X-Git-Url: http://git.ipfire.org/?p=people%2Fpmueller%2Fipfire-2.x.git;a=blobdiff_plain;f=html%2Fcgi-bin%2Fids.cgi;h=4d66d22d76bee20635896603b64031b50c78ef52;hp=353643d736a14332e4f5a03e7ed4e9dc9fb50697;hb=73231650c16d34d8333518acab6a41b8701caa7d;hpb=ce0e83b3badfd2b4048762ffffc8041c7f92cb19 diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi index 353643d736..4d66d22d76 100644 --- a/html/cgi-bin/ids.cgi +++ b/html/cgi-bin/ids.cgi @@ -2,7 +2,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007 Michael Tremer & Christian Schmidt # +# Copyright (C) 2005-2010 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -19,20 +19,21 @@ # # ############################################################################### - -use LWP::UserAgent; -use File::Copy; -use File::Temp qw/ tempfile tempdir /; use strict; # enable only the following on debugging purpose #use warnings; #use CGI::Carp 'fatalsToBrowser'; +use File::Copy; require '/var/ipfire/general-functions.pl'; require "${General::swroot}/lang.pl"; require "${General::swroot}/header.pl"; +sub refreshpage{&Header::openbox( 'Waiting', 1, "" );print "

$Lang::tr{'pagerefresh'}
";&Header::closebox();} + +$a = new CGI; + my %color = (); my %mainsettings = (); &General::readhash("${General::swroot}/main/settings", \%mainsettings); @@ -67,6 +68,8 @@ $snortsettings{'ACTION2'} = ''; $snortsettings{'RULES'} = ''; $snortsettings{'OINKCODE'} = ''; $snortsettings{'INSTALLDATE'} = ''; +$snortsettings{'FILE'} = ''; +$snortsettings{'UPLOAD'} = ''; &Header::getcgihash(\%snortsettings, {'wantfile' => 1, 'filevar' => 'FH'}); @@ -143,7 +146,7 @@ if (-e "/etc/snort/snort.conf") { # If see more than one dashed line, (start to) create rule file description if ($dashlinecnt > 1) { # Check for a line starting with a # - if ($ruleline =~ /^\#/) { + if ($ruleline =~ /^\#/ and $ruleline !~ /^\#alert/) { # Create tempruleline my $tempruleline = $ruleline; @@ -261,11 +264,11 @@ if (-e "/etc/snort/snort.conf") { if ($snortsettings{'RULES'} eq 'subscripted') { #$url="http://dl.snort.org/sub-rules/snortrules-snapshot-2.8_s.tar.gz?oink_code=$snortsettings{'OINKCODE'}"; - $url="http://dl.snort.org/sub-rules/snortrules-snapshot-2860_s.tar.gz?oink_code=$snortsettings{'OINKCODE'}"; + $url=" http://www.snort.org/reg-rules/snortrules-snapshot-2860_s.tar.gz/$snortsettings{'OINKCODE'}"; #$url="http://www.snort.org/pub-bin/oinkmaster.cgi/$snortsettings{'OINKCODE'}/snortrules-snapshot-2.8_s.tar.gz"; } elsif ($snortsettings{'RULES'} eq 'registered') { #$url="http://dl.snort.org/reg-rules/snortrules-snapshot-2.8.tar.gz?oink_code=$snortsettings{'OINKCODE'}"; - $url="http://dl.snort.org/reg-rules/snortrules-snapshot-2860.tar.gz?oink_code=$snortsettings{'OINKCODE'}"; + $url=" http://www.snort.org/reg-rules/snortrules-snapshot-2860.tar.gz/$snortsettings{'OINKCODE'}"; #$url="http://www.snort.org/pub-bin/oinkmaster.cgi/$snortsettings{'OINKCODE'}/snortrules-snapshot-2.8.tar.gz"; } else { $url="http://www.emergingthreats.net/rules/emerging.rules.tar.gz"; @@ -344,11 +347,12 @@ END # INSTALLMD5 is not in the form, so not retrieved by getcgihash &General::readhash("${General::swroot}/snort/settings", \%snortsettings); -if ($snortsettings{'ACTION'} eq $Lang::tr{'download new ruleset'}) { +if ($snortsettings{'ACTION'} eq $Lang::tr{'download new ruleset'} || $snortsettings{'ACTION'} eq $Lang::tr{'upload new ruleset'}) { my @df = `/bin/df -B M /var`; foreach my $line (@df) { next if $line =~ m/^Filesystem/; + my $return; if ($line =~ m/dev/ ) { $line =~ m/^.* (\d+)M.*$/; @@ -356,19 +360,32 @@ if ($snortsettings{'ACTION'} eq $Lang::tr{'download new ruleset'}) { if ($1<300) { $errormessage = "$Lang::tr{'not enough disk space'} < 300MB, /var $1MB"; } else { - my $filename = &downloadrulesfile(); - if (defined $filename) { - $results = "$Lang::tr{'installed updates'}\n
";
-						$results .=`/usr/local/bin/oinkmaster.pl -s -u file://$filename -C /var/ipfire/snort/oinkmaster.conf -o /etc/snort/rules 2>&1`;
-						$results .= "
"; + + if ( $snortsettings{'ACTION'} eq $Lang::tr{'download new ruleset'} ){ + + &downloadrulesfile(); + sleep(3); + $return = `cat /var/tmp/log 2>/dev/null`; + + } elsif ( $snortsettings{'ACTION'} eq $Lang::tr{'upload new ruleset'} ) { + my $upload = $a->param("UPLOAD"); + open UPLOADFILE, ">/var/tmp/snortrules.tar.gz"; + binmode $upload; + while ( <$upload> ) { + print UPLOADFILE; + } + close UPLOADFILE; + } + + if ($return =~ "ERROR"){ + $errormessage = "
".$return."
"; + } else { + system("/usr/local/bin/oinkmaster.pl -v -s -u file:///var/tmp/snortrules.tar.gz -C /var/ipfire/snort/oinkmaster.conf -o /etc/snort/rules >>/var/tmp/log 2>&1 &"); + sleep(2); } - unlink ($filename); } - } } - - } $checked{'ENABLE_SNORT'}{'off'} = ''; @@ -442,6 +459,37 @@ if ($errormessage) { &Header::closebox(); } +my $return = `pidof oinkmaster.pl -x`; +chomp($return); +if ($return) { + &Header::openbox( 'Waiting', 1, "" ); + print < + + $Lang::tr{  + + $Lang::tr{'snort working'} + +
+ +
+ 
+END
+	my @output = `tail -20 /var/tmp/log`;
+	foreach (@output) {
+		print "$_";
+	}
+	print <
+		
+END
+	&Header::closebox();
+	&Header::closebigbox();
+	&Header::closepage();
+	exit;
+	refreshpage();
+}
+
 &Header::openbox('100%', 'left', $Lang::tr{'intrusion detection system2'});
 print <
@@ -701,56 +749,26 @@ END
 &Header::closepage();
 
