示例#1
0
			<td colspan="2" valign="top" class="listtopic"><?php 
echo gettext("Define Ports (port variables)");
?>
</td>
		</tr>
<?php 
foreach ($snort_ports as $key => $server) {
    if (strlen($server) > 40) {
        $server = substr($server, 0, 40) . "...";
    }
    $label = strtoupper($key);
    $value = "";
    $title = "";
    if (!empty($pconfig["def_{$key}"])) {
        $value = htmlspecialchars($pconfig["def_{$key}"]);
        $title = trim(filter_expand_alias($pconfig["def_{$key}"]));
    }
    ?>
			<tr>
				<td width='30%' valign='top' class='vncell'><?php 
    echo gettext("Define");
    ?>
 <?php 
    echo $label;
    ?>
</td>
				<td width="70%" class="vtable">
					<input name="def_<?php 
    echo $key;
    ?>
" type="text" size="40" autocomplete="off" class="formfldalias" id="def_<?php
示例#2
0
</script>
<script type="text/javascript" src="/javascript/suggestions.js">
</script>
<script type="text/javascript">

<?php 
$isfirst = 0;
$aliases = "";
$addrisfirst = 0;
$portisfirst = 0;
$aliasesaddr = "";
$aliasesport = "";
if (isset($config['aliases']['alias']) && is_array($config['aliases']['alias'])) {
    foreach ($config['aliases']['alias'] as $alias_name) {
        // Skip any Aliases that resolve to an empty string
        if (trim(filter_expand_alias($alias_name['name'])) == "") {
            continue;
        }
        if ($alias_name['type'] == "host" || $alias_name['type'] == "network") {
            if ($addrisfirst == 1) {
                $aliasesaddr .= ",";
            }
            $aliasesaddr .= "'" . $alias_name['name'] . "'";
            $addrisfirst = 1;
        } elseif ($alias_name['type'] == "port") {
            if ($portisfirst == 1) {
                $aliasesport .= ",";
            }
            $aliasesport .= "'" . $alias_name['name'] . "'";
            $portisfirst = 1;
        }
示例#3
0
echo gettext("Bind-To IP Address Alias");
?>
</td>
		<td class="vtable">
		<?php 
if ($pengcfg['name'] != "default") {
    ?>
			<table width="95%" border="0" cellpadding="2" cellspacing="0">
				<tbody>
				<tr>
					<td class="vexpl"><input name="policy_bind_to" type="text" class="formfldalias" id="policy_bind_to" size="32" 
					value="<?php 
    echo htmlspecialchars($pengcfg['bind_to']);
    ?>
" title="<?php 
    echo trim(filter_expand_alias($pengcfg['bind_to']));
    ?>
" autocomplete="off"/>&nbsp;
					<?php 
    echo gettext("IP List to bind this engine to. (Cannot be blank)");
    ?>
</td>
					<td class="vexpl" align="right"><input type="submit" class="formbtns" name="select_alias" value="Aliases" 
					title="<?php 
    echo gettext("Select an existing IP alias");
    ?>
"/></td>
				</tr>
				<tr>
					<td class="vexpl" colspan="2"><?php 
    echo gettext("This policy will apply for packets with destination addresses contained within this IP List.");
示例#4
0
?>
</td>
	</tr>
	<tr>
		<td width="22%" valign="top" class="vncell">
		<?php 
echo gettext("Assigned Aliases:");
?>
		</td>
		<td width="78%" class="vtable">
		<input autocomplete="off" name="address" type="text" class="formfldalias" id="address" size="30" value="<?php 
echo htmlspecialchars($pconfig['address']);
?>
"
		title="<?php 
echo trim(filter_expand_alias($pconfig['address']));
?>
"/>&nbsp;&nbsp;&nbsp;&nbsp;
		<input type="button" class="formbtns" value="Aliases" onclick="selectAlias();" 
		title="<?php 
echo gettext("Select an existing IP alias");
?>
"/>
		</td>
	</tr>
	<tr>
		<td width="22%" valign="top">&nbsp;</td>
		<td width="78%">
			<input id="save" name="save" type="submit" class="formbtn" value="Save" />
			<input id="cancel" name="cancel" type="submit" class="formbtn" value="Cancel" />
		</td>
示例#5
0
         log_error("[snort] WARNING: unable to resolve IP Address Alias [{$v['bind_to']}] for HTTP_INSPECT server '{$v['name']}' ... skipping this server engine.");
         continue;
     }
 } else {
     log_error("[snort] WARNING: unable to resolve IP Address Alias [{$v['bind_to']}] for HTTP_INSPECT server '{$v['name']}' ... skipping this server engine.");
     continue;
 }
 $http_inspect_servers .= $buffer;
 $http_inspect_servers .= "\tprofile {$v['server_profile']} \\\n";
 if ($v['no_alerts'] == "on") {
     $http_inspect_servers .= "\tno_alerts \\\n";
 }
 if ($v['ports'] == "default" || empty($v['ports'])) {
     $http_inspect_servers .= "\tports { {$http_ports} } \\\n";
 } elseif (is_alias($v['ports'])) {
     $tmp = trim(filter_expand_alias($v['ports']));
     if (!empty($tmp)) {
         $tmp = preg_replace('/\\s+/', ' ', $tmp);
         $tmp = snort_expand_port_range($tmp, ' ');
         $http_inspect_servers .= "\tports { {$tmp} } \\\n";
     } else {
         log_error("[snort] WARNING: unable to resolve Ports Alias [{$v['ports']}] for HTTP_INSPECT server '{$v['name']}' ... using safe default instead.");
         $http_inspect_servers .= "\tports { {$http_ports} } \\\n";
     }
 } else {
     log_error("[snort] WARNING: unable to resolve Ports Alias [{$v['ports']}] for HTTP_INSPECT server '{$v['name']}' ... using safe default instead.");
     $http_inspect_servers .= "\tports { {$http_ports} } \\\n";
 }
 $http_inspect_servers .= "\tserver_flow_depth {$v['server_flow_depth']} \\\n";
 $http_inspect_servers .= "\tclient_flow_depth {$v['client_flow_depth']} \\\n";
 $http_inspect_servers .= "\thttp_methods { GET POST PUT SEARCH MKCOL COPY MOVE LOCK UNLOCK NOTIFY POLL BCOPY BDELETE BMOVE LINK UNLINK OPTIONS HEAD DELETE TRACE TRACK CONNECT SOURCE SUBSCRIBE UNSUBSCRIBE PROPFIND PROPPATCH BPROPFIND BPROPPATCH RPC_CONNECT PROXY_SUCCESS BITS_POST CCM_POST SMS_POST RPC_IN_DATA RPC_OUT_DATA RPC_ECHO_DATA } \\\n";
示例#6
0
    // Remove trailing newline
    $host_os_policy = trim($host_os_policy);
}
// Add the HTTP Server-specific policies if configured, otherwise
// just set default to IDS for all networks.
