$snortsettings{'ENABLE_SNORT_GREEN'} = 'off';
$snortsettings{'ENABLE_SNORT_BLUE'} = 'off';
$snortsettings{'ENABLE_SNORT_ORANGE'} = 'off';
+$snortsettings{'ENABLE_PREPROCESSOR_HTTP_INSPECT'} = 'off';
$snortsettings{'ENABLE_GUARDIAN'} = 'off';
$snortsettings{'GUARDIAN_INTERFACE'} = `cat /var/ipfire/red/iface`;
$snortsettings{'GUARDIAN_HOSTGATEWAYBYTE'} = '1';
# Loop over each line
foreach my $line (@snortconfig) {
- # Trim the line
+ # Trim the line
chomp $line;
+ if ($snortsettings{'ACTION'} eq $Lang::tr{'save'}) {
+ # Check for preprocessor settings
+ if ($line =~ /preprocessor http_inspect:/) {
+ # Strip out leading # from rule line
+ $line =~ s/\# ?//i;
+ if (($snortsettings{'ENABLE_PREPROCESSOR_HTTP_INSPECT'} eq 'off')) {
+ $line = "# $line";
+ }
+ }
+ }
+
# Check for a line with .rules
if ($line =~ /\.rules$/) {
# Parse out rule file name
if (!exists $snortsettings{"SNORT_RULE_$rule"}) {
$line = "# $line";
}
+
}
# Check for rule state
} else {
unlink "${General::swroot}/snort/enable_orange";
}
+ if ($snortsettings{'ENABLE_PREPROCESSOR_HTTP_INSPECT'} eq 'on')
+ {
+ system ('/usr/bin/touch', "${General::swroot}/snort/enable_preprocessor_http_inspect");
+ } else {
+ unlink "${General::swroot}/snort/enable_preprocessor_http_inspect";
+ }
if ($snortsettings{'ENABLE_GUARDIAN'} eq 'on')
{
system ('/usr/bin/touch', "${General::swroot}/guardian/enable");
unlink "${General::swroot}/guardian/enable";
}
- system('/usr/local/bin/snortctrl restart >/dev/null');
+ system('/usr/local/bin/snortctrl restart >/dev/null');
} elsif ($snortsettings{'ACTION'} eq $Lang::tr{'save'} && $snortsettings{'ACTION2'} eq "guardian" ){
open(IGNOREFILE, ">$snortsettings{'GUARDIAN_IGNOREFILE'}") or die "Unable to write guardian ignore file $snortsettings{'GUARDIAN_IGNOREFILE'}";
$checked{'ENABLE_SNORT_ORANGE'}{'off'} = '';
$checked{'ENABLE_SNORT_ORANGE'}{'on'} = '';
$checked{'ENABLE_SNORT_ORANGE'}{$snortsettings{'ENABLE_SNORT_ORANGE'}} = "checked='checked'";
+$checked{'ENABLE_PREPROCESSOR_HTTP_INSPECT'}{'off'} = '';
+$checked{'ENABLE_PREPROCESSOR_HTTP_INSPECT'}{'on'} = '';
+$checked{'ENABLE_PREPROCESSOR_HTTP_INSPECT'}{$snortsettings{'ENABLE_PREPROCESSOR_HTTP_INSPECT'}} = "checked='checked'";
$checked{'ENABLE_GUARDIAN'}{'off'} = '';
$checked{'ENABLE_GUARDIAN'}{'on'} = '';
$checked{'ENABLE_GUARDIAN'}{$snortsettings{'ENABLE_GUARDIAN'}} = "checked='checked'";
<tr>
<td><hr /></td>
</tr>
+<tr>
+ <td><b>$Lang::tr{'ids preprocessor'}</b></td>
+</tr>
+<tr>
+ <td><input type='checkbox' name='ENABLE_PREPROCESSOR_HTTP_INSPECT' $checked{'ENABLE_PREPROCESSOR_HTTP_INSPECT'}{'on'} /> http_inspect
+<tr>
+ <td><hr /></td>
+</tr>
<tr>
<td><b>$Lang::tr{'ids rules update'}</b></td>
</tr>
'ids rules license2' => 'Bestätigen Sie die Lizenz, empfangen Sie Ihr Passwort per email und gehen Sie auf die Website. Gehen Sie zu',
'ids rules license3' => 'klicken Sie den \'Get Code\' Knopf am Fuß und kopieren den 40-Zeichen Oink Code in das untere Feld.',
'ids rules update' => 'Snort Regeln Update',
+'ids preprocessor' => 'Snort Präprozessor',
'iface' => 'Iface',
'ignore filter' => '"Ignorieren"-Filter',
'ike encryption' => 'IKE Verschlüsselung:',
'ids rules license2' => 'Acknowledge the license, receive your password by email, and connect to the site. Go to',
'ids rules license3' => 'press the \'Get Code\' button at the bottom and copy the 40 character Oink Code into the field below.',
'ids rules update' => 'Snort rules update',
+'ids preprocessor' => 'Snort preprocessor',
'iface' => 'Iface',
'ignore filter' => 'Ignore filter',
'ike encryption' => 'IKE Encryption:',