<?php
/*
** SnortCenter Copyright (C) 2001,2002,2003 Stefan Dens
**
** Author: Stefan Dens <hide@address.com>
**
** This program is free software; you can redistribute it and/or modify
** it under the terms of the GNU General Public License as published by
** the Free Software Foundation; either version 2 of the License, or
** (at your option) any later version.
**
** This program is distributed in the hope that it will be useful,
** but WITHOUT ANY WARRANTY; without even the implied warranty of
** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
** GNU General Public License for more details.
**
** You should have received a copy of the GNU General Public License
** along with this program; if not, write to the Free Software
** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
?>
<?php
include("config.php");
$db = NewACIDDBConnection($DBlib_path, $DBtype);
$db->acidConnect($DB_dbname, $DB_host, $DB_port, $DB_user, $DB_password);
include('top.inc.php');
echo '<style>';
echo 'body {scrollbar-face-color: #BBBBBB; scrollbar-shadow-color: #BBBBBB; scrollbar-highlight-color: #CCCCCC; scrollbar-3dlight-color: #666666 ; scrollbar-darkshadow-color: #666666 ; scrollbar-track-color: #CCCCCC ; scrollbar-arrow-color: #666666 }';
echo 'textarea,input,select, { font-family: Verdana; font-size: 9px; color: #003366; border-width : 1; background-color: #FFFFFF; border-color: black; }';
echo '</style>';
if ($rulechange == 'Save') {
$result = $db->acidExecute("SELECT * from rulechange where sid='$sid' and sensor_id='$sensor_id'");
$myrow = $result->acidFetchRow();
if ($myrow != 0) {
$result = $db->acidExecute("UPDATE rulechange SET sensor_id='$sensor_id', sid='$sid', action='$action', src_ip='$src_ip', src_port='$src_port',
dst_ip='$dst_ip', dst_port='$dst_port' where sensor_id='$sensor_id' and sid='$sid'");
} else {
$result = $db->acidExecute("INSERT INTO rulechange (sensor_id, sid, action, src_ip, src_port, dst_ip, dst_port)
VALUES ('$sensor_id', '$sid', '$action', '$src_ip', '$src_port', '$dst_ip', '$dst_port')");
}
$result->acidFreeRows();
echo '<SCRIPT language=javascript>setTimeout("location.href=\'sensor_rules.php?find_what=sid&sensor_id='.$sensor_id.'&goto='.$sid.'\'",0);</SCRIPT>';
}
if ($rulechange == 'Restore Default') {
$result = $db->acidExecute("DELETE from rulechange where sid='$sid' and sensor_id='$sensor_id'");
echo '<SCRIPT language=javascript>setTimeout("location.href=\'sensor_rules.php?find_what=sid&sensor_id='.$sensor_id.'&goto='.$sid.'\'",0);</SCRIPT>';
}
if (($do == "Save as New") || ($do == "Save")) {
$result = $db->acidExecute("SELECT max(sid) FROM rules where sid > '1000000'");
$myrow = $result->acidFetchRow();
$sid = $myrow[0];
if ($sid == '') {
$sid = '1000001';
$rev = 1;
} else {
$sid = $sid+1;
$rev = 1;
}
$result = $db->acidExecute("INSERT INTO rules (action, proto ,src_ip, src_port, operator, dst_ip, dst_port, msg, ttl, tos, id, ipoption, ip_proto, fragbits, dsize, flags, window, seq, ack, itype, icode, icmp_id, icmp_seq, content_list, session, rpc, resp, react, classtype, priority, tag, sameip, stateless, sid, rev, activates, activates_by, count, logto, category, flow, fragoffset, pcre, flowbits, threshold )
VALUES ('$action', '$proto' ,'$src_ip', '$src_port', '$operator', '$dst_ip', '$dst_port', '$msg', '$ttl', '$tos', '$id', '$ipoption', '$ip_proto', '$fragbits', '$dsize', '$flags', '$window', '$seq', '$ack', '$itype', '$icode', '$icmp_id', '$icmp_seq', '$content_list', '$session', '$rpc', '$resp', '$react', '$classtype', '$priority', '$tag', '$sameip', '$stateless', '$sid', '$rev', '$activates', '$activates_by', '$count', '$logto', 'local.rules', '$flow', '$fragoffset', '$pcre', '$flowbits', '$threshold')");
$result->acidFreeRows();
$nr_max = max(count($content),count($byte_jump),count($byte_test),count($ans1));
// print "<B>$nr_max</B><BR>";
for ( $tmp_nr = 0; $tmp_nr < $nr_max; $tmp_nr++) {
