X-Git-Url: http://git.ipfire.org/?a=blobdiff_plain;f=html%2Fcgi-bin%2Fids.cgi;h=ff48333b732a44c53b7443c56d30815068bb193b;hb=2723ef8721862b9d9565346bae8115773123e53e;hp=4bd0128cb4cf4a5e4ff6e0de3d76e4010e393da2;hpb=9e78ce6142549d6d786fe97c56bf58df6b81e80f;p=ipfire-2.x.git

diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi
index 4bd0128cb4..ff48333b73 100644
--- a/html/cgi-bin/ids.cgi
+++ b/html/cgi-bin/ids.cgi
@@ -2,7 +2,7 @@
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2007-2013  IPFire Team  <info@ipfire.org>                     #
+# Copyright (C) 2007-2015  IPFire Team  <info@ipfire.org>                     #
 #                                                                             #
 # This program is free software: you can redistribute it and/or modify        #
 # it under the terms of the GNU General Public License as published by        #
@@ -55,16 +55,7 @@ $snortsettings{'ENABLE_SNORT'} = 'off';
 $snortsettings{'ENABLE_SNORT_GREEN'} = 'off';
 $snortsettings{'ENABLE_SNORT_BLUE'} = 'off';
 $snortsettings{'ENABLE_SNORT_ORANGE'} = 'off';
-$snortsettings{'ENABLE_GUARDIAN'} = 'off';
-$snortsettings{'GUARDIAN_INTERFACE'} = `cat /var/ipfire/red/iface`;
-$snortsettings{'GUARDIAN_HOSTGATEWAYBYTE'} = '1';
-$snortsettings{'GUARDIAN_LOGFILE'} = '/var/log/guardian/guardian.log';
-$snortsettings{'GUARDIAN_ALERTFILE'} = '/var/log/snort/alert';
-$snortsettings{'GUARDIAN_IGNOREFILE'} = '/var/ipfire/guardian/guardian.ignore';
-$snortsettings{'GUARDIAN_TARGETFILE'} = '/var/ipfire/guardian/guardian.target';
-$snortsettings{'GUARDIAN_TIMELIMIT'} = '86400';
 $snortsettings{'ACTION'} = '';
-$snortsettings{'ACTION2'} = '';
 $snortsettings{'RULES'} = '';
 $snortsettings{'OINKCODE'} = '';
 $snortsettings{'INSTALLDATE'} = '';
@@ -262,127 +253,94 @@ if (-e "/etc/snort/snort.conf") {
 
 #######################  End added for snort rules control  #################################
 
-if ($snortsettings{'RULES'} eq 'subscripted') {
-	$url=" http://www.snort.org/sub-rules/snortrules-snapshot-2953.tar.gz/$snortsettings{'OINKCODE'}";
-} elsif ($snortsettings{'RULES'} eq 'registered') {
-	$url=" http://www.snort.org/reg-rules/snortrules-snapshot-2950.tar.gz/$snortsettings{'OINKCODE'}";
-} elsif ($snortsettings{'RULES'} eq 'community') {
-	$url=" http://s3.amazonaws.com/snort-org/www/rules/community/community-rules.tar.gz";
-} else {
-	$url="http://rules.emergingthreats.net/open/snort-2.9.0/emerging.rules.tar.gz";
+if ($snortsettings{'OINKCODE'} ne "") {
+	$errormessage = $Lang::tr{'invalid input for oink code'} unless ($snortsettings{'OINKCODE'} =~ /^[a-z0-9]+$/);
 }
 