 sub downloadrulesfile {
-	my $return = &geturl($url);
-	return undef unless $return;
+	my $peer;
+	my $peerport;
 
-	if (index($return->content, "\037\213") == -1 ) { # \037\213 is .gz beginning
-		$errormessage = $Lang::tr{'invalid loaded file'};
-		return undef;
-	}
-
-	my $filename='';
-	my $fh='';
-	($fh, $filename) = tempfile('/var/tmp/XXXXXXXX',SUFFIX => '.tar.gz' );#oinkmaster work only with this extension
-	binmode ($fh);
-	syswrite ($fh, $return->content);
-	close($fh);
-	return $filename;
-}
-
-sub geturl ($) {
-	my $url=$_[0];
+	unlink("/var/tmp/log");
 
 	unless (-e "${General::swroot}/red/active") {
 		$errormessage = $Lang::tr{'could not download latest updates'};
 		return undef;
 	}
 
-	my $downloader = LWP::UserAgent->new;
-	$downloader->timeout(5);
-
 	my %proxysettings=();
 	&General::readhash("${General::swroot}/proxy/settings", \%proxysettings);
 
 	if ($_=$proxysettings{'UPSTREAM_PROXY'}) {
-		my ($peer, $peerport) = (/^(?:[a-zA-Z ]+\:\/\/)?(?:[A-Za-z0-9\_\.\-]*?(?:\:[A-Za-z0-9\_\.\-]*?)?\@)?([a-zA-Z0-9\.\_\-]*?)(?:\:([0-9]{1,5}))?(?:\/.*?)?$/);
-		if ($proxysettings{'UPSTREAM_USER'}) {
-			$downloader->proxy("http","http://$proxysettings{'UPSTREAM_USER'}:$proxysettings{'UPSTREAM_PASSWORD'}@"."$peer:$peerport/");
-		} else {
-			$downloader->proxy("http","http://$peer:$peerport/");
-		}
+		($peer, $peerport) = (/^(?:[a-zA-Z ]+\:\/\/)?(?:[A-Za-z0-9\_\.\-]*?(?:\:[A-Za-z0-9\_\.\-]*?)?\@)?([a-zA-Z0-9\.\_\-]*?)(?:\:([0-9]{1,5}))?(?:\/.*?)?$/);
 	}
 
-	my $return = $downloader->get($url,'Cache-Control','no-cache');
-
-	if ($return->code == 403) {
-		$errormessage = $Lang::tr{'access refused with this oinkcode'};
-		return undef;
-	} elsif (!$return->is_success()) {
-		$errormessage = $Lang::tr{'could not download latest updates'};
-		return undef;
+	if ($peer) {
+		system("wget -r --proxy=on --proxy-user=$proxysettings{'UPSTREAM_USER'} --proxy-passwd=$proxysettings{'UPSTREAM_PASSWORD'} -e http_proxy=http://$peer:$peerport/ -o /var/tmp/log --no-check-certificate --output-document=/var/tmp/snortrules.tar.gz $url");
+	} else {
+		system("wget -r --no-check-certificate -o /var/tmp/log --output-document=/var/tmp/snortrules.tar.gz $url");
 	}
-
-	return $return;
-
 }