From: Stefan Schantl Date: Sun, 21 Mar 2021 20:41:42 +0000 (+0100) Subject: ids.cgi: Move / Splitt main page and customize ruleset subpage. X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=42ec62812f1389fad0b49b83bc4e9a6ac7c78a2e;p=people%2Fstevee%2Fipfire-2.x.git ids.cgi: Move / Splitt main page and customize ruleset subpage. Signed-off-by: Stefan Schantl --- diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi index d24d60d21d..4c6d026156 100644 --- a/html/cgi-bin/ids.cgi +++ b/html/cgi-bin/ids.cgi @@ -667,299 +667,299 @@ if ($cgiparams{'RULESET'} eq $Lang::tr{'save'}) { } } -# Read-in idssettings and rulesetsettings -&General::readhash("$IDS::ids_settings_file", \%idssettings); -&General::readhash("$IDS::rules_settings_file", \%rulessettings); - -# If no autoupdate intervall has been configured yet, set default value. -unless(exists($rulessettings{'AUTOUPDATE_INTERVAL'})) { - # Set default to "weekly". - $rulessettings{'AUTOUPDATE_INTERVAL'} = 'weekly'; -} - -# Read-in ignored hosts. -&General::readhasharray("$IDS::settingsdir/ignored", \%ignored); - -$checked{'ENABLE_IDS'}{'off'} = ''; -$checked{'ENABLE_IDS'}{'on'} = ''; -$checked{'ENABLE_IDS'}{$idssettings{'ENABLE_IDS'}} = "checked='checked'"; -$checked{'MONITOR_TRAFFIC_ONLY'}{'off'} = ''; -$checked{'MONITOR_TRAFFIC_ONLY'}{'on'} = ''; -$checked{'MONITOR_TRAFFIC_ONLY'}{$idssettings{'MONITOR_TRAFFIC_ONLY'}} = "checked='checked'"; -$selected{'RULES'}{'nothing'} = ''; -$selected{'RULES'}{$rulessettings{'RULES'}} = "selected='selected'"; -$selected{'AUTOUPDATE_INTERVAL'}{'off'} = ''; -$selected{'AUTOUPDATE_INTERVAL'}{'daily'} = ''; -$selected{'AUTOUPDATE_INTERVAL'}{'weekly'} = ''; -$selected{'AUTOUPDATE_INTERVAL'}{$rulessettings{'AUTOUPDATE_INTERVAL'}} = "selected='selected'"; - &Header::openpage($Lang::tr{'intrusion detection system'}, 1, ''); -### Java Script ### -print" + + # Read-in ignored hosts. + &General::readhasharray("$IDS::settingsdir/ignored", \%ignored); + + $checked{'ENABLE_IDS'}{'off'} = ''; + $checked{'ENABLE_IDS'}{'on'} = ''; + $checked{'ENABLE_IDS'}{$idssettings{'ENABLE_IDS'}} = "checked='checked'"; + $checked{'MONITOR_TRAFFIC_ONLY'}{'off'} = ''; + $checked{'MONITOR_TRAFFIC_ONLY'}{'on'} = ''; + $checked{'MONITOR_TRAFFIC_ONLY'}{$idssettings{'MONITOR_TRAFFIC_ONLY'}} = "checked='checked'"; + $selected{'RULES'}{'nothing'} = ''; + $selected{'RULES'}{$rulessettings{'RULES'}} = "selected='selected'"; + $selected{'AUTOUPDATE_INTERVAL'}{'off'} = ''; + $selected{'AUTOUPDATE_INTERVAL'}{'daily'} = ''; + $selected{'AUTOUPDATE_INTERVAL'}{'weekly'} = ''; + $selected{'AUTOUPDATE_INTERVAL'}{$rulessettings{'AUTOUPDATE_INTERVAL'}} = "selected='selected'"; + + ### Java Script ### + print " END ; -&Header::openbigbox('100%', 'left', '', $errormessage); - -if ($errormessage) { - &Header::openbox('100%', 'left', $Lang::tr{'error messages'}); - print "$errormessage\n"; - print " \n"; - &Header::closebox(); -} + # Draw current state of the IDS + &Header::openbox('100%', 'left', $Lang::tr{'intrusion detection system'}); -# Draw current state of the IDS -&Header::openbox('100%', 'left', $Lang::tr{'intrusion detection system'}); + # Check if the IDS is running and obtain the process-id. + my $pid = &IDS::ids_is_running(); -# Check if the IDS is running and obtain the process-id. -my $pid = &IDS::ids_is_running(); + # Display some useful information, if suricata daemon is running. + if ($pid) { + # Gather used memory. + my $memory = &get_memory_usage($pid); -# Display some useful information, if suricata daemon is running. -if ($pid) { - # Gather used memory. - my $memory = &get_memory_usage($pid); - - print < - - $Lang::tr{'intrusion detection'} - + print < + + $Lang::tr{'intrusion detection'} + - - $Lang::tr{'guardian daemon'} - $Lang::tr{'running'} - + + $Lang::tr{'guardian daemon'} + $Lang::tr{'running'} + - - - PID - $Lang::tr{'memory'} - + + + PID + $Lang::tr{'memory'} + - - - $pid - $memory KB - - + + + $pid + $memory KB + + END -} else { - # Otherwise display a hint that the service is not launched. - print < - - $Lang::tr{'intrusion detection'} - + } else { + # Otherwise display a hint that the service is not launched. + print < + + $Lang::tr{'intrusion detection'} + - - $Lang::tr{'guardian daemon'} - $Lang::tr{'stopped'} - - + + $Lang::tr{'guardian daemon'} + $Lang::tr{'stopped'} + + END -} + } -# Only show this area, if a ruleset is present. -if (%idsrules) { + # Only show this area, if a ruleset is present. + if (%idsrules) { - print <

