From a27c40a05bda1e3dc64954c0550ec32bc84c6763 Mon Sep 17 00:00:00 2001 From: Stefan Schantl Date: Fri, 29 Jul 2016 13:25:28 +0200 Subject: [PATCH] ids.cgi: Drop guardian related code. Guardian competely will be managed by it's own CGI. Signed-off-by: Stefan Schantl --- html/cgi-bin/ids.cgi | 71 +------------------------------------------- 1 file changed, 1 insertion(+), 70 deletions(-) diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi index e7753aacf8..bc066a0dc3 100644 --- a/html/cgi-bin/ids.cgi +++ b/html/cgi-bin/ids.cgi @@ -55,16 +55,7 @@ $snortsettings{'ENABLE_SNORT'} = 'off'; $snortsettings{'ENABLE_SNORT_GREEN'} = 'off'; $snortsettings{'ENABLE_SNORT_BLUE'} = 'off'; $snortsettings{'ENABLE_SNORT_ORANGE'} = 'off'; -$snortsettings{'ENABLE_GUARDIAN'} = 'off'; -$snortsettings{'GUARDIAN_INTERFACE'} = `cat /var/ipfire/red/iface`; -$snortsettings{'GUARDIAN_HOSTGATEWAYBYTE'} = '1'; -$snortsettings{'GUARDIAN_LOGFILE'} = '/var/log/guardian/guardian.log'; -$snortsettings{'GUARDIAN_ALERTFILE'} = '/var/log/snort/alert'; -$snortsettings{'GUARDIAN_IGNOREFILE'} = '/var/ipfire/guardian/guardian.ignore'; -$snortsettings{'GUARDIAN_TARGETFILE'} = '/var/ipfire/guardian/guardian.target'; -$snortsettings{'GUARDIAN_TIMELIMIT'} = '86400'; $snortsettings{'ACTION'} = ''; -$snortsettings{'ACTION2'} = ''; $snortsettings{'RULES'} = ''; $snortsettings{'OINKCODE'} = ''; $snortsettings{'INSTALLDATE'} = ''; @@ -311,39 +302,11 @@ if ($snortsettings{'ACTION'} eq $Lang::tr{'save'} && $snortsettings{'ACTION2'} e } else { unlink "${General::swroot}/snort/enable_preprocessor_http_inspect"; } - if ($snortsettings{'ENABLE_GUARDIAN'} eq 'on') - { - system ('/usr/bin/touch', "${General::swroot}/guardian/enable"); - } else { - unlink "${General::swroot}/guardian/enable"; - } system('/usr/local/bin/snortctrl restart >/dev/null'); -} elsif ($snortsettings{'ACTION'} eq $Lang::tr{'save'} && $snortsettings{'ACTION2'} eq "guardian" ){ - foreach my $key (keys %snortsettings){ - if ( $key !~ /^GUARDIAN/ ){ - delete $snortsettings{$key}; - } - } - &General::writehashpart("${General::swroot}/snort/settings", \%snortsettings); - open(IGNOREFILE, ">$snortsettings{'GUARDIAN_IGNOREFILE'}") or die "Unable to write guardian ignore file $snortsettings{'GUARDIAN_IGNOREFILE'}"; - print IGNOREFILE $snortsettings{'GUARDIAN_IGNOREFILE_CONTENT'}; - close(IGNOREFILE); - open(GUARDIAN, ">/var/ipfire/guardian/guardian.conf") or die "Unable to write guardian conf /var/ipfire/guardian/guardian.conf"; - print GUARDIAN </dev/null'); } + # INSTALLMD5 is not in the form, so not retrieved by getcgihash &General::readhash("${General::swroot}/snort/settings", \%snortsettings); @@ -400,9 +363,6 @@ $checked{'ENABLE_SNORT_BLUE'}{$snortsettings{'ENABLE_SNORT_BLUE'}} = "checked='c $checked{'ENABLE_SNORT_ORANGE'}{'off'} = ''; $checked{'ENABLE_SNORT_ORANGE'}{'on'} = ''; $checked{'ENABLE_SNORT_ORANGE'}{$snortsettings{'ENABLE_SNORT_ORANGE'}} = "checked='checked'"; -$checked{'ENABLE_GUARDIAN'}{'off'} = ''; -$checked{'ENABLE_GUARDIAN'}{'on'} = ''; -$checked{'ENABLE_GUARDIAN'}{$snortsettings{'ENABLE_GUARDIAN'}} = "checked='checked'"; $selected{'RULES'}{'nothing'} = ''; $selected{'RULES'}{'community'} = ''; $selected{'RULES'}{'emerging'} = ''; @@ -504,9 +464,6 @@ if ($netsettings{'ORANGE_DEV'} ne '') { print "       ORANGE Snort"; } print "       RED Snort"; -if ( -e "/var/ipfire/guardian/guardian.conf" ) { - print "       Guardian"; -} print < @@ -564,32 +521,6 @@ if ($results ne '') { &Header::closebox(); -####################### Added for guardian control #################################### -if ( -e "/var/ipfire/guardian/guardian.conf" ) { - &Header::openbox('100%', 'LEFT', $Lang::tr{'guardian configuration'}); -print < - - - - - - -
$Lang::tr{'guardian interface'}
$Lang::tr{'guardian timelimit'}
$Lang::tr{'guardian logfile'}
$Lang::tr{'guardian alertfile'}
$Lang::tr{'guardian ignorefile'}
- -END -; - &Header::closebox(); -} - - - - ####################### Added for snort rules control ################################# if ( -e "${General::swroot}/snort/enable" || -e "${General::swroot}/snort/enable_green" || -e "${General::swroot}/snort/enable_blue" || -e "${General::swroot}/snort/enable_orange" ) { &Header::openbox('100%', 'LEFT', $Lang::tr{'intrusion detection system rules'}); -- 2.39.2