function ipsec_idinfo_to_text(&$idinfo) { global $config; switch ($idinfo['type']) { case "address": return $idinfo['address']; break; /* NOTREACHED */ /* NOTREACHED */ case "network": return $idinfo['address'] . "/" . $idinfo['netbits']; break; /* NOTREACHED */ /* NOTREACHED */ case "mobile": return gettext("Mobile Client"); break; /* NOTREACHED */ /* NOTREACHED */ case "none": return gettext("None"); break; /* NOTREACHED */ /* NOTREACHED */ default: if (!empty($config['interfaces'][$idinfo['type']])) { return convert_friendly_interface_to_friendly_descr($idinfo['type']); } else { return strtoupper($idinfo['type']); } break; /* NOTREACHED */ } }
function get_interface_addr($if) { global $config; $ifdescr = convert_friendly_interface_to_friendly_descr($if); /* find out interface name */ if ($ifdescr == "wan") { $if = get_real_wan_interface(); } else { $if = $config['interfaces'][$ifdescr]; } return $if; }
unset($network, $subnet); } } } if ($_POST['ipaddrv6']) { if (!is_ipaddrv6($_POST['ipaddrv6'])) { $input_errors[] = gettext("A valid IPv6 address must be specified."); } else { if (ip_in_subnet($_POST['ipaddrv6'], "fe80::/10")) { $input_errors[] = gettext("IPv6 link local addresses cannot be configured as an interface IP."); } $where_ipaddr_configured = where_is_ipaddr_configured($_POST['ipaddrv6'], $if, true, true, $_POST['subnetv6']); if (count($where_ipaddr_configured)) { $subnet_conflict_text = sprintf(gettext("IPv6 address %s is being used by or overlaps with:"), $_POST['ipaddrv6'] . "/" . $_POST['subnetv6']); foreach ($where_ipaddr_configured as $subnet_conflict) { $subnet_conflict_text .= " " . convert_friendly_interface_to_friendly_descr($subnet_conflict['if']) . " (" . $subnet_conflict['ip_or_subnet'] . ")"; } $input_errors[] = $subnet_conflict_text; } foreach ($staticroutes as $route_subnet) { list($network, $subnet) = explode("/", $route_subnet); if ($_POST['subnetv6'] == $subnet && $network == gen_subnetv6($_POST['ipaddrv6'], $_POST['subnetv6'])) { $input_errors[] = gettext("This IPv6 address conflicts with a Static Route."); break; } unset($network, $subnet); } } } if ($_POST['subnet'] && !is_numeric($_POST['subnet'])) { $input_errors[] = gettext("A valid subnet bit count must be specified.");
?> <div class="content"> <table> <tr> <?php echo '<td class="widgetsubheader" align="center">' . gettext("Computer / Device") . '</td>'; echo '<td class="widgetsubheader" align="center">' . gettext("Interface") . '</td>'; echo '<td class="widgetsubheader" align="center">' . gettext("Status") . '</td>'; ?> <td class="widgetsubheader"> </td> </tr> <?php if (count($wolcomputers) > 0) { foreach ($wolcomputers as $wolent) { echo '<tr><td class="listlr">' . $wolent['descr'] . '<br />' . $wolent['mac'] . '</td>' . "\n"; echo '<td class="listr">' . convert_friendly_interface_to_friendly_descr($wolent['interface']) . '</td>' . "\n"; $is_active = exec("/usr/sbin/arp -an |/usr/bin/grep {$wolent['mac']}| /usr/bin/wc -l|/usr/bin/awk '{print \$1;}'"); $status = exec("/usr/sbin/arp -an | /usr/bin/awk '\$4 == \"{$wolent['mac']}\" { print \$7 }'"); if ($status == 'expires') { echo '<td class="listr" align="center">' . "\n"; echo "<img src=\"/themes/" . $g["theme"] . "/images/icons/icon_pass.gif\" alt=\"pass\" /> " . gettext("Online") . "</td>\n"; } else { if ($status == 'permanent') { echo '<td class="listr" align="center">' . "\n"; echo "<img src=\"/themes/" . $g["theme"] . "/images/icons/icon_pass_d.gif\" alt=\"pass\" /> " . gettext("Static ARP") . "</td>\n"; } else { echo '<td class="listbg" align="center">' . "\n"; echo "<img src=\"/themes/" . $g["theme"] . "/images/icons/icon_block.gif\" alt=\"block\" /> <font color=\"white\">" . gettext("Offline") . "</font></td>\n"; } } echo '<td valign="middle" class="list nowrap">';
