Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Comparing changes

Choose two branches to see what's changed or to start a new pull request. If you need to, you can also compare across forks.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also compare across forks.
base fork: pfsense/pfsense-packages
base: master
...
head fork: digdug3/pfsense-packages
compare: master
Checking mergeability… Don't worry, you can still create the pull request.
  • 2 commits
  • 3 files changed
  • 0 commit comments
  • 1 contributor
Commits on Jul 28, 2012
@digdug3 digdug3 Snort Widget: Add link to title
Add a link to snort_alert.php in Snort Widget title bar, just like
Firewall and Interfaces widget
a20bc0f
Commits on Aug 03, 2012
@digdug3 digdug3 Fix when no alerts are found
Should fix the 'foreach' error when no alert entries are found.
97eedf4
View
5 config/widget-snort/snort_alerts.inc
@@ -0,0 +1,5 @@
+<?php
+//set variable for custom title
+$snort_alerts_title = "Snort Alerts";
+$snort_alerts_title_link = "snort/snort_alerts.php";
+?>
View
260 config/widget-snort/snort_alerts.widget.php
@@ -1,131 +1,131 @@
-<?php
-/*
- snort_alerts.widget.php
- Copyright (C) 2009 Jim Pingle
- mod 24-07-2012
-
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
-
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
-
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
-
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INClUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
-*/
-global $config, $g;
-
-/* array sorting */
-function sksort(&$array, $subkey="id", $sort_ascending=false) {
- if (count($array)) {
- $temp_array[key($array)] = array_shift($array);
- };
-
- foreach ($array as $key => $val){
- $offset = 0;
- $found = false;
- foreach ($temp_array as $tmp_key => $tmp_val) {
- if (!$found and strtolower($val[$subkey]) > strtolower($tmp_val[$subkey])) {
- $temp_array = array_merge((array)array_slice($temp_array,0,$offset), array($key => $val), array_slice($temp_array,$offset));
- $found = true;
- };
- $offset++;
- };
- if (!$found) $temp_array = array_merge($temp_array, array($key => $val));
- };
-
- if ($sort_ascending) {
- $array = array_reverse($temp_array);
- } else $array = $temp_array;
-};
-
-/* check if firewall widget variable is set */
-if (!isset($nentries)) $nentries = 5;
-
-/* retrieve snort variables */
-require_once("/usr/local/pkg/snort/snort.inc");
-if (!is_array($config['installedpackages']['snortglobal']['rule']))
- $config['installedpackages']['snortglobal']['rule'] = array();
-$a_instance = &$config['installedpackages']['snortglobal']['rule'];
-
-/* read log file(s) */
-$counter=0;
-foreach ($a_instance as $instanceid => $instance) {
- $snort_uuid = $a_instance[$instanceid]['uuid'];
- $if_real = snort_get_real_interface($a_instance[$instanceid]['interface']);
-
- /* make sure alert file exists */
- if (file_exists("/var/log/snort/snort_{$if_real}{$snort_uuid}/alert")) {
- exec("tail -n{$nentries} /var/log/snort/snort_{$if_real}{$snort_uuid}/alert > /tmp/alert_{$snort_uuid}");
- if (file_exists("/tmp/alert_{$snort_uuid}")) {
- $tmpblocked = array_flip(snort_get_blocked_ips());
-
- /* 0 1 2 3 4 5 6 7 8 9 10 11 12 */
- /* File format timestamp,sig_generator,sig_id,sig_rev,msg,proto,src,srcport,dst,dstport,id,classification,priority */
- $fd = fopen("/tmp/alert_{$snort_uuid}", "r");
- while (($fields = fgetcsv($fd, 1000, ',', '"')) !== FALSE) {
- if(count($fields) < 11)
- continue;
-
- $snort_alerts[$counter]['instanceid'] = $a_instance[$instanceid]['interface'];
- $snort_alerts[$counter]['timestamp'] = $fields[0];
- $snort_alerts[$counter]['timeonly'] = substr($fields[0], 6, -8);
- $snort_alerts[$counter]['dateonly'] = substr($fields[0], 0, -17);
- $snort_alerts[$counter]['src'] = $fields[6];
- $snort_alerts[$counter]['srcport'] = $fields[7];
- $snort_alerts[$counter]['dst'] = $fields[8];
- $snort_alerts[$counter]['dstport'] = $fields[9];
- $snort_alerts[$counter]['priority'] = $fields[12];
- $snort_alerts[$counter]['category'] = $fields[11];
- $counter++;
- };
- fclose($fd);
- @unlink("/tmp/alert_{$snort_uuid}");
- };
- };
-};
-
-/* sort the array */
-if (isset($config['syslog']['reverse'])) {
- sksort($snort_alerts, 'timestamp', false);
-} else {
