sleep(3);
// So the GUI reports correctly
}
/* start/stop snort */
if ($_POST['toggle'] && is_numericint($_POST['id'])) {
$snortcfg = $config['installedpackages']['snortglobal']['rule'][$_POST['id']];
$if_real = get_real_interface($snortcfg['interface']);
$if_friendly = convert_friendly_interface_to_friendly_descr($snortcfg['interface']);
if (snort_is_running($snortcfg['uuid'], $if_real)) {
log_error("Toggle (snort stopping) for {$if_friendly}({$snortcfg['descr']})...");
snort_stop($snortcfg, $if_real);
} else {
log_error("Toggle (snort starting) for {$if_friendly}({$snortcfg['descr']})...");
/* set flag to rebuild interface rules before starting Snort */
$rebuild_rules = true;
sync_snort_package_config();
$rebuild_rules = false;
snort_start($snortcfg, $if_real);
}
sleep(3);
// So the GUI reports correctly
}
$pgtitle = "Services: {$snort_package_version}";
include_once "head.inc";
?>
<body link="#000000" vlink="#000000" alink="#000000">
<?php
include_once "fbegin.inc";
/* Display Alert message */
if ($input_errors) {
function snort_add_supplist_entry($suppress)
{
/************************************************/
/* Adds the passed entry to the Suppress List */
/* for the active interface. If a Suppress */
/* List is defined for the interface, it is */
/* used. If no list is defined, a new default */
/* list is created using the interface name. */
/* */
/* On Entry: */
/* $suppress --> suppression entry text */
/* */
/* Returns: */
/* TRUE if successful or FALSE on failure */
/************************************************/
global $config, $a_instance, $instanceid;
if (!is_array($config['installedpackages']['snortglobal']['suppress'])) {
$config['installedpackages']['snortglobal']['suppress'] = array();
}
if (!is_array($config['installedpackages']['snortglobal']['suppress']['item'])) {
$config['installedpackages']['snortglobal']['suppress']['item'] = array();
}
$a_suppress =& $config['installedpackages']['snortglobal']['suppress']['item'];
$found_list = false;
/* If no Suppress List is set for the interface, then create one with the interface name */
if (empty($a_instance[$instanceid]['suppresslistname']) || $a_instance[$instanceid]['suppresslistname'] == 'default') {
$s_list = array();
$s_list['uuid'] = uniqid();
$s_list['name'] = $a_instance[$instanceid]['interface'] . "suppress" . "_" . $s_list['uuid'];
$s_list['descr'] = "Auto-generated list for Alert suppression";
$s_list['suppresspassthru'] = base64_encode($suppress);
$a_suppress[] = $s_list;
$a_instance[$instanceid]['suppresslistname'] = $s_list['name'];
$found_list = true;
$list_name = $s_list['name'];
} else {
/* If we get here, a Suppress List is defined for the interface so see if we can find it */
foreach ($a_suppress as $a_id => $alist) {
if ($alist['name'] == $a_instance[$instanceid]['suppresslistname']) {
$found_list = true;
$list_name = $alist['name'];
if (!empty($alist['suppresspassthru'])) {
$tmplist = base64_decode($alist['suppresspassthru']);
$tmplist .= "\n{$suppress}";
$alist['suppresspassthru'] = base64_encode($tmplist);
$a_suppress[$a_id] = $alist;
} else {
$alist['suppresspassthru'] = base64_encode($suppress);
$a_suppress[$a_id] = $alist;
}
}
}
}
/* If we created a new list or updated an existing one, save the change, */
/* tell Snort to load it, and return true; otherwise return false. */
if ($found_list) {
write_config("Snort pkg: modified Suppress List {$list_name}.");
sync_snort_package_config();
snort_reload_config($a_instance[$instanceid]);
return true;
} else {
return false;
}
}
