document.location.href="policygroup.php?withoutmenu=<?php
echo intval(POST('withoutmenu'));
?>
"</script><?php
}
*
* Otherwise you can read it here: http://www.gnu.org/licenses/gpl-2.0.txt
*
*/
require_once 'av_init.php';
Session::logcheck("configuration-menu", "PolicyPolicy");
$db = new ossim_db();
$conn = $db->connect();
//Getting the policies…
$ctxs = array();
$ctxs = Policy::get_all_ctx($conn);
foreach ($ctxs as $ctx) {
$neworder = 1;
$policy_groups = Policy_group::get_list($conn, " AND ctx=UNHEX('{$ctx}')", true);
foreach ($policy_groups as $group) {
$policy_list = Policy::get_list($conn, "AND ctx=UNHEX('{$ctx}') AND policy.group=UNHEX('" . $group->get_group_id() . "') ORDER BY policy.order, priority");
foreach ($policy_list as $policy) {
$id = $policy->get_id();
$conn->Execute("UPDATE policy SET policy.order={$neworder} WHERE id=UNHEX('{$id}')");
$neworder++;
}
}
$reorderpolicygrps = Policy_group::get_list($conn, " AND ctx=UNHEX('{$ctx}')", FALSE);
$neworder = 1;
foreach ($reorderpolicygrps as $policy) {
$conn->Execute("UPDATE policy_group SET policy_group.order={$neworder} WHERE id=UNHEX('" . $policy->get_group_id() . "')");
$neworder++;
}
}
$db->close();
header("Location: " . Menu::get_menu_url('/ossim/policy/policy.php', 'configuration', 'threat_intelligence', 'policy'));
* Function list:
* Classes list:
*/
require_once 'classes/Session.inc';
Session::logcheck("MenuIntelligence", "PolicyPolicy");
require_once 'classes/Security.inc';
require_once 'ossim_db.inc';
require_once 'classes/Policy_group.inc';
$db = new ossim_db();
$conn = $db->connect();
$id = GET('id');
ossim_valid($id, OSS_DIGIT, 'illegal:' . _("id"));
if (ossim_error()) {
die(ossim_error());
}
$policy_groups = Policy_group::get_list($conn, "WHERE group_id={$id}");
if (!isset($policy_groups[0])) {
exit;
}
?>
<html>
<head>
<title> <?php
echo gettext("OSSIM Framework");
?>
</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
<link rel="stylesheet" type="text/css" href="../style/style.css"/>
</head>
ossim_valid($ctx, OSS_HEX, 'illegal:' . _("order"));
if (ossim_error()) {
die(ossim_error());
}
//db connection
$db = new ossim_db();
$conn = $db->connect();
$group1 = Policy_group::get_list($conn, $ctx, " AND id=UNHEX('{$group}')");
if ($group1[0]) {
$ctx = $group1[0]->get_ctx();
if ($order == "up") {
$pg_ord = Policy::get_pg_order($conn, $ctx, $group1[0]->get_order(), 'up');
$group2 = Policy_group::get_list($conn, $ctx, " AND policy_group.order={$pg_ord}");
$pg_src = $group2[0];
$pg_dst = $group1[0];
} elseif ($order == "down") {
$pg_ord = Policy::get_pg_order($conn, $ctx, $group1[0]->get_order(), 'down');
$group2 = Policy_group::get_list($conn, $ctx, " AND policy_group.order={$pg_ord}");
$pg_src = $group1[0];
$pg_dst = $group2[0];
}
if (is_object($pg_src) && is_object($pg_dst)) {
echo "Swapping: id1=" . $pg_dst->get_group_id() . ",order1=" . $pg_src->get_order() . ",id2=" . $pg_dst->get_group_id() . ",order2=" . $pg_dst->get_order() . "<br>\n";
Policy_group::swap_orders($conn, $pg_src->get_ctx(), $pg_src->get_group_id(), $pg_src->get_order(), $pg_dst->get_group_id(), $pg_dst->get_order());