<i class="fa fa-hand-paper-o text-danger" title="<?php echo gettext("Negated: This rule excludes NAT from a later rule"); ?> "></i> <?php } ?> </a> </td> <td> <?php echo $textss; if (!$natent['interface']) { echo htmlspecialchars(convert_friendly_interface_to_friendly_descr("wan")); } else { echo htmlspecialchars(convert_friendly_interface_to_friendly_descr($natent['interface'])); } echo $textse; ?> </td> <td> <?php $source_net = pprint_address($natent['source']); $source_cidr = strstr($source_net, '/'); echo $textss . $natent['external'] . $source_cidr . $textse; ?> </td> <td> <?php echo $textss . $source_net . $textse; ?>
?> </th> <th><?php echo gettext("Actions"); ?> </th> </tr> </thead> <tbody> <?php foreach ($a_gifs as $i => $gif) { ?> <tr> <td> <?php echo htmlspecialchars(convert_friendly_interface_to_friendly_descr($gif['if'])); ?> </td> <td> <?php echo htmlspecialchars($gif['remote-addr']); ?> </td> <td> <?php echo htmlspecialchars($gif['descr']); ?> </td> <td> <a class="fa fa-pencil" title="<?php echo gettext('Edit GIF interface');
foreach ($config['virtualip']['vip'] as $carp) { if ($carp['mode'] != "carp") { continue; } $ipaddress = $carp['subnet']; $password = $carp['password']; $netmask = $carp['subnet_bits']; $vhid = $carp['vhid']; $advskew = $carp['advskew']; $status = get_carp_interface_status("_vip{$carp['uniqid']}"); ?> <tr> <td> <a href="/system_hasync.php"> <?php echo htmlspecialchars(convert_friendly_interface_to_friendly_descr($carp['interface']) . "@{$vhid}"); ?> </a> </td> <?php if ($carp_enabled == false) { $icon = 'times-circle'; $status = "DISABLED"; } else { if ($status == "MASTER") { $icon = 'play-circle text-success'; } else { if ($status == "BACKUP") { $icon = 'pause-circle text-warning'; } else { if ($status == "INIT") {
$no_rules_footnote = false; if ($id_gen == 0) { $no_rules = false; } else { $no_rules = true; } foreach ($a_nat as $natent) { ?> <tr valign="top" id="fr<?php echo $nnats; ?> "> <?php /* convert fake interfaces to real and check if iface is up */ $if_real = get_real_interface($natent['interface']); $natend_friendly = convert_friendly_interface_to_friendly_descr($natent['interface']); $snort_uuid = $natent['uuid']; if (!snort_is_running($snort_uuid, $if_real)) { $iconfn = 'block'; $iconfn_msg1 = 'Snort is not running on '; $iconfn_msg2 = '. Click to start.'; } else { $iconfn = 'pass'; $iconfn_msg1 = 'Snort is running on '; $iconfn_msg2 = '. Click to stop.'; } if (!snort_is_running($snort_uuid, $if_real, 'barnyard2')) { $biconfn = 'block'; $biconfn_msg1 = 'Barnyard2 is not running on '; $biconfn_msg2 = '. Click to start.'; } else {
</td> </tr> <?php } // Show the anti-lockout rule if it's enabled, and we are on LAN with an if count > 1, or WAN with an if count of 1. if (!isset($config['system']['webgui']['noantilockout']) && (count($config['interfaces']) > 1 && $selected_if == 'lan' || count($config['interfaces']) == 1 && $selected_if == 'wan')) { $alports = implode('<br />', filter_get_antilockout_ports(true)); ?> <tr valign="top"> <td> </td> <td><span class="glyphicon glyphicon-play text-success"></span></td> <td>*</td> <td>*</td> <td class="hidden-xs hidden-sm">*</td> <td class="hidden-xs hidden-sm"><?php echo htmlspecialchars(convert_friendly_interface_to_friendly_descr($selected_if)); ?> Address</td> <td class="hidden-xs hidden-sm"><?php echo $alports; ?> </td> <td class="hidden-xs hidden-sm">*</td> <td class="hidden-xs hidden-sm"> </td> <td><?php echo gettext("Anti-Lockout Rule"); ?> </td> <td> <a href="system_advanced_admin.php" title="<?php echo gettext("edit rule");