// print "<B>$tmp_nr</B></BR>";
$tmp_content=$content[$tmp_nr];
stripslashes($tmp_content);
$tmp_bytejump=$byte_jump[$tmp_nr];
stripslashes($tmp_bytejump);
$tmp_bytetest=$byte_test[$tmp_nr];
stripslashes($tmp_bytetest);
if (($tmp_content != '') || ($tmp_bytejump != '') || ($tmp_bytetest != '')) {
// print "<B>$tmp_nr: $tmp_content, $tmp_bytejump, $tmp_bytetest</B></BR>";
$result = $db->acidExecute("INSERT INTO content ( sid, sequence, content, off_set, depth, nocase, regex, distance, within, rawbytes, byte_jump, byte_test, isdataat, asn1)
VALUES ( '$sid', '$tmp_nr+1' , '$tmp_content', '$off_set[$tmp_nr]', '$depth[$tmp_nr]', '$nocase[$tmp_nr]', '$regex[$tmp_nr]', '$distance[$tmp_nr]', '$within[$tmp_nr]', '$rawbytes[$tmp_nr]', '$tmp_bytejump', '$tmp_bytetest', '$isdataat[$tmp_nr]', '$asn1[$tmp_nr]')");
$result->acidFreeRows();
}
}
foreach($uricontent as $uritmp_nr => $uritmp) {
stripslashes($uritmp);
if ($uritmp != '') {
$result = $db->acidExecute("INSERT INTO uricontent ( sid, uricontent, off_set, depth, nocase, regex )
VALUES ( '$sid', '$uritmp', '$uri_off_set[$uritmp_nr]', '$uri_depth[$uritmp_nr]', '$uri_nocase[$uritmp_nr]', '$uri_regex[$uritmp_nr]')");
$result->acidFreeRows();
}
}
foreach($reference as $tmp_ref) {
stripslashes($tmp_ref);
if ($tmp_ref != '') {
$result = $db->acidExecute("INSERT INTO reference ( sid, reference )
VALUES ( '$sid', '$tmp_ref')");
$result->acidFreeRows();
}
}
echo '<SCRIPT language=javascript>setTimeout("location.href=\'rules.php?find_what=sid&sensor_id='.$sensor_id.'&goto='.$sid.'\'",0);</SCRIPT>';
}
if ($do == "Update") {
$rev = $rev+1;
# Fix SnortSam string
if($snortsamSrc || $snortsamDst) {
if($snortsamSrc) $snortsam="src, ";
else $snortsam="dst, ";
$snortsam=$snortsam . $snortsamTime . " " . $snortsamUnit;
}
# End fix SnortSam string'
$result = $db->acidExecute("UPDATE rules SET action='$action', proto='$proto', src_ip='$src_ip', src_port='$src_port',
operator='$operator', dst_ip='$dst_ip', dst_port='$dst_port', msg='$msg', ttl='$ttl', tos='$tos', id='$id', ipoption='$ipoption',
ip_proto='$ip_proto', fragbits='$fragbits', dsize='$dsize', flags='$flags', window='$window', seq='$seq', ack='$ack', itype='$itype', icode='$icode',
icmp_id='$icmp_id', icmp_seq='$icmp_seq', content_list='$content_list',
session='$session', rpc='$rpc', resp='$resp', react='$react', sid='$sid', rev='$rev',
classtype='$classtype', priority='$priority', tag='$tag', sameip='$sameip', stateless='$stateless', activates='$activates',
activates_by='$activates_by', count='$count', logto='$logto', category='$category', flow='$flow', fragoffset='$fragoffset', pcre='$pcre', flowbits='$flowbits', threshold='$threshold', snortsam='$snortsam' where sid='$sid'");
$result->acidFreeRows();
$result = $db->acidExecute("DELETE FROM content WHERE sid='$sid'");
$result->acidFreeRows();
$nr_max = max(count($content),count($byte_jump),count($byte_test),count($asn1));
// print "<B>$nr_max</B></BR>";
for ( $tmp_nr = 0; $tmp_nr < $nr_max; $tmp_nr++) {
// print "<B>$tmp_nr</B></BR>";
$tmp_content=$content[$tmp_nr];
stripslashes($tmp_content);
$tmp_bytejump=$byte_jump[$tmp_nr];
stripslashes($tmp_bytejump);
$tmp_bytetest=$byte_test[$tmp_nr];
stripslashes($tmp_bytetest);
if (($tmp_content != '') || ($tmp_bytejump != '') || ($tmp_bytetest != '') || ($asn1[$tmp_nr] != '')) {
// print "<B>$tmp_nr: $tmp_content, $tmp_bytejump, $tmp_bytetest</B></BR>";
$result = $db->acidExecute("INSERT INTO content ( sid, sequence, content, off_set, depth, nocase, regex, distance, within, rawbytes, byte_jump, byte_test, isdataat, asn1 )
VALUES ( '$sid', '$tmp_nr+1' , '$tmp_content', '$off_set[$tmp_nr]', '$depth[$tmp_nr]', '$nocase[$tmp_nr]', '$regex[$tmp_nr]', '$distance[$tmp_nr]', '$within[$tmp_nr]', '$rawbytes[$tmp_nr]', '$tmp_bytejump', '$tmp_bytetest', '$isdataat[$tmp_nr]', '$asn1[$tmp_nr]')");
$result->acidFreeRows();
