webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-26 19:00:34 +02:00
Code Issues Packages Projects Releases Wiki Activity

Snort-Fixes

Browse Source 
git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@517 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8
This commit is contained in:
ms
2007-05-03 17:06:13 +00:00
parent 822c5bd04c
commit 5a3e0dca58
7 changed files with 80 additions and 101 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
html/cgi-bin/ids.cgi
View File

@@ -6,8 +6,6 @@
#
# (c) The SmoothWall Team
#
# $Id: ids.cgi,v 1.8.2.18 2005/07/27 21:35:22 franck78 Exp $
#
use LWP::UserAgent;
use File::Copy;
@@ -24,6 +22,7 @@ require "${General::swroot}/header.pl";
my %snortsettings=();
my %checked=();
my %selected=();
my %netsettings=();
our $errormessage = '';
our $md5 = '0';# not '' to avoid displaying the wrong message when INSTALLMD5 not set
@@ -40,17 +39,21 @@ $snortsettings{'ENABLE_SNORT_GREEN'} = 'off';
$snortsettings{'ENABLE_SNORT_BLUE'} = 'off';
$snortsettings{'ENABLE_SNORT_ORANGE'} = 'off';
$snortsettings{'ACTION'} = '';
$snortsettings{'RULESTYPE'} = '';
$snortsettings{'RULES'} = '';
$snortsettings{'OINKCODE'} = '';
$snortsettings{'INSTALLDATE'} = '';
$snortsettings{'INSTALLMD5'} = '';
&Header::getcgihash(\%snortsettings, {'wantfile' => 1, 'filevar' => 'FH'});
if ($snortsettings{'RULESTYPE'} eq 'subscripted') {
$url="http://www.snort.org/pub-bin/oinkmaster.cgi/$snortsettings{'OINKCODE'}/snortrules-snapshot-2.3_s.tar.gz";
if ($snortsettings{'RULES'} eq 'subscripted') {
$url="http://www.snort.org/pub-bin/oinkmaster.cgi/$snortsettings{'OINKCODE'}/snortrules-snapshot-CURRENT_s.tar.gz";
} elsif ($snortsettings{'RULES'} eq 'registered') {
$url="http://www.snort.org/pub-bin/oinkmaster.cgi/$snortsettings{'OINKCODE'}/snortrules-snapshot-CURRENT.tar.gz";
} elsif ($snortsettings{'RULES'} eq 'bleeding') {
$url="http://www.bleedingsnort.com/bleeding.rules.tar.gz";
} else {
$url="http://www.snort.org/pub-bin/oinkmaster.cgi/$snortsettings{'OINKCODE'}/snortrules-snapshot-2.3.tar.gz";
$url="http://www.snort.org/pub-bin/downloads.cgi/Download/comm_rules/Community-Rules-CURRENT.tar.gz";
}
if ($snortsettings{'ACTION'} eq $Lang::tr{'save'})
@@ -105,7 +108,7 @@ if ($snortsettings{'ACTION'} eq $Lang::tr{'download new ruleset'}) {
$errormessage = "$Lang::tr{'invalid md5sum'}";
} else {
$results = "<b>$Lang::tr{'installed updates'}</b>\n<pre>";
$results .=`/usr/local/bin/oinkmaster.pl -s -u file://$filename -C /var/ipfire/snort/oinkmaster.conf -o /etc/snort 2>&1`;