$Lang::tr{'settings'}

+

$Lang::tr{'settings'}

-
- - - + +
-  $Lang::tr{'ids enable'} -
+ + - - + + - - - - - - + + + + + + - - - + + + - + END ; - # Loop through the array of available networks and print config options. - foreach my $zone (@network_zones) { - my $checked_input; - my $checked_forward; + # Loop through the array of available networks and print config options. + foreach my $zone (@network_zones) { + my $checked_input; + my $checked_forward; - # Convert current zone name to upper case. - my $zone_upper = uc($zone); + # Convert current zone name to upper case. + my $zone_upper = uc($zone); - # Set zone name. - my $zone_name = $zone; + # Set zone name. + my $zone_name = $zone; - # Dirty hack to get the correct language string for the red zone. - if ($zone eq "red") { - $zone_name = "red1"; - } + # Dirty hack to get the correct language string for the red zone. + if ($zone eq "red") { + $zone_name = "red1"; + } - # Grab checkbox status from settings hash. - if ($idssettings{"ENABLE_IDS_$zone_upper"} eq "on") { - $checked_input = "checked = 'checked'"; - } + # Grab checkbox status from settings hash. + if ($idssettings{"ENABLE_IDS_$zone_upper"} eq "on") { + $checked_input = "checked = 'checked'"; + } - print "\n"; - } + print "\n"; + } print < -
+  $Lang::tr{'ids enable'} + -  $Lang::tr{'ids monitor traffic only'} -
+  $Lang::tr{'ids monitor traffic only'} +
















$Lang::tr{'ids monitored interfaces'}
$Lang::tr{'ids monitored interfaces'}
\n"; - print "\n"; - print " $Lang::tr{'enabled on'} $Lang::tr{$zone_name}\n"; - print "\n"; + print "\n"; + print " $Lang::tr{'enabled on'} $Lang::tr{$zone_name}\n"; + print "
+ + -

