$natent['host_os_policy']['item'][] = $default; $default = array("name" => "default", "bind_to" => "all", "personality" => "IDS", "request-body-limit" => 4096, "response-body-limit" => 4096, "double-decode-path" => "no", "double-decode-query" => "no", "uri-include-all" => "no"); if (!is_array($natent['libhtp_policy']['item'])) { $natent['libhtp_policy']['item'] = array(); } $natent['libhtp_policy']['item'][] = $default; // Enable the basic default rules for the interface $natent['rulesets'] = "decoder-events.rules||dns-events.rules||files.rules||http-events.rules||smtp-events.rules||stream-events.rules||tls-events.rules"; // Adding a new interface, so set flag to build new rules $rebuild_rules = true; // Add the new interface configuration to the [rule] array in config $a_rule[] = $natent; } // If Suricata is disabled on this interface, stop any running instance if ($natent['enable'] != 'on') { suricata_stop($natent, $if_real); } // Save configuration changes write_config("Suricata pkg: modified interface configuration for " . convert_friendly_interface_to_friendly_descr($natent['interface'])); // Update suricata.conf and suricata.sh files for this interface conf_mount_rw(); sync_suricata_package_config(); conf_mount_ro(); // Refresh page fields with just-saved values $pconfig = $natent; } else { $pconfig = $_POST; } } $if_friendly = convert_friendly_interface_to_friendly_descr($pconfig['interface']); $pgtitle = gettext("Suricata: Interface {$if_friendly} - Edit Settings");
log_error("Toggle (barnyard stopping) for {$if_friendly}({$suricatacfg['descr']})..."); suricata_barnyard_stop($suricatacfg, $if_real); } sleep(3); // So the GUI reports correctly header("Location: /suricata/suricata_interfaces.php"); exit; } /* start/stop Suricata */ if ($_POST['toggle']) { $suricatacfg = $config['installedpackages']['suricata']['rule'][$id]; $if_real = get_real_interface($suricatacfg['interface']); $if_friendly = convert_friendly_interface_to_friendly_descr($suricatacfg['interface']); if (suricata_is_running($suricatacfg['uuid'], $if_real)) { log_error("Toggle (suricata stopping) for {$if_friendly}({$suricatacfg['descr']})..."); suricata_stop($suricatacfg, $if_real); } else { log_error("Toggle (suricata starting) for {$if_friendly}({$suricatacfg['descr']})..."); // set flag to rebuild interface rules before starting Snort $rebuild_rules = true; sync_suricata_package_config(); $rebuild_rules = false; suricata_start($suricatacfg, $if_real); } sleep(3); // So the GUI reports correctly header('Expires: Sat, 26 Jul 1997 05:00:00 GMT'); header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); header('Cache-Control: no-store, no-cache, must-revalidate'); header('Cache-Control: post-check=0, pre-check=0', false); header('Pragma: no-cache');