-if ($snortsettings{'ACTION'} eq $Lang::tr{'save'} && $snortsettings{'ACTION2'} eq "snort" )
-{
-	$errormessage = $Lang::tr{'invalid input for oink code'} unless (
-	    ($snortsettings{'OINKCODE'} =~ /^[a-z0-9]+$/)  ||
-	    ($snortsettings{'RULES'} eq 'nothing' ) ||
-	    ($snortsettings{'RULES'} eq 'emerging' ) ||
-	    ($snortsettings{'RULES'} eq 'community' ));
-
-	&General::writehash("${General::swroot}/snort/settings", \%snortsettings);
-	if ($snortsettings{'ENABLE_SNORT'} eq 'on')
-	{
-		system ('/usr/bin/touch', "${General::swroot}/snort/enable");
+if (!$errormessage) {
+	if ($snortsettings{'RULES'} eq 'subscripted') {
+		$url=" https://www.snort.org/rules/snortrules-snapshot-29110.tar.gz?oinkcode=$snortsettings{'OINKCODE'}";
+	} elsif ($snortsettings{'RULES'} eq 'registered') {
+		$url=" https://www.snort.org/rules/snortrules-snapshot-29110.tar.gz?oinkcode=$snortsettings{'OINKCODE'}";
+	} elsif ($snortsettings{'RULES'} eq 'community') {
+		$url=" https://www.snort.org/rules/community";
 	} else {
-		unlink "${General::swroot}/snort/enable";
+		$url="http://rules.emergingthreats.net/open/snort-2.9.0/emerging.rules.tar.gz";
 	}
-	if ($snortsettings{'ENABLE_SNORT_GREEN'} eq 'on')
-	{
-		system ('/usr/bin/touch', "${General::swroot}/snort/enable_green");
-	} else {
-		unlink "${General::swroot}/snort/enable_green";
-	}
-	if ($snortsettings{'ENABLE_SNORT_BLUE'} eq 'on')
-	{
-		system ('/usr/bin/touch', "${General::swroot}/snort/enable_blue");
-	} else {
-		unlink "${General::swroot}/snort/enable_blue";
-	}
-	if ($snortsettings{'ENABLE_SNORT_ORANGE'} eq 'on')
-	{
-		system ('/usr/bin/touch', "${General::swroot}/snort/enable_orange");
-	} else {
-		unlink "${General::swroot}/snort/enable_orange";
-	}
-	if ($snortsettings{'ENABLE_PREPROCESSOR_HTTP_INSPECT'} eq 'on')
-	{
-		system ('/usr/bin/touch', "${General::swroot}/snort/enable_preprocessor_http_inspect");
-	} else {
-		unlink "${General::swroot}/snort/enable_preprocessor_http_inspect";
-	}
-	if ($snortsettings{'ENABLE_GUARDIAN'} eq 'on')
-	{
-		system ('/usr/bin/touch', "${General::swroot}/guardian/enable");
-	} else {
-		unlink "${General::swroot}/guardian/enable";
-	}
-
-	system('/usr/local/bin/snortctrl restart >/dev/null');
 
