/****************************************************************/
if (count($config['installedpackages']['snortglobal']['rule']) > 0) {
$uuids = array();
$fixed_duplicate = FALSE;
$snortconf =& $config['installedpackages']['snortglobal']['rule'];
foreach ($snortconf as &$snortcfg) {
// Check for and fix a duplicate UUID
$if_real = get_real_interface($snortcfg['interface']);
if (!isset($uuids[$snortcfg['uuid']])) {
$uuids[$snortcfg['uuid']] = $if_real;
continue;
} else {
// Found a duplicate UUID, so generate a
// new one for the affected interface.
$old_uuid = $snortcfg['uuid'];
$new_uuid = snort_generate_id();
if (file_exists("{$snortlogdir}snort_{$if_real}{$old_uuid}/")) {
@rename("{$snortlogdir}snort_{$if_real}{$old_uuid}/", "{$snortlogdir}snort_{$if_real}{$new_uuid}/");
}
$snortcfg['uuid'] = $new_uuid;
$uuids[$new_uuid] = $if_real;
log_error(gettext("[Snort] updated UUID for interface " . convert_friendly_interface_to_friendly_descr($snortcfg['interface']) . " from {$old_uuid} to {$new_uuid}."));
$fixed_duplicate = TRUE;
}
}
unset($uuids);
}
/****************************************************************/
/* End of duplicate UUID bug fix. */
/****************************************************************/
/* Do one-time settings migration for new multi-engine configurations */
}
if (is_null($id)) {
header("Location: /snort/snort_interfaces.php");
exit;
}
if (isset($_POST['action'])) {
$action = htmlspecialchars($_POST['action'], ENT_QUOTES | ENT_HTML401);
} elseif (isset($_GET['action'])) {
$action = htmlspecialchars($_GET['action'], ENT_QUOTES | ENT_HTML401);
} else {
$action = "";
}
$pconfig = array();
if (empty($snortglob['rule'][$id]['uuid'])) {
/* Adding new interface, so flag rules to build. */
$pconfig['uuid'] = snort_generate_id();
$rebuild_rules = true;
} else {
$pconfig['uuid'] = $a_rule[$id]['uuid'];
$pconfig['descr'] = $a_rule[$id]['descr'];
$rebuild_rules = false;
}
$snort_uuid = $pconfig['uuid'];
// Get the physical configured interfaces on the firewall
$interfaces = get_configured_interface_with_descr();
// See if interface is already configured, and use its values
if (isset($id) && $a_rule[$id]) {
/* old options */
$pconfig = $a_rule[$id];
if (!empty($pconfig['configpassthru'])) {
$pconfig['configpassthru'] = base64_decode($pconfig['configpassthru']);
snort_stop($a_rule[$id], $oif_real);
$snort_start = true;
} else {
$snort_start = false;
}
@rename("{$snortlogdir}/snort_{$oif_real}{$a_rule[$id]['uuid']}", "{$snortlogdir}/snort_{$if_real}{$a_rule[$id]['uuid']}");
conf_mount_rw();
@rename("{$snortdir}/snort_{$a_rule[$id]['uuid']}_{$oif_real}", "{$snortdir}/snort_{$a_rule[$id]['uuid']}_{$if_real}");
conf_mount_ro();
}
$a_rule[$id] = $natent;
} elseif (strcasecmp($action, 'dup') == 0) {
// Duplicating a new interface, so set flag to build new rules
$rebuild_rules = true;
// Duplicating an interface, so need to generate a new UUID for the cloned interface
$natent['uuid'] = snort_generate_id();
// Add the new duplicated interface configuration to the [rule] array in config
$a_rule[] = $natent;
} else {
// Adding new interface, so set required interface configuration defaults
$frag3_eng = array("name" => "default", "bind_to" => "all", "policy" => "bsd", "timeout" => 60, "min_ttl" => 1, "detect_anomalies" => "on", "overlap_limit" => 0, "min_frag_len" => 0);
$stream5_eng = array("name" => "default", "bind_to" => "all", "policy" => "bsd", "timeout" => 30, "max_queued_bytes" => 1048576, "detect_anomalies" => "off", "overlap_limit" => 0, "max_queued_segs" => 2621, "require_3whs" => "off", "startup_3whs_timeout" => 0, "no_reassemble_async" => "off", "max_window" => 0, "use_static_footprint_sizes" => "off", "check_session_hijacking" => "off", "dont_store_lg_pkts" => "off", "ports_client" => "default", "ports_both" => "default", "ports_server" => "none");
$http_eng = array("name" => "default", "bind_to" => "all", "server_profile" => "all", "enable_xff" => "off", "log_uri" => "off", "log_hostname" => "off", "server_flow_depth" => 65535, "enable_cookie" => "on", "client_flow_depth" => 1460, "extended_response_inspection" => "on", "no_alerts" => "off", "unlimited_decompress" => "on", "inspect_gzip" => "on", "normalize_cookies" => "on", "normalize_headers" => "on", "normalize_utf" => "on", "normalize_javascript" => "on", "allow_proxy_use" => "off", "inspect_uri_only" => "off", "max_javascript_whitespaces" => 200, "post_depth" => -1, "max_headers" => 0, "max_spaces" => 0, "max_header_length" => 0, "ports" => "default", "decompress_swf" => "off", "decompress_pdf" => "off");
$ftp_client_eng = array("name" => "default", "bind_to" => "all", "max_resp_len" => 256, "telnet_cmds" => "no", "ignore_telnet_erase_cmds" => "yes", "bounce" => "yes", "bounce_to_net" => "", "bounce_to_port" => "");
$ftp_server_eng = array("name" => "default", "bind_to" => "all", "ports" => "default", "telnet_cmds" => "no", "ignore_telnet_erase_cmds" => "yes", "ignore_data_chan" => "no", "def_max_param_len" => 100);
$natent['max_attribute_hosts'] = '10000';
$natent['max_attribute_services_per_host'] = '10';
$natent['max_paf'] = '16000';
$natent['ftp_preprocessor'] = 'on';
$natent['ftp_telnet_inspection_type'] = "stateful";
$natent['ftp_telnet_alert_encrypted'] = "off";