X-Git-Url: http://git.ipfire.org/?p=ipfire-2.x.git;a=blobdiff_plain;f=html%2Fcgi-bin%2Fids.cgi;h=fbd1f13b26824c58c54553968cc561854301849a;hp=ff72b7894b2457754a55021124a0d78e396599b5;hb=949c20d97f6b348701515049b042eff326ae4017;hpb=5ffd14f1407ca9be93a2edd65d7151567927fbb4 diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi index ff72b7894b..fbd1f13b26 100644 --- a/html/cgi-bin/ids.cgi +++ b/html/cgi-bin/ids.cgi @@ -2,7 +2,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2013 IPFire Team # +# Copyright (C) 2007-2015 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -55,16 +55,7 @@ $snortsettings{'ENABLE_SNORT'} = 'off'; $snortsettings{'ENABLE_SNORT_GREEN'} = 'off'; $snortsettings{'ENABLE_SNORT_BLUE'} = 'off'; $snortsettings{'ENABLE_SNORT_ORANGE'} = 'off'; -$snortsettings{'ENABLE_GUARDIAN'} = 'off'; -$snortsettings{'GUARDIAN_INTERFACE'} = `cat /var/ipfire/red/iface`; -$snortsettings{'GUARDIAN_HOSTGATEWAYBYTE'} = '1'; -$snortsettings{'GUARDIAN_LOGFILE'} = '/var/log/guardian/guardian.log'; -$snortsettings{'GUARDIAN_ALERTFILE'} = '/var/log/snort/alert'; -$snortsettings{'GUARDIAN_IGNOREFILE'} = '/var/ipfire/guardian/guardian.ignore'; -$snortsettings{'GUARDIAN_TARGETFILE'} = '/var/ipfire/guardian/guardian.target'; -$snortsettings{'GUARDIAN_TIMELIMIT'} = '86400'; $snortsettings{'ACTION'} = ''; -$snortsettings{'ACTION2'} = ''; $snortsettings{'RULES'} = ''; $snortsettings{'OINKCODE'} = ''; $snortsettings{'INSTALLDATE'} = ''; @@ -263,9 +254,9 @@ if (-e "/etc/snort/snort.conf") { ####################### End added for snort rules control ################################# if ($snortsettings{'RULES'} eq 'subscripted') { - $url=" https://www.snort.org/rules/snortrules-snapshot-2961.tar.gz?oinkcode=$snortsettings{'OINKCODE'}"; + $url=" https://www.snort.org/rules/snortrules-snapshot-2990.tar.gz?oinkcode=$snortsettings{'OINKCODE'}"; } elsif ($snortsettings{'RULES'} eq 'registered') { - $url=" https://www.snort.org/rules/snortrules-snapshot-2961.tar.gz?oinkcode=$snortsettings{'OINKCODE'}"; + $url=" https://www.snort.org/rules/snortrules-snapshot-2990.tar.gz?oinkcode=$snortsettings{'OINKCODE'}"; } elsif ($snortsettings{'RULES'} eq 'community') { $url=" https://www.snort.org/rules/community"; } else { @@ -311,39 +302,11 @@ if ($snortsettings{'ACTION'} eq $Lang::tr{'save'} && $snortsettings{'ACTION2'} e } else { unlink "${General::swroot}/snort/enable_preprocessor_http_inspect"; } - if ($snortsettings{'ENABLE_GUARDIAN'} eq 'on') - { - system ('/usr/bin/touch', "${General::swroot}/guardian/enable"); - } else { - unlink "${General::swroot}/guardian/enable"; - } system('/usr/local/bin/snortctrl restart >/dev/null'); -} elsif ($snortsettings{'ACTION'} eq $Lang::tr{'save'} && $snortsettings{'ACTION2'} eq "guardian" ){ - foreach my $key (keys %snortsettings){ - if ( $key !~ /^GUARDIAN/ ){ - delete $snortsettings{$key}; - } - } - &General::writehashpart("${General::swroot}/snort/settings", \%snortsettings); - open(IGNOREFILE, ">$snortsettings{'GUARDIAN_IGNOREFILE'}") or die "Unable to write guardian ignore file $snortsettings{'GUARDIAN_IGNOREFILE'}"; - print IGNOREFILE $snortsettings{'GUARDIAN_IGNOREFILE_CONTENT'}; - close(IGNOREFILE); - open(GUARDIAN, ">/var/ipfire/guardian/guardian.conf") or die "Unable to write guardian conf /var/ipfire/guardian/guardian.conf"; - print GUARDIAN </dev/null'); } + # INSTALLMD5 is not in the form, so not retrieved by getcgihash &General::readhash("${General::swroot}/snort/settings", \%snortsettings); @@ -400,9 +363,6 @@ $checked{'ENABLE_SNORT_BLUE'}{$snortsettings{'ENABLE_SNORT_BLUE'}} = "checked='c $checked{'ENABLE_SNORT_ORANGE'}{'off'} = ''; $checked{'ENABLE_SNORT_ORANGE'}{'on'} = ''; $checked{'ENABLE_SNORT_ORANGE'}{$snortsettings{'ENABLE_SNORT_ORANGE'}} = "checked='checked'"; -$checked{'ENABLE_GUARDIAN'}{'off'} = ''; -$checked{'ENABLE_GUARDIAN'}{'on'} = ''; -$checked{'ENABLE_GUARDIAN'}{$snortsettings{'ENABLE_GUARDIAN'}} = "checked='checked'"; $selected{'RULES'}{'nothing'} = ''; $selected{'RULES'}{'community'} = ''; $selected{'RULES'}{'emerging'} = ''; @@ -504,9 +464,6 @@ if ($netsettings{'ORANGE_DEV'} ne '') { print "       ORANGE Snort"; } print "       RED Snort"; -if ( -e "/var/ipfire/guardian/guardian.conf" ) { - print "       Guardian"; -} print < @@ -528,7 +485,7 @@ print <
- $Lang::tr{'ids rules license'} www.snort.org$Lang::tr{'ids rules license1'}

+ $Lang::tr{'ids rules license'} www.snort.org$Lang::tr{'ids rules license1'}

$Lang::tr{'ids rules license2'} Get an Oinkcode, $Lang::tr{'ids rules license3'} @@ -564,32 +521,6 @@ if ($results ne '') { &Header::closebox(); -####################### Added for guardian control #################################### -if ( -e "/var/ipfire/guardian/guardian.conf" ) { - &Header::openbox('100%', 'LEFT', $Lang::tr{'guardian configuration'}); -print < - - - - - - -
$Lang::tr{'guardian interface'}
$Lang::tr{'guardian timelimit'}
$Lang::tr{'guardian logfile'}
$Lang::tr{'guardian alertfile'}
$Lang::tr{'guardian ignorefile'}
- -END -; - &Header::closebox(); -} - - - - ####################### Added for snort rules control ################################# if ( -e "${General::swroot}/snort/enable" || -e "${General::swroot}/snort/enable_green" || -e "${General::swroot}/snort/enable_blue" || -e "${General::swroot}/snort/enable_orange" ) { &Header::openbox('100%', 'LEFT', $Lang::tr{'intrusion detection system rules'});