<?php
/*
** SnortCenter Copyright (C) 2001,2002,2003 Stefan Dens
**
** Author: Stefan Dens <hide@address.com>
**
** This program is free software; you can redistribute it and/or modify
** it under the terms of the GNU General Public License as published by
** the Free Software Foundation; either version 2 of the License, or
** (at your option) any later version.
**
** This program is distributed in the hope that it will be useful,
** but WITHOUT ANY WARRANTY; without even the implied warranty of
** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
** GNU General Public License for more details.
**
** You should have received a copy of the GNU General Public License
** along with this program; if not, write to the Free Software
** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
?>
<?php
function deactivate($element, $element_type, $sensor_id, $db) {
if ($element) {
if ($element_type == 'rem_sid_rules_template') {
$result_id = $db->acidExecute("SELECT rules from sensor where id='$sensor_id'");
$myrow_id = $result_id->acidFetchRow();
$result_id->acidFreeRows();
$rules_act = $myrow_id[0];
}
$result_id = $db->acidExecute("SELECT $element_type from sensor where id='$sensor_id'");
$myrow_id = $result_id->acidFetchRow();
$result_id->acidFreeRows();
$myrow_act = $myrow_id[0];
foreach($element as $key) {
if ($element_type == 'rem_sid_rules_template') {
list($rule_part_1, $rule_part_2) = explode("|$key|;", $rules_act, 2);
$rules_act = $rule_part_1 . $rule_part_2;
}
list($part_1, $part_2) = explode("|$key|;", $myrow_act, 2);
$myrow_act = $part_1 . $part_2;
}
if ($element_type == 'rem_sid_rules_template') {
$result = $db->acidExecute("UPDATE sensor SET rules='$rules_act' where id = '$sensor_id'");
}
$sql = "UPDATE sensor SET $element_type='$myrow_act' where id = '$sensor_id'";
$result = $db->acidExecute($sql);
}
}
function activate($element, $element_type, $sensor_id, $db) {
if($element) {
$activated_name_array = array();
if ($element_type == 'rules') {
$result_id = $db->acidExecute("SELECT rem_sid_rules_template from sensor where id='$sensor_id'");
$myrow_id = $result_id->acidFetchRow();
$result_id->acidFreeRows();
$rem_sid_act = $myrow_id[0];
}
elseif ($element_type == 'rem_sid_rules_template' || $element_type == 'rules_template') { }
else {
if ($element_type == 'vars') { $result_id = $db->acidExecute("SELECT id, var_name from vars"); }
if ($element_type == 'preprocessor') { $result_id = $db->acidExecute("SELECT id, spp_name from preprocessor"); }
if ($element_type == 'output') { $result_id = $db->acidExecute("SELECT id, spo_name from output"); }
if ($element_type == 'ruletype') { $result_id = $db->acidExecute("SELECT id, ruletype_name from ruletype"); }
if ($element_type == 'config') { $result_id = $db->acidExecute("SELECT id, config_name, config_value from config"); }
while ($myrow = $result_id->acidFetchRow()) {
if ($myrow[1] == 'classification:') {
list($short_name, $rest) = explode (',', $myrow[2], 2);
$myrow[1] = $myrow[1].$short_name;
}
elseif ($myrow[1] == 'reference:') {
list($short_name, $rest) = explode (' ', $myrow[2], 2);
$myrow[1] = $myrow[1].$short_name;
}
elseif ($myrow[1] == 'config:') {
list($short_name, $rest) = explode (' ', $myrow[2], 2);
$myrow[1] = $myrow[1].$short_name;
}
$rule_id = $myrow[0];
$element_name_array[$rule_id] = $myrow[1];
}
/* removed for multiple spade options
foreach($element as $key) {
$key_tmp = array_keys ($element_name_array, $element_name_array[$key]);
deactivate($key_tmp, $element_type, $sensor_id, $db);
}
*/
}
$result_id = $db->acidExecute("SELECT $element_type from sensor where id = '$sensor_id'");
$myrow_id = $result_id->acidFetchRow();