$interface = "none"; $dnsgw = "dns{$dnscounter}gwint"; if ($pconfig[$dnsgw] == $interface) { $selected = "selected"; } else { $selected = ""; } echo "<option value='{$interface}' {$selected}>" . ucwords($interface) . "</option>\n"; foreach ($interfaces as $interface) { if (interface_has_gateway($interface)) { if ($pconfig[$dnsgw] == $interface) { $selected = "selected"; } else { $selected = ""; } $friendly_interface = convert_friendly_interface_to_friendly_descr($interface); echo "<option value='{$interface}' {$selected}>" . ucwords($friendly_interface) . "</option>\n"; } } ?> </select> <?php } ?> </td> </tr> <?php } ?> </table> <br>
<th><?php echo gettext("Description"); ?> </th> <th></th> </tr> </thead> <tbody> <?php $i = 0; foreach ($a_igmpproxy as $igmpentry) { ?> <tr> <td> <?php echo htmlspecialchars(convert_friendly_interface_to_friendly_descr($igmpentry['ifname'])); ?> </td> <td> <?php echo htmlspecialchars($igmpentry['type']); ?> </td> <td> <?php $addresses = implode(", ", array_slice(explode(" ", $igmpentry['address']), 0, 10)); print $addresses; if (count($addresses) < 10) { print ' '; } else { print '...';
conf_mount_rw(); suricata_generate_yaml($natent); conf_mount_ro(); // Sync to configured CARP slaves if any are enabled suricata_sync_on_changes(); } header('Expires: Sat, 26 Jul 1997 05:00:00 GMT'); header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); header('Cache-Control: no-store, no-cache, must-revalidate'); header('Cache-Control: post-check=0, pre-check=0', false); header('Pragma: no-cache'); header("Location: suricata_app_parsers.php?id={$id}"); exit; } } $if_friendly = convert_friendly_interface_to_friendly_descr($pconfig['interface']); $pgtitle = gettext("Suricata: Interface {$if_friendly} - Application Layer Parsers"); include_once "head.inc"; ?> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php include "fbegin.inc"; /* Display error message */ if ($input_errors) { print_input_errors($input_errors); } ?> <form action="suricata_app_parsers.php" method="post" name="iform" id="iform"> <input name="id" type="hidden" value="<?php
} if (!is_dir("{$snortdir}/snort_{$value['uuid']}_{$if_real}/rules")) { safe_mkdir("{$snortdir}/snort_{$value['uuid']}_{$if_real}/rules"); } if (!is_dir("{$snortdir}/snort_{$value['uuid']}_{$if_real}/preproc_rules")) { safe_mkdir("{$snortdir}/snort_{$value['uuid']}_{$if_real}/preproc_rules"); } if (!is_dir("{$snortdir}/snort_{$value['uuid']}_{$if_real}/snort_dynamicpreprocessor")) { safe_mkdir("{$snortdir}/snort_{$value['uuid']}_{$if_real}/snort_dynamicpreprocessor"); } snort_apply_customizations($value, $if_real); /* Log a message in Update Log if protecting customized preprocessor rules. */ $tmp = "\t" . $tmp . "\n"; if ($value['protect_preproc_rules'] == 'on') { $tmp .= gettext("\tPreprocessor text rules flagged as protected and not updated for "); $tmp .= convert_friendly_interface_to_friendly_descr($value['interface']) . "...\n"; } error_log($tmp, 3, SNORT_RULES_UPD_LOGFILE); } } else { if ($pkg_interface != "console") { update_output_window(gettext("Warning: No interfaces configured for Snort were found...")); update_output_window(gettext("No interfaces currently have Snort configured and enabled on them...")); } error_log(gettext("\tWarning: No interfaces configured for Snort were found...\n"), 3, SNORT_RULES_UPD_LOGFILE); } /* Clear the rebuild rules flag. */ $rebuild_rules = false; /* Restart snort if running, and not in post-install, so as to pick up the new rules. */ if (!$g['snort_postinstall'] && is_service_running("snort") && count($config['installedpackages']['snortglobal']['rule']) > 0) { if ($pkg_interface != "console") {
