function onMeta() { # Run this function during meta-load (debugmode >>ONLY<<) ###### -> Construct should add this module to the onMeta array if (!is_dir(CONS_FMANAGER . "_undodata/")) { safe_mkdir(CONS_FMANAGER . "_undodata/"); } }
function onMeta() { # Run this function during meta-load (debugmode >>ONLY<<) ###### -> Construct should add this module to the onMeta array if (!is_dir(CONS_FMANAGER . CONS_FMANAGER_SAFE)) { safe_mkdir(CONS_FMANAGER . CONS_FMANAGER_SAFE); } if (!isset($this->parent->dimconfig['default_fm_time'])) { $this->parent->dimconfig['default_fm_time'] = 30; } // default expiration date, set 0 to none }
function recursive_copy($source, $destination) { $counter = 0; if (substr($source, strlen($source), 1) != "/") { $source .= "/"; } if (substr($destination, strlen($destination), 1) != "/") { $destination .= "/"; } if (!is_dir($destination)) { makeDirs($destination); } $itens = listFiles($source); foreach ($itens as $id => $name) { if ($name[0] == "/") { $name = substr($name, 1); } if (is_file($source . $name)) { // file if ($name != "Thumbs.db") { $counter++; if (!copy($source . $name, $destination . $name)) { echo "Error: " . $source . $name . " -> " . $destination . $name . "<br/>"; } else { safe_chmod($destination . $name, 0775); } } else { @unlink($source . $name); } } else { if (is_dir($source . $name)) { // dir if (!is_dir($destination . $name)) { safe_mkdir($destination . $name); } $counter += recursive_copy($source . $name, $destination . $name); } } } return $counter; }
function makeDirs($path, $base = "") { if ($base != "" && substr($base, strlen($base) - 1) != "/") { $base .= '/'; } $paths = explode("/", $path); if ($base != "" && !is_dir($base)) { if (!safe_mkdir($base)) { return false; } } while (count($paths) > 0) { $starter = array_shift($paths); if ($starter != "") { $base .= $starter . "/"; if (!is_dir($base)) { if (!safe_mkdir($base)) { return false; } } } } return true; }
$stateorprovince = $stateorprovinceA[1]; $cityname = $citynameA[1]; $orginizationname = $orginizationnameA[1]; $orginizationdepartment = $orginizationdepartmentA[1]; $commonname = $commonnameA[1]; if ($_POST) { /* Grab posted variables and create a new openssl.cnf */ $countrycode = $_POST['countrycode']; $stateorprovince = $_POST['stateorprovince']; $cityname = $_POST['cityname']; $orginizationname = $_POST['orginizationname']; $orginizationdepartment = $_POST['orginizationdepartment']; $commonname = $_POST['commonname']; /* Write out /var/etc/ssl/openssl.cnf */ conf_mount_rw(); safe_mkdir("/usr/local/ssl/"); $fd = fopen("/usr/local/ssl/openssl.cnf", "w"); fwrite($fd, ""); fwrite($fd, "[ req ]\n"); fwrite($fd, "distinguished_name=req_distinguished_name \n"); fwrite($fd, "req_extensions = v3_req \n"); fwrite($fd, "prompt=no\n"); fwrite($fd, "default_bits = 1024\n"); fwrite($fd, "default_keyfile = privkey.pem\n"); fwrite($fd, "distinguished_name = req_distinguished_name\n"); fwrite($fd, "attributes = req_attributes\n"); fwrite($fd, "x509_extensions = v3_ca # The extentions to add to the self signed cert\n"); fwrite($fd, "[ req_distinguished_name ] \n"); fwrite($fd, "C=" . $countrycode . " \n"); fwrite($fd, "ST=" . $stateorprovince . " \n"); fwrite($fd, "L=" . $cityname . " \n");
update_status(gettext("Copying md5 sig to snort directory...")); @copy("{$tmpfname}/{$emergingthreats_filename_md5}", "{$snortdir}/{$emergingthreats_filename_md5}"); } } } /* Untar snort rules file individually to help people with low system specs */ if ($snortdownload == 'on') { if (file_exists("{$tmpfname}/{$snort_filename}")) { if ($pfsense_stable == 'yes') { $freebsd_version_so = 'FreeBSD-7-2'; } else { $freebsd_version_so = 'FreeBSD-8-1'; } update_status(gettext("Extracting Snort.org rules...")); /* extract snort.org rules and add prefix to all snort.org files*/ safe_mkdir("{$snortdir}/tmp/snortrules"); exec("/usr/bin/tar xzf {$tmpfname}/{$snort_filename} -C {$snortdir}/tmp/snortrules rules/"); $files = glob("{$snortdir}/tmp/snortrules/rules/*.rules"); foreach ($files as $file) { $newfile = basename($file); @copy($file, "{$snortdir}/rules/snort_{$newfile}"); } /* IP lists */ $files = glob("{$snortdir}/tmp/snortrules/rules/*.txt"); foreach ($files as $file) { $newfile = basename($file); @copy($file, "{$snortdir}/rules/{$newfile}"); } exec("rm -r {$snortdir}/tmp/snortrules"); /* extract so rules */ exec('/bin/mkdir -p /usr/local/lib/snort/dynamicrules/');
$external_net = "[" . trim($external_net) . "]"; } else { foreach ($home_net_list as $ip) { $external_net .= "!{$ip},"; } $external_net = trim($external_net, ', '); } /* User added custom configuration arguments */ $snort_config_pass_thru = str_replace("\r", "", base64_decode($snortcfg['configpassthru'])); // Remove the trailing newline $snort_config_pass_thru = rtrim($snort_config_pass_thru); /* create a few directories and ensure the sample files are in place */ $snort_dirs = array($snortdir, $snortcfgdir, "{$snortcfgdir}/rules", "{$snortlogdir}/snort_{$if_real}{$snort_uuid}", "{$snortlogdir}/snort_{$if_real}{$snort_uuid}/barnyard2", "{$snortcfgdir}/preproc_rules", "dynamicrules" => "{$snortlibdir}/snort_dynamicrules", "dynamicengine" => "{$snortlibdir}/snort_dynamicengine", "dynamicpreprocessor" => "{$snortcfgdir}/snort_dynamicpreprocessor"); foreach ($snort_dirs as $dir) { if (!is_dir($dir)) { safe_mkdir($dir); } } /********************************************************************/ /* For fail-safe on an initial startup following installation, and */ /* before a rules update has occurred, copy the default config */ /* files to the interface directory. If files already exist in */ /* the interface directory, or they are newer, that means a rule */ /* update has been done and we should leave the customized files */ /* put in place by the rules update process. */ /********************************************************************/ $snort_files = array("gen-msg.map", "classification.config", "reference.config", "attribute_table.dtd", "sid-msg.map", "unicode.map", "file_magic.conf", "threshold.conf", "preproc_rules/preprocessor.rules", "preproc_rules/decoder.rules", "preproc_rules/sensitive-data.rules"); foreach ($snort_files as $file) { if (file_exists("{$snortdir}/{$file}")) { $ftime = filemtime("{$snortdir}/{$file}"); if (!file_exists("{$snortcfgdir}/{$file}") || $ftime > filemtime("{$snortcfgdir}/{$file}")) {
} /********************************************************************** * Start of main code * **********************************************************************/ global $g, $config; $suricata_geoip_dbdir = SURICATA_PBI_BASEDIR . 'share/GeoIP/'; $geoip_tmppath = "{$g['tmp_path']}/geoipup/"; // If auto-updates of GeoIP are disabled, then exit if ($config['installedpackages']['suricata']['config'][0]['autogeoipupdate'] == "off") { exit(0); } else { log_error(gettext("[Suricata] Updating the GeoIP country database files...")); } // Download the free GeoIP Legacy country name databases for IPv4 and IPv6 // to a temporary location. safe_mkdir("{$geoip_tmppath}"); if (download_file("http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz", "{$geoip_tmppath}GeoIP.dat.gz") != true) { log_error(gettext("[Suricata] An error occurred downloading the 'GeoIP.dat.gz' update file for GeoIP.")); } if (download_file("http://geolite.maxmind.com/download/geoip/database/GeoIPv6.dat.gz", "{$geoip_tmppath}GeoIPv6.dat.gz") != true) { log_error(gettext("[Suricata] An error occurred downloading the 'GeoIPv6.dat.gz' update file for GeoIP.")); } // Mount filesystem read-write since we need to write // the extracted databases to PBI_BASE/share/GeoIP. conf_mount_rw(); // If the files downloaded successfully, unpack them and store // the DB files in the PBI_BASE/share/GeoIP directory. if (file_exists("{$geoip_tmppath}GeoIP.dat.gz")) { mwexec("/usr/bin/gunzip -f {$geoip_tmppath}GeoIP.dat.gz"); @rename("{$geoip_tmppath}GeoIP.dat", "{$suricata_geoip_dbdir}GeoIP.dat"); }
function pfblockerng_uc_countries() { global $g, $pfb; $maxmind_cont = "{$pfb['dbdir']}/country_continent.csv"; $maxmind_cc4 = "{$pfb['dbdir']}/GeoIPCountryWhois.csv"; $maxmind_cc6 = "{$pfb['dbdir']}/GeoIPv6.csv"; // Create Folders if not Exist $folder_array = array("{$pfb['dbdir']}", "{$pfb['logdir']}", "{$pfb['ccdir']}"); foreach ($folder_array as $folder) { safe_mkdir("{$folder}", 0755); } $now = date("m/d/y G:i:s", time()); $log = "Country Code Update Start - [ NOW ]\n\n"; print "Country Code Update Start - [ {$now} ]\n\n"; pfb_logger("{$log}", "3"); if (!file_exists($maxmind_cont) || !file_exists($maxmind_cc4) || !file_exists($maxmind_cc6)) { $log = " [ MAXMIND UPDATE FAIL, CSV Missing, using Previous Country Code Database \n"; print $log; pfb_logger("{$log}", "3"); return; } // Save Date/Time Stamp to MaxMind version file $maxmind_ver = "MaxMind GeoLite Date/Time Stamps \n\n"; $remote_tds = @implode(preg_grep("/Last-Modified/", get_headers("http://geolite.maxmind.com/download/geoip/database/GeoIPCountryCSV.zip"))); $maxmind_ver .= "MaxMind_v4 \t" . $remote_tds . "\n"; $local_tds = @gmdate("D, d M Y H:i:s T", filemtime($maxmind_cc4)); $maxmind_ver .= "Local_v4 \tLast-Modified: " . $local_tds . "\n\n"; $remote_tds = @implode(preg_grep("/Last-Modified/", get_headers("http://geolite.maxmind.com/download/geoip/database/GeoIPv6.csv.gz"))); $maxmind_ver .= "MaxMind_v6 \t" . $remote_tds . "\n"; $local_tds = @gmdate("D, d M Y H:i:s T", filemtime($maxmind_cc6)); $maxmind_ver .= "Local_v6 \tLast-Modified: " . $local_tds . "\n"; $maxmind_ver .= "\nThese Timestamps should *match* \n"; @file_put_contents("{$pfb['logdir']}/maxmind_ver", $maxmind_ver); // Collect ISO Codes for Each Continent $log = "Processing Continent Data\n"; print $log; pfb_logger("{$log}", "3"); $cont_array = array(array($AF), array($AS), array($EU), array($NA), array($OC), array($SA), array($AX)); if (($handle = fopen("{$maxmind_cont}", 'r')) !== FALSE) { while (($cc = fgetcsv($handle)) !== FALSE) { $cc_key = $cc[0]; $cont_key = $cc[1]; switch ($cont_key) { case "AF": $cont_array[0]['continent'] = "Africa"; $cont_array[0]['iso'] .= "{$cc_key},"; $cont_array[0]['file4'] = "{$pfb['ccdir']}/Africa_v4.txt"; $cont_array[0]['file6'] = "{$pfb['ccdir']}/Africa_v6.txt"; break; case "AS": $cont_array[1]['continent'] = "Asia"; $cont_array[1]['iso'] .= "{$cc_key},"; $cont_array[1]['file4'] = "{$pfb['ccdir']}/Asia_v4.txt"; $cont_array[1]['file6'] = "{$pfb['ccdir']}/Asia_v6.txt"; break; case "EU": $cont_array[2]['continent'] = "Europe"; $cont_array[2]['iso'] .