// print ("<B>$result</B><BR>");
}
}
$result = $db->acidExecute("DELETE FROM uricontent WHERE sid='$sid'");
$result->acidFreeRows();
foreach($uricontent as $uritmp_nr => $uritmp) {
stripslashes($uritmp);
if ($uritmp != '') {
$result = $db->acidExecute("INSERT INTO uricontent ( sid, uricontent, off_set, depth, nocase, regex )
VALUES ( '$sid', '$uritmp', '$uri_off_set[$uritmp_nr]', '$uri_depth[$uritmp_nr]', '$uri_nocase[$uritmp_nr]', '$uri_regex[$uritmp_nr]')");
$result->acidFreeRows();
}
}
$result = $db->acidExecute("DELETE FROM reference WHERE sid='$sid'");
$result->acidFreeRows();
foreach($reference as $tmp_ref) {
stripslashes($tmp_ref);
if ($tmp_ref != '') {
$result = $db->acidExecute("INSERT INTO reference ( sid, reference)
VALUES ( '$sid', '$tmp_ref')");
$result->acidFreeRows();
}
}
// disabled to save clicks when defining a new rule
// echo '<SCRIPT language=javascript>setTimeout("location.href=\'rules.php?find_what=sid&sensor_id='.$sensor_id.'&goto='.$sid.'\'",0);</SCRIPT>';
}
if (($rule != "new") and ($do != 'Save')) {
$content = '';
$uricontent = '';
$reference = '';
$byte_jump = '';
$byte_test = '';
$result = $db->acidExecute("SELECT action, proto ,src_ip, src_port, operator, dst_ip, dst_port, msg, ttl, tos, id, ipoption, ip_proto, fragbits, dsize, flags, window, seq, ack, itype, icode, icmp_id, icmp_seq, content_list, session, rpc, resp, react, classtype, priority, tag, sameip, stateless, sid, rev, activates, activates_by, count, logto, category, flow, fragoffset, pcre, flowbits, threshold, snortsam FROM rules where sid='$sid' and rev='$rev'");
$myrow = $result->acidFetchRow();
list($action, $proto , $src_ip, $src_port, $operator, $dst_ip, $dst_port, $msg, $ttl, $tos, $id, $ipoption, $ip_proto, $fragbits, $dsize, $flags, $window, $seq, $ack, $itype, $icode, $icmp_id, $icmp_seq, $content_list, $session, $rpc, $resp, $react, $classtype, $priority, $tag, $sameip, $stateless, $sid, $rev, $activates, $activates_by, $count, $logto, $category, $flow, $fragoffset, $pcre, $flowbits, $threshold, $snortsam) = $myrow;
$result = $db->acidExecute("SELECT content, off_set, depth, nocase, regex, distance, within, rawbytes, byte_jump, byte_test, isdataat, asn1 FROM content WHERE sid='$sid' ORDER BY sequence");
$i = 0;
while ($myrow = $result->acidFetchRow()) {
// print "<B>$myrow[0], $myrow[1], $myrow[2], $myrow[3], $myrow[4], $myrow[5], $myrow[6], $myrow[7], $myrow[8], $myrow[9], $myrow[10], $myrow[11]. </B><BR>";
list($content[$i], $off_set[$i], $depth[$i], $nocase[$i], $regex[$i], $distance[$i], $within[$i], $rawbytes[$i], $byte_jump[$i], $byte_test[$i], $isdataat[$i], $asn1[$i]) = $myrow;
// print "<B>$i - ($byte_jump[$i],$byte_test[$i])</B><BR>";
$i++;
}
$result = $db->acidExecute("SELECT uricontent, off_set, depth, nocase, regex FROM uricontent WHERE sid='$sid'");
$i = 0;
while ($myrow = $result->acidFetchRow()) {
list($uricontent[$i], $uri_off_set[$i], $uri_depth[$i], $uri_nocase[$i], $uri_regex[$i]) = $myrow;
$i++;
}
$result = $db->acidExecute("SELECT reference FROM reference WHERE sid='$sid'");
while ($myrow = $result->acidFetchRow()) {
$reference[] = $myrow[0];
}
}
if ($edit_type == 'sensor') {
$result = $db->acidExecute("SELECT sensor_name FROM sensor where id='$sensor_id'");
$myrow = $result->acidFetchRow();
$sensor_name = $myrow[0];
$result = $db->acidExecute("SELECT action, src_ip, src_port, dst_ip, dst_port FROM rulechange where sid='$sid' and sensor_id='$sensor_id'");
$myrow = $result->acidFetchRow();
if ($myrow != 0) {
list($action, $src_ip, $src_port, $dst_ip, $dst_port) = $myrow;
}
}
echo "<BR>";
echo "<FORM method=GET>";
if ($edit_type != 'sensor' || $rule == 'new') {
# -------- Begin main table --------------
echo "<table align=center border=0 cellspacing=0 cellpadding=0 width=98%><tr>";
# -------- Begin left table --------------
echo "<INPUT TYPE='HIDDEN' NAME='sensor_id' VALUE='$sensor_id'>";