- sksort($snort_alerts, 'timestamp', true);
-};
-
-/* display the result */
-?>
-<table width="100%" border="0" cellspacing="0" cellpadding="0">
- <tbody>
- <tr class="snort-alert-header">
- <td width="30%" class="widgetsubheader" >IF/Date</td>
- <td width="40%" class="widgetsubheader">Src/Dst</td>
- <td width="40%" class="widgetsubheader">Details</td>
- </tr>
-<?php
-$counter=0;
-if (is_array($snort_alerts)) {
- foreach ($snort_alerts as $alert) {
- echo(" <tr class='snort-alert-entry'" . $activerow . ">
- <td width='30%' class='listr'>" . $alert['instanceid'] . "<br>" . $alert['timeonly'] . " " . $alert['dateonly'] . "</td>
- <td width='40%' class='listr'>" . $alert['src'] . ":" . $alert['srcport'] . "<br>" . $alert['dst'] . ":" . $alert['dstport'] . "</td>
- <td width='40%' class='listr'>Pri : " . $alert['priority'] . "<br>Cat : " . $alert['category'] . "</td>
- </tr>");
- $counter++;
- if($counter >= $nentries) break;
- }
-};
-?>
- </tbody>
+<?php
+/*
+ snort_alerts.widget.php
+ Copyright (C) 2009 Jim Pingle
+ mod 03-08-2012
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INClUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+global $config, $g;
+
+/* array sorting */
+function sksort(&$array, $subkey="id", $sort_ascending=false) {
+ if (count($array)) {
+ $temp_array[key($array)] = array_shift($array);
+ };
+
+ foreach ($array as $key => $val){
+ $offset = 0;
+ $found = false;
+ foreach ($temp_array as $tmp_key => $tmp_val) {
+ if (!$found and strtolower($val[$subkey]) > strtolower($tmp_val[$subkey])) {
+ $temp_array = array_merge((array)array_slice($temp_array,0,$offset), array($key => $val), array_slice($temp_array,$offset));
+ $found = true;
+ };
+ $offset++;
+ };
+ if (!$found) $temp_array = array_merge($temp_array, array($key => $val));
+ };
+
+ if ($sort_ascending) {
+ $array = array_reverse($temp_array);
+ } else $array = $temp_array;
+};
+
+/* check if firewall widget variable is set */
+if (!isset($nentries)) $nentries = 5;
+
+/* retrieve snort variables */
+require_once("/usr/local/pkg/snort/snort.inc");
+if (!is_array($config['installedpackages']['snortglobal']['rule']))
+ $config['installedpackages']['snortglobal']['rule'] = array();
+$a_instance = &$config['installedpackages']['snortglobal']['rule'];
+
+/* read log file(s) */
+$counter=0;
+foreach ($a_instance as $instanceid => $instance) {
+ $snort_uuid = $a_instance[$instanceid]['uuid'];
+ $if_real = snort_get_real_interface($a_instance[$instanceid]['interface']);
+
+ /* make sure alert file exists */
+ if (file_exists("/var/log/snort/snort_{$if_real}{$snort_uuid}/alert")) {
+ exec("tail -n{$nentries} /var/log/snort/snort_{$if_real}{$snort_uuid}/alert > /tmp/alert_{$snort_uuid}");
+ if (file_exists("/tmp/alert_{$snort_uuid}")) {
+ $tmpblocked = array_flip(snort_get_blocked_ips());
+
+ /* 0 1 2 3 4 5 6 7 8 9 10 11 12 */
+ /* File format timestamp,sig_generator,sig_id,sig_rev,msg,proto,src,srcport,dst,dstport,id,classification,priority */
+ $fd = fopen("/tmp/alert_{$snort_uuid}", "r");
+ while (($fields = fgetcsv($fd, 1000, ',', '"')) !== FALSE) {
+ if(count($fields) < 11)
+ continue;
+
+ $snort_alerts[$counter]['instanceid'] = $a_instance[$instanceid]['interface'];
+ $snort_alerts[$counter]['timestamp'] = $fields[0];
+ $snort_alerts[$counter]['timeonly'] = substr($fields[0], 6, -8);
+ $snort_alerts[$counter]['dateonly'] = substr($fields[0], 0, -17);
+ $snort_alerts[$counter]['src'] = $fields[6];
+ $snort_alerts[$counter]['srcport'] = $fields[7];
+ $snort_alerts[$counter]['dst'] = $fields[8];
+ $snort_alerts[$counter]['dstport'] = $fields[9];
+ $snort_alerts[$counter]['priority'] = $fields[12];
+ $snort_alerts[$counter]['category'] = $fields[11];
+ $counter++;
+ };
+ fclose($fd);
+ @unlink("/tmp/alert_{$snort_uuid}");
+ };
+ };
+};
+
+/* display the result */
+?>
+<table width="100%" border="0" cellspacing="0" cellpadding="0">
+ <tbody>
+ <tr class="snort-alert-header">
+ <td width="30%" class="widgetsubheader" >IF/Date</td>
+ <td width="40%" class="widgetsubheader">Src/Dst</td>
+ <td width="40%" class="widgetsubheader">Details</td>
+ </tr>
+<?php
+if (is_array($snort_alerts)) {
+ /* sort the array */
+ if (isset($config['syslog']['reverse'])) {
+ sksort($snort_alerts, 'timestamp', false);
+ } else {
+ sksort($snort_alerts, 'timestamp', true);
