ids.cgi: Change RUN_MODE to MONITOR_TRAFFIC_ONLY

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi
index ffbe0e2396f2e9039c35ba34811561608c7b827d..f2362d2dc4c0dc032d9fb046f8b6bb5e5989cd87 100644 (file)
--- a/html/cgi-bin/ids.cgi
+++ b/html/cgi-bin/ids.cgi
@@ -574,23 +574,23 @@ if ($cgiparams{'RULESET'} eq $Lang::tr{'save'}) {
        # Generate file to store the home net.
        &generate_home_net_file();
 
-       # Check if the runmode has been changed.
-       if($cgiparams{'RUN_MODE'} ne $oldidssettings{'RUN_MODE'}) {
-               # Open modify sid's file for writing.
-               open(FILE, ">$modify_sids_file") or die "Could not write to $modify_sids_file. $!\n";
-
-               # Write file header.
-               print FILE "#Autogenerated file. Any custom changes will be overwritten!\n";
-
-               # Check if the configured runmode is IPS.
-               if ($cgiparams{'RUN_MODE'} eq 'IPS') {
-                       # Tell oinkmaster to switch all rules from alert to drop.
-                       print FILE "modifysid \* \"alert\" \| \"drop\"\n";
-               }
+       # Open modify sid's file for writing.
+       open(FILE, ">$modify_sids_file") or die "Could not write to $modify_sids_file. $!\n";
 
-               # Close file handle.
-               close(FILE);
+       # Write file header.
+       print FILE "#Autogenerated file. Any custom changes will be overwritten!\n";
+
+       # Check if the traffic only should be monitored.
+       unless($cgiparams{'MONITOR_TRAFFIC_ONLY'} eq 'on') {
+               # Tell oinkmaster to switch all rules from alert to drop.
+               print FILE "modifysid \* \"alert\" \| \"drop\"\n";
+       }
+
+       # Close file handle.
+       close(FILE);
 
+       # Check if "MONITOR_TRAFFIC_ONLY" has been changed.
+       if($cgiparams{'MONITOR_TRAFFIC_ONLY'} ne $oldidssettings{'MONITOR_TRAFFIC_ONLY'}) {
                # Check if a ruleset exists.
                if (%idsrules) {
                        # Lock the webpage and print message.
@@ -630,12 +630,6 @@ if ($cgiparams{'RULESET'} eq $Lang::tr{'save'}) {
 &General::readhash("$idssettingsfile", \%idssettings);
 &General::readhash("$rulessettingsfile", \%rulessettings);
 
-# If the runmode has not been configured yet, set default value.
-unless(exists($idssettings{'RUN_MODE'})) {
-        # Set default to IPS.
-        $idssettings{'RUN_MODE'} = 'IPS';
-}
-
 # If no autoupdate intervall has been configured yet, set default value.
 unless(exists($rulessettings{'AUTOUPDATE_INTERVAL'})) {
        # Set default to "weekly".
@@ -648,9 +642,9 @@ unless(exists($rulessettings{'AUTOUPDATE_INTERVAL'})) {
 $checked{'ENABLE_IDS'}{'off'} = '';
 $checked{'ENABLE_IDS'}{'on'} = '';
 $checked{'ENABLE_IDS'}{$idssettings{'ENABLE_IDS'}} = "checked='checked'";
-$checked{'RUN_MODE'}{'IDS'} = '';
-$checked{'RUN_MODE'}{'IPS'} = '';
-$checked{'RUN_MODE'}{$idssettings{'RUN_MODE'}} = "checked='checked'";
+$checked{'MONITOR_TRAFFIC_ONLY'}{'off'} = '';
+$checked{'MONITOR_TRAFFIC_ONLY'}{'on'} = '';
+$checked{'MONITOR_TRAFFIC_ONLY'}{$idssettings{'MONITOR_TRAFFIC_ONLY'}} = "checked='checked'";
 $selected{'RULES'}{'nothing'} = '';
 $selected{'RULES'}{'community'} = '';
 $selected{'RULES'}{'emerging'} = '';
@@ -737,6 +731,17 @@ END
 }
 &Header::closebox();
 
+my $rulesdate;
+
+# Check if a ruleset allready has been downloaded.
+if ( -f "$IDS::rulestarball"){
+        # Call stat on the filename to obtain detailed information.
+        my @Info = stat("$IDS::rulestarball");
+
+        # Grab details about the creation time.
+        $rulesdate = localtime($Info[9]);
+}
+
 # Draw elements for IDS configuration.
 &Header::openbox('100%', 'center', $Lang::tr{'settings'});
 