-} elsif ($snortsettings{'ACTION'} eq $Lang::tr{'save'} && $snortsettings{'ACTION2'} eq "guardian" ){
-			foreach my $key (keys %snortsettings){
-				if ( $key !~ /^GUARDIAN/ ){
-					delete $snortsettings{$key};
-				}
-			}
-			&General::writehashpart("${General::swroot}/snort/settings", \%snortsettings);
-			open(IGNOREFILE, ">$snortsettings{'GUARDIAN_IGNOREFILE'}") or die "Unable to write guardian ignore file $snortsettings{'GUARDIAN_IGNOREFILE'}";
-				print IGNOREFILE $snortsettings{'GUARDIAN_IGNOREFILE_CONTENT'};
-			close(IGNOREFILE);
-			open(GUARDIAN, ">/var/ipfire/guardian/guardian.conf") or die "Unable to write guardian conf /var/ipfire/guardian/guardian.conf";
-				print GUARDIAN <<END
-Interface   $snortsettings{'GUARDIAN_INTERFACE'}
-HostGatewayByte   $snortsettings{'GUARDIAN_HOSTGATEWAYBYTE'}
-LogFile   $snortsettings{'GUARDIAN_LOGFILE'}
-AlertFile   $snortsettings{'GUARDIAN_ALERTFILE'}
-IgnoreFile   $snortsettings{'GUARDIAN_IGNOREFILE'}
-TargetFile   $snortsettings{'GUARDIAN_TARGETFILE'}
-TimeLimit   $snortsettings{'GUARDIAN_TIMELIMIT'}
-END
-;
-			close(GUARDIAN);
-	  	system('/usr/local/bin/snortctrl restart >/dev/null');
-}
-	 # INSTALLMD5 is not in the form, so not retrieved by getcgihash
-	&General::readhash("${General::swroot}/snort/settings", \%snortsettings);
-
-if ($snortsettings{'ACTION'} eq $Lang::tr{'download new ruleset'} || $snortsettings{'ACTION'} eq $Lang::tr{'upload new ruleset'}) {
-
-	my @df = `/bin/df -B M /var`;
-	foreach my $line (@df) {
-		next if $line =~ m/^Filesystem/;
-		my $return;
-
-		if ($line =~ m/dev/ ) {
-		$line =~ m/^.* (\d+)M.*$/;
-		my @temp = split(/ +/,$line);
-			if ($1<300) {
-				$errormessage = "$Lang::tr{'not enough disk space'} < 300MB, /var $1MB";
-			} else {
+	if ($snortsettings{'ACTION'} eq $Lang::tr{'save'} && $snortsettings{'ACTION2'} eq "snort" ) {
+		&General::writehash("${General::swroot}/snort/settings", \%snortsettings);
+		if ($snortsettings{'ENABLE_SNORT'} eq 'on')
+		{
+			system ('/usr/bin/touch', "${General::swroot}/snort/enable");
+		} else {
+			unlink "${General::swroot}/snort/enable";
+		}
+		if ($snortsettings{'ENABLE_SNORT_GREEN'} eq 'on')
+		{
+			system ('/usr/bin/touch', "${General::swroot}/snort/enable_green");
+		} else {
+			unlink "${General::swroot}/snort/enable_green";
+		}
+		if ($snortsettings{'ENABLE_SNORT_BLUE'} eq 'on')
+		{
+			system ('/usr/bin/touch', "${General::swroot}/snort/enable_blue");
+		} else {
+			unlink "${General::swroot}/snort/enable_blue";
+		}
+		if ($snortsettings{'ENABLE_SNORT_ORANGE'} eq 'on')
+		{
+			system ('/usr/bin/touch', "${General::swroot}/snort/enable_orange");
+		} else {
+			unlink "${General::swroot}/snort/enable_orange";
+		}
+		if ($snortsettings{'ENABLE_PREPROCESSOR_HTTP_INSPECT'} eq 'on')
+		{
+			system ('/usr/bin/touch', "${General::swroot}/snort/enable_preprocessor_http_inspect");
+		} else {
+			unlink "${General::swroot}/snort/enable_preprocessor_http_inspect";
+		}
 
-				if ( $snortsettings{'ACTION'} eq $Lang::tr{'download new ruleset'} ){
+		system('/usr/local/bin/snortctrl restart >/dev/null');
+	}
 
-					&downloadrulesfile();
-					sleep(3);
-					$return = `cat /var/tmp/log 2>/dev/null`;
+	# INSTALLMD5 is not in the form, so not retrieved by getcgihash
+	&General::readhash("${General::swroot}/snort/settings", \%snortsettings);
 
-				} elsif ( $snortsettings{'ACTION'} eq $Lang::tr{'upload new ruleset'} ) {
-					my $upload = $a->param("UPLOAD");
-					open UPLOADFILE, ">/var/tmp/snortrules.tar.gz";
-					binmode $upload;
-					while ( <$upload> ) {
-					print UPLOADFILE;
+	if ($snortsettings{'ACTION'} eq $Lang::tr{'download new ruleset'} || $snortsettings{'ACTION'} eq $Lang::tr{'upload new ruleset'}) {
+		my @df = `/bin/df -B M /var`;
+		foreach my $line (@df) {
+			next if $line =~ m/^Filesystem/;
+			my $return;
+
+			if ($line =~ m/dev/ ) {
+				$line =~ m/^.* (\d+)M.*$/;
+				my @temp = split(/ +/,$line);
+				if ($1<300) {
+					$errormessage = "$Lang::tr{'not enough disk space'} < 300MB, /var $1MB";
+				} else {
+					if ( $snortsettings{'ACTION'} eq $Lang::tr{'download new ruleset'}) {
+						&downloadrulesfile();
+						sleep(3);
+						$return = `cat /var/tmp/log 2>/dev/null`;
+
+					} elsif ( $snortsettings{'ACTION'} eq $Lang::tr{'upload new ruleset'}) {
+						my $upload = $a->param("UPLOAD");
+						open UPLOADFILE, ">/var/tmp/snortrules.tar.gz";
+						binmode $upload;
+						while ( <$upload> ) {
+							print UPLOADFILE;
+						}
+						close UPLOADFILE;
 					}
-					close UPLOADFILE;
-				}
 