echo "<INPUT TYPE='HIDDEN' NAME='category' VALUE='$category'>";
echo "<INPUT TYPE='HIDDEN' NAME='s_pos' VALUE='$s_pos'>";
echo "<TD width=48% valign=top>";
echo "<table align=center border=0 cellpadding=1 cellspacing=0 width=100%><tr bgcolor=#f9f890><td>";
echo "<table style=\"font-size:12px; font-family: Verdana;\" align=center border=0 cellspacing=0 cellpadding=0 width=100%>";
echo "<TR><TD align=left colspan=2><B>$lang[73] Global Configuration</B></TD></TR>";
echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[75]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=category TYPE=TEXT value='$category' size=25> SID <INPUT style=\"font-weight : bold; text-align : center;\" NAME=sid TYPE=TEXT value='$sid' size=10> REV <INPUT style=\"font-weight : bold; text-align : center;\" NAME=rev TYPE=TEXT value='$rev' size=5></TD></TR>";
echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[78]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=msg TYPE=TEXT value='$msg' size=75></TD></TR>";
echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[79]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=action TYPE=TEXT value='$action' size=36> $lang[80] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=proto TYPE=TEXT value='$proto' size=17></TD></TR>";
echo "<TR bgcolor=#DDDDDD><td align=left>$lang[81]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=src_ip TYPE=TEXT value='$src_ip' size=40> $lang[82] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=src_port TYPE=TEXT value='$src_port' size=36></td></TR>";
echo "<TR bgcolor=#DDDDDD><td align=left>$lang[85]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=operator TYPE=TEXT value='$operator' size=2 MAXLENGTH=2></td></tr>";
echo "<TR bgcolor=#DDDDDD><td align=left>$lang[83]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=dst_ip TYPE=TEXT value='$dst_ip' size=40> $lang[84] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=dst_port TYPE=TEXT value='$dst_port' size=36></td></tr>";
echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[86]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=activates_2 TYPE=TEXT value='$activates$activates_by' size=28> $lang[87] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=count TYPE=TEXT value='$count' size=5></TD></TR>";
echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[246]</TD><TD><INPUT style=\"font-weight : bold;\" NAME=flow TYPE=TEXT value='$flow' size=39></TD></TR>";
if ($content) {
foreach($content as $nr => $tmp) {
$tmp = stripslashes($tmp);
echo "<TR bgcolor=#CCCCCC><TD align=left>$lang[302] $nr:</TD><TD bgcolor=#CCCCCC></TD></TR>";
echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[88]</TD><TD><INPUT style=\"font-weight : bold;\" NAME=content[$nr] TYPE=TEXT value='$tmp' size=60></TD></TR>";
echo "<TR bgcolor=#DDDDDD><TD> </TD><TD align=left>$lang[89] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=off_set[$nr] TYPE=TEXT value='$off_set[$nr]' size=5> $lang[90] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=depth[$nr] TYPE=TEXT value='$depth[$nr]' size=5> $lang[243] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=distance[$nr] TYPE=TEXT value='$distance[$nr]' size=5> $lang[244] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=within[$nr] TYPE=TEXT value='$within[$nr]' size=5>
$lang[92]<INPUT NAME=nocase[$nr] TYPE=CHECKBOX value='nocase'";
if ($nocase[$nr]) echo " CHECKED";
echo ">";
echo " $lang[93]<INPUT NAME=regex[$nr] TYPE=CHECKBOX value='regex'";
if ($regex[$nr]) echo " CHECKED";
echo ">";
echo " $lang[245]<INPUT NAME=rawbytes[$nr] TYPE=CHECKBOX value='rawbytes'";
if ($rawbytes[$nr]) echo " CHECKED";
echo "></TD></TR>";
echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[300]</TD><TD><INPUT style=\"font-weight : bold;\" NAME=byte_jump[$nr] TYPE=TEXT value='$byte_jump[$nr]' size=30> ";
