Location: PHPKode > projects > SnortCenter 2.x > snortcenter-release/edit_rule.php
<?php
    /*
    ** SnortCenter Copyright (C) 2001,2002,2003 Stefan Dens
    **
    ** Author: Stefan Dens <hide@address.com>
    **
    ** This program is free software; you can redistribute it and/or modify
    ** it under the terms of the GNU General Public License as published by
    ** the Free Software Foundation; either version 2 of the License, or
    ** (at your option) any later version.
    **
    ** This program is distributed in the hope that it will be useful,
        ** but WITHOUT ANY WARRANTY; without even the implied warranty of
    ** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    ** GNU General Public License for more details.
    **
    ** You should have received a copy of the GNU General Public License
    ** along with this program; if not, write to the Free Software
    ** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
    */
?>
<?php
    include("config.php");
     
    $db = NewACIDDBConnection($DBlib_path, $DBtype);
    $db->acidConnect($DB_dbname, $DB_host, $DB_port, $DB_user, $DB_password);
    include('top.inc.php');
     
    echo '<style>';
    echo 'body {scrollbar-face-color: #BBBBBB; scrollbar-shadow-color: #BBBBBB; scrollbar-highlight-color: #CCCCCC; scrollbar-3dlight-color: #666666 ; scrollbar-darkshadow-color: #666666 ; scrollbar-track-color: #CCCCCC ; scrollbar-arrow-color: #666666 }';
    echo 'textarea,input,select, { font-family: Verdana; font-size: 9px; color: #003366; border-width : 1; background-color: #FFFFFF; border-color: black; }';
    echo '</style>';
     
    if ($rulechange == 'Save') {
        $result = $db->acidExecute("SELECT * from rulechange where sid='$sid' and sensor_id='$sensor_id'");
        $myrow = $result->acidFetchRow();
        if ($myrow  != 0) {
            $result = $db->acidExecute("UPDATE rulechange SET sensor_id='$sensor_id', sid='$sid', action='$action', src_ip='$src_ip', src_port='$src_port',
                dst_ip='$dst_ip', dst_port='$dst_port' where sensor_id='$sensor_id' and sid='$sid'");
        } else {
            $result = $db->acidExecute("INSERT INTO rulechange (sensor_id, sid, action, src_ip, src_port, dst_ip, dst_port)
                VALUES ('$sensor_id', '$sid', '$action', '$src_ip', '$src_port', '$dst_ip', '$dst_port')");
        }
        $result->acidFreeRows();
	echo '<SCRIPT language=javascript>setTimeout("location.href=\'sensor_rules.php?find_what=sid&sensor_id='.$sensor_id.'&goto='.$sid.'\'",0);</SCRIPT>';
    }
    if ($rulechange == 'Restore Default') {
        $result = $db->acidExecute("DELETE from rulechange where sid='$sid' and sensor_id='$sensor_id'");
	echo '<SCRIPT language=javascript>setTimeout("location.href=\'sensor_rules.php?find_what=sid&sensor_id='.$sensor_id.'&goto='.$sid.'\'",0);</SCRIPT>';
    }
     
    if (($do == "Save as New") || ($do == "Save")) {
         
        $result = $db->acidExecute("SELECT max(sid) FROM rules where sid > '1000000'");
        $myrow = $result->acidFetchRow();
        $sid = $myrow[0];
        if ($sid == '') {
            $sid = '1000001';
            $rev = 1;
        } else {
            $sid = $sid+1;
            $rev = 1;
        }
         
        $result = $db->acidExecute("INSERT INTO rules (action, proto ,src_ip, src_port, operator, dst_ip, dst_port, msg, ttl, tos, id, ipoption, ip_proto, fragbits, dsize, flags, window, seq, ack, itype, icode, icmp_id, icmp_seq, content_list, session, rpc, resp, react, classtype, priority, tag, sameip, stateless, sid, rev, activates, activates_by, count, logto, category, flow, fragoffset, pcre, flowbits, threshold )
            VALUES ('$action', '$proto' ,'$src_ip', '$src_port', '$operator', '$dst_ip', '$dst_port', '$msg', '$ttl', '$tos', '$id', '$ipoption', '$ip_proto', '$fragbits', '$dsize', '$flags', '$window', '$seq', '$ack', '$itype', '$icode', '$icmp_id', '$icmp_seq', '$content_list', '$session', '$rpc', '$resp', '$react', '$classtype', '$priority', '$tag', '$sameip', '$stateless', '$sid', '$rev', '$activates', '$activates_by', '$count', '$logto', 'local.rules', '$flow', '$fragoffset', '$pcre', '$flowbits', '$threshold')");
        $result->acidFreeRows();
         