$infolog = array($pg_dst->get_name() . "(" . $pg_dst->get_group_id() . ")", $pg_dst->get_name() . "(" . $pg_dst->get_group_id() . ")");
Log_action::log(99, $infolog);
Web_indicator::set_on("Reload_policies");
Web_indicator::set_on("ReloadPolicy");
}
}
$db->close();
}
ossim_valid($order, OSS_ALPHA, OSS_SPACE, OSS_SCORE, OSS_NULLABLE, 'illegal:' . _("order"));
ossim_valid($page, OSS_DIGIT, 'illegal:' . _("page"));
ossim_valid($rp, OSS_DIGIT, 'illegal:' . _("rp"));
if (ossim_error()) {
die(ossim_error());
}
if (empty($order)) {
$order = "group_id";
}
$start = ($page - 1) * $rp;
$limit = "LIMIT {$start}, {$rp}";
$db = new ossim_db();
$conn = $db->connect();
$xml = "";
$policygroup_list = Policy_group::get_list($conn, "WHERE group_id>0 ORDER BY {$order} {$limit}");
$total = 0;
if ($policygroup_list[0]) {
$total = $policygroup_list[0]->get_foundrows();
if ($total == 0) {
$total = count($policygroup_list);
}
}
$xml .= "<rows>\n";
$xml .= "<page>{$page}</page>\n";
$xml .= "<total>{$total}</total>\n";
foreach ($policygroup_list as $policygrp) {
$id = $policygrp->get_group_id();
$name = $policygrp->get_name();
$xml .= "<row id='{$id}'>";
$xml .= "<cell><![CDATA[" . $id . "]]></cell>";
require_once 'classes/Session.inc';
Session::logcheck("MenuIntelligence", "PolicyPolicy");
require_once 'classes/Security.inc';
$group = GET('group');
$order = GET('order');
ossim_valid($group, OSS_DIGIT, 'illegal:' . _("group"));
ossim_valid($order, OSS_ALPHA, OSS_PUNC, 'illegal:' . _("order"));
if (ossim_error()) {
die(ossim_error());
}
require_once 'ossim_db.inc';
require_once 'classes/Policy_group.inc';
$db = new ossim_db();
$conn = $db->connect();
$group1 = Policy_group::get_list($conn, "where group_id={$group}");
if ($group1[0]) {
if ($order == "up") {
$group2 = Policy_group::get_list($conn, "where policy_group.order=" . ($group1[0]->get_order() - 1));
if ($group2[0]) {
echo "Swapping: id1=" . $group2[0]->get_group_id() . ",order1=" . $group2[0]->get_order() . ",id2=" . $group1[0]->get_group_id() . ",order2=" . $group1[0]->get_order() . "<br>\n";
Policy_group::swap_orders($conn, $group2[0]->get_group_id(), $group2[0]->get_order(), $group1[0]->get_group_id(), $group1[0]->get_order());
}
} elseif ($order == "down") {
$group2 = Policy_group::get_list($conn, "where policy_group.order=" . ($group1[0]->get_order() + 1));
if ($group2[0]) {
echo "Swapping: id1=" . $group1[0]->get_group_id() . ",order1=" . $group1[0]->get_order() . ",id2=" . $group2[0]->get_group_id() . ",order2=" . $group2[0]->get_order() . "<br>\n";
Policy_group::swap_orders($conn, $group1[0]->get_group_id(), $group1[0]->get_order(), $group2[0]->get_group_id(), $group2[0]->get_order());
}
}
}
$db->close($conn);
?>
"> <?php
echo $server_ip . " (" . $server_name . ")<br>";
?>
<?php
$i++;
}
}
?>
<input type="checkbox" name="target_any" value="any"> <b><?php
echo _("ANY");
?>
</b><?php
} elseif ($tab == "groups") {
if ($policygroups = Policy_group::get_list($conn, "ORDER BY name")) {
$i = 0;
foreach ($policygroups as $policygrp) {
$name = $policygrp->get_name();
$id = $policygrp->get_group_id();
?>
<option value="<?php
echo $id;
?>
" <?php
echo $i++ == 0 ? "selected='selected'" : "";
?>
> <?php
echo $name;
?>
<?php
