mirror of
https://github.com/vincentmli/bpfire.git
synced 2026-04-20 16:02:59 +02:00
Added a checkbox that enables/disables the snort http pp.
This commit is contained in:
Daniel Glanzmann
committed by
Michael Tremer
Michael Tremer
parent
b5cf97172c
commit
429f70083a
@@ -56,6 +56,7 @@ $snortsettings{'ENABLE_SNORT'} = 'off';
|
||||
$snortsettings{'ENABLE_SNORT_GREEN'} = 'off';
|
||||
$snortsettings{'ENABLE_SNORT_BLUE'} = 'off';
|
||||
$snortsettings{'ENABLE_SNORT_ORANGE'} = 'off';
|
||||
$snortsettings{'ENABLE_PREPROCESSOR_HTTP_INSPECT'} = 'off';
|
||||
$snortsettings{'ENABLE_GUARDIAN'} = 'off';
|
||||
$snortsettings{'GUARDIAN_INTERFACE'} = `cat /var/ipfire/red/iface`;
|
||||
$snortsettings{'GUARDIAN_HOSTGATEWAYBYTE'} = '1';
|
||||
@@ -108,9 +109,20 @@ if (-e "/etc/snort/snort.conf") {
|
||||
|
||||
# Loop over each line
|
||||
foreach my $line (@snortconfig) {
|
||||
# Trim the line
|
||||
# Trim the line
|
||||
chomp $line;
|
||||
|
||||
if ($snortsettings{'ACTION'} eq $Lang::tr{'save'}) {
|
||||
# Check for preprocessor settings
|
||||
if ($line =~ /preprocessor http_inspect:/) {
|
||||
# Strip out leading # from rule line
|
||||
$line =~ s/\# ?//i;
|
||||
if (($snortsettings{'ENABLE_PREPROCESSOR_HTTP_INSPECT'} eq 'off')) {
|
||||
$line = "# $line";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
# Check for a line with .rules
|
||||
if ($line =~ /\.rules$/) {
|
||||
# Parse out rule file name
|
||||
@@ -226,6 +238,7 @@ if (-e "/etc/snort/snort.conf") {
|
||||
if (!exists $snortsettings{"SNORT_RULE_$rule"}) {
|
||||
$line = "# $line";
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
# Check for rule state
|
||||
@@ -301,6 +314,12 @@ if ($snortsettings{'ACTION'} eq $Lang::tr{'save'} && $snortsettings{'ACTION2'} e
|
||||
} else {
|
||||
unlink "${General::swroot}/snort/enable_orange";
|
||||
}
|
||||
if ($snortsettings{'ENABLE_PREPROCESSOR_HTTP_INSPECT'} eq 'on')
|
||||
{
|
||||
system ('/usr/bin/touch', "${General::swroot}/snort/enable_preprocessor_http_inspect");
|
||||
} else {
|
||||
unlink "${General::swroot}/snort/enable_preprocessor_http_inspect";
|
||||
}
|
||||
if ($snortsettings{'ENABLE_GUARDIAN'} eq 'on')
|
||||
{
|
||||
system ('/usr/bin/touch', "${General::swroot}/guardian/enable");
|
||||
@@ -308,7 +327,7 @@ if ($snortsettings{'ACTION'} eq $Lang::tr{'save'} && $snortsettings{'ACTION2'} e
|
||||
unlink "${General::swroot}/guardian/enable";
|
||||
}
|
||||
|
||||
system('/usr/local/bin/snortctrl restart >/dev/null');
|
||||
system('/usr/local/bin/snortctrl restart >/dev/null');
|
||||
|
||||
} elsif ($snortsettings{'ACTION'} eq $Lang::tr{'save'} && $snortsettings{'ACTION2'} eq "guardian" ){
|
||||
open(IGNOREFILE, ">$snortsettings{'GUARDIAN_IGNOREFILE'}") or die "Unable to write guardian ignore file $snortsettings{'GUARDIAN_IGNOREFILE'}";
|
||||
@@ -365,6 +384,9 @@ $checked{'ENABLE_SNORT_BLUE'}{$snortsettings{'ENABLE_SNORT_BLUE'}} = "checked='c
|
||||
$checked{'ENABLE_SNORT_ORANGE'}{'off'} = '';
|
||||
$checked{'ENABLE_SNORT_ORANGE'}{'on'} = '';
|
||||
$checked{'ENABLE_SNORT_ORANGE'}{$snortsettings{'ENABLE_SNORT_ORANGE'}} = "checked='checked'";
|
||||
$checked{'ENABLE_PREPROCESSOR_HTTP_INSPECT'}{'off'} = '';
|
||||
$checked{'ENABLE_PREPROCESSOR_HTTP_INSPECT'}{'on'} = '';
|
||||
$checked{'ENABLE_PREPROCESSOR_HTTP_INSPECT'}{$snortsettings{'ENABLE_PREPROCESSOR_HTTP_INSPECT'}} = "checked='checked'";
|
||||
$checked{'ENABLE_GUARDIAN'}{'off'} = '';
|
||||
$checked{'ENABLE_GUARDIAN'}{'on'} = '';
|
||||
$checked{'ENABLE_GUARDIAN'}{$snortsettings{'ENABLE_GUARDIAN'}} = "checked='checked'";
|
||||
@@ -433,6 +455,14 @@ print <<END
|
||||
<tr>
|
||||
<td><hr /></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><b>$Lang::tr{'ids preprocessor'}</b></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><input type='checkbox' name='ENABLE_PREPROCESSOR_HTTP_INSPECT' $checked{'ENABLE_PREPROCESSOR_HTTP_INSPECT'}{'on'} /> http_inspect
|
||||
<tr>
|
||||
<td><hr /></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><b>$Lang::tr{'ids rules update'}</b></td>
|
||||
</tr>
|
||||
|
||||
@@ -852,6 +852,7 @@
|
||||
'ids rules license2' => 'Bestätigen Sie die Lizenz, empfangen Sie Ihr Passwort per email und gehen Sie auf die Website. Gehen Sie zu',
|
||||
'ids rules license3' => 'klicken Sie den \'Get Code\' Knopf am Fuß und kopieren den 40-Zeichen Oink Code in das untere Feld.',
|
||||
'ids rules update' => 'Snort Regeln Update',
|
||||
'ids preprocessor' => 'Snort Präprozessor',
|
||||
'iface' => 'Iface',
|
||||
'ignore filter' => '"Ignorieren"-Filter',
|
||||
'ike encryption' => 'IKE Verschlüsselung:',
|
||||
|
||||
@@ -881,6 +881,7 @@
|
||||
'ids rules license2' => 'Acknowledge the license, receive your password by email, and connect to the site. Go to',
|
||||
'ids rules license3' => 'press the \'Get Code\' button at the bottom and copy the 40 character Oink Code into the field below.',
|
||||
'ids rules update' => 'Snort rules update',
|
||||
'ids preprocessor' => 'Snort preprocessor',
|
||||
'iface' => 'Iface',
|
||||
'ignore filter' => 'Ignore filter',
|
||||
'ike encryption' => 'IKE Encryption:',
|
||||
|
||||
Reference in New Issue
Block a user