	$nr_max = max(count($content),count($byte_jump),count($byte_test),count($ans1));
//	print "<B>$nr_max</B><BR>";
	for ( $tmp_nr = 0; $tmp_nr < $nr_max; $tmp_nr++) {
//	    print "<B>$tmp_nr</B></BR>";
	    $tmp_content=$content[$tmp_nr];
            stripslashes($tmp_content);
	    $tmp_bytejump=$byte_jump[$tmp_nr];
            stripslashes($tmp_bytejump);
	    $tmp_bytetest=$byte_test[$tmp_nr];
            stripslashes($tmp_bytetest);
            if (($tmp_content  != '') || ($tmp_bytejump != '') || ($tmp_bytetest != '')) {
// 		print "<B>$tmp_nr: $tmp_content, $tmp_bytejump, $tmp_bytetest</B></BR>";
                $result = $db->acidExecute("INSERT INTO content ( sid, sequence, content, off_set, depth, nocase, regex, distance, within, rawbytes, byte_jump, byte_test, isdataat, asn1)
                    VALUES ( '$sid', '$tmp_nr+1' , '$tmp_content', '$off_set[$tmp_nr]', '$depth[$tmp_nr]', '$nocase[$tmp_nr]', '$regex[$tmp_nr]', '$distance[$tmp_nr]', '$within[$tmp_nr]', '$rawbytes[$tmp_nr]', '$tmp_bytejump', '$tmp_bytetest', '$isdataat[$tmp_nr]', '$asn1[$tmp_nr]')");
                $result->acidFreeRows();
            }
        }
        foreach($uricontent as $uritmp_nr => $uritmp) {
            stripslashes($uritmp);
            if ($uritmp  != '') {
                $result = $db->acidExecute("INSERT INTO uricontent ( sid, uricontent, off_set, depth, nocase, regex )
                    VALUES ( '$sid', '$uritmp', '$uri_off_set[$uritmp_nr]', '$uri_depth[$uritmp_nr]', '$uri_nocase[$uritmp_nr]', '$uri_regex[$uritmp_nr]')");
                $result->acidFreeRows();
            }
        }
        foreach($reference as $tmp_ref) {
            stripslashes($tmp_ref);
            if ($tmp_ref  != '') {
                $result = $db->acidExecute("INSERT INTO reference ( sid, reference )
                    VALUES ( '$sid', '$tmp_ref')");
                $result->acidFreeRows();
            }
        }
	echo '<SCRIPT language=javascript>setTimeout("location.href=\'rules.php?find_what=sid&sensor_id='.$sensor_id.'&goto='.$sid.'\'",0);</SCRIPT>';
    }
     
    if ($do == "Update") {
        $rev = $rev+1;
	# Fix SnortSam string
	if($snortsamSrc || $snortsamDst) {
	    if($snortsamSrc) $snortsam="src, ";
	    else $snortsam="dst, ";
	    $snortsam=$snortsam . $snortsamTime . " " . $snortsamUnit;
	}
	# End fix SnortSam string' 
        $result = $db->acidExecute("UPDATE rules SET action='$action', proto='$proto', src_ip='$src_ip', src_port='$src_port',
            operator='$operator', dst_ip='$dst_ip', dst_port='$dst_port', msg='$msg', ttl='$ttl', tos='$tos', id='$id', ipoption='$ipoption',
            ip_proto='$ip_proto', fragbits='$fragbits', dsize='$dsize', flags='$flags', window='$window', seq='$seq', ack='$ack', itype='$itype', icode='$icode',
            icmp_id='$icmp_id', icmp_seq='$icmp_seq', content_list='$content_list',
            session='$session', rpc='$rpc', resp='$resp', react='$react', sid='$sid', rev='$rev',
            classtype='$classtype', priority='$priority', tag='$tag', sameip='$sameip', stateless='$stateless', activates='$activates',
            activates_by='$activates_by', count='$count', logto='$logto', category='$category', flow='$flow', fragoffset='$fragoffset', pcre='$pcre', flowbits='$flowbits', threshold='$threshold', snortsam='$snortsam' where sid='$sid'");
        $result->acidFreeRows();
         
