From a4ccfcbbc6073684768d951006232d410df091a1 Mon Sep 17 00:00:00 2001 From: Stefan Schantl Date: Sat, 18 Aug 2018 10:16:12 +0200 Subject: [PATCH] ids.cgi: Allow to switch between IDS/IPS mode Add the option to select the runmode for suricata, wheater it should run in intrusion detection mode or intrusion prevention mode. If the option has not configured yet, it defaults to IPS mode. Signed-off-by: Stefan Schantl --- html/cgi-bin/ids.cgi | 51 +++++++++++++++++++++++------------------- langs/de/cgi-bin/de.pl | 7 +++--- langs/en/cgi-bin/en.pl | 7 +++--- 3 files changed, 36 insertions(+), 29 deletions(-) diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi index 0daf7903ee..6a6e5c2859 100644 --- a/html/cgi-bin/ids.cgi +++ b/html/cgi-bin/ids.cgi @@ -346,9 +346,18 @@ if ($cgiparams{'RULESET'} eq $Lang::tr{'update'}) { # Read-in idssettings &General::readhash("$IDS::settingsdir/settings", \%idssettings); +# If the runmode has not been configured yet, set default value. +unless(exists($idssettings{'RUN_MODE'})) { + # Set default to IPS. + $idssettings{'RUN_MODE'} = 'IPS'; +} + $checked{'ENABLE_IDS'}{'off'} = ''; $checked{'ENABLE_IDS'}{'on'} = ''; $checked{'ENABLE_IDS'}{$idssettings{'ENABLE_IDS'}} = "checked='checked'"; +$checked{'RUN_MODE'}{'IDS'} = ''; +$checked{'RUN_MODE'}{'IPS'} = ''; +$checked{'RUN_MODE'}{$idssettings{'RUN_MODE'}} = "checked='checked'"; $selected{'RULES'}{'nothing'} = ''; $selected{'RULES'}{'community'} = ''; $selected{'RULES'}{'emerging'} = ''; @@ -449,28 +458,35 @@ print < - + - + + - - + - + + + + + + + + END ; @@ -483,24 +499,13 @@ foreach my $zone (@network_zones) { my $zone_upper = uc($zone); # Grab checkbox status from settings hash. - if ($idssettings{"ENABLE_IDS_INPUT_$zone_upper"} eq "on") { + if ($idssettings{"ENABLE_IDS_$zone_upper"} eq "on") { $checked_input = "checked = 'checked'"; } - # Do the same for the forward setting. - if ($idssettings{"ENABLE_IDS_FORWARD_$zone_upper"} eq "on") { - $checked_forward = "checked = 'checked'"; - } - - print "\n"; - print "\n"; - print "\n"; - print "\n"; } print < 'Leerlauf-Wartezeit in Min. (0 zum Deaktivieren):', 'idle timeout not set' => 'Leerlauf-Wartezeit nicht angegeben.', 'ids activate' => 'Aktiviere', -'ids analyze incomming traffic' => 'Analysiere eingehende (INPUT) Packete', -'ids analyze routing traffic' => 'Analysiere zu routende (FORWARD) Packete', +'ids traffic analyze' => 'Packet-Analyse', 'ids active on' => 'Aktiv auf', 'ids log viewer' => 'Ansicht IDS-Protokoll', 'ids logs' => 'IDS-Protokolldateien', @@ -1371,7 +1370,8 @@ 'intrusion detection system' => 'Einbruchsdetektierung', 'intrusion detection system log viewer' => 'Betrachter der IDS-Protokolldateien', 'intrusion detection system rules' => 'Regeln für die Einbruchsdetektierung', -'intrusion detection system2' => 'Intrusion Detection System:', +'intrusion detection system2' => 'Intrusion Detection System', +'intrusion prevention system' => 'Intrusion Prevention System', 'invalid broadcast ip' => 'Ungültige Broadcast-IP', 'invalid cache size' => 'Ungültige Cache-Größe.', 'invalid characters found in pre-shared key' => 'Ungültige Zeichen im Pre-Shared Schlüssel gefunden.', @@ -2044,6 +2044,7 @@ 'rsvd dst port overlap' => 'Dieser Zielportbereich überlappt mit einem Port, der für die ausschließliche Benutzung durch IPFire reserviert ist:', 'rsvd src port overlap' => 'Dieser Quellportbereich überlappt mit einem Port, der für die ausschließliche Benutzung durch IPFire reserviert ist:', 'rules already up to date' => 'Regeln sind schon aktuell', +'runmode' => 'Runmode', 'running' => 'LÄUFT', 'safe removal of umounted device' => 'Sie können gefahrlos das abgemeldete Gerät entfernen', 'samba' => 'Samba', diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index e6fd9b18b3..38df540cea 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -1354,8 +1354,7 @@ 'idle timeout' => 'Idle timeout (mins; 0 to disable):', 'idle timeout not set' => 'Idle timeout not set.', 'ids activate' => 'Activate', -'ids analyze incomming traffic' => 'Analyze incomming (INPUT) traffic', -'ids analyze routing traffic' => 'Analyze to-route (FORWARD) traffic', +'ids traffic analyze' => 'Traffic analyzing', 'ids active on' => 'Active on', 'ids log viewer' => 'IDS log viewer', 'ids logs' => 'IDS Logs', @@ -1402,7 +1401,8 @@ 'intrusion detection system' => 'Intrusion Detection System', 'intrusion detection system log viewer' => 'Intrusion Detection System Log Viewer', 'intrusion detection system rules' => 'intrusion detection system rules', -'intrusion detection system2' => 'Intrusion Detection System:', +'intrusion detection system2' => 'Intrusion Detection System', +'intrusion prevention system' => 'Intrusion Prevention System', 'invalid broadcast ip' => 'Invalid broadcast IP', 'invalid cache size' => 'Invalid cache size.', 'invalid characters found in pre-shared key' => 'Invalid characters found in pre-shared key.', @@ -2078,6 +2078,7 @@ 'rsvd dst port overlap' => 'Destination Port Range overlaps a port reserved for IPFire:', 'rsvd src port overlap' => 'Source Port Range overlaps a port reserved for IPFire:', 'rules already up to date' => 'Rules already up to date', +'runmode' => 'Runmode', 'running' => 'RUNNING', 'safe removal of umounted device' => 'You can safely remove the unmounted device', 'samba' => 'Samba', -- 2.39.2
+ $Lang::tr{'ids activate'} $Lang::tr{'intrusion detection system'}
-   -




+ 		$Lang::tr{'runmode'}
- $Lang::tr{'ids analyze incomming traffic'} + + $Lang::tr{'intrusion detection system2'}     + $Lang::tr{'intrusion prevention system'}
- $Lang::tr{'ids analyze routing traffic'} -

$Lang::tr{'ids traffic analyze'}
\n"; - print "$Lang::tr{'ids active on'} $Lang::tr{$zone}\n"; - print "\n"; - print "$Lang::tr{'ids active on'} $Lang::tr{$zone}\n"; + print "$Lang::tr{'enabled on'} $Lang::tr{$zone}\n"; print "