= "{$cc_key},"; $cont_array[2]['file4'] = "{$pfb['ccdir']}/Europe_v4.txt"; $cont_array[2]['file6'] = "{$pfb['ccdir']}/Europe_v6.txt"; break; case "NA": $cont_array[3]['continent'] = "North America"; $cont_array[3]['iso'] .= "{$cc_key},"; $cont_array[3]['file4'] = "{$pfb['ccdir']}/North_America_v4.txt"; $cont_array[3]['file6'] = "{$pfb['ccdir']}/North_America_v6.txt"; break; case "OC": $cont_array[4]['continent'] = "Oceania"; $cont_array[4]['iso'] .= "{$cc_key},"; $cont_array[4]['file4'] = "{$pfb['ccdir']}/Oceania_v4.txt"; $cont_array[4]['file6'] = "{$pfb['ccdir']}/Oceania_v6.txt"; break; case "SA": $cont_array[5]['continent'] = "South America"; $cont_array[5]['iso'] .= "{$cc_key},"; $cont_array[5]['file4'] = "{$pfb['ccdir']}/South_America_v4.txt"; $cont_array[5]['file6'] = "{$pfb['ccdir']}/South_America_v6.txt"; break; } } } unset($cc); fclose($handle); // Add Maxmind Anonymous Proxy and Satellite Providers to array $cont_array[6]['continent'] = "Proxy and Satellite"; $cont_array[6]['iso'] = "A1,A2"; $cont_array[6]['file4'] = "{$pfb['ccdir']}/Proxy_Satellite_v4.txt"; $cont_array[6]['file6'] = "{$pfb['ccdir']}/Proxy_Satellite_v6.txt"; // Collect Country ISO data and sort to Continent arrays (IPv4 and IPv6) foreach (array("4", "6") as $type) { $log = "Processing ISO IPv{$type} Continent/Country Data\n"; print $log; pfb_logger("{$log}", "3"); if ($type == "4") { $maxmind_cc = "{$pfb['dbdir']}/GeoIPCountryWhois.csv"; } else { $maxmind_cc = "{$pfb['dbdir']}/GeoIPv6.csv"; } $iptype = "ip{$type}"; $filetype = "file{$type}"; if (($handle = fopen("{$maxmind_cc}", 'r')) !== FALSE) { while (($cc = fgetcsv($handle)) !== FALSE) { $cc_key = $cc[4]; $country_key = $cc[5]; $a_cidr = implode(",", ip_range_to_subnet_array_temp($cc[0], $cc[1])); $counter = 0; foreach ($cont_array as $iso) { if (preg_match("/\\b{$cc_key}\\b/", $iso['iso'])) { $cont_array[$counter][$cc_key][$iptype] .= $a_cidr . ","; $cont_array[$counter][$cc_key]['country'] = $country_key; continue; } $counter++; } } } unset($cc); fclose($handle); // Build Continent Files $counter = 0; foreach ($cont_array as $iso) { $header = ""; $pfb_file = ""; $iso_key = ""; $header .= "# Generated from MaxMind Inc. on: " . date("m/d/y G:i:s", time()) . "\n"; $header .= "# Continent IPv{$type}: " . $cont_array[$counter]['continent'] . "\n"; $pfb_file = $cont_array[$counter][$filetype]; $iso_key = array_keys($iso); foreach ($iso_key as $key) { if (preg_match("/[A-Z]{2}|A1|A2/", $key)) { $header .= "# Country: " . $iso[$key]['country'] . "\n"; $header .= "# ISO Code: " . $key . "\n"; $header .= "# Total Networks: " . substr_count($iso[$key][$iptype], ",") . "\n"; $header .= str_replace(",", "\n", $iso[$key][$iptype]); $iso[$key][$iptype] = ""; } } $counter++; @file_put_contents($pfb_file, $header, LOCK_EX); } } }
/* except when in post-install mode. Post-install does its own rebuild. */ if ($g['suricata_postinstall']) { $rebuild_rules = false; } else { $rebuild_rules = true; } /* Create configuration for each active Suricata interface */ foreach ($config['installedpackages']['suricata']['rule'] as $value) { $if_real = get_real_interface($value['interface']); // Make sure the interface subdirectory exists. We need to re-create // it during a pkg reinstall on the intial rules set download. if (!is_dir("{$suricatadir}suricata_{$value['uuid']}_{$if_real}")) { safe_mkdir("{$suricatadir}suricata_{$value['uuid']}_{$if_real}"); } if (!is_dir("{$suricatadir}suricata_{$value['uuid']}_{$if_real}/rules")) { safe_mkdir("{$suricatadir}suricata_{$value['uuid']}_{$if_real}/rules"); } $tmp = "Updating rules configuration for: " . convert_friendly_interface_to_friendly_descr($value['interface']) . " ..."; if ($pkg_interface != "console") { update_status(gettext($tmp)); update_output_window(gettext("Please wait while Suricata interface files are being updated...")); } suricata_apply_customizations($value, $if_real); $tmp = "\t" . $tmp . "\n"; error_log($tmp, 3, SURICATA_RULES_UPD_LOGFILE); } } else { if ($pkg_interface != "console") { update_output_window(gettext("Warning: No interfaces configured for Suricata were found...")); update_output_window(gettext("No interfaces currently have Suricata configured and enabled on them...")); }
function show_recordings() { conf_mount_rw(); safe_mkdir("/etc/phpshellsessions"); if ($recording) { conf_mount_ro(); } echo "==> Sessions available for playback are:\n"; system("cd /etc/phpshellsessions && ls /etc/phpshellsessions"); echo "==> end of list.\n"; }
function loadLangFile($file, $standard = true, $plugin = '') { # loads a templating language file to the template, checks if cache is present # called by /index.php $file .= ".php"; $strippedFile = str_replace("/", "_", $file); if ($standard) { if ($plugin == "") { $file = CONS_PATH_SETTINGS . "locale/" . $file; } else { $file = CONS_PATH_SYSTEM . "plugins/{$plugin}/locale/{$file}"; } } else { $file = CONS_PATH_PAGES . $_SESSION['CODE'] . "/_config/locale/{$file}"; } if (!is_file($file)) { return false; } if (!isset($_REQUEST['nocache'])) { # if nocache is specified, ignore caches ... not the case if ($standard) { if ($plugin != '') { $plugin .= '/'; } if (!is_dir(CONS_PATH_CACHE . "locale/{$plugin}")) { safe_mkdir(CONS_PATH_CACHE . "locale/{$plugin}"); } $cacheFile = CONS_PATH_CACHE . "locale/{$plugin}" . $strippedFile . ".cache"; $cacheMTFile = CONS_PATH_CACHE . "locale/{$plugin}" . $strippedFile . ".cachemd"; } else { if (!is_dir(CONS_PATH_CACHE . $_SESSION['CODE'] . "/meta/locale/")) { safe_mkdir(CONS_PATH_CACHE . $_SESSION['CODE'] . "/meta/locale/"); } $cacheFile = CONS_PATH_CACHE . $_SESSION['CODE'] . "/meta/locale/" . $strippedFile . ".cache"; $cacheMTFile = CONS_PATH_CACHE . $_SESSION['CODE'] . "/meta/locale/" . $strippedFile . ".cachemd"; } if (is_file($cacheFile) && is_file($cacheMTFile)) { $ofMD = filemtime($file); # modify date of ORIGINAL file $cMD = cReadFile($cacheMTFile); # modify date of ORIGINAL file when CACHE file was created if ($cMD == $ofMD) { # valid cache file (it was created from the current original file) $newData = @unserialize(cReadFile($cacheFile)); if (is_array($newData)) { $this->parent->template->lang_replacer = array_merge($this->parent->template->lang_replacer, $newData); return true; } else { $this->parent->errorControl->raise(6, $_SESSION[CONS_SESSION_LANG], $plugin, $standard ? "standard" : "non-standard"); } } else { if ($this->parent->debugmode && CONS_CACHE) { # Warning: if the lang file was replaced, template caches might be invalid # So we must delete ALL TEMPLATE CACHES! $this->parent->cacheControl->dumpTemplateCaches(); } } } } # no cache available or no cache specified $data = (include $file); if ($data === false || !is_array($data)) { $this->parent->errorControl->raise(7, $_SESSION[CONS_SESSION_LANG], $plugin, $standard ? "standard" : "non-standard"); return false; } if (!isset($_REQUEST['nocache'])) { $ofMD = filemtime($file); cWriteFile($cacheMTFile, $ofMD); cWriteFile($cacheFile, serialize($data)); } foreach ($data as $term => $trans) { $this->parent->template->lang_replacer[$term] = $trans; // array_merge has issues } return true; }
} // If auto-updates of ET IQRisk are disabled, then exit if ($config['installedpackages']['suricata']['config'][0]['et_iqrisk_enable'] == "off") { return 0; } else { log_error(gettext("[Suricata] Updating the Emerging Threats IQRisk IP List...")); } // Construct the download URL using the saved ET IQRisk Subscriber Code if (!empty($config['installedpackages']['suricata']['config'][0]['iqrisk_code'])) { $et_iqrisk_url = str_replace("_xxx_", $config['installedpackages']['suricata']['config'][0]['iqrisk_code'], ET_IQRISK_DNLD_URL); } else { log_error(gettext("[Suricata] No IQRisk subscriber code found! Aborting scheduled update of Emerging Threats IQRisk IP List.")); return 0; } // Download the IP List files to a temporary location safe_mkdir("{$iqRisk_tmppath}"); // Test the posted MD5 checksum file against our local copy // to see if an update has been posted for 'categories.txt'. if (suricata_check_iprep_md5("categories.txt")) { log_error(gettext("[Suricata] An updated IPREP 'categories.txt' file is available...downloading new file.")); if (download_file("{$et_iqrisk_url}categories.txt", "{$iqRisk_tmppath}categories.txt") != true) { log_error(gettext("[Suricata] An error occurred downloading the 'categories.txt' file for IQRisk.")); } else { // If the files downloaded successfully, unpack them and store // the list files in the SURICATA_IPREP_PATH directory. if (file_exists("{$iqRisk_tmppath}categories.txt") && file_exists("{$iqRisk_tmppath}categories.txt.md5")) { $new_md5 = trim(file_get_contents("{$iqRisk_tmppath}categories.txt.md5")); if ($new_md5 == md5_file("{$iqRisk_tmppath}categories.txt")) { @rename("{$iqRisk_tmppath}categories.txt", "{$iprep_path}categories.txt"); @rename("{$iqRisk_tmppath}categories.txt.md5", "{$iprep_path}categories.txt.md5"); $success = TRUE;
} } if ($_POST['remove']) { exec("/sbin/pfctl -t {$suri_pf_table} -T flush"); header("Location: /suricata/suricata_blocked.php"); exit; } /* TODO: build a file with block ip and disc */ if ($_POST['download']) { $blocked_ips_array_save = ""; exec("/sbin/pfctl -t {$suri_pf_table} -T show", $blocked_ips_array_save); /* build the list */ if (is_array($blocked_ips_array_save) && count($blocked_ips_array_save) > 0) { $save_date = date("Y-m-d-H-i-s"); $file_name = "suricata_blocked_{$save_date}.tar.gz"; safe_mkdir("{$g['tmp_path']}/suricata_blocked"); file_put_contents("{$g['tmp_path']}/suricata_blocked/suricata_block.pf", ""); foreach ($blocked_ips_array_save as $counter => $fileline) { if (empty($fileline)) { continue; } $fileline = trim($fileline, " \n\t"); file_put_contents("{$g['tmp_path']}/suricata_blocked/suricata_block.pf", "{$fileline}\n", FILE_APPEND); } // Create a tar gzip archive of blocked host IP addresses exec("/usr/bin/tar -czf {$g['tmp_path']}/{$file_name} -C{$g['tmp_path']}/suricata_blocked suricata_block.pf"); // If we successfully created the archive, send it to the browser. if (file_exists("{$g['tmp_path']}/{$file_name}")) { ob_start(); //important or other posts will fail if (isset($_SERVER['HTTPS'])) {