echo "$lang[301] <INPUT style=\"font-weight : bold;\" NAME=byte_test[$nr] TYPE=TEXT value='$byte_test[$nr]' size=30></TD>";
echo "</TR>";
echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[308]</TD><TD><INPUT style=\"font-weight : bold;\" NAME=isdataat[$nr] TYPE=TEXT value='$isdatat[$nr]' size=30> ";
echo "$lang[317] <INPUT style=\"font-weight : bold;\" NAME=asn1[$nr] TYPE=TEXT value='$asn1[$nr]' size=40></TD>";
echo "</TD></TR>";
}
$nr++;
echo "<TR bgcolor=#CCCCCC><TD align=left>$lang[303]:</TD><TD bgcolor=#CCCCCC></TD></TR>";
echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[88]</TD><TD><INPUT style=\"font-weight : bold;\" NAME=content[$nr] TYPE=TEXT size=60></TD></TR>";
echo "<TR bgcolor=#DDDDDD><TD> </TD><TD align=left>$lang[89] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=off_set[$nr] TYPE=TEXT size=5> $lang[90] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=depth[$nr] TYPE=TEXT size=5> $lang[243] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=distance[$nr] TYPE=TEXT size=5> $lang[244] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=within[$nr] TYPE=TEXT size=5>
$lang[92]<INPUT NAME=nocase[$nr] TYPE=CHECKBOX value='nocase'>";
echo " $lang[93]<INPUT NAME=regex[$nr] TYPE=CHECKBOX value='regex'>";
echo " $lang[245]<INPUT NAME=rawbytes[$nr] TYPE=CHECKBOX value='rawbytes'></TD>";
echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[300]</TD><TD><INPUT style=\"font-weight : bold;\" NAME=byte_jump[$nr] TYPE=TEXT value='$byte_jump[$nr]' size=30> ";
echo "$lang[301] <INPUT style=\"font-weight : bold;\" NAME=byte_test[$nr] TYPE=TEXT value='$byte_test[$nr]' size=30></TD></TR>";
# echo "<TR bgcolor=#CCCCCC><TD align=left><BR></TD><TD bgcolor=#CCCCCC> </TD></TR>";
# echo "</TR>";
echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[308]</TD><TD><INPUT style=\"font-weight : bold;\" NAME=isdataat[$nr] TYPE=TEXT value='$isdatat[$nr]' size=30> ";
echo "$lang[317] <INPUT style=\"font-weight : bold;\" NAME=asn1[$nr] TYPE=TEXT value='$asn1[$nr]' size=40></TD>";
echo "</TD></TR>";
} else {
$nr = 0;
echo "<TR bgcolor=#CCCCCC><TD align=left>$lang[303]:</TD><TD bgcolor=#CCCCCC></TD></TR>";
echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[88]</TD><TD><INPUT style=\"font-weight : bold;\" NAME=content[$nr] TYPE=TEXT size=60></TD></TR>";
echo "<TR bgcolor=#DDDDDD><TD> </TD><TD align=left>$lang[89] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=off_set[$nr] TYPE=TEXT size=5> $lang[90] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=depth[$nr] TYPE=TEXT size=5> $lang[243] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=distance[$nr] TYPE=TEXT size=5> $lang[244] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=within[$nr] TYPE=TEXT size=5>
$lang[92]<INPUT NAME=nocase[$nr] TYPE=CHECKBOX value='nocase'>";
echo " $lang[93]<INPUT NAME=regex[$nr] TYPE=CHECKBOX value='regex'>";
echo " $lang[245]<INPUT NAME=rawbytes[$nr] TYPE=CHECKBOX value='rawbytes'></TD>";
echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[300]</TD><TD><INPUT style=\"font-weight : bold;\" NAME=byte_jump[$nr] TYPE=TEXT value='$byte_jump[$nr]' size=30> ";
echo "$lang[301] <INPUT style=\"font-weight : bold;\" NAME=byte_test[$nr] TYPE=TEXT value='$byte_test[$nr]' size=30></TD></TR>";
echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[308]</TD><TD><INPUT style=\"font-weight : bold;\" NAME=isdataat[$nr] TYPE=TEXT value='$isdatat[$nr]' size=30> ";
echo "$lang[317] <INPUT style=\"font-weight : bold;\" NAME=asn1[$nr] TYPE=TEXT value='$asn1[$nr]' size=40></TD>";
echo "</TD></TR>";
}
if ($uricontent) {
foreach($uricontent as $uri_nr => $uri_tmp) {
$uri_tmp = stripslashes($uri_tmp);
echo "<TR bgcolor=#CCCCCC><TD align=left>$lang[304] $uri_nr:</TD><TD bgcolor=#CCCCCC></TD></TR>";
echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[94]</TD><TD><INPUT style=\"font-weight : bold;\" NAME=uricontent[$uri_nr] TYPE=TEXT value='$uri_tmp' size=60></TD></TR>";
