$rules_map = snort_load_rules_map("{$snortcfgdir}/rules/" . FLOWBITS_FILENAME); } elseif (substr($currentruleset, 0, 10) == "IPS Policy") { $rules_map = snort_load_vrt_policy($a_rule[$id]['ips_policy']); } elseif (file_exists("{$snortdir}/preproc_rules/{$currentruleset}")) { $rules_map = snort_load_rules_map("{$snortdir}/preproc_rules/{$currentruleset}"); } elseif (file_exists($rulefile)) { $rules_map = snort_load_rules_map($rulefile); } else { $input_errors[] = gettext("{$currentruleset} seems to be missing!!! Please verify rules files have been downloaded, then go to the Categories tab and save the rule set again."); } } /* Process the current category rules through any auto SID MGMT changes if enabled */ snort_auto_sid_mgmt($rules_map, $a_rule[$id], FALSE); /* Load up our enablesid and disablesid arrays with enabled or disabled SIDs */ $enablesid = snort_load_sid_mods($a_rule[$id]['rule_sid_on']); $disablesid = snort_load_sid_mods($a_rule[$id]['rule_sid_off']); if ($_POST['toggle'] && is_numeric($_POST['sid']) && is_numeric($_POST['gid']) && !empty($rules_map)) { // Get the GID:SID tags embedded in the clicked rule icon. $gid = $_POST['gid']; $sid = $_POST['sid']; // See if the target SID is in our list of modified SIDs, // and toggle if present; otherwise, add it to the // appropriate modified SID list. if (isset($enablesid[$gid][$sid])) { unset($enablesid[$gid][$sid]); $disablesid[$gid][$sid] = "disablesid"; } elseif (isset($disablesid[$gid][$sid])) { unset($disablesid[$gid][$sid]); $enablesid[$gid][$sid] = "enablesid"; } else { if ($rules_map[$gid][$sid]['disabled'] == 1) {
$instanceid = $_POST['instance']; } elseif (isset($_GET['instance']) && is_numericint($_GET['instance'])) { $instanceid = htmlspecialchars($_GET['instance']); } if (empty($instanceid) || !is_numericint($instanceid)) { $instanceid = 0; } if (!is_array($config['installedpackages']['snortglobal']['rule'])) { $config['installedpackages']['snortglobal']['rule'] = array(); } $a_instance =& $config['installedpackages']['snortglobal']['rule']; $snort_uuid = $a_instance[$instanceid]['uuid']; $if_real = get_real_interface($a_instance[$instanceid]['interface']); // Load up the arrays of force-enabled and force-disabled SIDs $enablesid = snort_load_sid_mods($a_instance[$instanceid]['rule_sid_on']); $disablesid = snort_load_sid_mods($a_instance[$instanceid]['rule_sid_off']); // Grab pfSense version so we can refer to it later on this page $pfs_version = substr(trim(file_get_contents("/etc/version")), 0, 3); $pconfig = array(); if (is_array($config['installedpackages']['snortglobal']['alertsblocks'])) { $pconfig['arefresh'] = $config['installedpackages']['snortglobal']['alertsblocks']['arefresh']; $pconfig['alertnumber'] = $config['installedpackages']['snortglobal']['alertsblocks']['alertnumber']; } if (empty($pconfig['alertnumber'])) { $pconfig['alertnumber'] = '250'; } if (empty($pconfig['arefresh'])) { $pconfig['arefresh'] = 'off'; } $anentries = $pconfig['alertnumber']; # --- AJAX REVERSE DNS RESOLVE Start ---