/* fix up the preprocessor rules filenames from a PBI package install */ $preproc_rules = array("decoder.rules", "preprocessor.rules", "sensitive-data.rules"); foreach ($preproc_rules as $file) { if (file_exists("{$snortdir}/preproc_rules/{$file}-sample")) { @rename("{$snortdir}/preproc_rules/{$file}-sample", "{$snortdir}/preproc_rules/{$file}"); } } /* Remove any previously installed scripts since we rebuild them */ unlink_if_exists("{$snortdir}/sid"); unlink_if_exists("{$rcdir}snort.sh"); unlink_if_exists("{$rcdir}barnyard2"); /* Create required log and db directories in /var */ safe_mkdir(SNORTLOGDIR); safe_mkdir(SNORT_IPREP_PATH); safe_mkdir(SNORT_SID_MODS_PATH); safe_mkdir(SNORT_APPID_ODP_PATH); /* If installed, absorb the Snort Dashboard Widget into this package */ /* by removing it as a separately installed package. */ $pkgid = get_pkg_id("Dashboard Widget: Snort"); if ($pkgid >= 0) { log_error(gettext("[Snort] Removing legacy 'Dashboard Widget: Snort' package because the widget is now part of the Snort package.")); unset($config['installedpackages']['package'][$pkgid]); unlink_if_exists("/usr/local/pkg/widget-snort.xml"); } /* Define a default Dashboard Widget Container for Snort */ $snort_widget_container = "snort_alerts-container:col2:close"; /*********************************************************/ /* START OF BUG FIX CODE */ /* */ /* Remove any Snort cron tasks that may have been left */ /* from a previous uninstall due to a bug that saved */
$command = ""; } if ($first_command == "reset") { $playbackbuffer = ""; echo "\nBuffer reset.\n\n"; continue; } if ($first_command == "record") { if (!$command_split[1]) { echo "usage: record playbackname\n"; echo "\tplaybackname will be created in /etc/phpshellsessions.\n"; $command = ""; } else { /* time to record */ conf_mount_rw(); safe_mkdir("/etc/phpshellsessions"); $recording_fn = basename($command_split[1]); $recording_fd = fopen("/etc/phpshellsessions/{$recording_fn}", "w"); if (!$recording_fd) { echo "Could not start recording session.\n"; $command = ""; } else { $recording = true; echo "Recording of {$recording_fn} started.\n"; $command = ""; } } } $playbackbuffer .= $command . "\n"; } function show_recordings()
killbyname("barnyard2"); sleep(2); // Delete any leftover barnyard2 PID files in /var/run unlink_if_exists("{$g['varrun_path']}/barnyard2_*.pid"); } // Set flag for post-install in progress $g['suricata_postinstall'] = true; // Mount file system read/write so we can modify some files conf_mount_rw(); // Remove any previously installed script since we rebuild it @unlink("{$rcdir}suricata.sh"); // Create the top-tier log directory safe_mkdir(SURICATALOGDIR); // Create the IP Rep and SID Mods lists directory safe_mkdir(SID_MODS_PATH); safe_mkdir(IPREP_PATH); // remake saved settings if previously flagged if ($config['installedpackages']['suricata']['config'][0]['forcekeepsettings'] == 'on') { log_error(gettext("[Suricata] Saved settings detected... rebuilding installation with saved settings...")); update_status(gettext("Saved settings detected...")); /****************************************************************/ /* Do test and fix for duplicate UUIDs if this install was */ /* impacted by the DUP (clone) bug that generated a duplicate */ /* UUID for the cloned interface. Also fix any duplicate */ /* entries in ['rulesets'] for "dns-events.rules". */ /****************************************************************/ if (count($config['installedpackages']['suricata']['rule']) > 0) { $uuids = array(); $suriconf =& $config['installedpackages']['suricata']['rule']; foreach ($suriconf as &$suricatacfg) { // Remove any duplicate ruleset names from earlier bug
function d_mkdir($file, $mod = 755) { $file = abs_path($file); setwritable(dirname($file),true); if((!FIX && @safe_mkdir($file,octdec($mod))) || d_ftpcom('mkdir', $file)) { d_ftplist('','flush'); @d_chmod($file,$mod); return true; } return false; }
function loadMetadata() { if (!$this->debugmode) { return parent::loadMetadata(); } $this->errorControl->raise(1000); $this->log = array(); // we don't want the above "log" to cause an abort (yes, this function uses the log size to confirm an error - lame but extremelly effective) $this->allModulesLoaded = true; # initial clean up and check if (!is_dir(CONS_PATH_TEMP)) { safe_mkdir(CONS_PATH_TEMP); } if (!is_dir(CONS_PATH_CACHE)) { safe_mkdir(CONS_PATH_CACHE); } if (!is_dir(CONS_PATH_DINCONFIG)) { safe_mkdir(CONS_PATH_DINCONFIG); } if (!is_dir(CONS_PATH_CACHE . "locale/")) { safe_mkdir(CONS_PATH_CACHE . "locale/"); } if (!is_dir(CONS_PATH_LOGS)) { safe_mkdir(CONS_PATH_LOGS); } if (!is_dir(CONS_PATH_LOGS . $_SESSION['CODE'] . "/")) { safe_mkdir(CONS_PATH_LOGS . $_SESSION['CODE'] . "/"); } if (!is_dir(CONS_PATH_DINCONFIG . $_SESSION['CODE'] . "/")) { safe_mkdir(CONS_PATH_DINCONFIG . $_SESSION['CODE'] . "/"); } if (!is_dir(CONS_PATH_CACHE . $_SESSION['CODE'] . "/")) { safe_mkdir(CONS_PATH_CACHE . $_SESSION['CODE'] . "/"); } if (!is_dir(CONS_PATH_CACHE . $_SESSION['CODE'] . "/meta/")) { safe_mkdir(CONS_PATH_CACHE . $_SESSION['CODE'] . "/meta/"); } if (!is_dir(CONS_PATH_CACHE . $_SESSION['CODE'] . "/meta/locale")) { safe_mkdir(CONS_PATH_CACHE . $_SESSION['CODE'] . "/meta/locale/"); } if (!is_dir(CONS_PATH_PAGES . $_SESSION['CODE'] . "/")) { safe_mkdir(CONS_PATH_PAGES . $_SESSION['CODE'] . "/"); } if (!is_dir(CONS_PATH_PAGES . $_SESSION['CODE'] . "/actions/")) { safe_mkdir(CONS_PATH_PAGES . $_SESSION['CODE'] . "/actions"); } if (!is_dir(CONS_PATH_PAGES . $_SESSION['CODE'] . "/content/")) { safe_mkdir(CONS_PATH_PAGES . $_SESSION['CODE'] . "/content"); } if (!is_dir(CONS_PATH_PAGES . $_SESSION['CODE'] . "/_config/locale/")) { safe_mkdir(CONS_PATH_PAGES . $_SESSION['CODE'] . "/_config/locale"); } if (!is_dir(CONS_PATH_PAGES . $_SESSION['CODE'] . "/files/")) { safe_mkdir(CONS_PATH_PAGES . $_SESSION['CODE'] . "/files"); } if (!is_dir(CONS_PATH_PAGES . $_SESSION['CODE'] . "/template/")) { safe_mkdir(CONS_PATH_PAGES . $_SESSION['CODE'] . "/template"); copy(CONS_PATH_SETTINGS . "defaults/basefile.html", CONS_PATH_PAGES . $_SESSION['CODE'] . "/template/basefile.html"); copy(CONS_PATH_SETTINGS . "defaults/index.html", CONS_PATH_PAGES . $_SESSION['CODE'] . "/template/index.html"); } if (!is_dir(CONS_PATH_PAGES . $_SESSION['CODE'] . "/mail/")) { safe_mkdir(CONS_PATH_PAGES . $_SESSION['CODE'] . "/mail"); } # Dimconfig if (is_file(CONS_PATH_DINCONFIG . $_SESSION['CODE'] . "/din.dat")) { $this->dimconfig = unserialize(cReadFile(CONS_PATH_DINCONFIG . $_SESSION['CODE'] . "/din.dat")); } if ($this->dimconfig === false) { $this->dimconfig = array(); } # Error on load $this->checkConfig(); # clear the meta cache if (!$this->offlineMode) { $files = listFiles(CONS_PATH_CACHE . $_SESSION['CODE'] . "/meta/"); foreach ($files as $file) { if (is_file(CONS_PATH_CACHE . $_SESSION['CODE'] . "/meta/" . $file)) { @unlink(CONS_PATH_CACHE . $_SESSION['CODE'] . "/meta/" . $file); } } if (!$this->checkinstall()) { $this->errorControl->raise(118, array_unshift($this->log)); } if (isset($_REQUEST['nocache'])) { recursive_del(CONS_PATH_CACHE . $_SESSION['CODE'] . "/pages/", true); recursive_del(CONS_PATH_CACHE . $_SESSION['CODE'] . "/", false, 'cache'); } } # If no database, we are done if ($this->dbless) { return count($this->log) == 0; } # Search all necessary model files $parseXMLparams = array(C_XML_RAW => true, C_XML_AUTOPARSE => true, C_XML_REMOVECOMMENTS => true); $xml = new xmlHandler(); $model = is_file(CONS_PATH_SETTINGS . "default.xml") ? cReadFile(CONS_PATH_SETTINGS . "default.xml") . "\n" : ''; foreach ($this->loadedPlugins as $scriptName => $scriptObj) { if (is_file(CONS_PATH_SYSTEM . "plugins/" . $scriptName . "/meta.xml")) { $model .= cReadFile(CONS_PATH_SYSTEM . "plugins/" . $scriptName . "/meta.xml") . "\n"; } } unset($scriptName); unset($scriptObj); if (is_file(CONS_PATH_PAGES . $_SESSION['CODE'] . "/_config/meta.xml")) { $model .= cReadFile(CONS_PATH_PAGES . $_SESSION['CODE'] . "/_config/meta.xml") . "\n"; } $model = $xml->parseXML($model, $parseXMLparams, true); unset($xml); if ($model === false) { $this->errorControl->raise(119); } # browses the XML and loads modules $model =& $model->getbranch(0); $total = $model->total(); $relation = array(); # foreign keys are only created later $lastLoad = ""; for ($c = 0; $c < $total; $c++) { # for each module ... $thisbranch =& $model->getbranch($c); $total_campos = $thisbranch->total(); # creates the module as from XML settings $module = strtolower($thisbranch->data[0]); $param =& $thisbranch->data[1]; $dbname = strtolower(isset($param['dbname']) ? $param['dbname'] : ''); foreach ($this->modules as $name => $otherModule) { if ($otherModule->dbname == $dbname && $dbname != "" && $module != $otherModule->name) { $this->errorControl->raise(120, $otherModule->name, $name, $dbname); } } if ($module == '') { $this->errorControl->raise(107, $dbname, "XML error", "Module after {$lastLoad} is corrupt"); } $this->loadModule($module, $dbname); #MODULE CREATE $lastLoad = $module; # loads standard data from this object --------------------------------------------------------------------- # read parameters for the MODULE foreach ($this->moduleOptions as $mo) { $this->modules[$module]->options[$mo[0]] = $mo[3] != '' ? array() : ''; } if (is_array($param)) { foreach ($param as $pkey => $pcontent) { $pkey = strtolower($pkey); switch ($pkey) { case "key": case "keys": # will use default auto_increment "id" if none specified. If you specify more than one, none will be auto_increment and the system will use auto-numbering $this->modules[$module]->keys = explode(",", $pcontent); break; case "title": $this->modules[$module]->title = strtolower($pcontent); break; case "volatile": # this module can be deleted as a stand-alone volatile item $this->modules[$module]->options[CONS_MODULE_VOLATILE] = strtolower($pcontent) == "true"; break; case "parent": $this->modules[$module]->options[CONS_MODULE_PARENT] = strtolower($pcontent); // field which denotes parenthood break; case "plugins": case "plugin": $this->modules[$module]->plugins = explode(",", strtolower($pcontent)); break; case "order": $this->modules[$module]->order = trim(strtolower($pcontent)); break; case "permissionoverride": if (strlen($pcontent) >= 9) { $this->modules[$module]->permissionOverride = substr(strtolower($pcontent), 0, 9); } break; case "linker": $this->modules[$module]->linker = true; break; case "systemmodule": $this->modules[$module]->options[CONS_MODULE_SYSTEM] = true; break; case "autoclean": $this->modules[$module]->options[CONS_MODULE_AUTOCLEAN] = $pcontent; break; case "meta": $this->modules[$module]->options[CONS_MODULE_META] = $pcontent; break; case "disallowmultiple": if (strtolower($pcontent) == "true") { $this->modules[$module]->options[CONS_MODULE_DISALLOWMULTIPLE] = true; } else { unset($this->modules[$module]->options[CONS_MODULE_DISALLOWMULTIPLE]); } break; case "noundo": if (strtolower($pcontent) == "true") { $this->modules[$module]->options[CONS_MODULE_NOUNDO] = true; } else { unset($this->modules[$module]->options[CONS_MODULE_NOUNDO]); } default: if ($pkey != "name" && $pkey != "dbname") { $isMO = false; foreach ($this->moduleOptions as $mo) { if ($mo[1] == $pkey) { $isMO = true; if ($mo[2]) { $pcontent = strtolower($pcontent); } if ($mo[3] != '') { $pcontent = explode($mo[3], $pcontent); } $this->modules[$module]->options[$mo[0]] = $pcontent; break; } } if (!