if (!is_array($suricatacfg['libhtp_policy']['item'])) {
    $suricatacfg['libhtp_policy']['item'] = array();
}
if (empty($suricatacfg['libhtp_policy']['item'])) {
    $http_hosts_default_policy = "default-config:\n     personality: IDS\n     request-body-limit: 4096\n     response-body-limit: 4096\n";
    $http_hosts_default_policy .= "     double-decode-path: no\n     double-decode-query: no\n     uri-include-all: no\n";
} else {
    foreach ($suricatacfg['libhtp_policy']['item'] as $k => $v) {
        if ($v['bind_to'] != "all") {
            $engine = "server-config:\n     - {$v['name']}:\n";
            $tmp = trim(filter_expand_alias($v['bind_to']));
            if (!empty($tmp)) {
                $engine .= "         address: [";
                $tmp = preg_replace('/\\s+/', ',', $tmp);
                $list = explode(',', $tmp);
                foreach ($list as $addr) {
                    if (is_ipaddrv6($addr) || is_subnetv6($addr)) {
                        $engine .= "\"{$addr}\", ";
                    } elseif (is_ipaddrv4($addr) || is_subnetv4($addr)) {
                        $engine .= "{$addr}, ";
                    } else {
                        log_error("[suricata] WARNING: invalid IP address value '{$addr}' in Alias {$v['bind_to']} will be ignored.");
                        continue;
                    }
                }
                $engine = trim($engine, ' ,');
示例#7
0
			</thead>
		<tbody>
		  <?php 
$i = 0;
foreach ($a_aliases as $alias) {
    ?>
			<?php 
    if (!in_array($alias['type'], $a_types)) {
        continue;
    }
    if (($alias['type'] == "network" || $alias['type'] == "host") && $multi_ip != "yes" && !snort_is_single_addr_alias($alias['name'])) {
        $textss = "<span class=\"gray\">";
        $textse = "</span>";
        $disable = true;
        $tooltip = gettext("Aliases resolving to multiple address entries cannot be used with the destination target.");
    } elseif (($alias['type'] == "network" || $alias['type'] == "host") && trim(filter_expand_alias($alias['name'])) == "") {
        $textss = "<span class=\"gray\">";
        $textse = "</span>";
        $disable = true;
        $tooltip = gettext("Aliases representing a FQDN host cannot be used in Snort preprocessor configurations.");
    } else {
        $textss = "";
        $textse = "";
        $disable = "";
        $selectablealias = true;
        $tooltip = gettext("Selected entry will be imported. Click to toggle selection.");
    }
    ?>
			<?php 
    if ($disable) {
        ?>
示例#8
0
$i = 0;
foreach ($a_aliases as $alias) {
    ?>
			<?php 
    if ($alias['type'] != "host" && $alias['type'] != "network") {
        continue;
    }
    if (isset($used[$alias['name']])) {
        continue;
    }
    if (!$multi_ip && !snort_is_single_addr_alias($alias['name'])) {
        $textss = "<span class=\"gray\">";
        $textse = "</span>";
        $disable = true;
        $tooltip = gettext("Aliases resolving to multiple addresses cannot be used with the '{$eng}'.");
    } elseif (trim(filter_expand_alias($alias['name'])) == "") {
        $textss = "<span class=\"gray\">";
        $textse = "</span>";
        $disable = true;
        $tooltip = gettext("Aliases representing a FQDN host cannot be used in Snort preprocessor configurations.");
    } else {
        $textss = "";
        $textse = "";
        $disable = "";
        $selectablealias = true;
        $tooltip = gettext("Selected entries will be imported. Click to toggle selection of this entry.");
    }
    ?>
			<?php 
    if ($disable) {
        ?>
示例#9
0
			<td class="listlr"
				ondblclick="document.location='snort_passlist_edit.php?id=<?php 
    echo $i;
    ?>
';">
				<?php 
    echo htmlspecialchars($list['name']);
    ?>
</td>
			<td class="listr"
				ondblclick="document.location='snort_passlist_edit.php?id=<?php 
    echo $i;
    ?>
';" 
				title="<?php 
    echo filter_expand_alias($list['address']);
    ?>
">
				<?php 
    echo gettext($list['address']);
    ?>
</td>
			<td class="listbg"
				ondblclick="document.location='snort_passlist_edit.php?id=<?php 
    echo $i;
    ?>
';">
			<font color="#FFFFFF"> <?php 
    echo htmlspecialchars($list['descr']);
    ?>
&nbsp;