        $result = $db->acidExecute("DELETE FROM content WHERE sid='$sid'");
        $result->acidFreeRows();
	$nr_max = max(count($content),count($byte_jump),count($byte_test),count($asn1));
//	print "<B>$nr_max</B></BR>";
	for ( $tmp_nr = 0; $tmp_nr < $nr_max; $tmp_nr++) {
//	    print "<B>$tmp_nr</B></BR>";
	    $tmp_content=$content[$tmp_nr];
            stripslashes($tmp_content);
	    $tmp_bytejump=$byte_jump[$tmp_nr];
            stripslashes($tmp_bytejump);
	    $tmp_bytetest=$byte_test[$tmp_nr];
            stripslashes($tmp_bytetest);
            if (($tmp_content  != '') || ($tmp_bytejump != '') || ($tmp_bytetest != '') || ($asn1[$tmp_nr] != '')) {
// 		print "<B>$tmp_nr: $tmp_content, $tmp_bytejump, $tmp_bytetest</B></BR>";
                $result = $db->acidExecute("INSERT INTO content ( sid, sequence, content, off_set, depth, nocase, regex, distance, within, rawbytes, byte_jump, byte_test, isdataat, asn1 )
                    VALUES ( '$sid', '$tmp_nr+1' , '$tmp_content', '$off_set[$tmp_nr]', '$depth[$tmp_nr]', '$nocase[$tmp_nr]', '$regex[$tmp_nr]', '$distance[$tmp_nr]', '$within[$tmp_nr]', '$rawbytes[$tmp_nr]', '$tmp_bytejump', '$tmp_bytetest', '$isdataat[$tmp_nr]', '$asn1[$tmp_nr]')");
                $result->acidFreeRows();
//		print ("<B>$result</B><BR>");
            }
        }
        $result = $db->acidExecute("DELETE FROM uricontent WHERE sid='$sid'");
        $result->acidFreeRows();
        foreach($uricontent as $uritmp_nr => $uritmp) {
            stripslashes($uritmp);
            if ($uritmp  != '') {
                $result = $db->acidExecute("INSERT INTO uricontent ( sid, uricontent, off_set, depth, nocase, regex )
                    VALUES ( '$sid', '$uritmp', '$uri_off_set[$uritmp_nr]', '$uri_depth[$uritmp_nr]', '$uri_nocase[$uritmp_nr]', '$uri_regex[$uritmp_nr]')");
                $result->acidFreeRows();
            }
        }
        $result = $db->acidExecute("DELETE FROM reference WHERE sid='$sid'");
        $result->acidFreeRows();
        foreach($reference as $tmp_ref) {
            stripslashes($tmp_ref);
            if ($tmp_ref  != '') {
                $result = $db->acidExecute("INSERT INTO reference ( sid, reference)
                    VALUES ( '$sid', '$tmp_ref')");
                $result->acidFreeRows();
            }
        }
//	disabled to save clicks when defining a new rule
//    	echo '<SCRIPT language=javascript>setTimeout("location.href=\'rules.php?find_what=sid&sensor_id='.$sensor_id.'&goto='.$sid.'\'",0);</SCRIPT>';
    }
     
    if (($rule  != "new") and ($do  != 'Save')) {
        $content = '';
        $uricontent = '';
        $reference = '';
	$byte_jump = '';
	$byte_test = '';
        $result = $db->acidExecute("SELECT action, proto ,src_ip, src_port, operator, dst_ip, dst_port, msg, ttl, tos, id, ipoption, ip_proto, fragbits, dsize, flags, window, seq, ack, itype, icode, icmp_id, icmp_seq, content_list, session, rpc, resp, react, classtype, priority, tag, sameip, stateless, sid, rev, activates, activates_by, count, logto, category, flow, fragoffset, pcre, flowbits, threshold, snortsam FROM rules where sid='$sid' and rev='$rev'");
        $myrow = $result->acidFetchRow();
        list($action, $proto , $src_ip, $src_port, $operator, $dst_ip, $dst_port, $msg, $ttl, $tos, $id, $ipoption, $ip_proto, $fragbits, $dsize, $flags, $window, $seq, $ack, $itype, $icode, $icmp_id, $icmp_seq, $content_list, $session, $rpc, $resp, $react, $classtype, $priority, $tag, $sameip, $stateless, $sid, $rev, $activates, $activates_by, $count, $logto, $category, $flow, $fragoffset, $pcre, $flowbits, $threshold, $snortsam) = $myrow;
         
        $result = $db->acidExecute("SELECT content, off_set, depth, nocase, regex, distance, within, rawbytes, byte_jump, byte_test, isdataat, asn1 FROM content WHERE sid='$sid' ORDER BY sequence");
        $i = 0;
        while ($myrow = $result->acidFetchRow()) {
//	    print "<B>$myrow[0], $myrow[1], $myrow[2], $myrow[3], $myrow[4], $myrow[5], $myrow[6], $myrow[7], $myrow[8], $myrow[9], $myrow[10], $myrow[11]. </B><BR>";
            list($content[$i], $off_set[$i], $depth[$i], $nocase[$i], $regex[$i], $distance[$i], $within[$i], $rawbytes[$i], $byte_jump[$i], $byte_test[$i], $isdataat[$i], $asn1[$i]) = $myrow;
//            print "<B>$i - ($byte_jump[$i],$byte_test[$i])</B><BR>";
            $i++;
        }
        $result = $db->acidExecute("SELECT uricontent, off_set, depth, nocase, regex FROM uricontent WHERE sid='$sid'");
        $i = 0;
        while ($myrow = $result->acidFetchRow()) {
            list($uricontent[$i], $uri_off_set[$i], $uri_depth[$i], $uri_nocase[$i], $uri_regex[$i]) = $myrow;
            $i++;
        }
        $result = $db->acidExecute("SELECT reference FROM reference WHERE sid='$sid'");
        while ($myrow = $result->acidFetchRow()) {
            $reference[] = $myrow[0];
        }
    }
    if ($edit_type  == 'sensor') {
        $result = $db->acidExecute("SELECT sensor_name  FROM sensor where id='$sensor_id'");
        $myrow = $result->acidFetchRow();
	$sensor_name = $myrow[0];
	$result = $db->acidExecute("SELECT action, src_ip, src_port, dst_ip, dst_port FROM rulechange where sid='$sid' and sensor_id='$sensor_id'");
        $myrow = $result->acidFetchRow();
        if ($myrow  != 0) {
            list($action, $src_ip, $src_port, $dst_ip, $dst_port) = $myrow;
        }
    }
     