$isMO) { $this->modules[$module]->options[$pkey] = $pcontent; } } break; } } #foreach unset($pkey); unset($pcontent); } if ($this->modules[$module]->options[CONS_MODULE_PARENT] != '' && strpos($this->modules[$module]->order, $this->modules[$module]->options[CONS_MODULE_PARENT]) === false) { # in tree mode, the field that defines parenthood must be in the order clause, the first if possible $this->modules[$module]->order = $this->modules[$module]->options[CONS_MODULE_PARENT] . "+" . ($this->modules[$module]->order != '' ? "," . $this->modules[$module]->order : ''); } # -- ok on reading parameters $campos = array(); $mandatory = 0; # browse FIELDS --------------------------------------------------------------------------------- for ($campo = 0; $campo < $total_campos; $campo++) { $thiscampo =& $thisbranch->getbranch($campo); ## processParameters ######################################### $campos = $this->processParameters($thiscampo, $campos, $module); ############################################################## $nomecampo = strtolower($thiscampo->data[0]); if ($campos[$nomecampo][CONS_XML_TIPO] == CONS_TIPO_LINK) { array_push($relation, array($module, $nomecampo, $campos[$nomecampo][CONS_XML_MODULE])); // if this is a non-mandatory link to myself, called "id_parent", and I don't have parent ... well .. obviously this is it if ($campos[$nomecampo][CONS_XML_MODULE] == $module && !isset($campos[$nomecampo][CONS_XML_MANDATORY]) && $nomecampo == "id_parent" && $this->modules[$module]->options[CONS_MODULE_PARENT] == '') { $this->modules[$module]->options[CONS_MODULE_PARENT] = $nomecampo; } } else { if ($campos[$nomecampo][CONS_XML_TIPO] == CONS_TIPO_SERIALIZED) { // browse fields looking for links foreach ($campos[$nomecampo][CONS_XML_SERIALIZEDMODEL] as $exname => &$exfield) { if ($exfield[CONS_XML_TIPO] == CONS_TIPO_LINK) { array_push($relation, array($module, $nomecampo . ":" . $exname, $exfield[CONS_XML_MODULE])); } } } } # checks if this field can be NULL or NOT depending on options and mandatory setting if (isset($campos[$nomecampo][CONS_XML_SQL]) && $campos[$nomecampo][CONS_XML_SQL] != "") { # relation will not be set if (isset($campos[$nomecampo][CONS_XML_MANDATORY]) || $campos[$nomecampo][CONS_XML_TIPO] == CONS_TIPO_OPTIONS || isset($campos[$nomecampo][CONS_XML_DEFAULT])) { $campos[$nomecampo][CONS_XML_SQL] .= " NOT NULL"; $mandatory++; } else { $campos[$nomecampo][CONS_XML_SQL] .= " NULL"; } if (isset($campos[$nomecampo][CONS_XML_DEFAULT])) { $campos[$nomecampo][CONS_XML_SQL] .= " DEFAULT '" . $campos[$nomecampo][CONS_XML_DEFAULT] . "'"; } } } # this module has a database (it's possible to have modules without a database) if ($this->modules[$module]->dbname != "") { # checks standard key "id" if no key specified if (in_array("id", $this->modules[$module]->keys) && !isset($this->modules[$module]->fields['id']) && !isset($campos['id'])) { if ($this->modules[$module]->linker) { $this->modules[$module]->keys = array(); $keys = 0; foreach ($campos as $fieldname => $fieldobj) { if (isset($fieldobj[CONS_XML_MODULE])) { $keys++; $this->modules[$module]->keys[] = $fieldname; if ($keys == 2) { break; } } } unset($fieldname); unset($fieldobj); } else { $campos['id'][CONS_XML_SQL] = "INT (11) UNSIGNED NOT NULL" . (count($this->modules[$module]->keys) <= 1 ? " AUTO_INCREMENT" : ""); $campos['id'][CONS_XML_TIPO] = CONS_TIPO_INT; if (count($this->modules[$module]->keys) > 1) { $campos['id'][CONS_XML_RESTRICT] = 99; } } } # -- keys (this is done to prevent repeated keys) $chave = $this->modules[$module]->keys; $this->modules[$module]->keys = array(); foreach ($chave as $x => $di) { if (!in_array($di, $this->modules[$module]->keys) && $di != "") { array_push($this->modules[$module]->keys, $di); } } unset($x); unset($di); # if this is a re-definition, will TOTALLY overright the fields (you can redefine fields from the default.xml on the meta.xml) $this->modules[$module]->fields = array_merge($this->modules[$module]->fields, $campos); # -- makes sure all keys are mandatory and present foreach ($this->modules[$module]->keys as $x => $chave) { if (!isset($this->modules[$module]->fields[$chave])) { array_push($this->log, "Key not defined, considering INT 11, please fix the XML: {$module}.{$chave}"); $this->modules[$module]->fields[$chave] = array("CONS_XML_SQL" => "INT (11) UNSIGNED NOT NULL", "CONS_XML_TIPO" => CONS_TIPO_INT); } $this->modules[$module]->fields[$chave][CONS_XML_MANDATORY] = true; // vc keys without case specified, force ucase if ($this->modules[$module]->fields[$chave][CONS_XML_TIPO] == CONS_TIPO_VC && !isset($this->modules[$module]->fields[$chave][CONS_XML_SPECIAL])) { $this->modules[$module]->fields[$chave][CONS_XML_SPECIAL] = "ucase"; } } unset($x); unset($chave); } } # -- foreach module $total_relacoes = count($relation); # check our relationship counts and build proper fields or support tables ------------- for ($c = 0; $c < $total_relacoes; $c++) { $rel = $relation[$c]; # relation: MODULE => FIELD => MODULE or MODULE => SFIELD:FIELD => MODULE for serialized fields if (!isset($this->modules[$rel[0]]) || !isset($this->modules[$rel[2]])) { array_push($this->log, "Error (pass 1) trying to build foreign keys from '" . $rel[0] . "' to '" . $rel[2] . "' at " . $rel[1] . ": one of the modules do not exist, ignoring relation"); } else { $sfield = ""; if (strpos($rel[1], ":") !== false) { #serialized field $field = explode(":", $field); $sfield = $field[0]; $field = $field[1]; } else { $field = $rel[1]; } if (substr($field, 0, 3) != "id_") { array_push($this->log, "All relations to another modules MUST start with id_ on " . $rel[0] . "' to '" . $rel[2] . "' at " . $rel[1] . ": should be id_" . $field . " ?"); } if ($sfield == '') { $this->modules[$rel[2]]->volatile = false; } # keeps volatile if linked from serialized (a.k.a. serialized links are not safe, because they are meant to be dinamic) foreach ($this->modules[$rel[2]]->keys as $x => $chave) { # will create required keys for foreign table, except any one in common with this table if ($chave == "id" || !isset($this->modules[$rel[0]]->fields[$chave])) { # only standard id exists (always link it), or it's not a standard key ... still have to test if it's not a key to this table # basically, this will create the second+ keys on multikey relations if (!($this->modules[$rel[2]]->fields[$chave][CONS_XML_TIPO] == CONS_TIPO_LINK && $this->modules[$rel[2]]->fields[$chave][CONS_XML_MODULE] == $rel[0])) { # ok not a key to this table (the FOREING key is not this table, pay attention! this will still be true for id_parent) if ($sfield == "") { # normal if ($chave == "id") { # uses the name that came in the XML model if (!isset($this->modules[$rel[0]]->fields[$field])) { $this->modules[$rel[0]]->fields[$field] = array(); } $this->modules[$rel[0]]->fields[$field][CONS_XML_SQL] = str_replace("AUTO_INCREMENT", "", $this->modules[$rel[2]]->fields[$chave][CONS_XML_SQL]); $this->modules[$rel[0]]->fields[$field][CONS_XML_TIPO] = CONS_TIPO_LINK; $this->modules[$rel[0]]->fields[$field][CONS_XML_LINKTYPE] = $this->modules[$rel[2]]->fields[$chave][CONS_XML_TIPO] != CONS_TIPO_LINK ? $this->modules[$rel[2]]->fields[$chave][CONS_XML_TIPO] : CONS_TIPO_INT; $this->modules[$rel[0]]->fields[$field][CONS_XML_MODULE] = $rel[2]; # the creation system might have added this already, that's why testing before resetting the array if (isset($this->modules[$rel[0]]->fields[$field][CONS_XML_JOIN]) && $this->modules[$rel[0]]->fields[$field][CONS_XML_JOIN] == "inner" || isset($this->modules[$rel[0]]->fields[$field][CONS_XML_MANDATORY])) { // is set join to INNER or is explicitly mandatory, make sure both are set $this->modules[$rel[0]]->fields[$field][CONS_XML_MANDATORY] = true; if ($x == 0) { $this->modules[$rel[0]]->fields[$field][CONS_XML_JOIN] = "inner"; } } else { // no join mode set (defaults to left), set to left, and no explicit mandatory tag if ($x == 0) { $this->modules[$rel[0]]->fields[$field][CONS_XML_JOIN] = "left"; } $this->modules[$rel[0]]->fields[$field][CONS_XML_SQL] = str_replace("NOT NULL", "NULL", $this->modules[$rel[0]]->fields[$field][CONS_XML_SQL]); } } else { if ($x == 0) { $nome = $field; # first key keeps the original name $this->modules[$rel[0]]->fields[$field][CONS_XML_LINKTYPE] = $this->modules[$rel[2]]->fields[$chave][CONS_XML_TIPO] != CONS_TIPO_LINK ? $this->modules[$rel[2]]->fields[$chave][CONS_XML_TIPO] : CONS_TIPO_INT; } else { $nome = $field . "_" . str_replace("id_", "", $chave); } # creates a composition with the model name and the foreign name $this->modules[$rel[0]]->fields[$nome][CONS_XML_SQL] = str_replace("AUTO_INCREMENT", "", $this->modules[$rel[2]]->fields[$chave][CONS_XML_SQL]); $this->modules[$rel[0]]->fields[$nome][CONS_XML_TIPO] = $x == 0 ? CONS_TIPO_LINK : $this->modules[$rel[2]]->fields[$chave][CONS_XML_TIPO]; $this->modules[$rel[0]]->fields[$nome][CONS_XML_MODULE] = isset($this->modules[$rel[2]]->fields[$chave][CONS_XML_MODULE]) ? $this->modules[$rel[2]]->fields[$chave][CONS_XML_MODULE] : $rel[2]; if (isset($this->modules[$rel[0]]->fields[$field][CONS_XML_JOIN]) && $this->modules[$rel[0]]->fields[$field][CONS_XML_JOIN] == "inner" || isset($this->modules[$rel[0]]->fields[$nome][CONS_XML_MANDATORY])) { $this->modules[$rel[0]]->fields[$nome][CONS_XML_MANDATORY] = true; if ($x == 0) { $this->modules[$rel[0]]->fields[$nome][CONS_XML_JOIN] = "inner"; } } else { if ($x == 0) { $this->modules[$rel[0]]->fields[$nome][CONS_XML_JOIN] = "left"; } unset($this->modules[$rel[0]]->fields[$nome][CONS_XML_MANDATORY]); $this->modules[$rel[0]]->fields[$nome][CONS_XML_SQL] = str_replace("NOT NULL", "NULL", $this->modules[$rel[0]]->fields[$nome][CONS_XML_SQL]); } } } else { # serialized if ($chave == "id") { # uses the name that came in the XML model if (!isset($this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$field])) { $this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$field] = array(); } $this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$field][CONS_XML_SQL] = str_replace("AUTO_INCREMENT", "", $this->modules[$rel[2]]->fields[$chave][CONS_XML_SQL]); $this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$field][CONS_XML_TIPO] = CONS_TIPO_LINK; $this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$field][CONS_XML_LINKTYPE] = $this->modules[$rel[2]]->fields[$chave][CONS_XML_TIPO] != CONS_TIPO_LINK ? $this->modules[$rel[2]]->fields[$chave][CONS_XML_TIPO] : CONS_TIPO_INT; $this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$field][CONS_XML_MODULE] = $rel[2]; # serialized links cannot be "inner" $this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$field][CONS_XML_JOIN] = "left"; if (isset($this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$field][CONS_XML_MANDATORY])) { $this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$field][CONS_XML_MANDATORY] = true; } else { $this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$field][CONS_XML_SQL] = str_replace("NOT NULL", "NULL", $this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$field][CONS_XML_SQL]); } } else { if ($x == 0) { $nome = $field; # first key keeps the original name $this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$field][CONS_XML_LINKTYPE] = $this->modules[$rel[2]]->fields[$chave][CONS_XML_TIPO] != CONS_TIPO_LINK ? $this->modules[$rel[2]]->fields[$chave][CONS_XML_TIPO] : CONS_TIPO_INT; } else { $nome = $field . "_" . str_replace("id_", "", $chave); } # creates a composition with the model name and the foreign name $this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$nome][CONS_XML_SQL] = str_replace("AUTO_INCREMENT", "", $this->modules[$rel[2]]->fields[$chave][CONS_XML_SQL]); $this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$nome][CONS_XML_TIPO] = $x == 0 ? CONS_TIPO_LINK : $this->modules[$rel[2]]->fields[$chave][CONS_XML_TIPO]; $this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$nome][CONS_XML_MODULE] = isset($this->modules[$rel[2]]->fields[$chave][CONS_XML_MODULE]) ? $this->modules[$rel[2]]->fields[$chave][CONS_XML_MODULE] : $rel[2]; # serialized links cannot be "inner" $this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$nome][CONS_XML_JOIN] = "left"; if (isset($this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$nome][CONS_XML_MANDATORY])) { $this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$nome][CONS_XML_MANDATORY] = true; } else { $this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$nome][CONS_XML_SQL] = str_replace("NOT NULL", "NULL", $this->modules[$rel[0]]->fields[$sfield][CONS_XML_SERIALIZEDMODEL][$nome][CONS_XML_SQL]); } } } # sfield? } } # secondary (multikey)? } # foreach unset($x); unset($chave); if (!isset($this->modules[$rel[0]]->fields[$field][CONS_XML_SQL])) { array_push($this->log, "Error (pass 2) trying to build foreing keys from " . $rel[0] . " to " . $rel[2] . " at " . $field . ": ignoring relation"); } } } # foreach for relations // now some automatic settings since all modules are loaded, and consistency check on build, partOf, etc --------------------- $cacheLinkNum = array(); // module => modules which link to this foreach ($this->modules as $mname => &$module) { $links = 0; $fieldsRequiredToLinks = 0; foreach ($module->fields as $name => $field) { // check for linker modules if ($field[CONS_XML_TIPO] == CONS_TIPO_LINK && $field[CONS_XML_MODULE] != $mname) { // links to OTHER link not myself $links++; # do not count PARENTS as links $fieldsRequiredToLinks += count($this->modules[$field[CONS_XML_MODULE]]->keys); # a module can have more than one key, thus to know if this module is a linker module, we need to check if ALL THIS HAVE are the keys for 2 modules // vc links that have no case specified, force to upper if ($field[CONS_XML_TIPO] == CONS_TIPO_LINK && $field[CONS_XML_LINKTYPE] == CONS_TIPO_VC && !isset($field[CONS_XML_SPECIAL])) { $this->modules[$mname]->fields[$name][CONS_XML_SPECIAL] = "ucase"; } } if (isset($field[CONS_XML_FILTEREDBY])) { foreach ($field[CONS_XML_FILTEREDBY] as $fbname) { if (!isset($module->fields[$fbname])) { $this->log[] = "Error on filteredby for {$mname}.{$name}: {$fbname} does not exist"; } else { if (!isset($this->modules[$module->fields[$fbname][CONS_XML_MODULE]])) { $this->log[] = "Error on filteredby for {$mname}.{$name}: module defined in {$fbname} does not exist"; } } } } } if ($links == 2 && count($module->fields) == $fieldsRequiredToLinks || $this->modules[$mname]->linker) { # this is a linker module! $this->modules[$mname]->linker = true; } if ($this->modules[$mname]->title == "" && !$this->modules[$mname]->options[CONS_MODULE_SYSTEM] && !$this->modules[$mname]->linker) { $this->modules[$mname]->title = $this->modules[$mname]->keys[0]; // first key } } # here we finished the automatic settings # load plugins that are defined by METADATA foreach ($this->modules as $name => &$module) { foreach ($module->plugins as $sname) { if (!isset($this->loadedPlugins[$sname])) { $this->addPlugin($sname, $name); } else { $this->loadedPlugins[$sname]->moduleRelation = $name; } } } foreach ($this->loadedPlugins as $sname => $obj) { if ($obj->name == '' || $obj->name != $sname) { $this->errorControl->raise(9, $obj->name, $sname); } } # DIE FREAKING THUMBS.DB, DIE! function dieFreakingThumbs($folder) { if ($folder[strlen($folder) - 1] != '/') { $folder .= "/"; } foreach (glob($folder . "*") as $file) { if (is_dir($file)) { dieFreakingThumbs($file); } else { $arf = explode(".", $file); if (array_pop($arf) == 'db') { @unlink($file); } } } } dieFreakingThumbs(CONS_PATH_PAGES . $_SESSION['CODE'] . "/"); $customxml = is_file(CONS_PATH_PAGES . $_SESSION["CODE"] . "/_config/custom.xml") ? cReadFile(CONS_PATH_PAGES . $_SESSION["CODE"] . "/_config/custom.xml") : ''; # All plugins are loaded, check their manifest and customs foreach ($this->loadedPlugins as $sname => $plugin) { if (is_file(CONS_PATH_SYSTEM . "plugins/{$sname}/payloadmanifest.php")) { $copyFiles = (include CONS_PATH_SYSTEM . "plugins/{$sname}/payloadmanifest.php"); foreach ($copyFiles as $from => $to) { if ($from[strlen($from) - 1] == "/" && is_dir($from) && (!is_dir($to) || !CONS_ONSERVER && isset($_REQUEST['nocache']))) { // FOLDER if (!function_exists('recursive_copy')) { include_once CONS_PATH_INCLUDE . "recursive_copy.php"; } recursive_copy($from, $to); } else { if (is_file($from) && (!is_file($to) || !CONS_ONSERVER && isset($_REQUEST['nocache']))) { // FILE $path = explode("/", $to); array_pop($path); // bye file $path = implode("/", $path); makeDirs($path); copy($from, $to); } } } } if (is_file(CONS_PATH_SYSTEM . "plugins/{$sname}/custom.xml")) { $customxml .= cReadFile(CONS_PATH_SYSTEM . "plugins/{$sname}/custom.xml"); } } # Read custom metadata for dimconfig if ($customxml != '') { $parseXMLparams = array(C_XML_RAW => true, C_XML_AUTOPARSE => true, C_XML_REMOVECOMMENTS => true); $xml = new xmlHandler(); $customxml = $xml->parseXML($customxml, $parseXMLparams, true); if ($customxml === false) { $this->errorControl->raise(180); } unset($xml); $customxml =& $customxml->getbranch(0); $total = $customxml->total(); $dimconfigMD = array(); // MetaData ------------------------------------- for ($c = 0; $c < $total; $c++) { # for each module ... $thisbranch =& $customxml->getbranch($c); $configname = strtolower($thisbranch->data[0]); if (!isset($this->dimconfig[$configname])) { $this->dimconfig[$configname] = ''; } $dimconfigMD = $this->processParameters($thisbranch, $dimconfigMD, ''); } foreach ($dimconfigMD as $name => $field) { if ($field[CONS_XML_TIPO] == CONS_TIPO_UPLOAD && (!isset($field['location']) || $field['location'][0] == '/')) { $this->errorControl->raise(181, $name, 'dimconfig'); } if ($field[CONS_XML_TIPO] != CONS_TIPO_ENUM) { unset($dimconfigMD[$name][CONS_XML_SQL]); } } cWriteFile(CONS_PATH_CACHE . $_SESSION['CODE'] . "/meta/_dimconfig.dat", serialize($dimconfigMD)); // this defines the type of each item on dimconfig } # Apply and raise metadata $this->applyMetaData(); # no log = no error return $sucess = count($this->log) == 0; }
$stateorprovince = $stateorprovinceA[1]; $cityname = $citynameA[1]; $orginizationname = $orginizationnameA[1]; $orginizationdepartment = $orginizationdepartmentA[1]; $commonname = $commonnameA[1]; if ($_POST) { /* Grab posted variables and create a new openssl.cnf */ $countrycode = $_POST['countrycode']; $stateorprovince = $_POST['stateorprovince']; $cityname = $_POST['cityname']; $orginizationname = $_POST['orginizationname']; $orginizationdepartment = $_POST['orginizationdepartment']; $commonname = $_POST['commonname']; /* Write out /usr/local/ssl/openssl.cnf */ conf_mount_rw(); safe_mkdir("/var/etc/ssl/"); $fd = fopen("/usr/local/ssl/openssl.cnf", "w"); fwrite($fd, ""); fwrite($fd, "[ req ]\n"); fwrite($fd, "distinguished_name=req_distinguished_name \n"); fwrite($fd, "req_extensions = v3_req \n"); fwrite($fd, "prompt=no\n"); fwrite($fd, "default_bits = 1024\n"); fwrite($fd, "default_keyfile = privkey.pem\n"); fwrite($fd, "distinguished_name = req_distinguished_name\n"); fwrite($fd, "attributes = req_attributes\n"); fwrite($fd, "x509_extensions = v3_ca # The extentions to add to the self signed cert\n"); fwrite($fd, "[ req_distinguished_name ] \n"); fwrite($fd, "C=" . $countrycode . " \n"); fwrite($fd, "ST=" . $stateorprovince . " \n"); fwrite($fd, "L=" . $cityname . " \n");
update_output_window(gettext("Please wait while Snort interface files are updated...")); } // Make sure the interface subdirectory and required sub-directories exists. // We need to re-create them during a pkg reinstall for the intial rules set // download and configuration done as part of restoring saved settings. if (!is_dir("{$snortdir}/snort_{$value['uuid']}_{$if_real}")) { safe_mkdir("{$snortdir}/snort_{$value['uuid']}_{$if_real}"); } if (!is_dir("{$snortdir}/snort_{$value['uuid']}_{$if_real}/rules")) { safe_mkdir("{$snortdir}/snort_{$value['uuid']}_{$if_real}/rules"); } if (!is_dir("{$snortdir}/snort_{$value['uuid']}_{$if_real}/preproc_rules")) { safe_mkdir("{$snortdir}/snort_{$value['uuid']}_{$if_real}/preproc_rules"); } if (!is_dir("{$snortdir}/snort_{$value['uuid']}_{$if_real}/snort_dynamicpreprocessor")) { safe_mkdir("{$snortdir}/snort_{$value['uuid']}_{$if_real}/snort_dynamicpreprocessor"); } snort_apply_customizations($value, $if_real); /* Log a message in Update Log if protecting customized preprocessor rules. */ $tmp = "\t" . $tmp . "\n"; if ($value['protect_preproc_rules'] == 'on') { $tmp .= gettext("\tPreprocessor text rules flagged as protected and not updated for "); $tmp .= convert_friendly_interface_to_friendly_descr($value['interface']) . "...\n"; } error_log($tmp, 3, SNORT_RULES_UPD_LOGFILE); } } else { if ($pkg_interface != "console") { update_output_window(gettext("Warning: No interfaces configured for Snort were found...")); update_output_window(gettext("No interfaces currently have Snort configured and enabled on them...")); }
