$pconfig['et_iqrisk_enable'] = $config['installedpackages']['suricata']['config'][0]['et_iqrisk_enable']; $pconfig['iqrisk_code'] = $config['installedpackages']['suricata']['config'][0]['iqrisk_code']; } // Validate IQRisk settings if enabled and saving them if ($_POST['save']) { if ($pconfig['et_iqrisk_enable'] == 'on' && empty($pconfig['iqrisk_code'])) { $input_errors[] = gettext("You must provide a valid IQRisk subscription code when IQRisk downloads are enabled!"); } if (!$input_errors) { $config['installedpackages']['suricata']['config'][0]['et_iqrisk_enable'] = $_POST['et_iqrisk_enable'] ? 'on' : 'off'; $config['installedpackages']['suricata']['config'][0]['iqrisk_code'] = $_POST['iqrisk_code']; write_config("Suricata pkg: modified IP Lists settings."); /* Toggle cron task for ET IQRisk updates if setting was changed */ if ($config['installedpackages']['suricata']['config'][0]['et_iqrisk_enable'] == 'on' && !suricata_cron_job_exists("/usr/local/pkg/suricata/suricata_etiqrisk_update.php")) { install_cron_job("/usr/bin/nice -n20 /usr/local/bin/php -f /usr/local/pkg/suricata/suricata_etiqrisk_update.php", TRUE, 0, "*/6", "*", "*", "*", "root"); } elseif ($config['installedpackages']['suricata']['config'][0]['et_iqrisk_enable'] == 'off' && suricata_cron_job_exists("/usr/local/pkg/suricata/suricata_etiqrisk_update.php")) { install_cron_job("/usr/local/pkg/suricata/suricata_etiqrisk_update.php", FALSE); } /* Peform a manual ET IQRisk file check/download */ if ($config['installedpackages']['suricata']['config'][0]['et_iqrisk_enable'] == 'on') { include "/usr/local/pkg/suricata/suricata_etiqrisk_update.php"; } } } if (isset($_POST['upload'])) { if ($_FILES["iprep_fileup"]["error"] == UPLOAD_ERR_OK) { $tmp_name = $_FILES["iprep_fileup"]["tmp_name"]; $name = $_FILES["iprep_fileup"]["name"]; move_uploaded_file($tmp_name, "{$iprep_path}{$name}"); } else { $input_errors[] = gettext("Failed to upload file {$_FILES["iprep_fileup"]["name"]}");
} // Move deprecated_rules file to SURICATADIR/rules directory @rename("/usr/local/pkg/suricata/deprecated_rules", "{$suricatadir}rules/deprecated_rules"); /*********************************************************/ /* START OF BUG FIX CODE */ /* */ /* Remove any Suricata cron tasks that may have been */ /* left from a previous uninstall due to a bug that */ /* saved edited cron tasks as new ones while still */ /* leaving the original task. Correct cron task */ /* entries will be recreated below if saved settings */ /* are detected. */ /*********************************************************/ $cron_count = 0; $suri_pf_table = SURICATA_PF_TABLE; while (suricata_cron_job_exists($suri_pf_table, FALSE)) { install_cron_job($suri_pf_table, false); $cron_count++; } if ($cron_count > 0) { log_error(gettext("[Suricata] Removed {$cron_count} duplicate 'remove_blocked_hosts' cron task(s).")); } /*********************************************************/ /* END OF BUG FIX CODE */ /*********************************************************/ // remake saved settings if previously flagged if ($config['installedpackages']['suricata']['config'][0]['forcekeepsettings'] == 'on') { log_error(gettext("[Suricata] Saved settings detected... rebuilding installation with saved settings...")); update_status(gettext("Saved settings detected...")); /****************************************************************/ /* Do test and fix for duplicate UUIDs if this install was */
$tmp = str_pad($_POST['autoruleupdatetime'], 4, "0", STR_PAD_LEFT); $_POST['autoruleupdatetime'] = substr($tmp, 0, 2) . ":" . substr($tmp, -2); } $config['installedpackages']['suricata']['config'][0]['autoruleupdatetime'] = str_pad($_POST['autoruleupdatetime'], 4, "0", STR_PAD_LEFT); } $config['installedpackages']['suricata']['config'][0]['log_to_systemlog'] = $_POST['log_to_systemlog'] ? 'on' : 'off'; $config['installedpackages']['suricata']['config'][0]['log_to_systemlog_facility'] = $_POST['log_to_systemlog_facility']; $config['installedpackages']['suricata']['config'][0]['live_swap_updates'] = $_POST['live_swap_updates'] ? 'on' : 'off'; $config['installedpackages']['suricata']['config'][0]['forcekeepsettings'] = $_POST['forcekeepsettings'] ? 'on' : 'off'; $retval = 0; write_config("Suricata pkg: modified global settings."); /* Toggle cron task for GeoIP database updates if setting was changed */ if ($config['installedpackages']['suricata']['config'][0]['autogeoipupdate'] == 'on' && !suricata_cron_job_exists("/usr/local/pkg/suricata/suricata_geoipupdate.php")) { include "/usr/local/pkg/suricata/suricata_geoipupdate.php"; install_cron_job("/usr/bin/nice -n20 /usr/local/bin/php -f /usr/local/pkg/suricata/suricata_geoipupdate.php", TRUE, 0, 0, 8, "*", "*", "root"); } elseif ($config['installedpackages']['suricata']['config'][0]['autogeoipupdate'] == 'off' && suricata_cron_job_exists("/usr/local/pkg/suricata/suricata_geoipupdate.php")) { install_cron_job("/usr/local/pkg/suricata/suricata_geoipupdate.php", FALSE); } /* create passlist and homenet file, then sync files */ conf_mount_rw(); sync_suricata_package_config(); conf_mount_ro(); /* forces page to reload new settings */ header('Expires: Sat, 26 Jul 1997 05:00:00 GMT'); header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); header('Cache-Control: no-store, no-cache, must-revalidate'); header('Cache-Control: post-check=0, pre-check=0', false); header('Pragma: no-cache'); header("Location: /suricata/suricata_global.php"); exit; }