echo $textse; ?> </td> <td class="listr" onclick="fr_toggle(<?php echo $i; ?> )" id="frd<?php echo $i; ?> " ondblclick="document.location='system_gateways_edit.php?id=<?php echo $i; ?> ';"> <?php echo $textss; echo htmlspecialchars(convert_friendly_interface_to_friendly_descr($gateway['friendlyiface'])); echo $textse; ?> </td> <td class="listr" onclick="fr_toggle(<?php echo $i; ?> )" id="frd<?php echo $i; ?> " ondblclick="document.location='system_gateways_edit.php?id=<?php echo $i; ?> ';"> <?php echo $textss;
<tr> <td class="listtopic" colspan="2">Graph Settings</td> </tr> <tr> <td width="20%" class="listhdr"> <?php echo gettext("Graphs:"); ?> </td> <td width="80%" class="listhdr"> <select name="graph" class="formselect" style="z-index: -10;"> <?php foreach ($custom_databases as $db => $database) { $optionc = explode("-", $database); $optionc[1] = str_replace(".rrd", "", $optionc[1]); $friendly = convert_friendly_interface_to_friendly_descr(strtolower($optionc[0])); if (!empty($friendly)) { $optionc[0] = $friendly; } $prettyprint = ucwords(implode(" :: ", $optionc)); echo "<option value=\"{$database}\""; if ($pconfig['graph'] == $database) { echo " selected"; } echo ">" . htmlspecialchars($prettyprint) . "</option>\n"; } ?> </select> </td> </tr> <tr>
</td> <td class="listr" onclick="fr_toggle(<?php echo $i; ?> )" id="frd<?php echo $i; ?> " ondblclick="document.location='system_routes_edit.php?id=<?php echo $i; ?> ';"> <?php echo $textss; ?> <?php echo convert_friendly_interface_to_friendly_descr($a_gateways[$route['gateway']]['friendlyiface']) . " "; ?> <?php echo $textse; ?> </td> <td class="listbg" onclick="fr_toggle(<?php echo $i; ?> )" ondblclick="document.location='system_routes_edit.php?id=<?php echo $i; ?> ';"> <?php echo $textss; echo htmlspecialchars($route['descr']);
/* Clear the rebuild rules flag. */ $rebuild_rules = false; /* Restart Suricata if already running and we are not in post-install, so as to pick up the new rules. */ if (is_process_running("suricata") && !$g['suricata_postinstall'] && count($config['installedpackages']['suricata']['rule']) > 0) { // See if "Live Reload" is configured and signal each Suricata instance // if enabled, else just do a hard restart of all the instances. if ($config['installedpackages']['suricata']['config'][0]['live_swap_updates'] == 'on') { if ($pkg_interface != "console") { update_status(gettext('Signaling Suricata to live-load the new set of rules...')); update_output_window(gettext("Please wait ... the process should complete in a few seconds...")); } log_error(gettext("[Suricata] Live-Reload of rules from auto-update is enabled...")); error_log(gettext("\tLive-Reload of updated rules is enabled...\n"), 3, SURICATA_RULES_UPD_LOGFILE); foreach ($config['installedpackages']['suricata']['rule'] as $value) { suricata_reload_config($value); error_log(gettext("\tLive swap of updated rules requested for " . convert_friendly_interface_to_friendly_descr($value['interface']) . ".\n"), 3, SURICATA_RULES_UPD_LOGFILE); } log_error(gettext("[Suricata] Live-Reload of updated rules completed...")); error_log(gettext("\tLive-Reload of the updated rules is complete.\n"), 3, SURICATA_RULES_UPD_LOGFILE); } else { if ($pkg_interface != "console") { update_status(gettext('Restarting Suricata to activate the new set of rules...')); update_output_window(gettext("Please wait ... restarting Suricata will take some time...")); } error_log(gettext("\tRestarting Suricata to activate the new set of rules...\n"), 3, SURICATA_RULES_UPD_LOGFILE); restart_service("suricata"); if ($pkg_interface != "console") { update_output_window(gettext("Suricata has restarted with your new set of rules...")); } log_error(gettext("[Suricata] Suricata has restarted with your new set of rules...")); error_log(gettext("\tSuricata has restarted with your new set of rules.\n"), 3, SURICATA_RULES_UPD_LOGFILE);
