From 429f70083a21d3d84a82727bb0e942afd3f0591c Mon Sep 17 00:00:00 2001 From: Daniel Glanzmann Date: Thu, 25 Sep 2008 19:11:46 +0000 Subject: [PATCH] Added a checkbox that enables/disables the snort http pp. --- html/cgi-bin/ids.cgi | 34 ++++++++++++++++++++++++++++++++-- langs/de/cgi-bin/de.pl | 1 + langs/en/cgi-bin/en.pl | 1 + 3 files changed, 34 insertions(+), 2 deletions(-) diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi index e41d3517c3..efd79b58cf 100644 --- a/html/cgi-bin/ids.cgi +++ b/html/cgi-bin/ids.cgi @@ -56,6 +56,7 @@ $snortsettings{'ENABLE_SNORT'} = 'off'; $snortsettings{'ENABLE_SNORT_GREEN'} = 'off'; $snortsettings{'ENABLE_SNORT_BLUE'} = 'off'; $snortsettings{'ENABLE_SNORT_ORANGE'} = 'off'; +$snortsettings{'ENABLE_PREPROCESSOR_HTTP_INSPECT'} = 'off'; $snortsettings{'ENABLE_GUARDIAN'} = 'off'; $snortsettings{'GUARDIAN_INTERFACE'} = `cat /var/ipfire/red/iface`; $snortsettings{'GUARDIAN_HOSTGATEWAYBYTE'} = '1'; @@ -108,9 +109,20 @@ if (-e "/etc/snort/snort.conf") { # Loop over each line foreach my $line (@snortconfig) { - # Trim the line + # Trim the line chomp $line; + if ($snortsettings{'ACTION'} eq $Lang::tr{'save'}) { + # Check for preprocessor settings + if ($line =~ /preprocessor http_inspect:/) { + # Strip out leading # from rule line + $line =~ s/\# ?//i; + if (($snortsettings{'ENABLE_PREPROCESSOR_HTTP_INSPECT'} eq 'off')) { + $line = "# $line"; + } + } + } + # Check for a line with .rules if ($line =~ /\.rules$/) { # Parse out rule file name @@ -226,6 +238,7 @@ if (-e "/etc/snort/snort.conf") { if (!exists $snortsettings{"SNORT_RULE_$rule"}) { $line = "# $line"; } + } # Check for rule state @@ -301,6 +314,12 @@ if ($snortsettings{'ACTION'} eq $Lang::tr{'save'} && $snortsettings{'ACTION2'} e } else { unlink "${General::swroot}/snort/enable_orange"; } + if ($snortsettings{'ENABLE_PREPROCESSOR_HTTP_INSPECT'} eq 'on') + { + system ('/usr/bin/touch', "${General::swroot}/snort/enable_preprocessor_http_inspect"); + } else { + unlink "${General::swroot}/snort/enable_preprocessor_http_inspect"; + } if ($snortsettings{'ENABLE_GUARDIAN'} eq 'on') { system ('/usr/bin/touch', "${General::swroot}/guardian/enable"); @@ -308,7 +327,7 @@ if ($snortsettings{'ACTION'} eq $Lang::tr{'save'} && $snortsettings{'ACTION2'} e unlink "${General::swroot}/guardian/enable"; } - system('/usr/local/bin/snortctrl restart >/dev/null'); + system('/usr/local/bin/snortctrl restart >/dev/null'); } elsif ($snortsettings{'ACTION'} eq $Lang::tr{'save'} && $snortsettings{'ACTION2'} eq "guardian" ){ open(IGNOREFILE, ">$snortsettings{'GUARDIAN_IGNOREFILE'}") or die "Unable to write guardian ignore file $snortsettings{'GUARDIAN_IGNOREFILE'}"; @@ -365,6 +384,9 @@ $checked{'ENABLE_SNORT_BLUE'}{$snortsettings{'ENABLE_SNORT_BLUE'}} = "checked='c $checked{'ENABLE_SNORT_ORANGE'}{'off'} = ''; $checked{'ENABLE_SNORT_ORANGE'}{'on'} = ''; $checked{'ENABLE_SNORT_ORANGE'}{$snortsettings{'ENABLE_SNORT_ORANGE'}} = "checked='checked'"; +$checked{'ENABLE_PREPROCESSOR_HTTP_INSPECT'}{'off'} = ''; +$checked{'ENABLE_PREPROCESSOR_HTTP_INSPECT'}{'on'} = ''; +$checked{'ENABLE_PREPROCESSOR_HTTP_INSPECT'}{$snortsettings{'ENABLE_PREPROCESSOR_HTTP_INSPECT'}} = "checked='checked'"; $checked{'ENABLE_GUARDIAN'}{'off'} = ''; $checked{'ENABLE_GUARDIAN'}{'on'} = ''; $checked{'ENABLE_GUARDIAN'}{$snortsettings{'ENABLE_GUARDIAN'}} = "checked='checked'"; @@ -433,6 +455,14 @@ print <
+ + $Lang::tr{'ids preprocessor'} + + + http_inspect + +
+ $Lang::tr{'ids rules update'} diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index b47f5ba916..132137ea19 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -852,6 +852,7 @@ 'ids rules license2' => 'Bestätigen Sie die Lizenz, empfangen Sie Ihr Passwort per email und gehen Sie auf die Website. Gehen Sie zu', 'ids rules license3' => 'klicken Sie den \'Get Code\' Knopf am Fuß und kopieren den 40-Zeichen Oink Code in das untere Feld.', 'ids rules update' => 'Snort Regeln Update', +'ids preprocessor' => 'Snort Präprozessor', 'iface' => 'Iface', 'ignore filter' => '"Ignorieren"-Filter', 'ike encryption' => 'IKE Verschlüsselung:', diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index fd05793585..174e26aae1 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -881,6 +881,7 @@ 'ids rules license2' => 'Acknowledge the license, receive your password by email, and connect to the site. Go to', 'ids rules license3' => 'press the \'Get Code\' button at the bottom and copy the 40 character Oink Code into the field below.', 'ids rules update' => 'Snort rules update', +'ids preprocessor' => 'Snort preprocessor', 'iface' => 'Iface', 'ignore filter' => 'Ignore filter', 'ike encryption' => 'IKE Encryption:', -- 2.39.2