$result_id->acidFreeRows();
$myrow_act = $myrow_id[0];
foreach($element as $key) {
if ($element_type == 'rules') {
if (!strstr($rem_sid_act, "|$key|;")) {
$rem_sid_act .= "|$key|;";
}
}
if (!strstr($myrow_act, "|$key|;")) {
if ($element_type == 'rules') {
$myrow_act .= "|$key|;";
}
elseif (!array_keys($activated_name_array, $element_name_array[$key])) {
$activated_name_array[] = $element_name_array[$key];
$myrow_act .= "|$key|;";
}
}
}
if ($element_type == 'rules') {
$result = $db->acidExecute("UPDATE sensor SET rem_sid_rules_template='$rem_sid_act' where id = '$sensor_id'");
}
$sql = "UPDATE sensor SET $element_type='$myrow_act' where id = '$sensor_id'";
# echo "$sql";
$result = $db->acidExecute($sql);
}
}
function delete($element, $element_type, $db) {
if ($element) {
foreach($element as $key) {
$result_id = $db->acidExecute("SELECT id, $element_type from sensor");
while ($myrow_id = $result_id->acidFetchRow()) {
$sensor_id_tmp = $myrow_id[0];
$myrow_act = $myrow_id[1];
list($part_1, $part_2) = explode("|$key|;", $myrow_act, 2);
$myrow_act = $part_1 . $part_2;
$result = $db->acidExecute("UPDATE sensor SET $element_type='$myrow_act' where id = '$sensor_id_tmp'");
$result->acidFreeRows();
}
$result_id->acidFreeRows();
if ($element_type == 'rules') {
$result = $db->acidExecute("DELETE FROM rules where (sid = '$key')");
$result->acidFreeRows();
$result = $db->acidExecute("DELETE FROM content where (sid = '$key')");
$result->acidFreeRows();
$result = $db->acidExecute("DELETE FROM uricontent where (sid = '$key')");
$result->acidFreeRows();
$result = $db->acidExecute("DELETE FROM reference where (sid = '$key')");
$result->acidFreeRows();
} else {
$result = $db->acidExecute("DELETE FROM $element_type where id = '$key'");
$result->acidFreeRows();
}
}
}
}
function deactivate_removed($element, $element_type, $sensor_id, $db) {
if ($element) {
$in_config_where = rtrim($element, ' AND');
$sql = "select id FROM $element_type WHERE ($in_config_where) AND snort_default = 'yes'";
$result_del = $db->acidExecute($sql);
while ($myrow_rem = $result_del->acidFetchRow()) {
$deact_array[]=$myrow_rem[0];
}
deactivate($deact_array, $element_type, $sensor_id, $db);
}
return $deact_array;
}
function get_removed($element, $element_type, $db) {
if ($element) {
foreach ($element as $myrow_rem) {
$sql_def = "UPDATE $element_type SET snort_default = 'no' where id = '". $myrow_rem."'";
$result = $db->acidExecute($sql_def);
$sql_opt = "Select * from $element_type where id = '".$myrow_rem."'";
$result = $db->acidExecute($sql_opt);
$myrow_foo = $result->acidFetchRow();
$foo[] = $myrow_foo[0].' '.$myrow_foo[1];
}
}
return $foo;
}
function print_report($rule_array, $header) {
if ($header == 'New Rules' || $header == 'Updated Rules' || $header == 'Removed Rules') {
echo "<TR><TD colspan=2><B>$header</B></TD></TR>";
$mail .= "\r\n **** $header ****\r\n";
foreach($rule_array as $rule_cat => $rule_cat_name){
$nr = count ($rule_cat_name);
echo "<TR><TD><B>$nr</B></TD><TD><B>$rule_cat</B></TD></TR>";
$mail .= "\r\n -- $nr $rule_cat --\r\n";
foreach($rule_cat_name as $printrule) {
echo "<TR bgcolor=#DDDDDD><TD align=left colspan=2>".htmlentities($printrule)."</TD></TR>";
$mail .= "$printrule";
if ($header == 'Removed Rules') {
$mail .="\r\n";
}
}
}
$mail .= "--------------------------------------\r\n";
}
else {
$nr = count ($rule_array);
echo "<TR><TD><B>$nr</B></TD><TD><B>$header</B></TD></TR>";
$mail .= "\r\n **** $nr $header ****\r\n";
foreach($rule_array as $printrule){
echo "<TR bgcolor=#DDDDDD><TD align=left colspan=2>".htmlentities($printrule)."</TD></TR>";
$mail .= "$printrule";