-					if ($return =~ "ERROR"){
+					if ($return =~ "ERROR") {
 						$errormessage = "<br /><pre>".$return."</pre>";
 					} else {
 						system("/usr/local/bin/oinkmaster.pl -v -s -u file:///var/tmp/snortrules.tar.gz -C /var/ipfire/snort/oinkmaster.conf -o /etc/snort/rules >>/var/tmp/log 2>&1 &");
 						sleep(2);
 					}
+				}
 			}
 		}
 	}
@@ -400,9 +358,6 @@ $checked{'ENABLE_SNORT_BLUE'}{$snortsettings{'ENABLE_SNORT_BLUE'}} = "checked='c
 $checked{'ENABLE_SNORT_ORANGE'}{'off'} = '';
 $checked{'ENABLE_SNORT_ORANGE'}{'on'} = '';
 $checked{'ENABLE_SNORT_ORANGE'}{$snortsettings{'ENABLE_SNORT_ORANGE'}} = "checked='checked'";
-$checked{'ENABLE_GUARDIAN'}{'off'} = '';
-$checked{'ENABLE_GUARDIAN'}{'on'} = '';
-$checked{'ENABLE_GUARDIAN'}{$snortsettings{'ENABLE_GUARDIAN'}} = "checked='checked'";
 $selected{'RULES'}{'nothing'} = '';
 $selected{'RULES'}{'community'} = '';
 $selected{'RULES'}{'emerging'} = '';
@@ -413,9 +368,9 @@ $selected{'RULES'}{$snortsettings{'RULES'}} = "selected='selected'";
 &Header::openpage($Lang::tr{'intrusion detection system'}, 1, '');
 
 ####################### Added for snort rules control #################################
-print "<SCRIPT LANGUAGE='JavaScript' SRC='/include/snortupdateutility.js'></SCRIPT>";
+print "<script type='text/javascript' src='/include/snortupdateutility.js'></script>";
 print <<END
-<STYLE TYPE="text/css">
+<style type="text/css">
 <!--
 .section {
 	border: groove;
@@ -433,7 +388,7 @@ print <<END
 	background-color: #DCDCDC;
 }
 -->
-</STYLE>
+</style>
 END
 ;
 #######################  End added for snort rules control  #################################
@@ -472,7 +427,7 @@ if ($return) {
 				$Lang::tr{'snort working'}
 		<tr><td colspan='2' align='center'>
 			<form method='post' action='$ENV{'SCRIPT_NAME'}'>
-				<input type='image' alt='$Lang::tr{'reload'}' src='/images/view-refresh.png' />
+				<input type='image' alt='$Lang::tr{'reload'}' title='$Lang::tr{'reload'}' src='/images/view-refresh.png' />
 			</form>
 		<tr><td colspan='2' align='left'><pre>
 END
@@ -491,7 +446,7 @@ END
 	refreshpage();
 }
 
-&Header::openbox('100%', 'left', $Lang::tr{'intrusion detection system2'});
+&Header::openbox('100%', 'left', $Lang::tr{'intrusion detection system'});
 print <<END
 <form method='post' action='$ENV{'SCRIPT_NAME'}'><table width='100%'>
 <tr><td class='base'><input type='checkbox' name='ENABLE_SNORT_GREEN' $checked{'ENABLE_SNORT_GREEN'}{'on'} />GREEN Snort
@@ -504,14 +459,11 @@ if ($netsettings{'ORANGE_DEV'} ne '') {
   print "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type='checkbox' name='ENABLE_SNORT_ORANGE' $checked{'ENABLE_SNORT_ORANGE'}{'on'} />   ORANGE Snort";
 }
   print "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type='checkbox' name='ENABLE_SNORT' $checked{'ENABLE_SNORT'}{'on'} />   RED Snort";
-if ( -e "/var/ipfire/guardian/guardian.conf" ) {
-  print "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type='checkbox' name='ENABLE_GUARDIAN' $checked{'ENABLE_GUARDIAN'}{'on'} />  Guardian";
-}
 