$results .=`/usr/local/bin/oinkmaster.pl -s -u file://$filename -C /var/ipfire/snort/oinkmaster.conf -o /etc/snort/rules/ 2>&1`;
$results .= "</pre>";
}
unlink ($filename);
@@ -125,10 +128,12 @@ $checked{'ENABLE_SNORT_BLUE'}{$snortsettings{'ENABLE_SNORT_BLUE'}} = "checked='c
$checked{'ENABLE_SNORT_ORANGE'}{'off'} = '';
$checked{'ENABLE_SNORT_ORANGE'}{'on'} = '';
$checked{'ENABLE_SNORT_ORANGE'}{$snortsettings{'ENABLE_SNORT_ORANGE'}} = "checked='checked'";
$checked{'RULESTYPE'}{'nothing'} = '';
$checked{'RULESTYPE'}{'registered'} = '';
$checked{'RULESTYPE'}{'subscripted'} = '';
$checked{'RULESTYPE'}{$snortsettings{'RULESTYPE'}} = "checked='checked'";
$selected{'RULES'}{'nothing'} = '';
$selected{'RULES'}{'bleeding'} = '';
$selected{'RULES'}{'community'} = '';
$selected{'RULES'}{'registered'} = '';
$selected{'RULES'}{'subscripted'} = '';
$selected{'RULES'}{$snortsettings{'RULES'}} = "selected='selected'";
&Header::openpage($Lang::tr{'intrusion detection system'}, 1, '');
@@ -180,16 +185,14 @@ print <<END
<td><b>$Lang::tr{'ids rules update'}</b></td>
</tr>
<tr>
<td><input type='radio' name='RULESTYPE' value='nothing' $checked{'RULESTYPE'}{'nothing'} />
$Lang::tr{'no'}</td>
</tr>
<tr>
<td><input type='radio' name='RULESTYPE' value='registered' $checked{'RULESTYPE'}{'registered'} />
$Lang::tr{'registered user rules'}</td>
</tr>
<tr>
<td><input type='radio' name='RULESTYPE' value='subscripted' $checked{'RULESTYPE'}{'subscripted'} />
$Lang::tr{'subscripted user rules'}</td>
<td><select name='RULES'>
<option value='nothing' $selected{'RULES'}{'nothing'} >$Lang::tr{'no'}</option>
<option value='bleeding' $selected{'RULES'}{'bleeding'} >$Lang::tr{'bleeding rules'}</option>
<option value='community' $selected{'RULES'}{'community'} >$Lang::tr{'community rules'}</option>
<option value='registered' $selected{'RULES'}{'registered'} >$Lang::tr{'registered user rules'}</option>
<option value='subscripted' $selected{'RULES'}{'subscripted'} >$Lang::tr{'subscripted user rules'}</option>
</select>
</td>
</tr>
<tr>
<td><br />
@@ -199,7 +202,7 @@ print <<END
</td>
</tr>
<tr>
<td nowrap='nowrap'>Oink Code:&nbsp;<input type='text' size='40' name='OINKCODE' value='$snortsettings{'OINKCODE'}' /></td>
<td nowrap='nowrap'>Oinkcode:&nbsp;<input type='text' size='40' name='OINKCODE' value='$snortsettings{'OINKCODE'}' /></td>
</tr>
<tr>
<td width='30%' align='center'><input type='submit' name='ACTION' value='$Lang::tr{'download new ruleset'}' />