if (strpos($header, 'Removed' !== false)) {
$mail .="\r\n";
}
}
$mail .= "--------------------------------------\r\n";
}
return $mail;
}
function get_active($element_type, $sensor_id, $db) {
if ($element_type == 'rules') {
$result_id = $db->acidExecute("SELECT rules, rules_template, rem_sid_rules_template from sensor where id = '$sensor_id'");
$myrow_id = $result_id->acidFetchRow();
$rule_tmp_act = explode(";", $myrow_id[0]);
$rule_template_act = explode(";", $myrow_id[1]);
$rem_sid_rules_template = $myrow_id[2];
$template_add = '';
$template_rem = '';
foreach($rule_template_act as $key) {
$template_id = trim($key, '|');
$result_id = $db->acidExecute("SELECT add_sid, rem_sid from rules_template where id = '$template_id'");
$myrow_id = $result_id->acidFetchRow();
$rule_template_add = explode(";", $myrow_id[0]);
foreach($rule_template_add as $key) {
if (!strstr($template_add, "$key;") && !strstr($rem_sid_rules_template, "$key;")) {
$template_add .= "$key;";
}
}
$template_rem .= $myrow_id[1];
}
# remove rem_policies sid's from add_policies sid's
if($template_rem) {
$rule_template_rem = explode(";", $template_rem);
foreach($rule_template_rem as $key) {
if ($key != '') {
list($part_1, $part_2) = explode("$key;", $template_add, 2);
$template_add = $part_1 . $part_2;
}
}
}
# add sensor overrule sid's
foreach($rule_tmp_act as $key) {
if (!strstr($template_add, "$key;")) {
$template_add .= "$key;";
}
}
$rule_act = explode(";", $template_add);
$result_id->acidFreeRows();
} else {
$result_id = $db->acidExecute("SELECT $element_type from sensor where id = '$sensor_id'");
$myrow_id = $result_id->acidFetchRow();
$rule_act = explode(";", $myrow_id[0]);
$result_id->acidFreeRows();
}
return $rule_act;
}
function display_scope($current_scope, $category, $s_pos, $show_top, $db) {
global $lang, $hide_active, $hide_deactive, $viewtype, $PHP_SELF;
?>
<style>
TD {
FONT-FAMILY: Verdana,Helvetica; FONT-SIZE: 10px
}
</style>
<TABLE width= 100% align=center border=0 cellspacing="0" cellpadding="0"><TR>
<?php
if ($show_top == 1) {
echo '<td width="12" height="12"><img src="./images/form/up-left.gif" alt="" border="0"></td>
<td width= 100% background="./images/form/up.gif" align="center" height="12"> </td>
<td><img src="./images/form/up-right.gif" width="12" height="12" alt="" border="0"></td></tr>
<tr>';
}
?>
<td background="./images/form/left.gif" width="12"> </td>
<?php
echo "<TD bgcolor='#3b577a' align=center><BR><FORM name=scope method=GET><FONT color='#ffffff'><B> $lang[74] $lang[61] </B></FONT>
<BR> <SELECT name=sensor_id onchange='this.form.submit();'>";
$result_sensor = $db->acidExecute("SELECT sensor_name, id, interface from sensor ORDER BY sensor_name,interface ");
while ($myrow_sensor = $result_sensor->acidFetchRow()) {
echo "<OPTION value='$myrow_sensor[1]'";
if ($current_scope == $myrow_sensor[1]) echo 'selected';
echo ">$myrow_sensor[0] -> $myrow_sensor[2] $lang[74]</OPTION>";
}
$result_sensor->acidFreeRows();
echo "</SELECT> <BR><BR>";
echo "<INPUT TYPE='HIDDEN' NAME='category' VALUE='$category'>";
echo "<INPUT TYPE='HIDDEN' NAME='viewtype' VALUE='$viewtype'>";
echo "<INPUT TYPE='HIDDEN' NAME='s_pos' VALUE='$s_pos'>";
echo "<INPUT TYPE='HIDDEN' NAME='hide_active' VALUE='$hide_active'>";
echo "<INPUT TYPE='HIDDEN' NAME='hide_deactive' VALUE='$hide_deactive'>";
echo "</TD></FORM>";
?>
<td background="./images/form/right.gif"> </td></tr><tr>
<td width="12" height="12"><img src="./images/form/down-left.gif" alt="" border="0"></td>
<td background="./images/form/down.gif" align="center" height="12"> </td>
<td><img src="./images/form/down-right.gif" width="12" height="12" alt="" border="0"></td></tr>