    echo "<BR>";
    echo "<FORM method=GET>";
     
    if ($edit_type != 'sensor' || $rule == 'new') {
        # -------- Begin main table --------------
        echo "<table align=center border=0 cellspacing=0 cellpadding=0 width=98%><tr>";
        # -------- Begin left table --------------
        echo "<INPUT TYPE='HIDDEN' NAME='sensor_id' VALUE='$sensor_id'>";
        echo "<INPUT TYPE='HIDDEN' NAME='category' VALUE='$category'>";
        echo "<INPUT TYPE='HIDDEN' NAME='s_pos' VALUE='$s_pos'>";
        echo "<TD width=48% valign=top>";
        echo "<table align=center border=0 cellpadding=1 cellspacing=0 width=100%><tr bgcolor=#f9f890><td>";
        echo "<table style=\"font-size:12px; font-family: Verdana;\" align=center border=0 cellspacing=0 cellpadding=0 width=100%>";
        echo "<TR><TD align=left colspan=2><B>$lang[73] Global Configuration</B></TD></TR>";
        echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[75]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=category TYPE=TEXT value='$category' size=25>&nbsp;&nbsp;SID <INPUT style=\"font-weight : bold; text-align : center;\" NAME=sid TYPE=TEXT value='$sid' size=10>&nbsp;&nbsp;REV <INPUT style=\"font-weight : bold; text-align : center;\" NAME=rev TYPE=TEXT value='$rev' size=5></TD></TR>";
        echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[78]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=msg TYPE=TEXT value='$msg' size=75></TD></TR>";
        echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[79]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=action TYPE=TEXT value='$action' size=36>&nbsp;&nbsp;$lang[80] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=proto TYPE=TEXT value='$proto' size=17></TD></TR>";
        echo "<TR bgcolor=#DDDDDD><td align=left>$lang[81]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=src_ip TYPE=TEXT value='$src_ip' size=40>&nbsp;&nbsp;$lang[82] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=src_port TYPE=TEXT value='$src_port' size=36></td></TR>";
        echo "<TR bgcolor=#DDDDDD><td align=left>$lang[85]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=operator TYPE=TEXT value='$operator' size=2  MAXLENGTH=2></td></tr>";
        echo "<TR bgcolor=#DDDDDD><td align=left>$lang[83]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=dst_ip TYPE=TEXT value='$dst_ip' size=40>&nbsp;&nbsp;$lang[84] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=dst_port TYPE=TEXT value='$dst_port' size=36></td></tr>";
        echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[86]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=activates_2 TYPE=TEXT value='$activates$activates_by' size=28>&nbsp;&nbsp;$lang[87] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=count TYPE=TEXT value='$count' size=5></TD></TR>";
        echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[246]</TD><TD><INPUT style=\"font-weight : bold;\" NAME=flow TYPE=TEXT value='$flow' size=39></TD></TR>";
        if ($content) {
            foreach($content as $nr => $tmp) {
                $tmp = stripslashes($tmp);
		echo "<TR bgcolor=#CCCCCC><TD align=left>$lang[302] $nr:</TD><TD bgcolor=#CCCCCC></TD></TR>";
                echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[88]</TD><TD><INPUT style=\"font-weight : bold;\" NAME=content[$nr] TYPE=TEXT value='$tmp' size=60></TD></TR>";
                echo "<TR bgcolor=#DDDDDD><TD>&nbsp;</TD><TD align=left>$lang[89] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=off_set[$nr] TYPE=TEXT value='$off_set[$nr]' size=5>&nbsp;&nbsp;$lang[90] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=depth[$nr] TYPE=TEXT value='$depth[$nr]' size=5>&nbsp;&nbsp;$lang[243] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=distance[$nr] TYPE=TEXT value='$distance[$nr]' size=5>&nbsp;&nbsp;$lang[244] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=within[$nr] TYPE=TEXT value='$within[$nr]' size=5>
                    $lang[92]<INPUT NAME=nocase[$nr] TYPE=CHECKBOX value='nocase'";
                if ($nocase[$nr]) echo " CHECKED";
                echo ">";
                echo " $lang[93]<INPUT NAME=regex[$nr] TYPE=CHECKBOX value='regex'";
                if ($regex[$nr]) echo " CHECKED";
                echo ">";
                echo " $lang[245]<INPUT NAME=rawbytes[$nr] TYPE=CHECKBOX value='rawbytes'";
                if ($rawbytes[$nr]) echo " CHECKED";
		echo "></TD></TR>";
                echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[300]</TD><TD><INPUT style=\"font-weight : bold;\" NAME=byte_jump[$nr] TYPE=TEXT value='$byte_jump[$nr]' size=30>&nbsp;&nbsp;";
                echo "$lang[301]&nbsp; <INPUT style=\"font-weight : bold;\" NAME=byte_test[$nr] TYPE=TEXT value='$byte_test[$nr]' size=30></TD>";
                echo "</TR>";
		echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[308]</TD><TD><INPUT style=\"font-weight : bold;\" NAME=isdataat[$nr] TYPE=TEXT value='$isdatat[$nr]' size=30>&nbsp;&nbsp;";
		echo "$lang[317]&nbsp; <INPUT style=\"font-weight : bold;\" NAME=asn1[$nr] TYPE=TEXT value='$asn1[$nr]' size=40></TD>";
                echo "</TD></TR>";
            }
            $nr++;
            echo "<TR bgcolor=#CCCCCC><TD align=left>$lang[303]:</TD><TD bgcolor=#CCCCCC></TD></TR>";
            echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[88]</TD><TD><INPUT style=\"font-weight : bold;\" NAME=content[$nr] TYPE=TEXT size=60></TD></TR>";
            echo "<TR bgcolor=#DDDDDD><TD>&nbsp;</TD><TD align=left>$lang[89] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=off_set[$nr] TYPE=TEXT size=5>&nbsp;&nbsp;$lang[90] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=depth[$nr] TYPE=TEXT size=5>&nbsp;&nbsp;$lang[243] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=distance[$nr] TYPE=TEXT size=5>&nbsp;&nbsp;$lang[244] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=within[$nr] TYPE=TEXT  size=5>
                $lang[92]<INPUT NAME=nocase[$nr] TYPE=CHECKBOX value='nocase'>";
            echo " $lang[93]<INPUT NAME=regex[$nr] TYPE=CHECKBOX value='regex'>";
            echo " $lang[245]<INPUT NAME=rawbytes[$nr] TYPE=CHECKBOX value='rawbytes'></TD>";
            echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[300]</TD><TD><INPUT style=\"font-weight : bold;\" NAME=byte_jump[$nr] TYPE=TEXT value='$byte_jump[$nr]' size=30>&nbsp;&nbsp;";
            echo "$lang[301]&nbsp; <INPUT style=\"font-weight : bold;\" NAME=byte_test[$nr] TYPE=TEXT value='$byte_test[$nr]' size=30></TD></TR>";
#            echo "<TR bgcolor=#CCCCCC><TD align=left><BR></TD><TD bgcolor=#CCCCCC> </TD></TR>";
#            echo "</TR>";
            echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[308]</TD><TD><INPUT style=\"font-weight : bold;\" NAME=isdataat[$nr] TYPE=TEXT value='$isdatat[$nr]' size=30>&nbsp;&nbsp;";
            echo "$lang[317]&nbsp; <INPUT style=\"font-weight : bold;\" NAME=asn1[$nr] TYPE=TEXT value='$asn1[$nr]' size=40></TD>";
            echo "</TD></TR>";