if (isset($_REQUEST['haveinfo'])) { if (isset($_REQUEST['makedir'])) { $core->storage['dir'] = '/'; $theDir = trim($_REQUEST['makedir']); if ($theDir != "" && $theDir[strlen($theDir) - 1] == "/") { $theDir = substr($theDir, 0, -1); } $theDir = explode("/", $theDir); $coreDir = removeSimbols(array_pop($theDir), false, true); $theDir = implode("/", $theDir); // parent if (is_dir(CONS_FMANAGER . $theDir)) { $core->storage['dir'] = $theDir; $theDir .= "/" . $coreDir; if ($this->canEdit($theDir)) { if (safe_mkdir(CONS_FMANAGER . $theDir)) { $core->log[] = "Folder " . $theDir . " created"; $core->errorControl->raise(506, "Created {$theDir}", "fmanager"); $core->storage['error'] = $core->langOut("create_folder_ok"); $core->storage['dir'] = $theDir; } else { $core->logaction(CONS_ACTION_INCLUDE, $fm, false, false); $core->storage['error'] = $core->langOut("create_folder_error"); } } else { $core->storage['error'] = $core->langOut("create_folder_pd"); } } else { $core->storage['error'] = $core->langOut("create_folder_error_pnf"); } } else {
function pfblockerng_uc_countries() { global $g, $pfb; $maxmind_cont = "{$pfb['geoipshare']}/country_continent.csv"; $maxmind_cc4 = "{$pfb['geoipshare']}/GeoIPCountryWhois.csv"; $maxmind_cc6 = "{$pfb['geoipshare']}/GeoIPv6.csv"; // Create folders if not exist $folder_array = array("{$pfb['dbdir']}", "{$pfb['logdir']}", "{$pfb['ccdir']}"); foreach ($folder_array as $folder) { safe_mkdir("{$folder}", 0755); } $now = date('m/d/y G:i:s', time()); $log = "Country code update Start [ NOW ]\n"; if (!$g['pfblockerng_install']) { print "Country code update Start [ {$now} ]\n"; } pfb_logger("{$log}", 3); if (!file_exists($maxmind_cont) || !file_exists($maxmind_cc4) || !file_exists($maxmind_cc6)) { $log = " [ MAXMIND UPDATE FAIL, CSV missing, using previous Country code database \n"; if (!$g['pfblockerng_install']) { print $log; } pfb_logger("{$log}", 3); return; } // Save Date/Time stamp to MaxMind version file $local_tds4 = @gmdate('D, d M Y H:i:s T', @filemtime($maxmind_cc4)); $local_tds6 = @gmdate('D, d M Y H:i:s T', @filemtime($maxmind_cc6)); $maxmind_ver = "MaxMind GeoLite Date/Time Stamps\n"; $maxmind_ver .= "Local_v4 \tLast-Modified: {$local_tds4}\n"; $maxmind_ver .= "Local_v6 \tLast-Modified: {$local_tds6}\n"; @file_put_contents("{$pfb['logdir']}/maxmind_ver", $maxmind_ver, LOCK_EX); // Collect ISO codes for each Continent $log = " Processing Continent Data\n"; if (!$g['pfblockerng_install']) { print $log; } pfb_logger("{$log}", 3); $cont_array = array(); if (($handle = fopen("{$maxmind_cont}", 'r')) !== FALSE) { while (($cc = fgetcsv($handle)) !== FALSE) { $cc_key = $cc[0]; $cont_key = $cc[1]; switch ($cont_key) { case 'AF': $cont_array[0]['continent'] = 'Africa'; $cont_array[0]['iso'] .= "{$cc_key},"; $cont_array[0]['file4'] = "{$pfb['ccdir']}/Africa_v4.txt"; $cont_array[0]['file6'] = "{$pfb['ccdir']}/Africa_v6.txt"; break; case 'AS': $cont_array[1]['continent'] = 'Asia'; $cont_array[1]['iso'] .= "{$cc_key},"; $cont_array[1]['file4'] = "{$pfb['ccdir']}/Asia_v4.txt"; $cont_array[1]['file6'] = "{$pfb['ccdir']}/Asia_v6.txt"; break; case 'EU': $cont_array[2]['continent'] = 'Europe'; $cont_array[2]['iso'] .= "{$cc_key},"; $cont_array[2]['file4'] = "{$pfb['ccdir']}/Europe_v4.txt"; $cont_array[2]['file6'] = "{$pfb['ccdir']}/Europe_v6.txt"; break; case 'NA': $cont_array[3]['continent'] = 'North America'; $cont_array[3]['iso'] .= "{$cc_key},"; $cont_array[3]['file4'] = "{$pfb['ccdir']}/North_America_v4.txt"; $cont_array[3]['file6'] = "{$pfb['ccdir']}/North_America_v6.txt"; break; case 'OC': $cont_array[4]['continent'] = 'Oceania'; $cont_array[4]['iso'] .= "{$cc_key},"; $cont_array[4]['file4'] = "{$pfb['ccdir']}/Oceania_v4.txt"; $cont_array[4]['file6'] = "{$pfb['ccdir']}/Oceania_v6.txt"; break; case 'SA': $cont_array[5]['continent'] = 'South America'; $cont_array[5]['iso'] .= "{$cc_key},"; $cont_array[5]['file4'] = "{$pfb['ccdir']}/South_America_v4.txt"; $cont_array[5]['file6'] = "{$pfb['ccdir']}/South_America_v6.txt"; break; } } } unset($cc); fclose($handle); // Add Maxmind Anonymous Proxy and Satellite Providers to array $cont_array[6]['continent'] = 'Proxy and Satellite'; $cont_array[6]['iso'] = 'A1,A2'; $cont_array[6]['file4'] = "{$pfb['ccdir']}/Proxy_Satellite_v4.txt"; $cont_array[6]['file6'] = "{$pfb['ccdir']}/Proxy_Satellite_v6.txt"; sort($cont_array); // Collect Country ISO data and sort to Continent arrays (IPv4 and IPv6) foreach (array('4', '6') as $type) { $log = " Processing ISO IPv{$type} Continent/Country Data\n"; if (!$g['pfblockerng_install']) { print $log; } pfb_logger("{$log}", 3); if ($type == '4') { $maxmind_cc = "{$pfb['geoipshare']}/GeoIPCountryWhois.csv"; } else { $maxmind_cc = "{$pfb['geoipshare']}/GeoIPv6.csv"; } $iptype = "ip{$type}"; $filetype = "file{$type}"; if (($handle = fopen("{$maxmind_cc}", 'r')) !== FALSE) { while (($cc = fgetcsv($handle)) !== FALSE) { $cc_key = $cc[4]; $country_key = $cc[5]; $a_cidr = implode(',', ip_range_to_subnet_array_temp($cc[0], $cc[1])); foreach ($cont_array as $key => $iso) { if (strpos($iso['iso'], $cc_key) !== FALSE) { $cont_array[$key][$cc_key][$iptype] .= "{$a_cidr},"; $cont_array[$key][$cc_key]['country'] = $country_key; continue; } } } } unset($cc); fclose($handle); // Build Continent files foreach ($cont_array as $key => $iso) { $header = $pfb_file = $iso_key = ''; $header .= '# Generated from MaxMind Inc. on: ' . date('m/d/y G:i:s', time()) . "\n"; $header .= "# Continent IPv{$type}: {$cont_array[$key]['continent']}\n"; $pfb_file = $cont_array[$key][$filetype]; $iso_key = array_keys($iso); foreach ($iso_key as $ikey) { if (strlen($ikey) == 2) { $header .= "# Country: {$iso[$ikey]['country']}\n"; $header .= "# ISO Code: {$ikey}\n"; $header .= '# Total Networks: ' . substr_count($iso[$ikey][$iptype], ',') . "\n"; $header .= str_replace(',', "\n", $iso[$ikey][$iptype]); $iso[$ikey][$iptype] = ''; } } @file_put_contents($pfb_file, $header, LOCK_EX); } } }
function raise($errCode, $parameter = "", $module = "", $extended = "") { if (!CONS_ONSERVER && $errCode == 1000) { return; } # this will happen every single hit on development mode if ($this->errorCount == CONS_MAX_ERRORS) { $errCode = 178; } // abort (gracefully) if ($this->errorCount > CONS_MAX_ERRORS) { die("178 too many errors, error during error report found"); } #-- quickly set the fatal error flag if (!isset($this->ERRORS[$errCode])) { $parameter = $errCode; $errCode = 603; } if (!is_dir(CONS_PATH_LOGS)) { safe_mkdir(CONS_PATH_LOGS); } if (($this->ERRORS[$errCode] == CONS_ERROR_FATAL_MAIL || $this->ERRORS[$errCode] == CONS_ERROR_NOTIFYMAIL) && !CONS_ONSERVER) { if (isMail(CONS_MASTERMAIL)) { @mail(CONS_MASTERMAIL, "Fatal error at " . (isset($_SESSION['CODE']) ? $_SESSION['CODE'] : "Unknown domain") . " err {$errCode}", "Data: {$parameter}\nModule:{$module}", CONS_MASTERMAIL); } } #-- 404 errors ... if ($errCode == 103 || $errCode == 114 || $errCode == 166 || $errCode == 171) { $fd = fopen(CONS_PATH_LOGS . $_SESSION['CODE'] . "/404.log", "a"); if ($fd) { fwrite($fd, date("Y-m-d H:i:s") . " e{$errCode} " . $this->parent->context_str . $this->parent->action . " (" . $this->parent->original_action . ") referer=" . (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : "-") . "\n"); fclose($fd); return; } else { $errCode = 179; $parameter = $this->parent->context_str . $this->parent->action; } } #-- ok normal errors ... if (is_object($module)) { $module = $module->name; } $showToUser = CONS_DEVELOPER || $this->ERRORS[$errCode] == CONS_ERROR_NOTICE_SHOW || $this->ERRORS[$errCode] == CONS_ERROR_WARNING_SHOW || $this->ERRORS[$errCode] == CONS_ERROR_ERROR_SHOW || $this->ERRORS[$errCode] == CONS_ERROR_SEC_SHOW || $this->ERRORS[$errCode] == CONS_ERROR_NOTICESTOP || $this->ERRORS[$errCode] == CONS_ERROR_MESSAGE; $lowLog = $this->ERRORS[$errCode] == CONS_ERROR_NOTICE || $this->ERRORS[$errCode] == CONS_ERROR_WARNING || $this->ERRORS[$errCode] == CONS_ERROR_WARNING_SHOW; $securityLog = $this->ERRORS[$errCode] == CONS_ERROR_SEC || $this->ERRORS[$errCode] == CONS_ERROR_SEC_SHOW; $highLog = $this->ERRORS[$errCode] == CONS_ERROR_ERROR || $this->ERRORS[$errCode] == CONS_ERROR_ERROR_SHOW || $this->ERRORS[$errCode] == CONS_ERROR_FATAL || $this->ERRORS[$errCode] == CONS_ERROR_NOTIFYMAIL; $actionLog = $this->ERRORS[$errCode] < CONS_ERROR_WARNING && ($errCode >= 300 && $errCode < 400); $stopScript = $this->ERRORS[$errCode] == CONS_ERROR_FATAL || $this->ERRORS[$errCode] == CONS_ERROR_FATAL_NOLOG || $this->ERRORS[$errCode] == CONS_ERROR_NOTICESTOP || $this->ERRORS[$errCode] == CONS_ERROR_FATAL_MAIL; $storeInWarning = $this->ERRORS[$errCode] != CONS_ERROR_MESSAGE; $redWarning = $this->ERRORS[$errCode] != CONS_ERROR_MESSAGE && $this->ERRORS[$errCode] != CONS_ERROR_NOTICE_SHOW && $this->ERRORS[$errCode] != CONS_ERROR_NOTICE && !$actionLog; # These are logs that, once displayed to the users, should be in red (actual errors) if (!