 print <<END
 </td></tr>
 <tr>
-	<td><hr /></td>
+	<td><br><br></td>
 </tr>
 <tr>
 	<td><b>$Lang::tr{'ids rules update'}</b></td>
@@ -528,7 +480,7 @@ print <<END
 </tr>
 <tr>
 	<td><br />
-		$Lang::tr{'ids rules license'} <a href='https://www.snort.org/signup' target='_blank'>www.snort.org</a>$Lang::tr{'ids rules license1'}<br /><br />
+		$Lang::tr{'ids rules license'} <a href='https://www.snort.org/subscribe' target='_blank'>www.snort.org</a>$Lang::tr{'ids rules license1'}<br /><br />
 		$Lang::tr{'ids rules license2'} <a href='https://www.snort.org/account/oinkcode' target='_blank'>Get an Oinkcode</a>, $Lang::tr{'ids rules license3'}
 	</td>
 </tr>
@@ -536,7 +488,7 @@ print <<END
 	<td nowrap='nowrap'>Oinkcode:&nbsp;<input type='text' size='40' name='OINKCODE' value='$snortsettings{'OINKCODE'}' /></td>
 </tr>
 <tr>
-	<td width='30%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'download new ruleset'}' />
+	<td width='30%' align='left'><br><input type='submit' name='ACTION' value='$Lang::tr{'download new ruleset'}' />
 END
 ;
 if ( -e "/var/tmp/snortrules.tar.gz"){
@@ -548,10 +500,10 @@ print "&nbsp;$Lang::tr{'updates installed'}: $snortsettings{'INSTALLDATE'}</td>"
 print <<END
 </tr>
 </table>
-<hr />
+<br><br>
 <table width='100%'>
 <tr>
-	<td align='center'><input type='hidden' name='ACTION2' value='snort' /><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td>
+	<td align='right'><input type='hidden' name='ACTION2' value='snort' /><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td>
 </tr>
 </table>
 </form>
@@ -564,37 +516,11 @@ if ($results ne '') {
 
 &Header::closebox();
 
-####################### Added for guardian control ####################################
-if ( -e "/var/ipfire/guardian/guardian.conf" ) {
-	&Header::openbox('100%', 'LEFT', $Lang::tr{'guardian configuration'});
-print <<END
-<form method='post' action='$ENV{'SCRIPT_NAME'}'><table width='100%'>
-<tr><td align='left' width='40%'>$Lang::tr{'guardian interface'}</td><td align='left'><input type='text' name='GUARDIAN_INTERFACE' value='$snortsettings{'GUARDIAN_INTERFACE'}' size="30" /></td></tr>
-<tr><td align='left' width='40%'>$Lang::tr{'guardian timelimit'}</td><td align='left'><input type='text' name='GUARDIAN_TIMELIMIT' value='$snortsettings{'GUARDIAN_TIMELIMIT'}' size="30" /></td></tr>
-<tr><td align='left' width='40%'>$Lang::tr{'guardian logfile'}</td><td align='left'><input type='text' name='GUARDIAN_LOGFILE' value='$snortsettings{'GUARDIAN_LOGFILE'}' size="30" /></td></tr>
-<tr><td align='left' width='40%'>$Lang::tr{'guardian alertfile'}</td><td align='left'><input type='text' name='GUARDIAN_ALERTFILE' value='$snortsettings{'GUARDIAN_ALERTFILE'}' size="30" /></td></tr>
-<tr><td align='left' width='40%'>$Lang::tr{'guardian ignorefile'}</td><td align='left'><textarea name='GUARDIAN_IGNOREFILE_CONTENT' cols='32' rows='6' wrap='off'>
-END
-;
-	print `cat /var/ipfire/guardian/guardian.ignore`;
-print <<END
-</textarea></td></tr>
-<tr><td align='center' colspan='2'><input type='hidden' name='ACTION2' value='guardian' /><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td></tr>
-</table>
-</form>
-END
-;
-	&Header::closebox();
-}
-
-
-
-
 ####################### Added for snort rules control #################################
 if ( -e "${General::swroot}/snort/enable" || -e "${General::swroot}/snort/enable_green" || -e "${General::swroot}/snort/enable_blue" || -e "${General::swroot}/snort/enable_orange" ) {
 	&Header::openbox('100%', 'LEFT', $Lang::tr{'intrusion detection system rules'});
 		# Output display table for rule files
-		print "<TABLE width='100%'><TR><TD VALIGN='TOP'><TABLE>";
+		print "<table width='100%'><tr><td valign='top'><table>";
 
 		print "<form method='post'>";
 
@@ -615,7 +541,7 @@ if ( -e "${General::swroot}/snort/enable" || -e "${General::swroot}/snort/enable
 