        } else {
            $nr = 0;
            echo "<TR bgcolor=#CCCCCC><TD align=left>$lang[303]:</TD><TD bgcolor=#CCCCCC></TD></TR>";
            echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[88]</TD><TD><INPUT style=\"font-weight : bold;\" NAME=content[$nr] TYPE=TEXT size=60></TD></TR>";
            echo "<TR bgcolor=#DDDDDD><TD>&nbsp;</TD><TD align=left>$lang[89] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=off_set[$nr] TYPE=TEXT size=5>&nbsp;&nbsp;$lang[90] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=depth[$nr] TYPE=TEXT size=5>&nbsp;&nbsp;$lang[243] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=distance[$nr] TYPE=TEXT size=5>&nbsp;&nbsp;$lang[244] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=within[$nr] TYPE=TEXT  size=5>
                $lang[92]<INPUT NAME=nocase[$nr] TYPE=CHECKBOX value='nocase'>";
            echo " $lang[93]<INPUT NAME=regex[$nr] TYPE=CHECKBOX value='regex'>";
            echo " $lang[245]<INPUT NAME=rawbytes[$nr] TYPE=CHECKBOX value='rawbytes'></TD>";
            echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[300]</TD><TD><INPUT style=\"font-weight : bold;\" NAME=byte_jump[$nr] TYPE=TEXT value='$byte_jump[$nr]' size=30>&nbsp;&nbsp;";
            echo "$lang[301]&nbsp; <INPUT style=\"font-weight : bold;\" NAME=byte_test[$nr] TYPE=TEXT value='$byte_test[$nr]' size=30></TD></TR>";
            echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[308]</TD><TD><INPUT style=\"font-weight : bold;\" NAME=isdataat[$nr] TYPE=TEXT value='$isdatat[$nr]' size=30>&nbsp;&nbsp;";
            echo "$lang[317]&nbsp; <INPUT style=\"font-weight : bold;\" NAME=asn1[$nr] TYPE=TEXT value='$asn1[$nr]' size=40></TD>";
            echo "</TD></TR>";