$actionLog) { $this->errorCount++; } #-- $errstr = $this->parent->langOut('e' . $errCode) . " (e{$errCode}) {$module} {$parameter} {$extended}"; $errstrfull = $errCode . "|" . $module . "|" . $parameter . "|" . $extended . "|" . implode("|", $this->parent->log); # Error file: # date|client|uri|errCode|module|parameters|extended parameters|log[|...] # Action file: # YmdHismodule|parameter|extended parameters $status = date("d/m/Y H:i:s") . "|" . (isset($_SESSION['CODE']) ? $_SESSION['CODE'] : '?') . "|" . $_SERVER['REQUEST_URI']; if ($showToUser) { $this->parent->setLog($redWarning ? $highLog || $stopScript ? CONS_LOGGING_ERROR : CONS_LOGGING_WARNING : ($errCode == 300 ? CONS_LOGGING_SUCCESS : CONS_LOGGING_NOTICE), $errstr); } if ($storeInWarning) { $this->parent->warning[] = $errstr; } if ($lowLog || $securityLog || $highLog) { if (isset($_SESSION['CODE'])) { if (isset($_SESSION['CODE']) && !is_dir(CONS_PATH_LOGS . $_SESSION['CODE'] . "/")) { safe_mkdir(CONS_PATH_LOGS . $_SESSION['CODE'] . "/"); } if (!is_file(CONS_PATH_LOGS . $_SESSION['CODE'] . "/err" . date("Ymd") . ".log") || filesize(CONS_PATH_LOGS . $_SESSION['CODE'] . "/err" . date("Ymd") . ".log") < CONS_MAX_LOGFILESIZE) { $fd = fopen(CONS_PATH_LOGS . $_SESSION['CODE'] . "/err" . date("Ymd") . ".log", "a"); if ($fd) { fwrite($fd, $status . "|" . $errstrfull . "\n"); fclose($fd); } } if ($highLog) { if (isset($this->parent->dimconfig['_cronD']) && $this->parent->dimconfig['_cronD'] == date("d")) { $this->parent->dimconfig['_errcontrol'] = isset($this->parent->dimconfig['_errcontrol']) ? $this->parent->dimconfig['_errcontrol'] + 1 : 1; } else { $this->parent->dimconfig['_errcontrol'] = 1; } $this->parent->saveConfig(true); } } # centralized log (the framework supports multiple domains, this log is a single log for all domains) if ($highLog && (!is_file(CONS_PATH_LOGS . "err" . date("Ymd") . ".log") || filesize(CONS_PATH_LOGS . "err" . date("Ymd") . ".log") < CONS_MAX_LOGFILESIZE)) { $fd = fopen(CONS_PATH_LOGS . "err" . date("Ymd") . ".log", "a"); if ($fd) { fwrite($fd, $status . "|" . $errstrfull . "\n"); fclose($fd); } } } if ($actionLog && !CONS_ECONOMICMODE) { if (isset($_SESSION['CODE']) && !is_dir(CONS_PATH_LOGS . $_SESSION['CODE'] . "/")) { safe_mkdir(CONS_PATH_LOGS . $_SESSION['CODE'] . "/"); } $fd = fopen(CONS_PATH_LOGS . $_SESSION['CODE'] . "/act" . date("Ymd") . ".log", "a"); if ($fd) { if ($errCode >= 301 && $errCode <= 305) { $parameter = "e" . $errCode; fwrite($fd, date("YmdHis") . $module . "|{$parameter}|{$extended}|{$extended}" . "\n"); } else { $parameter = $parameter == CONS_ACTION_INCLUDE ? "include" : ($parameter == CONS_ACTION_UPDATE ? "edit" : ($parameter == CONS_ACTION_DELETE ? "delete" : $parameter)); fwrite($fd, date("YmdHis") . $module . "|{$parameter}|{$extended}|" . ($this->parent->logged() ? $_SESSION[CONS_SESSION_ACCESS_USER]['login'] : "******") . "\n"); } fclose($fd); } } if ($stopScript) { $this->parent->headerControl->showHeaders('500', true); echo "<div style='border:1px solid #FFCCCC;padding:10px;margin:20px;'>\n\t\t\t\t<b>{$parameter}</b> ({$errCode})\n\t\t\t \t<div style='border-top: 1px solid #CCCCCC;'>" . nl2br($this->errorToMessage($errCode, $parameter, $module, $extended)) . "</div>" . "<div style='border-top: 1px solid #CCCCCC;'>SystemLog:<br/><div style='font-size:10px'>" . implode("<br/>", $this->parent->log) . "</div></div>" . ($this->parent->debugmode ? "<div style='border-top: 1px solid #CCCCCC;'>DBLog:<br/><div style='font-size:10px'>" . implode("<br/>", $this->parent->dbo->log) . "</div></div>" : "") . ($this->parent->offlineMode ? "<div style='border-top: 1px solid #CCCCCC;'>DB DOWN</div>" : "") . "</div>Prescia"; $this->parent->close(true); } }
killbyname("barnyard2"); sleep(2); // Delete any leftover barnyard2 PID files in /var/run unlink_if_exists("{$g['varrun_path']}/barnyard2_*.pid"); } // Set flag for post-install in progress $g['suricata_postinstall'] = true; // Mount file system read/write so we can modify some files conf_mount_rw(); // Remove any previously installed script since we rebuild it unlink_if_exists("{$rcdir}suricata.sh"); // Create the top-tier log directory safe_mkdir(SURICATALOGDIR); // Create the IP Rep and SID Mods lists directory safe_mkdir(SURICATA_SID_MODS_PATH); safe_mkdir(SURICATA_IPREP_PATH); // Make sure config variable is an array if (!is_array($config['installedpackages']['suricata']['config'][0])) { $config['installedpackages']['suricata']['config'][0] = array(); } // Download the latest GeoIP DB updates and create cron task if the feature is not disabled if ($config['installedpackages']['suricata']['config'][0]['autogeoipupdate'] != 'off') { log_error(gettext("[Suricata] Installing free GeoIP country database files...")); include "/usr/local/pkg/suricata/suricata_geoipupdate.php"; install_cron_job("/usr/bin/nice -n20 /usr/local/bin/php -f /usr/local/pkg/suricata/suricata_geoipupdate.php", TRUE, 0, 0, 8, "*", "*", "root"); } // Download the latest ET IQRisk updates and create cron task if the feature is not disabled if ($config['installedpackages']['suricata']['config'][0]['et_iqrisk_enable'] == 'on') { log_error(gettext("[Suricata] Installing Emerging Threats IQRisk IP List...")); include "/usr/local/pkg/suricata/suricata_etiqrisk_update.php"; install_cron_job("/usr/bin/nice -n20 /usr/local/bin/php -f /usr/local/pkg/suricata/suricata_etiqrisk_update.php", TRUE, 0, "*/6", "*", "*", "*", "root");
?> <p> <textarea cols="55" rows="1" name="status" id="status" wrap="hard">One moment please... This will take a while!</textarea> <textarea cols="55" rows="25" name="output" id="output" wrap="hard"></textarea> </form> <?php include "fend.inc"; ?> </body> </html> <?php echo "<script language=\"JavaScript\">document.forms[0].status.value=\"Creating CA...\";</script>"; mwexec("rm -rf /tmp/*"); //mwexec("rm -rf /tmp/newcerts"); safe_mkdir("/tmp/newcerts", 0755); touch("/tmp/index.txt"); $fd = fopen("/tmp/serial", "w"); fwrite($fd, "01\n"); fclose($fd); /* mkdir /tmp/newcerts touch /tmp/index.txt echo 01 > serial #Create The Certificate Authority Root Certificate cd /tmp/ && openssl req -nodes -new -x509 -keyout cakey.pem -out cacert.pem -config /etc/ssl/openssl.cnf #Create User Certificates cd /tmp/ && openssl req -nodes -new -keyout vpnkey.pem -out vpncert-req.pem -config /etc/ssl/openssl.cnf mkdir /tmp/newcerts openssl ca -out vpncert.pem -in vpncert-req.pem -batch
private function sqlParameter($isADD, &$data, $name, &$field, &$EnumPrunecache, $isSerialized = false, $kA = '', $wS = '') { $output = false; $encapsulation = $isSerialized ? '' : '"'; switch ($field[CONS_XML_TIPO]) { case CONS_TIPO_INT: if (isset($data[$name]) && $data[$name] !== "" && is_numeric($data[$name])) { $output = $data[$name]; } else { if ($isADD && isset($field[CONS_XML_DEFAULT])) { $output = $field[CONS_XML_DEFAULT]; } } break; case CONS_TIPO_LINK: if ($field[CONS_XML_LINKTYPE] == CONS_TIPO_INT || $field[CONS_XML_LINKTYPE] == CONS_TIPO_FLOAT) { $encapsulation = ''; } if (isset($data[$name]) && ($data[$name] !== '' && $data[$name] !== 0 || !isset($field[CONS_XML_MANDATORY]))) { # non-mandatory links accept 0 values, otherwise 0 is not acceptable if ((!$isADD && isset($field[CONS_XML_IGNORENEDIT]) || $isADD) && ($data[$name] === 0 || $data[$name] === '')) { break; } else { if (($field[CONS_XML_LINKTYPE] == CONS_TIPO_INT || $field[CONS_XML_LINKTYPE] == CONS_TIPO_FLOAT) && ($data[$name] === '' || !is_numeric($data[$name]))) { $data[$name] = 0; } else { if ($field[CONS_XML_LINKTYPE] == CONS_TIPO_VC && $data[$name] != '') { if ($field[CONS_XML_SPECIAL] == "ucase") { $data[$name] = strtoupper($data[$name]); } if ($field[CONS_XML_SPECIAL] == "lcase") { $data[$name] = strtolower($data[$name]); } } } } # if this is a parent, check if this won't create a cyclic parenting if ($data[$name] !== 0 && $data[$name] !== '' && $field[CONS_XML_MODULE] == $this->name && $this->options[CONS_MODULE_PARENT] == $name) { if (!$isADD && $data[$name] == $data[$this->keys[0]]) { $data[$name] = 0; $this->parent->errorControl->raise(128, $name, $this->name, "Parent=Self"); if (isset($field[CONS_XML_MANDATORY])) { return false; } } else { $antiCicle = $isADD ? array() : array($data[$this->keys[0]]); $idP = isset($data[$name]) ? $data[$name] : 0; if ($idP == null) { $idP = 0; } while ($idP !== 0) { $idP = $this->parent->dbo->fetch("SELECT {$name} FROM " . $this->dbname . " WHERE " . $this->keys[0] . "={$idP}"); if ($idP == NULL) { $idP = 0; } if (in_array($idP, $antiCicle)) { break; } // cicle! $antiCicle[] = $idP; } unset($antiCicle); if ($idP !== 0) { # did not reach root $this->parent->errorControl->raise(128, $name, $this->name, "Initial parent was = " . $data[$name]); $data[$name] = 0; if (isset($field[CONS_XML_MANDATORY])) { return false; } } } } $output = $encapsulation . $data[$name] . $encapsulation; } else { if ($isADD && isset($field[CONS_XML_DEFAULT])) { if ($field[CONS_XML_DEFAULT] == "%UID%" && defined("CONS_AUTH_USERMODULE") && $field[CONS_XML_MODULE] == CONS_AUTH_USERMODULE && $_SESSION[CONS_SESSION_ACCESS_LEVEL] > 0 && isset($_SESSION[CONS_SESSION_ACCESS_USER]['id'])) { $output = $encapsulation . $_SESSION[CONS_SESSION_ACCESS_USER]['id'] . $encapsulation; } else { if ($field[CONS_XML_DEFAULT] != "%UID%") { $output = $encapsulation . $field[CONS_XML_DEFAULT] . $encapsulation; } } } } break; case CONS_TIPO_FLOAT: if (isset($data[$name]) && $data[$name] !== "") { $data[$name] = fv($data[$name]); if (is_numeric($data[$name])) { $output = str_replace(",", ".", $data[$name]); } else { if ($isADD && isset($field[CONS_XML_DEFAULT])) { $output = $field[CONS_XML_DEFAULT]; } } } else { if ($isADD && isset($field[CONS_XML_DEFAULT])) { $output = $field[CONS_XML_DEFAULT]; } } break; case CONS_TIPO_VC: if (isset($data[$name])) { if (!isset($field[CONS_XML_SPECIAL]) || $field[CONS_XML_SPECIAL] != "urla") { if (!isset($field[CONS_XML_CUSTOM])) { $data[$name] = cleanString($data[$name], isset($field[CONS_XML_HTML]), $_SESSION[CONS_SESSION_ACCESS_LEVEL] == 100, $this->parent->dbo); } else { if (!$isSerialized) { $data[$name] = addslashes_EX($data[$name], isset($field[CONS_XML_HTML]), $this->parent->dbo); } } } if (isset($field[CONS_XML_SPECIAL])) { if ($field[CONS_XML_SPECIAL] == "urla") { if (!isset($data[$name]) || $data[$name] == '') { $source = isset($field[CONS_XML_SOURCE]) ? $field[CONS_XML_SOURCE] : "{" . $this->title . "}"; $tp = new CKTemplate($this->parent->template); $tp->tbreak($source); $data[$name] = $tp->techo($data); unset($tp); } $data[$name] = str_replace(">", "", str_replace("<", "", str_replace(""", "", str_replace("'", "", $data[$name])))); $data[$name] = removeSimbols($data[$name], true, false, CONS_FLATTENURL); } if ($field[CONS_XML_SPECIAL] == "login" && $data[$name] != "") { if (!preg_match('/^([A-Za-z0-9_\\-\\.