}
// Make sure a rule index ID is appended to the return URL
if (strpos($referrer, "?id={$id}") === FALSE) {
    $referrer .= "?id={$id}";
}
// If RETURN button clicked, exit to original calling page
if ($_POST['cancel']) {
    header("Location: {$referrer}");
    exit;
}
$if_real = get_real_interface($a_nat[$id]['interface']);
$suricata_uuid = $a_nat[$id]['uuid'];
/* We should normally never get to this page if Auto-Flowbits are disabled, but just in case... */
if ($a_nat[$id]['autoflowbitrules'] == 'on') {
    if (file_exists("{$suricatadir}suricata_{$suricata_uuid}_{$if_real}/rules/{$flowbit_rules_file}") && filesize("{$suricatadir}suricata_{$suricata_uuid}_{$if_real}/rules/{$flowbit_rules_file}") > 0) {
        $rules_map = suricata_load_rules_map("{$suricatadir}suricata_{$suricata_uuid}_{$if_real}/rules/{$flowbit_rules_file}");
    } else {
        $savemsg = gettext("There are no flowbit-required rules necessary for the current enforcing rule set.");
    }
} else {
    $input_errors[] = gettext("Auto-Flowbit rule generation is disabled for this interface!");
}
if ($_POST['addsuppress'] && is_numeric($_POST['sid']) && is_numeric($_POST['gid'])) {
    $descr = suricata_get_msg($rules_map[$_POST['gid']][$_POST['sid']]['rule']);
    $suppress = gettext("## -- This rule manually suppressed from the Auto-Flowbits list. -- ##\n");
    if (empty($descr)) {
        $suppress .= "suppress gen_id {$_POST['gid']}, sig_id {$_POST['sid']}\n";
    } else {
        $suppress .= "# {$descr}\nsuppress gen_id {$_POST['gid']}, sig_id {$_POST['sid']}\n";
    }
    if (!is_array($config['installedpackages']['suricata']['suppress'])) {
}
$ruledir = "{$suricatadir}rules";
$rulefile = "{$ruledir}/{$currentruleset}";
if ($currentruleset != 'custom.rules') {
    // Read the current rules file into our rules map array.
    // If it is the auto-flowbits file, set the full path.
    if ($currentruleset == "Auto-Flowbit Rules") {
        $rulefile = "{$suricatacfgdir}/rules/" . FLOWBITS_FILENAME;
    }
    // Test for the special case of an IPS Policy file.
    if (substr($currentruleset, 0, 10) == "IPS Policy") {
        $rules_map = suricata_load_vrt_policy($a_rule[$id]['ips_policy']);
    } elseif (!file_exists($rulefile)) {
        $input_errors[] = gettext("{$currentruleset} seems to be missing!!! Please verify rules files have been downloaded, then go to the Categories tab and save the rule set again.");
    } else {
        $rules_map = suricata_load_rules_map($rulefile);
    }
}
/* Process the current category rules through any auto SID MGMT changes if enabled */
suricata_auto_sid_mgmt($rules_map, $a_rule[$id], FALSE);
/* Load up our enablesid and disablesid arrays with manually enabled or disabled SIDs */
$enablesid = suricata_load_sid_mods($a_rule[$id]['rule_sid_on']);
$disablesid = suricata_load_sid_mods($a_rule[$id]['rule_sid_off']);
if ($_POST['toggle'] && is_numeric($_POST['sid']) && is_numeric($_POST['gid']) && !empty($rules_map)) {
    // Get the GID:SID tags embedded in the clicked rule icon.
    $gid = $_POST['gid'];
    $sid = $_POST['sid'];
    // See if the target SID is in our list of modified SIDs,
    // and toggle it opposite state if present; otherwise,
    // add it to the appropriate modified SID list.
    if (isset($enablesid[$gid][$sid])) {
        foreach (array_keys($rules_map) as $k1) {
            foreach (array_keys($rules_map[$k1]) as $k2) {
                $contents .= "# Category: " . $rules_map[$k1][$k2]['category'] . "   SID: {$k2}\n";
                $contents .= $rules_map[$k1][$k2]['rule'] . "\n";
            }
        }
    }
    unset($rules_map);
} elseif (isset($_GET['sid']) && is_numericint($_GET['sid']) && isset($_GET['gid']) && is_numericint($_GET['gid'])) {
    // If flowbit rule, point to interface-specific file
    if ($file == "Auto-Flowbit Rules") {
        $rules_map = suricata_load_rules_map("{$suricatacfgdir}rules/" . FLOWBITS_FILENAME);
    } elseif ($file == "suricata.rules") {
        $rules_map = suricata_load_rules_map("{$suricatacfgdir}rules/suricata.rules");
    } else {
        $rules_map = suricata_load_rules_map("{$suricatadir}rules/{$file}");
    }
    $contents = $rules_map[$_GET['gid']][trim($_GET['sid'])]['rule'];
    $wrap_flag = "soft";
} elseif ($file == "Auto-Flowbit Rules") {
    $contents = file_get_contents("{$suricatacfgdir}rules/{$flowbit_rules_file}");
} elseif (file_exists("{$suricatadir}rules/{$file}")) {
    $contents = file_get_contents("{$suricatadir}rules/{$file}");
} else {
    $input_errors[] = gettext("Unable to open file: {$displayfile}");
}
$pgtitle = array(gettext("Suricata"), gettext("Rules File Viewer"));
?>

<?php 
include "head.inc";