Esempio n. 1
0
 //find if alert is disabled
 $disabled = strstr($tempstring, $findme);
 //if find alert is false, then rule is disabled
 if ($disabled !== false) {
     //rule has been enabled
     //move counter up 1, so we do not retrieve the # in the rule_content array
     $tempstring = str_replace("# alert", "alert", $tempstring);
 } else {
     //has rule been disabled
     //move counter up 1, so we do not retrieve the # in the rule_content array
     $tempstring = str_replace("alert", "# alert", $tempstring);
 }
 //copy string into array for writing
 $splitcontents[$toggleid] = $tempstring;
 //write the new .rules file
 write_rule_file($splitcontents, $file);
 //once file has been written, reload file
 $splitcontents = load_rule_file($file);
 $stopMsg = true;
 //write disable/enable sid to config.xml
 if ($disabled == false) {
     $string_sid = strstr($tempstring, 'sid:');
     $sid_pieces = explode(";", $string_sid);
     $sid_off_cut = $sid_pieces[0];
     // sid being turned off
     $sid_off = str_replace("sid:", "", $sid_off_cut);
     // rule_sid_on registers
     $sid_on_pieces = $config['installedpackages']['snort']['rule_sid_on'];
     // if off sid is the same as on sid remove it
     $sid_on_old = str_replace("||enablesid {$sid_off}", "", "{$sid_on_pieces}");
     // write the replace sid back as empty
// Count Groups
$result = $xml->xpath("//myns:Group");
$count = count($result);
echo "Groups: {$count}\n";
// Count rules
$result = $xml->xpath("//myns:Rule");
$rule_count = count($result);
echo "Rules: {$rule_count}\n";
// Count titles (found in Group and rule nodes)
$result = $xml->xpath("//myns:title");
$count = count($result);
echo "titles: {$count}\n";
echo "\n";
// Clear $content var and output file
$content = "";
write_rule_file(FILE_PATH . FILE_SEP . FILE_OUTPUT, "");
// Loop through rules and generate output files
foreach ($xml->xpath("//myns:Rule") as $Rule) {
    $cnt += 1;
    if ($cnt <= $offset) {
        continue;
    }
    if ($cnt > $limit + $offset) {
        break;
    }
    echo "{$cnt} " . $Rule->title . "\n";
    echo "    id: " . xml_attribute($Rule, "id") . "\n";
    $severity = xml_attribute($Rule, "severity");
    echo "    ident: " . $Rule->ident . "\n";
    // get parent node, which is a Group
    $Group = $Rule->xpath("./..");