        }
         
        if ($uricontent) {
            foreach($uricontent as $uri_nr => $uri_tmp) {
                $uri_tmp = stripslashes($uri_tmp);
                echo "<TR bgcolor=#CCCCCC><TD align=left>$lang[304] $uri_nr:</TD><TD bgcolor=#CCCCCC></TD></TR>";
                echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[94]</TD><TD><INPUT style=\"font-weight : bold;\" NAME=uricontent[$uri_nr] TYPE=TEXT value='$uri_tmp' size=60></TD></TR>";
                echo "<TR bgcolor=#DDDDDD><TD>&nbsp;</TD><TD align=left>$lang[89] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=uri_off_set[$uri_nr] TYPE=TEXT value='$uri_off_set[$uri_nr]' size=5>&nbsp;&nbsp;$lang[90] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=uri_depth[$uri_nr] TYPE=TEXT value='$uri_depth[$uri_nr]' size=5>
                    $lang[92]<INPUT NAME=uri_nocase[$uri_nr] TYPE=CHECKBOX value='nocase'";
                if ($uri_nocase[$uri_nr]) echo " CHECKED";
                echo ">";
                echo " $lang[93]<INPUT NAME=uri_regex[$uri_nr] TYPE=CHECKBOX value='regex'";
                if ($uri_regex[$uri_nr]) echo " CHECKED";
                echo "></TD></TR>";
//                echo "<TR bgcolor=#CCCCCC><TD align=left><BR></TD><TD bgcolor=#CCCCCC> </TD></TR>";
            }
            $uri_nr++;
            echo "<TR bgcolor=#CCCCCC><TD align=left>$lang[305]:</TD><TD bgcolor=#CCCCCC></TD></TR>";
            echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[94]</TD><TD><INPUT style=\"font-weight : bold;\" NAME=uricontent[$uri_nr] TYPE=TEXT size=60></TD></TR>";
            echo "<TR bgcolor=#DDDDDD><TD>&nbsp;</TD><TD align=left>$lang[89] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=uri_off_set[$uri_nr] TYPE=TEXT size=5>&nbsp;&nbsp;$lang[90] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=uri_depth[$uri_nr] TYPE=TEXT size=5>
                $lang[92]<INPUT NAME=uri_nocase[$uri_nr] TYPE=CHECKBOX value='nocase'>";
            echo " $lang[93]<INPUT NAME=uri_regex[$uri_nr] TYPE=CHECKBOX value='regex'></TD></TR>";
            echo "<TR bgcolor=#CCCCCC><TD align=left><BR></TD><TD bgcolor=#CCCCCC> </TD></TR>";
        } else {
            $uri_nr = 0;
            echo "<TR bgcolor=#CCCCCC><TD align=left>$lang[305]:</TD><TD bgcolor=#CCCCCC></TD></TR>";
            echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[94]</TD><TD><INPUT style=\"font-weight : bold;\" NAME=uricontent[$uri_nr] TYPE=TEXT size=60></TD></TR>";
            echo "<TR bgcolor=#DDDDDD><TD>&nbsp;</TD><TD align=left>$lang[89] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=uri_off_set[$uri_nr] TYPE=TEXT size=5>&nbsp;&nbsp;$lang[90] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=uri_depth[$uri_nr] TYPE=TEXT size=5>
                $lang[92]<INPUT NAME=uri_nocase[$uri_nr] TYPE=CHECKBOX value='nocase'>";
            echo " $lang[93]<INPUT NAME=uri_regex[$uri_nr] TYPE=CHECKBOX value='regex'></TD></TR>";
            echo "<TR bgcolor=#CCCCCC><TD align=left><BR></TD><TD bgcolor=#CCCCCC> </TD></TR>";
        }
        echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[95]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=content_list TYPE=TEXT value='$content_list' size=36>&nbsp;&nbsp;$lang[96] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=rpc TYPE=TEXT value='$rpc' size=38></TD></TR>";
        echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[97]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=tag TYPE=TEXT value='$tag' size=75></TD></TR>";
        echo "<TR bgcolor=#DDDDDD>";
        echo "<TD colspan=2 align=center>$lang[98]<INPUT NAME=stateless TYPE=CHECKBOX value='stateless'";
        if ($statefull) echo " CHECKED";
        echo ">";
        echo " $lang[99]<INPUT NAME=sameip TYPE=CHECKBOX value='sameip'";
        if ($sameip) echo " CHECKED";
        echo "></TD></TR>";
//New Vars
        echo "<TR bgcolor=#CCCCCC><TD align=left>$lang[309]</TD><TD><INPUT style=\"font-weight : bold;\" NAME=pcre TYPE=TEXT value='$pcre' size=85></TD></TR>";
	echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[310]</TD><TD><INPUT style=\"font-weight : bold;\" NAME=flowbits TYPE=TEXT value='$flowbit's size=30>&nbsp;&nbsp;";
	echo "$lang[311]&nbsp; <INPUT style=\"font-weight : bold;\" NAME=threshold TYPE=TEXT value='$threshold' size=30></TD></TR>"; 

	echo "<TR bgcolor=#DDDDDD><TD align=left>---  </TD><TD bgcolor=#DDDDDD> </TD></TR>";