 			# Check if reached half-way through rule file rules to start new column
  		if ($ruledisplaycnt > $rulecnt) {
-				print "</TABLE></TD><TD VALIGN='TOP'><TABLE>";
+				print "</table></td><td valign='top'><table>";
 				$ruledisplaycnt = 0;
 			}
 
@@ -666,21 +592,21 @@ if ( -e "${General::swroot}/snort/enable" || -e "${General::swroot}/snort/enable
 			}
 
 			# Output rule file name and checkbox
-			print "<TR><TD CLASS='base' VALIGN='TOP'><INPUT TYPE='checkbox' NAME='SNORT_RULE_$rulefile' $rulechecked> <A HREF='$rulefilelink'>$rulefile</A></TD></TR>";
-			print "<TR><TD CLASS='base' VALIGN='TOP'>";
+			print "<tr><td class='base' valign='top'><input type='checkbox' NAME='SNORT_RULE_$rulefile' $rulechecked> <a href='$rulefilelink'>$rulefile</a></td></tr>";
+			print "<tr><td class='base' valign='top'>";
 
 			# Check for empty 'Description'
 			if ($snortrules{$rulefile}{'Description'} eq '') {
-				print "<TABLE WIDTH='100%'><TR><TD CLASS='base'>No description available</TD></TR>";
+				print "<table width='100%'><tr><td class='base'>No description available</td></tr>";
 			} else {
 				# Output rule file 'Description'
-				print "<TABLE WIDTH='100%'><TR><TD CLASS='base'>$snortrules{$rulefile}{'Description'}</TD></TR>";
+				print "<table width='100%'><tr><td class='base'>$snortrules{$rulefile}{'Description'}</td></tr>";
 			}
 
 			# Check for display flag
 			if ($displayrulefilerules) {
 				# Rule file definition rule display
-				print "<TR><TD CLASS='base' VALIGN='TOP'><TABLE border=1><TR>";
+				print "<tr><td class='base' valign='top'><table border='0'><tr>";
 
 				# Local vars
 			 	my $ruledefdisplaycnt = 0;
@@ -695,7 +621,7 @@ if ( -e "${General::swroot}/snort/enable" || -e "${General::swroot}/snort/enable
 
 					# If have display 2 rules, start new row
 					if (($ruledefdisplaycnt % 2) == 0) {
-						print "</TR><TR>";
+						print "</tr><tr>";
 						$ruledefdisplaycnt = 0;
 					}
 
@@ -707,7 +633,7 @@ if ( -e "${General::swroot}/snort/enable" || -e "${General::swroot}/snort/enable
 					# Create rule file rule's checkbox
 					$checkboxname = "SNORT_RULE_$rulefile";
 					$checkboxname .= "_$ruledef";
-					print "<TD CLASS='base'><INPUT TYPE='checkbox' NAME='$checkboxname' $ruledefchecked> $snortrules{$rulefile}{'Definition'}{$ruledef}{'Description'}</TD>";
+					print "<td class='base'><input type='checkbox' NAME='$checkboxname' $ruledefchecked> $snortrules{$rulefile}{'Definition'}{$ruledef}{'Description'}</td>";
 
 					# Increment count
 					$ruledefdisplaycnt++;
@@ -715,26 +641,24 @@ if ( -e "${General::swroot}/snort/enable" || -e "${General::swroot}/snort/enable
 
 				# If do not have second rule for row, create empty cell
 				if (($ruledefdisplaycnt % 2) != 0) {
-					print "<TD CLASS='base'></TD>";
+					print "<td class='base'></td>";
 				}
 
 				# Close display table
-				print "</TR></TABLE></TD></TR>";
+				print "</tr></table></td></tr>";
 		}
 
 			# Close display table
-			print "</TABLE>";
+			print "</table>";
 
 			# Increment ruledisplaycnt
 		$ruledisplaycnt++;
 		}
-	print "</TD></TR></TABLE></TD></TR></TABLE>";
+	print "</td></tr></table></td></tr></table>";
 	print <<END
 <table width='100%'>
 <tr>
-	<td width='33%'>&nbsp;</td>
-	<td width='33%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'update'}' /></td>
-	<td width='33%'>
+	<td width='100%' align='right'><input type='submit' name='ACTION' value='$Lang::tr{'update'}' /></td>
 		&nbsp; <!-- space for future online help link -->
 	</td>
 </tr>