exit(0); } // set page vars if (isset($_GET['uuid'])) { $uuid = $_GET['uuid']; } if (isset($_GET['rdbuuid'])) { $rdbuuid = $_GET['rdbuuid']; } else { $ruledbname_pre1 = snortSql_fetchAllSettings('snortDB', 'SnortIfaces', 'uuid', $uuid); $rdbuuid = $ruledbname_pre1['ruledbname']; } //$a_list = snortSql_fetchAllSettings('snortDBrules', 'SnortIfaces', 'uuid', $uuid); // list rules in the default dir $filterDirList = array(); $filterDirList = snortScanDirFilter('/usr/local/etc/snort/snortDBrules/DB/' . $rdbuuid . '/rules', '\\.rules'); // list rules in db that are on in a array $listOnRules = array(); $listOnRules = snortSql_fetchAllSettings('snortDBrules', 'SnortRuleSetsIps', 'rdbuuid', $rdbuuid); // list rules in db that are on in a array $listGenRules = array(); $listGenRules = snortSql_fetchAllSettings('snortDBrules', 'SnortruleGenIps', 'rdbuuid', $rdbuuid); if (!empty($listOnRules)) { foreach ($listOnRules as $val2) { if ($val2['enable'] == 'on') { $rulesetOn[] = $val2['rulesetname']; } } unset($listOnRules); } $pgtitle = "Services: Snort: Ruleset Ips";
function saveSnortrules() { unset($_POST['snortSaveSettings']); unset($_POST['ifaceTab']); if (!is_dir("/usr/local/etc/snort/snortDBrules/DB/{$_POST['uuid']}/rules")) { // creat iface dir and ifcae rules dir exec("/bin/mkdir -p /usr/local/etc/snort/snortDBrules/DB/{$_POST['uuid']}/rules"); // create at least one file if (!file_exists("/usr/local/etc/snort/snortDBrules/DB/{$_POST['uuid']}/rules/local.rules")) { exec("/usr/bin/touch /usr/local/etc/snort/snortDBrules/DB/{$_POST['uuid']}/rules/local.rules"); } // NOTE: code only works on php5 $listSnortRulesDir = snortScanDirFilter('/usr/local/etc/snort/snortDBrules/snort_rules/rules', '\\.rules'); $listEmergingRulesDir = snortScanDirFilter('/usr/local/etc/snort/snortDBrules/emerging_rules/rules', '\\.rules'); $listPfsenseRulesDir = snortScanDirFilter('/usr/local/etc/snort/snortDBrules/pfsense_rules/rules', '\\.rules'); if (!empty($listSnortRulesDir)) { exec("/bin/cp -R /usr/local/etc/snort/snortDBrules/snort_rules/rules/*.rules /usr/local/etc/snort/snortDBrules/DB/{$_POST['uuid']}/rules"); } if (!empty($listEmergingRulesDir)) { exec("/bin/cp -R /usr/local/etc/snort/snortDBrules/emerging_rules/rules/*.rules /usr/local/etc/snort/snortDBrules/DB/{$_POST['uuid']}/rules"); } if (!empty($listPfsenseRulesDir)) { exec("/bin/cp -R /usr/local/etc/snort/snortDBrules/pfsense_rules/rules/*.rules /usr/local/etc/snort/snortDBrules/DB/{$_POST['uuid']}/rules"); } } //end of mkdir }
$uuid = $_GET['uuid']; } if (isset($_GET['rdbuuid'])) { $rdbuuid = $_GET['rdbuuid']; } else { $ruledbname_pre1 = snortSql_fetchAllSettings('snortDB', 'SnortIfaces', 'uuid', $uuid); $rdbuuid = $ruledbname_pre1['ruledbname']; } // unset Session tmp on page load unset($_SESSION['snort']['tmp']); // list rules in the default dir $a_list = snortSql_fetchAllSettings('snortDBrules', 'Snortrules', 'uuid', $rdbuuid); $snortRuleDir = '/usr/local/etc/snort/snortDBrules/DB/' . $rdbuuid; // list rules in the default dir $filterDirList = array(); $filterDirList = snortScanDirFilter($snortRuleDir . '/rules', '\\.rules'); // START read rule file if ($_GET['openruleset']) { $rulefile = $_GET['openruleset']; } else { $rulefile = $filterDirList[0]; } // path of rule file $workingFile = $snortRuleDir . '/rules/' . $rulefile; function load_rule_file($incoming_file, $splitcontents) { $pattern = '/(^alert |^# alert )/'; foreach ($splitcontents as $val) { // remove whitespaces $rmWhitespaces = preg_replace('/\\s\\s+/', ' ', $val); // filter none alerts