</td></tr></table><BR>
<?php
}
function display_goto($sensor_id) {
global $lang;
?>
<style>
TD {
FONT-FAMILY: Verdana,Helvetica; FONT-SIZE: 10px
}
</style>
<TABLE align=center border=0 cellspacing="0" cellpadding="0"><TR height="35">
<td background="./images/form/left.gif" width="12"> </td>
<?php
# echo "<TD bgcolor='#3b577a'><FORM name=goto_rule method=GET><FONT color='#ffffff'><B> $lang[64] </B></FONT>";
echo "<TD bgcolor='#3b577a'><FORM action='' name=goto_rule method=GET><FONT color='#ffffff'><B> $lang[64] </B></FONT>";
echo "<SELECT NAME=find_what><OPTION value='sid'>sid</OPTION>";
echo "<OPTION value='msg'>msg</OPTION></SELECT>";
echo "<INPUT TYPE=HIDDEN NAME='sensor_id' VALUE='$sensor_id'>";
echo " <INPUT type=text name=goto size=20> ";
echo "</TD></FORM>";
?>
<td background="./images/form/right.gif"> </td></tr><tr>
<td width="12" height="12"><img src="./images/form/down-left.gif" alt="" border="0"></td>
<td background="./images/form/down.gif" align="center" height="12"> </td>
<td><img src="./images/form/down-right.gif" width="12" height="12" alt="" border="0"></td></tr>
</td></tr></table><BR>
<?php
}
function display_hide_active($sensor_id, $category) {
global $lang, $hide_active, $hide_deactive, $hide_policy, $show_rulechanges;
if ($hide_deactive == 'yes' && $hide_active == 'yes') {
$hide_deactive = '';
$hide_active = '';
}
?>
<style>
TD {
FONT-FAMILY: Verdana,Helvetica; FONT-SIZE: 10px
}
</style>
<TABLE align=center border=0 cellspacing="0" cellpadding="0"><TR height="35">
<td background="./images/form/left.gif" width="12"> </td>
<?php
echo "<FORM name=active_rule method=GET><INPUT TYPE=HIDDEN NAME='sensor_id' VALUE='$sensor_id'>";
echo "<INPUT TYPE=HIDDEN NAME='category' VALUE='$category'>";
echo "<TD bgcolor='#3b577a'><FONT color='#ffffff'><B> $lang[287] </B></FONT>";
echo "<BR><FONT color='#ffffff'><B> $lang[286] </B></FONT></TD>";
echo "<TD bgcolor='#3b577a'><INPUT style=\"color: #FFFFFF; background-color: #3b577a;\" onclick='this.form.submit();' type=CHECKBOX name=hide_policy value=yes ";
if ($hide_policy == 'yes') echo 'CHECKED ';
echo "> ";
echo "<BR><INPUT style=\"color: #FFFFFF; background-color: #3b577a;\" onclick='this.form.submit();' type=CHECKBOX name=show_rulechanges value=yes ";
if ($show_rulechanges == 'yes') echo 'CHECKED ';
echo "> ";
echo "</TD>";
echo "<TD bgcolor='#3b577a'><FONT color='#ffffff'><B> $lang[241] </B></FONT>";
echo "<BR><FONT color='#ffffff'><B> $lang[242] </B></FONT></TD>";
echo "<TD bgcolor='#3b577a'><INPUT style=\"color: #FFFFFF; background-color: #3b577a;\" onclick='this.form.submit();' type=CHECKBOX name=hide_active value=yes ";
if ($hide_active == 'yes') echo 'CHECKED ';
echo "> ";
echo "<BR><INPUT style=\"color: #FFFFFF; background-color: #3b577a;\" onclick='this.form.submit();' type=CHECKBOX name=hide_deactive value=yes ";
if ($hide_deactive == 'yes') echo 'CHECKED ';
echo "> ";
echo "</TD></FORM>";
?>
<td background="./images/form/right.gif"> </td></tr><tr>
<td width="12" height="12"><img src="./images/form/down-left.gif" alt="" border="0"></td>
<td colspan=4 background="./images/form/down.gif" align="center" height="12"> </td>
<td><img src="./images/form/down-right.gif" width="12" height="12" alt="" border="0"></td></tr>
</td></tr></table><BR>
<?php
}
function display_list_start($sensor_id, $size) {
if ($size == 1) $width = 'width=100%';
?>
<style>
TD {
FONT-FAMILY: Verdana,Helvetica; FONT-SIZE: 10px
}
</style>
<table <?php echo $width; ?> align="center" border="0" cellspacing="0" cellpadding="0"><tr>
<td width="12" height="12"><img src="./images/form/up-left.gif" alt="" border="0"></td>