        if ($reference) {
            foreach($reference as $ref_nr => $tmp_ref) {
                echo "<TR bgcolor=#CCCCCC><TD align=left>$lang[306] $ref_nr:</TD><TD bgcolor=#CCCCCC></TD></TR>";
                echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[100]</TD><TD><INPUT style=\"font-weight : bold;\" NAME=reference[] TYPE=TEXT value='$tmp_ref' size=75></TD></TR>";
            }
            echo "<TR bgcolor=#CCCCCC><TD align=left>$lang[307]:</TD><TD bgcolor=#CCCCCC></TD></TR>";
            echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[100]</TD><TD><INPUT style=\"font-weight : bold;\" NAME=reference[] TYPE=TEXT size=75></TD></TR>";
            echo "<TR bgcolor=#CCCCCC><TD align=left><BR></TD><TD bgcolor=#CCCCCC> </TD></TR>";
        } else {
            echo "<TR bgcolor=#CCCCCC><TD align=left>$lang[307]:</TD><TD bgcolor=#CCCCCC></TD></TR>";
            echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[100]</TD><TD><INPUT style=\"font-weight : bold;\" NAME=reference[] TYPE=TEXT value='$tmp_ref' size=75></TD></TR>";
            echo "<TR bgcolor=#CCCCCC><TD align=left><BR></TD><TD bgcolor=#CCCCCC> </TD></TR>";
        }
        echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[102]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=classtype TYPE=TEXT value='$classtype' size=45>&nbsp;&nbsp;$lang[103] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=priority TYPE=TEXT value='$priority' size=5></TD></TR>";
        echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[104]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=session TYPE=TEXT value='$session' size=36>&nbsp;&nbsp;$lang[105] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=logto TYPE=TEXT value='$logto' size=38></TD></TR>";
        echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[106]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=react TYPE=TEXT value='$react' size=53>&nbsp;&nbsp;$lang[107] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=resp TYPE=TEXT value='$resp' size=21></TD></TR>";
        # Add functionality for SnortSam
	if($snortsam) {
    	    if(ereg("src",$snortsam)) $snortsamSrc="checked";
    	    else $snortsamSrc="";
    	    if(ereg("dst|dest",$snortsam)) $snortsamDst="checked";
    	    else $snortsamDst="";
    	    ereg("[0-9][0-9]*",$snortsam,$snortsamTemp);
    	    $snortsamTime=$snortsamTemp[0];
    	    ereg("seconds|minutes|hours|days|weeks|months|years|ALWAYS",$snortsam,$snortsamTemp);
    	    $snortsamUnit=$snortsamTemp[0];
    	    if($snortsamUnit=="minutes") $minutes="selected";
            if($snortsamUnit=="hours") $hours="selected";
            if($snortsamUnit=="days") $days="selected";
            if($snortsamUnit=="weeks") $weeks="selected";
            if($snortsamUnit=="months") $months="selected";
	    if($snortsamUnit=="years") $years="selected";
	    if($snortsamUnit=="ALWAYS") $ALWAYS="selected";
        }
        echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[269]</TD><TD>Src: <INPUT style=\"font-weight : bold; text-align : center;\" NAME=snortsamSrc TYPE=CHECKBOX $snortsamSrc>
    Dst: <INPUT NAME=snortsamDst TYPE=CHECKBOX $snortsamDst>
    Time: <INPUT NAME=snortsamTime TYPE=TEXT value='$snortsamTime'>
    <SELECT NAME=snortsamUnit>
    <OPTION>seconds<OPTION $minutes>minutes<OPTION $hours>hours<OPTION $days>days<OPTION $weeks>weeks<OPTION $months>months<OPTION $years>years<OPTION $ALWAYS>ALWAYS
    </SELECT>
    &nbsp;&nbsp;</TD></TR>";
    # End snortsam 
         
        echo "<TR><TD align=left><B>$lang[108]</B></TD></TR>";
        echo "<TR bgcolor=#DDDDDD><td align=left>$lang[109]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=tos TYPE=TEXT value='$tos' size=17>&nbsp;&nbsp;$lang[110] <INPUT style=\"font-weight : bold; text-align : left;\" NAME=dsize TYPE=TEXT value='$dsize' size=11></TD></TR>";
        echo "<TR bgcolor=#DDDDDD><td align=left>$lang[111]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=id TYPE=TEXT value='$id' size=36>&nbsp;&nbsp;$lang[112] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=fragbits TYPE=TEXT value='$fragbits' size=5>&nbsp;&nbsp;$lang[247] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=fragoffset TYPE=TEXT value='$fragoffset' size=8></td></TR>";
        echo "<TR bgcolor=#DDDDDD><td align=left>$lang[113]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=ttl TYPE=TEXT value='$ttl' size=17>&nbsp;&nbsp;$lang[114] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=ipoption TYPE=TEXT value='$ipoption' size=36>&nbsp;&nbsp;$lang[115] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=ip_proto TYPE=TEXT value='$ip_proto' size=17></td></TR>";
         