if (!$pconfig['localid_address'] || !is_ipaddr($pconfig['localid_address'])) { $input_errors[] = gettext("A valid local network IP address must be specified."); } elseif (is_ipaddrv4($pconfig['localid_address']) && $pconfig['mode'] != "tunnel") { $input_errors[] = gettext("A valid local network IPv4 address must be specified or you need to change Mode to IPv6"); } elseif (is_ipaddrv6($pconfig['localid_address']) && $pconfig['mode'] != "tunnel6") { $input_errors[] = gettext("A valid local network IPv6 address must be specified or you need to change Mode to IPv4"); } break; } /* Check if the localid_type is an interface, to confirm if it has a valid subnet. */ if (isset($config['interfaces'][$pconfig['localid_type']])) { // Don't let an empty subnet into racoon.conf, it can cause parse errors. Ticket #2201. $address = get_interface_ip($pconfig['localid_type']); $netbits = get_interface_subnet($pconfig['localid_type']); if (empty($address) || empty($netbits)) { $input_errors[] = gettext("Invalid Local Network.") . " " . convert_friendly_interface_to_friendly_descr($pconfig['localid_type']) . " " . gettext("has no subnet."); } } if (!empty($pconfig['natlocalid_address'])) { switch ($pconfig['natlocalid_type']) { case "network": if ($pconfig['natlocalid_netbits'] != 0 && !$pconfig['natlocalid_netbits'] || !is_numeric($pconfig['natlocalid_netbits'])) { $input_errors[] = gettext("A valid NAT local network bit count must be specified."); } if ($pconfig['localid_type'] == "address") { $input_errors[] = gettext("You cannot configure a network type address for NAT while only an address type is selected for local source."); } // address rules also apply to network type (hence, no break) // address rules also apply to network type (hence, no break) case "address": if (!empty($pconfig['natlocalid_address']) && !is_ipaddr($pconfig['natlocalid_address'])) {
update_output_window($static_output); log_error(gettext("[Suricata] Downloading and updating configured rule types...")); if ($pkg_interface != "console") { $suricata_gui_include = true; } include '/usr/local/pkg/suricata/suricata_check_for_rule_updates.php'; update_status(gettext("Generating suricata.yaml configuration file from saved settings...")); $rebuild_rules = true; conf_mount_rw(); // Create the suricata.yaml files for each enabled interface $suriconf = $config['installedpackages']['suricata']['rule']; foreach ($suriconf as $suricatacfg) { $if_real = get_real_interface($suricatacfg['interface']); $suricata_uuid = $suricatacfg['uuid']; $suricatacfgdir = "{$suricatadir}suricata_{$suricata_uuid}_{$if_real}"; $static_output .= gettext("Generating YAML configuration file for " . convert_friendly_interface_to_friendly_descr($suricatacfg['interface']) . "..."); update_output_window($static_output); // Pull in the PHP code that generates the suricata.yaml file // variables that will be substituted further down below. include "/usr/local/pkg/suricata/suricata_generate_yaml.php"; // Pull in the boilerplate template for the suricata.yaml // configuration file. The contents of the template along // with substituted variables are stored in $suricata_conf_text // (which is defined in the included file). include "/usr/local/pkg/suricata/suricata_yaml_template.inc"; // Now write out the conf file using $suricata_conf_text contents @file_put_contents("{$suricatacfgdir}/suricata.yaml", $suricata_conf_text); unset($suricata_conf_text); // create barnyard2.conf file for interface if ($suricatacfg['barnyard_enable'] == 'on') { suricata_generate_barnyard2_conf($suricatacfg, $if_real);