<td <?php echo $width; ?> background="./images/form/up.gif" align="center" height="12"> </td>
<td><img src="./images/form/up-right.gif" width="12" height="12" alt="" border="0"></td></tr>
<tr>
<td background="./images/form/left.gif" width="12"> </td>
<td bgcolor="#3b577a"><center>
<?php
echo "<table align=center border=0 cellpadding=0 cellspacing=0 width=100%>";
echo "<FORM name=ruleform method=GET><BR><INPUT TYPE=hidden name=sensor_id value='$sensor_id'>";
}
function display_list_end($select) {
global $lang, $PHP_SELF;
if ($select == '1') {
?>
<tr><td colspan=4><FONT color="#ffffff">
<img src="./images/arrow_ltr.png" border="0" width="38" height="22" />
(<a style="color: #FFFFFF" href="" onClick="SelectAll(); return false;"><?php echo $lang[65]; ?></a>
-
<a style="color: #FFFFFF" href="" onClick="UnselectAll(); return false;"><?php echo $lang[66]; ?></a>
-
<a style="color: #FFFFFF" href="" onclick="Invers(); return false;"><?php echo $lang[67]; ?></a>) <?php echo $lang[68]; ?>
</FONT>
<select name="do" dir="ltr" onchange="this.form.submit();">
<option value="" selected="selected"><?php echo $lang[69]; ?></option>
<OPTION value=Activate><?php echo $lang[70]; ?></OPTION>
<OPTION value=Deactivate><?php echo $lang[71]; ?></OPTION>
</select>
<script type="text/javascript" language="javascript">
</script>
<noscript>
<INPUT TYPE=SUBMIT VALUE='Update'></FORM>;
</noscript>
</TD></TR>
<?php }
elseif($select == '2')
{
?>
<tr><td colspan=4><FONT color="#ffffff">
<img src="./images/arrow_ltr.png" border="0" width="38" height="22" />
(<a style="color: #FFFFFF" href="" onClick="SelectAll(); return false;"><?php echo $lang[65]; ?></a>
-
<a style="color: #FFFFFF" href="" onClick="UnselectAll(); return false;"><?php echo $lang[66]; ?></a>
-
<a style="color: #FFFFFF" href="" onclick="Invers(); return false;"><?php echo $lang[67]; ?></a>) <?php echo $lang[68]; ?>
</FONT>
<select name="do" dir="ltr" onchange="this.form.submit();">
<option value="" selected="selected"><?php echo $lang[69]; ?></option>
<OPTION value=Delete><?php echo $lang[72]; ?></OPTION>
</select>
<script type="text/javascript" language="javascript">
</script>
<noscript>
<INPUT TYPE=SUBMIT VALUE='Update'></FORM>;
</noscript>
</TD></TR>
<?php }
elseif($select == '3')
{
?>
<tr><td colspan=4><FONT color="#ffffff">
<img src="./images/arrow_ltr.png" border="0" width="38" height="22" />
(<a style="color: #FFFFFF" href="" onClick="SelectAll(); return false;"><?php echo $lang[65]; ?></a>
-
<a style="color: #FFFFFF" href="" onClick="UnselectAll(); return false;"><?php echo $lang[66]; ?></a>
-
<a style="color: #FFFFFF" href="" onclick="Invers(); return false;"><?php echo $lang[67]; ?></a>) <?php echo $lang[68]; ?>
</FONT>
<select name="sensor_ctl" dir="ltr" onchange="this.form.submit();">
<option value="" selected="selected"><?php echo $lang[69]; ?></option>
<OPTION value=push_restart><?php echo $lang[40].' & '.$lang[39]; ?></OPTION>
<OPTION value=start><?php echo $lang[37]; ?></OPTION>
<OPTION value=stop><?php echo $lang[38]; ?></OPTION>
<OPTION value=restart><?php echo $lang[39]; ?></OPTION>
<OPTION value=push><?php echo $lang[40]; ?></OPTION>
</select>
<script type="text/javascript" language="javascript">
</script>
<noscript>
<INPUT TYPE=SUBMIT VALUE='Update'></FORM>;
</noscript>
</TD></TR>
<?php } ?>
</TABLE>
</center>
</td>
<td background="./images/form/right.gif"> </td></tr><tr>
<td width="12" height="12"><img src="./images/form/down-left.gif" alt="" border="0"></td>
<td background="./images/form/down.gif" align="center" height="12"> </td>
<td><img src="./images/form/down-right.gif" width="12" height="12" alt="" border="0"></td></tr>
</td></tr></table><BR>
<?php
}
?>