55
html/cgi-bin/upnp.cgi
View File

@@ -30,12 +30,12 @@ my %servicenames =('UPnP Daemon' => 'upnpd',);
$upnpsettings{'DEBUGMODE'} = '3';
$upnpsettings{'FORWARDRULES'} = 'yes';
$upnpsettings{'DOWNSTREAM'} = '900000';
$upnpsettings{'UPSTREAM'} = '16000000';
$upnpsettings{'DOWNSTREAM'} = '1048576';
$upnpsettings{'UPSTREAM'} = '131072';
$upnpsettings{'DESCRIPTION'} = 'gatedesc.xml';
$upnpsettings{'XML'} = '/etc/linuxigd';
$upnpsettings{'ENABLED'} = 'off';
$upnpsettings{'friendlyName'} = 'IpFire Upnp Device';
$upnpsettings{'friendlyName'} = 'IPFire Gateway';
### Values that have to be initialized
$upnpsettings{'ACTION'} = '';
@@ -51,8 +51,8 @@ $upnpsettings{'ACTION'} = '';
if ($upnpsettings{'ACTION'} eq $Lang::tr{'save'})
{
$upnpsettings{'DOWNSTREAM'} = $upnpsettings{'DOWNSTREAM'} * 8;
$upnpsettings{'UPSTREAM'} = $upnpsettings{'UPSTREAM'} * 8;
$upnpsettings{'DOWNSTREAM'} = $upnpsettings{'DOWNSTREAM'} * 1024;
$upnpsettings{'UPSTREAM'} = $upnpsettings{'UPSTREAM'} * 1024;
&General::writehash("${General::swroot}/upnp/settings", \%upnpsettings);
open (FILE, ">${General::swroot}/upnp/upnpd.conf") or die "Can't save the upnp config: $!";
@@ -96,8 +96,8 @@ elsif ($upnpsettings{'ACTION'} eq $Lang::tr{'restart'})
}
&General::readhash("${General::swroot}/upnp/settings", \%upnpsettings);
$upnpsettings{'DOWNSTREAM'} = $upnpsettings{'DOWNSTREAM'} / 8;
$upnpsettings{'UPSTREAM'} = $upnpsettings{'UPSTREAM'} / 8;
$upnpsettings{'DOWNSTREAM'} = $upnpsettings{'DOWNSTREAM'} / 1024;
$upnpsettings{'UPSTREAM'} = $upnpsettings{'UPSTREAM'} / 1024;
if ($errormessage)
{
@@ -145,26 +145,41 @@ print <<END
<form method='post' action='$ENV{'SCRIPT_NAME'}'>
<table width='95%' cellspacing='0'>
<tr><td colspan='2' align='left' bgcolor='${Header::table1colour}'><b>$Lang::tr{'options'}</b></td></tr>
<tr><td colspan='2' align='left'><br></br></td></tr>
<tr><td align='left'>Debug Mode:</td><td><input type='text' name='DEBUGMODE' value='$upnpsettings{'DEBUGMODE'}' size="30" /></td></tr>
<tr><td align='left'>Forward Rules:</td><td><input type='text' name='FORWARDRULES' value='$upnpsettings{'FORWARDRULES'}' size="30" /></td></tr>
<tr><td align='left' colspan='2'><br /></td></tr>
<tr><td align='left'>Down Stream in KB:</td><td><input type='text' name='DOWNSTREAM' value='$upnpsettings{'DOWNSTREAM'}' size="30" /></td></tr>
<tr><td align='left'>Up Strean in KB:</td><td><input type='text' name='UPSTREAM' value='$upnpsettings{'UPSTREAM'}' size="30" /></td></tr>
<tr><td align='left'>UPnP Device Name:</td><td><input type='text' name='friendlyName' value='$upnpsettings{'friendlyName'}' size="30" /></td></tr>
<tr><td align='left' colspan='2'><br /></td></tr>
<tr><td align='left'>XML Document:</td><td><input type='text' name='XML' value='$upnpsettings{'XML'}' size="30" /></td></tr>
<tr><td align='left'>Description Document:</td><td><input type='text' name='DESCRIPTION' value='$upnpsettings{'DESCRIPTION'}' size="30" /></td></tr>
<tr><td align='left'>Upnp Device Name:</td><td><input type='text' name='friendlyName' value='$upnpsettings{'friendlyName'}' size="30" /></td></tr>
<tr><td colspan='2' align='left'><br></br></td></tr>
<tr><td colspan='2' align='center'><input type='hidden' name='ACTION' value=$Lang::tr{'save'} />
<tr><td align='left'>Downstream in KB:</td><td><input type='text' name='DOWNSTREAM' value='$upnpsettings{'DOWNSTREAM'}' size="30" /></td></tr>
<tr><td align='left'>Upstream in KB:</td><td><input type='text' name='UPSTREAM' value='$upnpsettings{'UPSTREAM'}' size="30" /></td></tr>
<tr><td align='left' colspan='2'><br /></td></tr>
<tr><td colspan='2' align='center'> <input type='hidden' name='ACTION' value=$Lang::tr{'save'} />
<input type='image' alt=$Lang::tr{'save'} src='/images/floppy.gif' /></td></tr>
</table></form>
<br />
<hr />
END
;
&Header::closebox();
&Header::openbox('100%', 'center', 'Aktuell geoeffnete Ports');
my @output = qx(iptables -t nat -n -L PORTFW);
my ($outputline, $extip, $extport, $int);
my @output2;
print "<table>";
foreach $outputline (@output) {
if ( $outputline =~ /^DNAT/ ) {
@output2 = split(/ /, $outputline);
$extip = $output2[23];
$extport = $output2[29];
$extport =~ s/dpt://;
$int = "$output2[31]";
$int =~ s/to://;
print "<tr><td>$extip:$extport<td align='center'><img src='/images/forward.gif' alt='=&gt;' /><td>$int";
}
}
print "</table>";
&Header::closebox();
&Header::closebigbox();
&Header::closepage();
@@ -197,4 +212,4 @@ sub isrunning
}
return $status;
}
}