require "${General::swroot}/lang.pl";
require "${General::swroot}/header.pl";
+my %color = ();
+my %mainsettings = ();
+&General::readhash("${General::swroot}/main/settings", \%mainsettings);
+&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
+
use POSIX();
#workaround to suppress a warning when a variable is used only once
foreach $_ (@slice)
{
if ($lines % 2) {
- print "<tr bgcolor='${Header::table1colour}'><td>\n"; }
+ print "<tr bgcolor='$color{'color20'}'><td>\n"; }
else {
- print "<tr bgcolor='${Header::table2colour}'><td>\n"; }
+ print "<tr bgcolor='$color{'color22'}'><td>\n"; }
my ($datetime,$title,$priority,$classification,$srcip,$srcport,$destip,$destport,$sid,$refs) = split(/\|/);
print <<END
<table width='100%'>
<td valign='top'>
END
;
- if ($sid ne "n/a") {
- print "<a href='http://www.snort.org/pub-bin/sigs.cgi?sid=$sid' ";
+ if ($sid eq "n/a") {
+ print $sid;
+ } elsif ($sid < 1000000) {
+ # Link to sourcefire if the the rule sid is less than 1000000.
+ print "<a href='https://www.snort.org/rule_docs/1-$sid' ";
+ print "target='_blank'>$sid</a></td>\n";
+ } elsif ($sid >= 2000000 and $sid < 3000000) {
+ # Link to emergingthreats if the rule sid is between 2000000 and 3000000.
+ print "<a href='http://doc.emergingthreats.net/$sid' ";
print "target='_blank'>$sid</a></td>\n";
} else {
+ # No external link for user defined rules
print $sid;
}
print <<END
}
($title,$classification,$priority,$date,$time,$srcip,$srcport,$destip,$destport, $sid) = ("n/a","n/a","n/a","n/a","n/a","n/a","n/a","n/a","n/a", "n/a");
@refs = ();
- $_ =~ m/:([0-9]{1,4})\] (.*) \[\*\*\]/;
+ $_ =~ m/:([0-9]{1,5})\] (.*) \[\*\*\]/;
$title = &Header::cleanhtml($2,"y");
}
if ($_ =~ m/Classification: (.*)\] \[Priority: (\d)\]/) {