@@ -744,32 +749,24 @@ print <<END
 <form method='post' action='$ENV{'SCRIPT_NAME'}'>
        <table width='100%' border='0'>
                <tr>
-                       <td class='base' colspan='4'>
+                       <td class='base' colspan='2'>
                                <input type='checkbox' name='ENABLE_IDS' $checked{'ENABLE_IDS'}{'on'}>$Lang::tr{'ids activate'} $Lang::tr{'intrusion detection system'}
                        </td>
-               </tr>
-
-               <tr>
-                       <td colspan='4'><br><br></td>
-               </tr>
-
-               <tr>
-                       <td class='base' colspan='4'><b>$Lang::tr{'runmode'}</b></td>
-               </tr>
 
-               <tr>
-                       <td class='base' colspan='4'>
-                               <input type='radio' name='RUN_MODE' value='IDS' $checked{'RUN_MODE'}{'IDS'}>$Lang::tr{'intrusion detection system2'} &nbsp&nbsp&nbsp
-                               <input type='radio' name='RUN_MODE' value='IPS' $checked{'RUN_MODE'}{'IPS'}>$Lang::tr{'intrusion prevention system'}
+                       <td class='base' colspan='2'>
+                               <input type='checkbox' name='MONITOR_TRAFFIC_ONLY' $checked{'MONITOR_TRAFFIC_ONLY'}{'on'}>$Lang::tr{'ids monitor traffic only'}
                        </td>
                </tr>
 
                <tr>
-                       <td colspan='4'><br></td>
+                       <td><br><br></td>
+                       <td><br><br></td>
+                       <td><br><br></td>
+                       <td><br><br></td>
                </tr>
 
                <tr>
-                       <td colspan='4'><b>$Lang::tr{'ids traffic analyze'}</b><br></td>
+                       <td colspan='4'><b>$Lang::tr{'ids monitored interfaces'}</b><br></td>
                </tr>
 
                <tr>
@@ -790,7 +787,7 @@ foreach my $zone (@network_zones) {
        }
 
        print "<td class='base' width='25%'>\n";
-       print "<input type='checkbox' name='ENABLE_IDS_$zone_upper' $checked_input>$Lang::tr{'enabled on'} $Lang::tr{$zone}\n";
+       print "<input type='checkbox' name='ENABLE_IDS_$zone_upper' $checked_input>$Lang::tr{$zone}\n";
        print "</td>\n";
 }
 
@@ -814,17 +811,6 @@ END
 # Draw elements for ruleset configuration.
 &Header::openbox('100%', 'center', $Lang::tr{'ids ruleset settings'});
 
-my $rulesdate;
-
-# Check if a ruleset allready has been downloaded.
-if ( -f "$IDS::rulestarball"){
-       # Call stat on the filename to obtain detailed information.
-       my @Info = stat("$IDS::rulestarball");
-
-       # Grab details about the creation time.
-       $rulesdate = localtime($Info[9]);
-}
-
 print <<END
 <form method='post' action='$ENV{'SCRIPT_NAME'}'>
         <table width='100%' border='0'>

diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl
index 43fd917a03620bdd463b36af5af52bff1ab9d566..bba1912939a983dadabf9811a9363dd51a47bdb9 100644 (file)
--- a/langs/de/cgi-bin/de.pl
+++ b/langs/de/cgi-bin/de.pl
@@ -1329,6 +1329,8 @@
 'ids active on' => 'Aktiv auf',
 'ids log viewer' => 'Ansicht IDS-Protokoll',
 'ids logs' => 'IDS-Protokolldateien',
+'ids monitored interfaces' => 'Überwachte Netzwerkzonen',
+'ids monitor traffic only' => 'Netzwerk-Pakete nur überpfrüfen',
 'ids no network zone' => 'Mindestends eine Netzwerk-Zone muss überwacht werden!',
 'ids no ruleset available' => 'Kein Regelset verfügbar, bitte downloaden Sie eines!',
 'ids ruleset settings' => 'Regelset-Einstellungen',

diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
index 467bd2351cdd1f6025a2eb54a418df476add6ba7..fa701f53a03b63675a00575b898678aab295ec7e 100644 (file)
--- a/langs/en/cgi-bin/en.pl
+++ b/langs/en/cgi-bin/en.pl
@@ -1359,6 +1359,8 @@
 'ids active on' => 'Active on',
 'ids log viewer' => 'IDS log viewer',
 'ids logs' => 'IDS Logs',
+'ids monitored interfaces' => 'Monitored interfaces',
+'ids monitor traffic only' => 'Monitor traffic only',
 'ids no network zone' => 'At least one network zone has to be monitored!',
 'ids no ruleset available' => 'No ruleset available, please download one!',
 'ids ruleset settings' => 'Ruleset settings',