/images/icons/icon_plus.gif" width="17" height="17" border="0" alt="add" /></a></td> </tr> </table> </td> </tr> <?php $i = 0; foreach ($a_wol as $wolent) { ?> <tr> <td class="listlr" ondblclick="document.location='services_wol_edit.php?id=<?php echo $i; ?> ';"> <?php echo convert_friendly_interface_to_friendly_descr($wolent['interface']); ?> </td> <td class="listr" ondblclick="document.location='services_wol_edit.php?id=<?php echo $i; ?> ';"> <a href="?mac=<?php echo $wolent['mac']; ?> &if=<?php echo $wolent['interface']; ?> "><?php echo strtolower($wolent['mac']); ?>
foreach ($portlist as $portname => $portinfo) { $portifmap[$portname] = array(); } /* Go through the list of ports selected by the user, build a list of port-to-interface mappings in portifmap */ foreach ($_POST as $ifname => $ifport) { if ($ifname == 'lan' || $ifname == 'wan' || substr($ifname, 0, 3) == 'opt') { $portifmap[$ifport][] = strtoupper($ifname); } } /* Deliver error message for any port with more than one assignment */ foreach ($portifmap as $portname => $ifnames) { if (count($ifnames) > 1) { $errstr = sprintf(gettext('Port %1$s ' . ' was assigned to %2$s' . ' interfaces:'), $portname, count($ifnames)); foreach ($portifmap[$portname] as $ifn) { $errstr .= " " . convert_friendly_interface_to_friendly_descr(strtolower($ifn)) . " (" . $ifn . ")"; } $input_errors[] = $errstr; } else { if (count($ifnames) == 1 && preg_match('/^bridge[0-9]/', $portname) && is_array($config['bridges']['bridged']) && count($config['bridges']['bridged'])) { foreach ($config['bridges']['bridged'] as $bridge) { if ($bridge['bridgeif'] != $portname) { continue; } $members = explode(",", strtoupper($bridge['members'])); foreach ($members as $member) { if ($member == $ifnames[0]) { $input_errors[] = sprintf(gettext("You cannot set port %s to interface %s because this interface is a member of %s."), $portname, $member, $portname); break; } }
if ($archivestart <= $start) { $average = $rra * 60; break; } } foreach ($scales as $scalelength => $value) { if ($scalelength >= $seconds) { $scale = $value; break; } } // log_error("start $start, end $end, archivestart $archivestart, average $average, scale $scale, seconds $seconds"); /* Deduce a interface if possible and use the description */ $curif = explode("-", $curdatabase); $curif = "{$curif['0']}"; $friendly = convert_friendly_interface_to_friendly_descr(strtolower($curif)); if ($friendly == "") { $friendly = $curif; } $search = array("-", ".rrd", $curif); $replace = array(" :: ", "", $friendly); $prettydb = ucwords(str_replace($search, $replace, $curdatabase)); $rrdtool = "/usr/bin/nice -n20 /usr/local/bin/rrdtool"; $uptime = "/usr/bin/uptime"; $sed = "/usr/bin/sed"; $havg = timeDiff($average, $defOptions); $hperiod = timeDiff($seconds, $defOptions); $data = true; /* Don't leave it up to RRD Tool to select the RRA and resolution to use. */ /* Specify the RRA and resolution to use per the graph havg value. */ switch ($havg) {
} else { if (isset($broadcast_addr) && $_POST['subnet'] == $broadcast_addr) { $input_errors[] = gettext("You cannot use the broadcast address for this VIP"); } } } /* make sure new ip is within the subnet of a valid ip * on one of our interfaces (wan, lan optX) */ switch ($_POST['mode']) { case 'carp': /* verify against reusage of vhids */ $idtracker = 0; foreach ($config['virtualip']['vip'] as $vip) { if ($vip['vhid'] == $_POST['vhid'] && $vip['interface'] == $_POST['interface'] && $idtracker != $id) { $input_errors[] = sprintf(gettext("VHID %s is already in use on interface %s. Pick a unique number on this interface."), $_POST['vhid'], convert_friendly_interface_to_friendly_descr($_POST['interface'])); } $idtracker++; } if (empty($_POST['password'])) { $input_errors[] = gettext("You must specify a CARP password that is shared between the two VHID members."); } if ($_POST['interface'] == 'lo0') { $input_errors[] = gettext("For this type of vip localhost is not allowed."); } else { if (strpos($_POST['interface'], '_vip')) { $input_errors[] = gettext("A CARP parent interface can only be used with IP Alias type Virtual IPs."); } } break; case 'ipalias':