        echo "<TR><TD align=left><B>$lang[116]</B></TD></TR>";
        echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[117]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=seq TYPE=TEXT value='$seq' size=25>&nbsp;&nbsp;$lang[118] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=ack TYPE=TEXT value='$ack' size=25>&nbsp;&nbsp;$lang[119] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=flags TYPE=TEXT value='$flags' size=25></TD></TR>";
	echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[290]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=window TYPE=TEXT value='$window' size=24></TD</TR>";
         
        echo "<TR><TD align=left><B>$lang[120]</B></TD></TR>";
        echo "<TR bgcolor=#DDDDDD><td align=left>$lang[121]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=itype TYPE=TEXT value='$itype' size=19>&nbsp;&nbsp;$lang[122] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=icode TYPE=TEXT value='$icode' size=19></td></TR>";
        echo "<TR bgcolor=#DDDDDD><td align=left>$lang[123]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=icmp_id TYPE=TEXT value='$icmp_id' size=36>&nbsp;&nbsp;$lang[124] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=icmp_seq TYPE=TEXT value='$icmp_seq' size=36></td></TR>";
        echo "</TABLE></TD></TR></TABLE>";
        echo "<BR>";
        # -------- End from ip table --------------
        echo "</TD></TR></TABLE>";
        # -------- END main table --------------
         
        if ($rule  != "new") {
            echo "<CENTER><INPUT NAME='do' VALUE='Update' TYPE=SUBMIT>&nbsp;<INPUT NAME='do' VALUE='Save as New' TYPE=SUBMIT>&nbsp;<INPUT VALUE='Reset' TYPE=RESET></CENTER>";
        } else {
            echo "<CENTER><INPUT NAME='do' VALUE='Save' TYPE=SUBMIT>&nbsp;<INPUT VALUE='Reset' TYPE=RESET></CENTER>";
        }
    } else {
         
        echo "<INPUT TYPE='HIDDEN' NAME='category' VALUE='$category'>";
        echo "<INPUT TYPE='HIDDEN' NAME='s_pos' VALUE='$s_pos'>";
        echo "<INPUT TYPE='HIDDEN' NAME='sensor_id' VALUE='$sensor_id'>";
	echo "<INPUT TYPE='HIDDEN' NAME='edit_type' VALUE='$edit_type'>";
        echo "<table align=center border=0 cellspacing=0 cellpadding=0 width=98%><tr>";
        # -------- Begin left table --------------
        echo "<TD width=48% valign=top>";
        echo "<table align=center border=0 cellpadding=1 cellspacing=0 width=100%><tr bgcolor=#f9f890><td>";
        echo "<table style=\"font-size:12px; font-family: Verdana;\" align=center border=0 cellspacing=0 cellpadding=0 width=100%>";
        echo "<TR><TD align=left colspan=2><B>$lang[73] $sensor_name $lang[74]</B></TD></TR>";
        echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[75]</TD><TD><INPUT style=\"text-align : center;\" NAME=category TYPE=TEXT value='$category' size='25' READONLY >&nbsp;&nbsp;$lang[76] <INPUT style=\"text-align : center;\" NAME=sid TYPE=TEXT value='$sid' size='10' READONLY >&nbsp;&nbsp;$lang[77] <INPUT style=\"text-align : center;\" NAME=rev TYPE=TEXT value='$rev' size='5' READONLY ></TD></TR>";
        echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[78]</TD><TD><INPUT style=\"text-align : center;\" NAME=msg TYPE=TEXT value='$msg' size='75' READONLY ></TD></TR>";
        echo "<TR bgcolor=#DDDDDD><TD align=left>$lang[79]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=action TYPE=TEXT value='$action' size=36>&nbsp;&nbsp;$lang[80] <INPUT style=\"text-align : center;\" NAME=proto TYPE=TEXT value='$proto' size='17' READONLY ></TD></TR>";
        echo "<TR bgcolor=#DDDDDD><td align=left>$lang[81]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=src_ip TYPE=TEXT value='$src_ip' size=40>&nbsp;&nbsp;$lang[82] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=src_port TYPE=TEXT value='$src_port' size=36></td></TR>";
        echo "<TR bgcolor=#DDDDDD><td align=left>$lang[83]</TD><TD><INPUT style=\"font-weight : bold; text-align : center;\" NAME=dst_ip TYPE=TEXT value='$dst_ip' size=40>&nbsp;&nbsp;$lang[84] <INPUT style=\"font-weight : bold; text-align : center;\" NAME=dst_port TYPE=TEXT value='$dst_port' size=36></td></tr>";
        echo "</TABLE></TD></TR></TABLE></TD></TR></TABLE><BR>";
        echo "<CENTER><INPUT NAME='rulechange' VALUE='Save' TYPE=SUBMIT>&nbsp;<INPUT VALUE='Reset' TYPE=RESET>&nbsp;<INPUT NAME='rulechange' VALUE='Restore Default' TYPE=SUBMIT></CENTER>";
    }
    echo "</FORM><BR>";
    include('bottom.inc.php');
?>
Return current item: SnortCenter 2.x