@]){4,20}$/', $data[$name])) { $data[$name] = ""; $this->parent->errorControl->raise(129, $name, $this->name); break; } } if ($field[CONS_XML_SPECIAL] == "mail" && $data[$name] != "") { if (!isMail($data[$name])) { $data[$name] = ""; $this->parent->errorControl->raise(130, $name, $this->name); break; } } if ($field[CONS_XML_SPECIAL] == "ucase" && $data[$name] != "") { $data[$name] = strtoupper($data[$name]); $data[$name] = addslashes_EX($data[$name], isset($field[CONS_XML_HTML]), $this->parent->dbo); } if ($field[CONS_XML_SPECIAL] == "lcase" && $data[$name] != "") { $data[$name] = strtolower($data[$name]); $data[$name] = addslashes_EX($data[$name], isset($field[CONS_XML_HTML]), $this->parent->dbo); } if ($field[CONS_XML_SPECIAL] == "path" && $data[$name] != "") { if (!preg_match('/^([A-Za-z0-9_\\/\\-]*)$/', $data[$name])) { $data[$name] = ""; $this->parent->errorControl->raise(131, $name, $this->name); break; } } if ($field[CONS_XML_SPECIAL] == "onlinevideo" && $data[$name] != "") { if (!preg_match('/^([A-Za-z0-9_\\-]){8,20}$/', $data[$name])) { $data[$name] = ""; $this->parent->errorControl->raise(132, $name, $this->name); break; } } if ($field[CONS_XML_SPECIAL] == "time" && $data[$name] != "") { if (!preg_match('/^([0-9]){1,2}(:)([0-9]){1,2}$/', $data[$name])) { $data[$name] = ""; $this->parent->errorControl->raise(133, $name, $this->name); break; } else { $data[$name] = explode(":", $data[$name]); $data[$name][0] = (strlen($data[$name][0]) == 1 ? "0" : "") . $data[$name][0]; $data[$name][1] = (strlen($data[$name][1]) == 1 ? "0" : "") . $data[$name][1]; $data[$name] = $data[$name][0] . ":" . $data[$name][1]; } } } if (!$isADD && isset($field[CONS_XML_IGNORENEDIT]) && $data[$name] == "") { break; } else { if ($isADD && (!isset($data[$name]) || $data[$name] == '') && isset($field[CONS_XML_DEFAULT])) { $data[$name] = $field[CONS_XML_DEFAULT]; } } $output = $encapsulation . $data[$name] . $encapsulation; } break; case CONS_TIPO_TEXT: if (isset($data[$name])) { # WYSIWYG garbage ... if (isset($field[CONS_XML_HTML]) && !isset($field[CONS_XML_CUSTOM])) { $data[$name] = str_replace(" ", " ", trim($data[$name])); if (isset($field[CONS_XML_SIMPLEEDITFORCE]) && $data[$name] != '') { if (!defined('C_XHTML_AUTOTAB')) { include CONS_PATH_INCLUDE . "xmlHandler.php"; } $data[$name] = parseHTML($data[$name], true); if ($data[$name] === false) { $this->parent->errorControl->raise(190, $name, $this->name); $data[$name] = ''; break; } } if ($this->invalidHTML($data[$name])) { # external editors garbage that can break HTML $this->parent->errorControl->raise(135, $name, $this->name); } } if (!isset($field[CONS_XML_CUSTOM])) { $data[$name] = cleanString($data[$name], isset($field[CONS_XML_HTML]), $_SESSION[CONS_SESSION_ACCESS_LEVEL] == 100, $this->parent->dbo); } else { if (!$isSerialized) { $data[$name] = addslashes_EX($data[$name], true, $this->parent->dbo); } } if (!$isADD && isset($field[CONS_XML_IGNORENEDIT]) && $data[$name] == "") { break; } $output = $encapsulation . $data[$name] . $encapsulation; } else { if ($isADD && isset($field[CONS_XML_DEFAULT])) { $output = $encapsulation . $field[CONS_XML_DEFAULT] . $encapsulation; } } break; case CONS_TIPO_DATETIME: case CONS_TIPO_DATE: if (!isset($data[$name]) || $data[$name] == '') { if (!$isADD && isset($field[CONS_XML_UPDATESTAMP])) { $output = "NOW()"; $data[$name] = date("Y-m-d") . ($field[CONS_XML_TIPO] == CONS_TIPO_DATETIME ? " " . date("H:i:s") : ""); // might be used by friendly url or such break; } else { if ($isADD && (isset($field[CONS_XML_TIMESTAMP]) || isset($field[CONS_XML_UPDATESTAMP]))) { $output = "NOW()"; $data[$name] = date("Y-m-d") . ($field[CONS_XML_TIPO] == CONS_TIPO_DATETIME ? " " . date("H:i:s") : ""); // might be used by friendly url or such break; } } } if (!isset($data[$name]) && isset($data[$name . "_day"])) { # date came into separated fields, merge them $theDate = $this->parent->intlControl->mergeDate($data, $name . "_"); if (!$theDate == false || ($theDate == "0000-00-00" || $theDate == "0000-00-00 00:00:00") && isset($field[CONS_XML_IGNORENEDIT])) { break; } # empty date can be ignored, or corrupt date $output = $encapsulation . $theDate . $encapsulation; } else { # came in mySQL format or i18n fromat if (isset($data[$name]) && $data[$name] != "") { $data[$name] = trim($data[$name]); $theDate = $data[$name]; $theDate = $this->parent->intlControl->dateToSql($theDate, $field[CONS_XML_TIPO] == CONS_TIPO_DATETIME); // handles any format of human or sql date if ($theDate === false) { if (substr($data[$name], 0, 5) == "NOW()") { $output = $data[$name]; $data[$name] = date("Y-m-d") . ($field[CONS_XML_TIPO] == CONS_TIPO_DATETIME ? " " . date("H:i:s") : ""); // might be used by friendly url or such } else { $this->parent->errorControl->raise(134, $name, $this->name); } } else { $output = $encapsulation . $theDate . $encapsulation; $data[$name] = $theDate; // other fields might need it } } else { if (isset($data[$name])) { // blank if (!$isADD && isset($field[CONS_XML_IGNORENEDIT])) { break; } $output = isset($field[CONS_XML_MANDATORY]) && $field[CONS_XML_MANDATORY] ? $encapsulation . "0000-00-00" . ($field[CONS_XML_TIPO] == CONS_TIPO_DATETIME ? " 00:00:00" : "") . $encapsulation : 'NULL'; } } } break; case CONS_TIPO_ENUM: if (isset($data[$name])) { if ($data[$name] == "") { # enum does not accept empty values, this means it's a NON-MANDATORY enum comming empty = NULL $output = "NULL"; } else { $data[$name] = str_replace("\"", "", str_replace("'", "", $data[$name])); $output = $encapsulation . $data[$name] . $encapsulation; if (isset($field[CONS_XML_AUTOPRUNE])) { // possible prune //$EnumPrunecache preg_match("@ENUM \\(([^)]*)\\).*@", $field[CONS_XML_SQL], $regs); $enums = explode(",", $regs[1]); $pruneRecipient = ""; for ($ec = 0; $ec < count($enums); $ec++) { if (isset($field[CONS_XML_AUTOPRUNE][$ec]) && $field[CONS_XML_AUTOPRUNE][$ec] == '*') { $pruneRecipient = $enums[$ec]; } } for ($ec = 0; $ec < count($enums); $ec++) { if ("'" . $data[$name] . "'" == $enums[$ec]) { if (isset($field[CONS_XML_AUTOPRUNE][$ec]) && $field[CONS_XML_AUTOPRUNE][$ec] != '0' && $field[CONS_XML_AUTOPRUNE][$ec] != '*') { $EnumPrunecache[] = array($name, $field[CONS_XML_AUTOPRUNE][$ec], $pruneRecipient); } break; // for } } } } } else { if ($isADD && isset($field[CONS_XML_DEFAULT])) { $output = $encapsulation . $field[CONS_XML_DEFAULT] . $encapsulation; } } break; case CONS_TIPO_OPTIONS: # must come as a string of 0 and 1 if (isset($data[$name]) && strlen($data[$name]) >= count($field[CONS_XML_OPTIONS])) { # test if they are all 0 and 1! $ok = true; for ($c = 0; $c < strlen($data[$name]); $c++) { if ($data[$name][$c] != "0" && $data[$name][$c] != "1") { $ok = false; break; } } if ($ok) { $output = $encapsulation . $data[$name] . ($isADD ? '0000' : '') . $encapsulation; } } break; case CONS_TIPO_UPLOAD: if (!$isADD) { # upload on add happens AFTER the SQL include, so if it fails, we don't even bother processing upload if (isset($data[$name . "_delete"]) || isset($_FILES[$name]) && $_FILES[$name]['error'] == 0) { // delete ou update $ids = ""; foreach ($this->keys as $key) { $ids .= $data[$key] . "_"; } $ids = substr($ids, 0, strlen($ids) - 1); $this->deleteUploads($data, $name, $ids); } $upOk = $this->prepareUpload($name, $kA, $data); $upvalue = $upOk == '0' ? 'y' : 'n'; if ($upOk != 0 && $upOk != 4) { # notification for the upload (4 = nothing sent, 0 = sent and ok) $this->parent->errorControl->raise(200 + $upOk, $upOk, $this->name, $name); } if ($upOk != 4) { $output = $encapsulation . $upvalue . $encapsulation; } else { // no change, but take this oportunity and check if the file exists! $upvalue = 'n'; $path = CONS_FMANAGER . $this->name . "/"; if (is_dir($path)) { if (isset($this->fields[$name][CONS_XML_FILEPATH])) { $path .= $this->fields[$name][CONS_XML_FILEPATH]; if ($path[strlen($path) - 1] != "/") { $path .= "/"; } if (!is_dir($path)) { safe_mkdir($path); } } # prepares filename with item keys $filename = $path . $name . "_"; foreach ($this->keys as $key) { $filename .= $data[$key] . "_"; } $filename .= "1"; $upvalue = locateAnyFile($filename, $ext, isset($this->fields[$name][CONS_XML_FILETYPES]) ? $this->fields[$name][CONS_XML_FILETYPES] : '') ? 'y' : 'n'; } $output = $encapsulation . $upvalue . $encapsulation; } } break; case CONS_TIPO_ARRAY: if (isset($data[$name])) { if (is_array($data[$name])) { $output = $data[$name]; } else { # came in serialized (JSON or php) if ($data[$name][0] == '[') { # JSON $output = @json_decode($data[$name]); } else { $output = @unserialize($data[$name]); } # we will serialize the whole thing if ($output === false) { $this->parent->errorControl->raise(189, $name, $this->name); $output = ""; } } } break; case CONS_TIPO_SERIALIZED: if (isset($data[$name])) { // came raw data, we store as is, YOU should serialize raw data $data[$name] = addslashes_EX($data[$name], true); if (isset($field[CONS_XML_IGNORENEDIT]) && $data[$name] == "") { break; } $output = $encapsulation . $data[$name] . $encapsulation; } else { if ($this->fields[$name][CONS_XML_SERIALIZED] > 1) { // set to WRITE or ALL // note: we ADD fields, never replace, because we should allow partial edits, thus we need to read the original data first $sql = "SELECT {$name} FROM " . $this->dbname . " WHERE {$wS}"; $serialized = $this->parent->dbo->fetch($sql); if ($serialized === false) { $serialized = array(); } else { $serialized = @unserialize($serialized); } $serializedFields = 0; foreach ($this->fields[$name][CONS_XML_SERIALIZEDMODEL] as $exname => &$exfield) { if (isset($data[$name . "_" . $exname])) { $outfield = $this->sqlParameter(true, $data, $name . "_" . $exname, $exfield, $EnumPrunecache, true); if ($outfield !== false && $outfield != 'NULL') { $serialized[$exname] = $outfield; } # we don't need to store NULL like in sql } } $output = $encapsulation . addslashes_EX(serialize($serialized), true, $this->parent->dbo) . $encapsulation; } } break; } # switch return $output; }
} } if ($_POST['remove']) { exec("/sbin/pfctl -t snort2c -T flush"); header("Location: /snort/snort_blocked.php"); exit; } /* TODO: build a file with block ip and disc */ if ($_POST['download']) { $blocked_ips_array_save = ""; exec('/sbin/pfctl -t snort2c -T show', $blocked_ips_array_save); /* build the list */ if (is_array($blocked_ips_array_save) && count($blocked_ips_array_save) > 0) { $save_date = date("Y-m-d-H-i-s"); $file_name = "snort_blocked_{$save_date}.tar.gz"; safe_mkdir("{$g['tmp_path']}/snort_blocked"); file_put_contents("{$g['tmp_path']}/snort_blocked/snort_block.pf", ""); foreach ($blocked_ips_array_save as $counter => $fileline) { if (empty($fileline)) { continue; } $fileline = trim($fileline, " \n\t"); file_put_contents("{$g['tmp_path']}/snort_blocked/snort_block.pf", "{$fileline}\n", FILE_APPEND); } // Create a tar gzip archive of blocked host IP addresses exec("/usr/bin/tar -czf {$g['tmp_path']}/{$file_name} -C{$g['tmp_path']}/snort_blocked snort_block.pf"); // If we successfully created the archive, send it to the browser. if (file_exists("{$g['tmp_path']}/{$file_name}")) { ob_start(); //important or other posts will fail if (isset($_SERVER['HTTPS'])) {