?> </td> <td class="hidden-xs hidden-sm"> <?php echo !empty($natent['protocol']) ? $natent['protocol'] . '/' : ""; ?> <?php echo empty($natent['dstport']) ? "*" : $natent['dstport']; ?> </td> <td class="hidden-xs hidden-sm"> <?php if (isset($natent['nonat'])) { $nat_address = '<I>NO NAT</I>'; } elseif (empty($natent['target'])) { $nat_address = htmlspecialchars(convert_friendly_interface_to_friendly_descr($natent['interface'])) . " address"; } elseif ($natent['target'] == "other-subnet") { $nat_address = $natent['targetip'] . '/' . $natent['targetip_subnet']; } else { $nat_address = $natent['target']; } ?> <?php echo $nat_address; ?> </td> <td class="hidden-xs hidden-sm"> <?php echo empty($natent['natport']) ? "*" : $natent['natport']; ?> </td>
<td class="listlr" ondblclick="document.location='services_captiveportal.php?zone=<?php echo $cpzone; ?> ';"> <?php echo htmlspecialchars($cpitem['zone']); ?> </td> <td class="listlr" ondblclick="document.location='services_captiveportal.php?zone=<?php echo $cpzone; ?> ';"> <?php $cpifaces = explode(",", $cpitem['interface']); foreach ($cpifaces as $cpiface) { echo convert_friendly_interface_to_friendly_descr($cpiface) . " "; } ?> </td> <td class="listr" ondblclick="document.location='services_captiveportal.php?zone=<?php echo $cpzone; ?> ';"> <?php $cpdb = new OPNsense\CaptivePortal\DB($cpzone); echo $cpdb->countClients(); ?> </td> <td class="listbg" ondblclick="document.location='services_captiveportal.php?zone=<?php echo $cpzone; ?>
suricata_barnyard_stop($a_nat[$id], get_real_interface($a_nat[$id]['interface'])); } elseif ($a_nat[$id]['barnyard_enable'] == "on") { if (suricata_is_running($a_nat[$id]['uuid'], get_real_interface($a_nat[$id]['interface']), "barnyard2")) { suricata_barnyard_reload_config($a_nat[$id], "HUP"); } else { // Notify user a Suricata restart is required if enabling Barnyard2 for the first time $savemsg = gettext("NOTE: you must restart Suricata on this interface to activate unified2 logging for Barnyard2."); } } $pconfig = $natent; } else { // We had errors, so save previous field data to prevent retyping $pconfig = $_POST; } } $if_friendly = convert_friendly_interface_to_friendly_descr($a_nat[$id]['interface']); $pgtitle = gettext("Suricata: Interface {$if_friendly} - Barnyard2 Settings"); include_once "head.inc"; ?> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php include "fbegin.inc"; ?> <form action="suricata_barnyard.php" method="post" name="iform" id="iform"> <?php /* Display Alert message */ if ($input_errors) { print_input_errors($input_errors); }
/* Only relocate the entry if we */ /* found it, and it's not already */ /* at the end. */ if ($i > -1 && $i < count($a_nat) - 1) { $tmp = $a_nat[$i]; unset($a_nat[$i]); $a_nat[] = $tmp; } } /* Now write the new engine array to conf */ write_config("Snort pkg: modified ftp_telnet_client engine settings."); header("Location: /snort/snort_preprocessors.php?id={$id}#ftp_telnet_row_ftp_proto_opts"); exit; } } $if_friendly = convert_friendly_interface_to_friendly_descr($config['installedpackages']['snortglobal']['rule'][$id]['interface']); $pgtitle = gettext("Snort: Interface {$if_friendly} - FTP Preprocessor Client Engine"); include_once "head.inc"; ?> <body link="#0000CC" vlink="#0000CC" alink="#0000CC" > <?php include "fbegin.inc"; if ($input_errors) { print_input_errors($input_errors); } if ($savemsg) { print_info_box($savemsg); } ?>