+ };
+
+ $counter=0;
+ foreach ($snort_alerts as $alert) {
+ echo(" <tr class='snort-alert-entry'" . $activerow . ">
+ <td width='30%' class='listr'>" . $alert['instanceid'] . "<br>" . $alert['timeonly'] . " " . $alert['dateonly'] . "</td>
+ <td width='40%' class='listr'>" . $alert['src'] . ":" . $alert['srcport'] . "<br>" . $alert['dst'] . ":" . $alert['dstport'] . "</td>
+ <td width='40%' class='listr'>Pri : " . $alert['priority'] . "<br>Cat : " . $alert['category'] . "</td>
+ </tr>");
+ $counter++;
+ if($counter >= $nentries) break;
+ }
+};
+?>
+ </tbody>
</table>
View
127 config/widget-snort/widget-snort.xml
@@ -1,61 +1,66 @@
-<?xml version="1.0" encoding="utf-8" ?>
-<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
-<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
-<packagegui>
- <copyright>
- <![CDATA[
-/* $Id$ */
-/* ========================================================================== */
-/*
- widget-snort.xml
- part of pfSense (http://www.pfSense.com)
- Copyright (C) 2009 Jim Pingle
- All rights reserved.
-
- Based on m0n0wall (http://m0n0.ch/wall)
- Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
- All rights reserved.
- */
-/* ========================================================================== */
-/*
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions are met:
-
- 1. Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
-
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
-
- THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
- INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
- AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
- OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGE.
- */
-/* ========================================================================== */
- ]]>
- </copyright>
- <description>Snort widget add-on for Dashboard package</description>
- <requirements>Dashboard package and Snort</requirements>
- <faq>Currently there are no FAQ items provided.</faq>
- <name>widget-snort</name>
- <version>0.5</version>
- <title>Widget - Snort</title>
- <additional_files_needed>
- <prefix>/usr/local/www/widgets/javascript/</prefix>
- <chmod>0644</chmod>
- <item>http://www.pfsense.com/packages/config/widget-snort/snort_alerts.js</item>
- </additional_files_needed>
- <additional_files_needed>
- <prefix>/usr/local/www/widgets/widgets/</prefix>
- <chmod>0644</chmod>
- <item>http://www.pfsense.com/packages/config/widget-snort/snort_alerts.widget.php</item>
- </additional_files_needed>
-</packagegui>
+<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
+<?xml-stylesheet type="text/xsl" href="../xsl/package.xsl"?>
+<packagegui>
+ <copyright>
+ <![CDATA[
+/* $Id$ */
+/* ========================================================================== */
+/*
+ widget-snort.xml
+ part of pfSense (http://www.pfSense.com)
+ Copyright (C) 2009 Jim Pingle
+ All rights reserved.
+
+ Based on m0n0wall (http://m0n0.ch/wall)
+ Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+ */
+/* ========================================================================== */
+/*
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+ */
+/* ========================================================================== */
+ ]]>
+ </copyright>
+ <description>Snort widget add-on for Dashboard package</description>
+ <requirements>Dashboard package and Snort</requirements>
+ <faq>Currently there are no FAQ items provided.</faq>
+ <name>widget-snort</name>
+ <version>0.5</version>
+ <title>Widget - Snort</title>
+ <additional_files_needed>
+ <prefix>/usr/local/www/widgets/javascript/</prefix>
+ <chmod>0644</chmod>
+ <item>http://www.pfsense.com/packages/config/widget-snort/snort_alerts.js</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/usr/local/www/widgets/widgets/</prefix>
+ <chmod>0644</chmod>
+ <item>http://www.pfsense.com/packages/config/widget-snort/snort_alerts.widget.php</item>
+ </additional_files_needed>
+ <additional_files_needed>
+ <prefix>/usr/local/www/widgets/include/</prefix>
+ <chmod>0644</chmod>
+ <item>http://www.pfsense.com/packages/config/widget-snort/snort_alerts.inc</item>
+ </additional_files_needed>
+</packagegui>

No commit comments for this range

Something went wrong with that request. Please try again.