echo "<TR bgcolor=#DDDDDD><TD> </TD><TD align=left>$lang[89] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=uri_off_set[$uri_nr] TYPE=TEXT value='$uri_off_set[$uri_nr]' size=5> $lang[90] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=uri_depth[$uri_nr] TYPE=TEXT value='$uri_depth[$uri_nr]' size=5>
$lang[92]<INPUT NAME=uri_nocase[$uri_nr] TYPE=CHECKBOX value='nocase'";
if ($uri_nocase[$uri_nr]) echo " CHECKED";
echo ">";
echo " $lang[93]<INPUT NAME=uri_regex[$uri_nr] TYPE=CHECKBOX value='regex'";
if ($uri_regex[$uri_nr]) echo " CHECKED";
echo "></TD></TR>";
// echo "<TR bgcolor=#CCCCCC><TD align=left><BR></TD><TD bgcolor=#CCCCCC> </TD></TR>";
}
$uri_nr++;
echo "<TR bgcolor=#CCCCCC><TD align=left>$lang[305]:</TD><TD bgcolor=#CCCCCC></TD></TR>";
echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[94]</TD><TD><INPUT style=\"font-weight : bold;\" NAME=uricontent[$uri_nr] TYPE=TEXT size=60></TD></TR>";
echo "<TR bgcolor=#DDDDDD><TD> </TD><TD align=left>$lang[89] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=uri_off_set[$uri_nr] TYPE=TEXT size=5> $lang[90] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=uri_depth[$uri_nr] TYPE=TEXT size=5>
$lang[92]<INPUT NAME=uri_nocase[$uri_nr] TYPE=CHECKBOX value='nocase'>";
echo " $lang[93]<INPUT NAME=uri_regex[$uri_nr] TYPE=CHECKBOX value='regex'></TD></TR>";
echo "<TR bgcolor=#CCCCCC><TD align=left><BR></TD><TD bgcolor=#CCCCCC> </TD></TR>";
} else {
$uri_nr = 0;
echo "<TR bgcolor=#CCCCCC><TD align=left>$lang[305]:</TD><TD bgcolor=#CCCCCC></TD></TR>";
echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[94]</TD><TD><INPUT style=\"font-weight : bold;\" NAME=uricontent[$uri_nr] TYPE=TEXT size=60></TD></TR>";
echo "<TR bgcolor=#DDDDDD><TD> </TD><TD align=left>$lang[89] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=uri_off_set[$uri_nr] TYPE=TEXT size=5> $lang[90] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=uri_depth[$uri_nr] TYPE=TEXT size=5>
$lang[92]<INPUT NAME=uri_nocase[$uri_nr] TYPE=CHECKBOX value='nocase'>";
echo " $lang[93]<INPUT NAME=uri_regex[$uri_nr] TYPE=CHECKBOX value='regex'></TD></TR>";
echo "<TR bgcolor=#CCCCCC><TD align=left><BR></TD><TD bgcolor=#CCCCCC> </TD></TR>";
}
echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[95]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=content_list TYPE=TEXT value='$content_list' size=36> $lang[96] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=rpc TYPE=TEXT value='$rpc' size=38></TD></TR>";
echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[97]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=tag TYPE=TEXT value='$tag' size=75></TD></TR>";
echo "<TR bgcolor=#DDDDDD>";
echo "<TD colspan=2 align=center>$lang[98]<INPUT NAME=stateless TYPE=CHECKBOX value='stateless'";
if ($statefull) echo " CHECKED";
echo ">";
echo " $lang[99]<INPUT NAME=sameip TYPE=CHECKBOX value='sameip'";
if ($sameip) echo " CHECKED";
echo "></TD></TR>";
//New Vars
echo "<TR bgcolor=#CCCCCC><TD align=left>$lang[309]</TD><TD><INPUT style=\"font-weight : bold;\" NAME=pcre TYPE=TEXT value='$pcre' size=85></TD></TR>";
echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[310]</TD><TD><INPUT style=\"font-weight : bold;\" NAME=flowbits TYPE=TEXT value='$flowbit's size=30> ";
echo "$lang[311] <INPUT style=\"font-weight : bold;\" NAME=threshold TYPE=TEXT value='$threshold' size=30></TD></TR>";
echo "<TR bgcolor=#DDDDDD><TD align=left>--- </TD><TD bgcolor=#DDDDDD> </TD></TR>";
if ($reference) {
foreach($reference as $ref_nr => $tmp_ref) {
echo "<TR bgcolor=#CCCCCC><TD align=left>$lang[306] $ref_nr:</TD><TD bgcolor=#CCCCCC></TD></TR>";
echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[100]</TD><TD><INPUT style=\"font-weight : bold;\" NAME=reference[] TYPE=TEXT value='$tmp_ref' size=75></TD></TR>";
}
echo "<TR bgcolor=#CCCCCC><TD align=left>$lang[307]:</TD><TD bgcolor=#CCCCCC></TD></TR>";
echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[100]</TD><TD><INPUT style=\"font-weight : bold;\" NAME=reference[] TYPE=TEXT size=75></TD></TR>";
echo "<TR bgcolor=#CCCCCC><TD align=left><BR></TD><TD bgcolor=#CCCCCC> </TD></TR>";
} else {
echo "<TR bgcolor=#CCCCCC><TD align=left>$lang[307]:</TD><TD bgcolor=#CCCCCC></TD></TR>";
echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[100]</TD><TD><INPUT style=\"font-weight : bold;\" NAME=reference[] TYPE=TEXT value='$tmp_ref' size=75></TD></TR>";
echo "<TR bgcolor=#CCCCCC><TD align=left><BR></TD><TD bgcolor=#CCCCCC> </TD></TR>";
}
echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[102]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=classtype TYPE=TEXT value='$classtype' size=45> $lang[103] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=priority TYPE=TEXT value='$priority' size=5></TD></TR>";
echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[104]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=session TYPE=TEXT value='$session' size=36> $lang[105] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=logto TYPE=TEXT value='$logto' size=38></TD></TR>";
echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[106]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=react TYPE=TEXT value='$react' size=53> $lang[107] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=resp TYPE=TEXT value='$resp' size=21></TD></TR>";
# Add functionality for SnortSam
if($snortsam) {
if(ereg("src",$snortsam)) $snortsamSrc="checked";
else $snortsamSrc="";
if(ereg("dst|dest",$snortsam)) $snortsamDst="checked";
else $snortsamDst="";
ereg("[0-9][0-9]*",$snortsam,$snortsamTemp);
$snortsamTime=$snortsamTemp[0];
ereg("seconds|minutes|hours|days|weeks|months|years|ALWAYS",$snortsam,$snortsamTemp);
$snortsamUnit=$snortsamTemp[0];
if($snortsamUnit=="minutes") $minutes="selected";
if($snortsamUnit=="hours") $hours="selected";
if($snortsamUnit=="days") $days="selected";
if($snortsamUnit=="weeks") $weeks="selected";
if($snortsamUnit=="months") $months="selected";
if($snortsamUnit=="years") $years="selected";
if($snortsamUnit=="ALWAYS") $ALWAYS="selected";
}
echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[269]</TD><TD>Src: <INPUT style=\"font-weight : bold; text-align : center;\" NAME=snortsamSrc TYPE=CHECKBOX $snortsamSrc>
Dst: <INPUT NAME=snortsamDst TYPE=CHECKBOX $snortsamDst>
Time: <INPUT NAME=snortsamTime TYPE=TEXT value='$snortsamTime'>
<SELECT NAME=snortsamUnit>
<OPTION>seconds<OPTION $minutes>minutes<OPTION $hours>hours<OPTION $days>days<OPTION $weeks>weeks<OPTION $months>months<OPTION $years>years<OPTION $ALWAYS>ALWAYS
</SELECT>
</TD></TR>";
# End snortsam
echo "<TR><TD align=left><B>$lang[108]</B></TD></TR>";
echo "<TR bgcolor=#DDDDDD><td align=left>$lang[109]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=tos TYPE=TEXT value='$tos' size=17> $lang[110] <INPUT style=\"font-weight : bold; text-align : left;\" NAME=dsize TYPE=TEXT value='$dsize' size=11></TD></TR>";
echo "<TR bgcolor=#DDDDDD><td align=left>$lang[111]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=id TYPE=TEXT value='$id' size=36> $lang[112] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=fragbits TYPE=TEXT value='$fragbits' size=5> $lang[247] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=fragoffset TYPE=TEXT value='$fragoffset' size=8></td></TR>";
echo "<TR bgcolor=#DDDDDD><td align=left>$lang[113]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=ttl TYPE=TEXT value='$ttl' size=17> $lang[114] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=ipoption TYPE=TEXT value='$ipoption' size=36> $lang[115] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=ip_proto TYPE=TEXT value='$ip_proto' size=17></td></TR>";
echo "<TR><TD align=left><B>$lang[116]</B></TD></TR>";
echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[117]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=seq TYPE=TEXT value='$seq' size=25> $lang[118] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=ack TYPE=TEXT value='$ack' size=25> $lang[119] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=flags TYPE=TEXT value='$flags' size=25></TD></TR>";
echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[290]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=window TYPE=TEXT value='$window' size=24></TD</TR>";
echo "<TR><TD align=left><B>$lang[120]</B></TD></TR>";
echo "<TR bgcolor=#DDDDDD><td align=left>$lang[121]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=itype TYPE=TEXT value='$itype' size=19> $lang[122] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=icode TYPE=TEXT value='$icode' size=19></td></TR>";
echo "<TR bgcolor=#DDDDDD><td align=left>$lang[123]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=icmp_id TYPE=TEXT value='$icmp_id' size=36> $lang[124] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=icmp_seq TYPE=TEXT value='$icmp_seq' size=36></td></TR>";
echo "</TABLE></TD></TR></TABLE>";
echo "<BR>";
# -------- End from ip table --------------
echo "</TD></TR></TABLE>";
# -------- END main table --------------
if ($rule != "new") {
echo "<CENTER><INPUT NAME='do' VALUE='Update' TYPE=SUBMIT> <INPUT NAME='do' VALUE='Save as New' TYPE=SUBMIT> <INPUT VALUE='Reset' TYPE=RESET></CENTER>";
} else {
echo "<CENTER><INPUT NAME='do' VALUE='Save' TYPE=SUBMIT> <INPUT VALUE='Reset' TYPE=RESET></CENTER>";
}
} else {
echo "<INPUT TYPE='HIDDEN' NAME='category' VALUE='$category'>";
echo "<INPUT TYPE='HIDDEN' NAME='s_pos' VALUE='$s_pos'>";
echo "<INPUT TYPE='HIDDEN' NAME='sensor_id' VALUE='$sensor_id'>";
echo "<INPUT TYPE='HIDDEN' NAME='edit_type' VALUE='$edit_type'>";
echo "<table align=center border=0 cellspacing=0 cellpadding=0 width=98%><tr>";
# -------- Begin left table --------------
echo "<TD width=48% valign=top>";
echo "<table align=center border=0 cellpadding=1 cellspacing=0 width=100%><tr bgcolor=#f9f890><td>";
echo "<table style=\"font-size:12px; font-family: Verdana;\" align=center border=0 cellspacing=0 cellpadding=0 width=100%>";
echo "<TR><TD align=left colspan=2><B>$lang[73] $sensor_name $lang[74]</B></TD></TR>";
echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[75]</TD><TD><INPUT style=\"text-align : center;\" NAME=category TYPE=TEXT value='$category' size='25' READONLY > $lang[76] <INPUT style=\"text-align : center;\" NAME=sid TYPE=TEXT value='$sid' size='10' READONLY > $lang[77] <INPUT style=\"text-align : center;\" NAME=rev TYPE=TEXT value='$rev' size='5' READONLY ></TD></TR>";
echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[78]</TD><TD><INPUT style=\"text-align : center;\" NAME=msg TYPE=TEXT value='$msg' size='75' READONLY ></TD></TR>";
echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[79]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=action TYPE=TEXT value='$action' size=36> $lang[80] <INPUT style=\"text-align : center;\" NAME=proto TYPE=TEXT value='$proto' size='17' READONLY ></TD></TR>";
echo "<TR bgcolor=#DDDDDD><td align=left>$lang[81]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=src_ip TYPE=TEXT value='$src_ip' size=40> $lang[82] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=src_port TYPE=TEXT value='$src_port' size=36></td></TR>";
echo "<TR bgcolor=#DDDDDD><td align=left>$lang[83]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=dst_ip TYPE=TEXT value='$dst_ip' size=40> $lang[84] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=dst_port TYPE=TEXT value='$dst_port' size=36></td></tr>";
echo "</TABLE></TD></TR></TABLE></TD></TR></TABLE><BR>";
echo "<CENTER><INPUT NAME='rulechange' VALUE='Save' TYPE=SUBMIT> <INPUT VALUE='Reset' TYPE=RESET> <INPUT NAME='rulechange' VALUE='Restore Default' TYPE=SUBMIT></CENTER>";
}
echo "</FORM><BR>";
include('bottom.inc.php');
?>