function build_options() { global $curcat, $custom_databases, $ui_databases; $optionslist = array(); if ($curcat == "custom") { foreach ($custom_databases as $db => $database) { $optionc = explode("-", $database); $friendly = convert_friendly_interface_to_friendly_descr(strtolower($optionc[0])); if (empty($friendly)) { $friendly = $optionc[0]; } $search = array("-", ".rrd", $optionc[0]); $replace = array(" :: ", "", $friendly); $prettyprint = ucwords(str_replace($search, $replace, $database)); $optionslist[$database] = htmlspecialchars($prettyprint); } } foreach ($ui_databases as $db => $database) { if (!preg_match("/({$curcat})/i", $database)) { continue; } if ($curcat == "captiveportal" && !empty($curzone) && !preg_match("/captiveportal-{$curzone}/i", $database)) { continue; } $optionc = explode("-", $database); $search = array("-", ".rrd", $optionc); $replace = array(" :: ", "", $friendly); switch ($curcat) { case "captiveportal": $optionc = str_replace($search, $replace, $optionc[2]); $prettyprint = ucwords(str_replace($search, $replace, $optionc)); $optionslist[$optionc] = htmlspecialchars($prettyprint); break; case "system": $optionc = str_replace($search, $replace, $optionc[1]); $prettyprint = ucwords(str_replace($search, $replace, $optionc)); $optionslist[$optionc] = htmlspecialchars($prettyprint); break; default: /* Deduce an interface if possible and use the description */ $optionc = "{$optionc['0']}"; $friendly = convert_friendly_interface_to_friendly_descr(strtolower($optionc)); if (empty($friendly)) { $friendly = $optionc; } $search = array("-", ".rrd", $optionc); $replace = array(" :: ", "", $friendly); $prettyprint = ucwords(str_replace($search, $replace, $friendly)); $optionslist[$optionc] = htmlspecialchars($prettyprint); } } return $optionslist; }
if (!is_array($config['dhcpd'][$if])) { $config['dhcpd'][$if] = array(); } if (!is_array($config['dhcpd'][$if]['staticmap'])) { $config['dhcpd'][$if]['staticmap'] = array(); } if (!is_array($config['dhcpd'][$if]['pool'])) { $config['dhcpd'][$if]['pool'] = array(); } $a_pools =& $config['dhcpd'][$if]['pool']; $static_arp_enabled = isset($config['dhcpd'][$if]['staticarp']); $netboot_enabled = isset($config['dhcpd'][$if]['netboot']); $a_maps =& $config['dhcpd'][$if]['staticmap']; $ifcfgip = get_interface_ip($if); $ifcfgsn = get_interface_subnet($if); $ifcfgdescr = convert_friendly_interface_to_friendly_descr($if); if (is_numericint($_GET['id'])) { $id = $_GET['id']; } if (isset($_POST['id']) && is_numericint($_POST['id'])) { $id = $_POST['id']; } if (isset($id) && $a_maps[$id]) { $pconfig['mac'] = $a_maps[$id]['mac']; $pconfig['cid'] = $a_maps[$id]['cid']; $pconfig['hostname'] = $a_maps[$id]['hostname']; $pconfig['ipaddr'] = $a_maps[$id]['ipaddr']; $pconfig['filename'] = $a_maps[$id]['filename']; $pconfig['rootpath'] = $a_maps[$id]['rootpath']; $pconfig['descr'] = $a_maps[$id]['descr']; $pconfig['arp_table_static_entry'] = isset($a_maps[$id]['arp_table_static_entry']);
<?php $i = 0; foreach ($a_ppps as $id => $ppp) { ?> <tr> <td> <?php echo htmlspecialchars($ppp['if']); ?> </td> <td> <?php $portlist = explode(",", $ppp['ports']); foreach ($portlist as $portid => $port) { if ($port != get_real_interface($port) && $ppp['type'] != "ppp") { $portlist[$portid] = convert_friendly_interface_to_friendly_descr($port); } } echo htmlspecialchars(implode(",", $portlist)); ?> </td> <td> <?php echo htmlspecialchars($ppp['descr']); ?> </td> <td> <a class="fa fa-pencil" title="<?php echo gettext('Edit PPP interface'); ?> " href="interfaces_ppps_edit.php?id=<?php