+

- - - - -
-
+ + + + +
+ END ; -} + } -&Header::closebox(); + &Header::closebox(); -# Draw elements for ruleset configuration. -&Header::openbox('100%', 'center', $Lang::tr{'ids ruleset settings'}); + # Draw elements for ruleset configuration. + &Header::openbox('100%', 'center', $Lang::tr{'ids ruleset settings'}); print < - - - - - + +
$Lang::tr{'ids rules update'}$Lang::tr{'ids automatic rules update'}
+ + + + - - + - - - + - - - + + - - - + + + - - + + + + + + - + + + - -
$Lang::tr{'ids rules update'}$Lang::tr{'ids automatic rules update'}
- -


+ +


 
  + END ; - # Show the "Update Ruleset"-Button only if a ruleset has been downloaded yet and automatic updates are disabled. - if ((%idsrules) && ($rulessettings{'AUTOUPDATE_INTERVAL'} eq "off")) { - # Display button to update the ruleset. - print"\n"; - } + # Show the "Update Ruleset"-Button only if a ruleset has been downloaded yet and automatic updates are disabled. + if ((%idsrules) && ($rulessettings{'AUTOUPDATE_INTERVAL'} eq "off")) { + # Display button to update the ruleset. + print"\n"; + } print < - -
- + + + END ; -&Header::closebox(); + &Header::closebox(); -# -# Whitelist / Ignorelist -# -&Header::openbox('100%', 'center', $Lang::tr{'ids ignored hosts'}); + # + # Whitelist / Ignorelist + # + &Header::openbox('100%', 'center', $Lang::tr{'ids ignored hosts'}); -print < $Lang::tr{'ip address'} @@ -1027,77 +1027,95 @@ print < - - + + END + } + } else { + # Print notice that currently no hosts are ignored. + print "\n"; + print "$Lang::tr{'guardian no entries'}\n"; + print "\n"; } - } else { - # Print notice that currently no hosts are ignored. - print "\n"; - print "$Lang::tr{'guardian no entries'}\n"; - print "\n"; - } - print "\n"; + print "\n"; - # Section to add new elements or edit existing ones. + # Section to add new elements or edit existing ones. print < -
-
- -
- +
+
+
+ +
+
END - # Assign correct headline and button text. - my $buttontext; - my $entry_address; - my $entry_remark; + # Assign correct headline and button text. + my $buttontext; + my $entry_address; + my $entry_remark; - # Check if an ID (key) has been given, in this case an existing entry should be edited. - if ($cgiparams{'ID'} ne '') { - $buttontext = $Lang::tr{'update'}; - print "\n"; + # Check if an ID (key) has been given, in this case an existing entry should be edited. + if ($cgiparams{'ID'} ne '') { + $buttontext = $Lang::tr{'update'}; + print "\n"; - # Grab address and remark for the given key. - $entry_address = $ignored{$cgiparams{'ID'}}[0]; - $entry_remark = $ignored{$cgiparams{'ID'}}[1]; - } else { - $buttontext = $Lang::tr{'add'}; - print "\n"; - } + # Grab address and remark for the given key. + $entry_address = $ignored{$cgiparams{'ID'}}[0]; + $entry_remark = $ignored{$cgiparams{'ID'}}[1]; + } else { + $buttontext = $Lang::tr{'add'}; + print "\n"; + } print < - - - - + + + + + - - - - - -
$Lang::tr{'update'}
$Lang::tr{'update'}
$Lang::tr{'dnsforward add a new entry'}
$Lang::tr{'dnsforward add a new entry'}
$Lang::tr{'ip address'}:
$Lang::tr{'ip address'}: $Lang::tr{'remark'}:
-
+ $Lang::tr{'remark'}: + + + + + + END -&Header::closebox(); - -# Only show the section for configuring the ruleset if one is present. -if (%idsrules) { - &show_customize_ruleset(); + &Header::closebox(); } -&Header::closebigbox(); -&Header::closepage(); - # ## Function to show the customize ruleset section. # sub show_customize_ruleset() { + ### Java Script ### + print" +END +; # Load neccessary perl modules for file stat and to format the timestamp. use File::stat; use POSIX qw( strftime );