<?php
/*
** SnortCenter Copyright (C) 2001,2002,2003 Stefan Dens
**
** Author: Stefan Dens <hide@address.com>
**
** This program is free software; you can redistribute it and/or modify
** it under the terms of the GNU General Public License as published by
** the Free Software Foundation; either version 2 of the License, or
** (at your option) any later version.
**
** This program is distributed in the hope that it will be useful,
** but WITHOUT ANY WARRANTY; without even the implied warranty of
** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
** GNU General Public License for more details.
**
** You should have received a copy of the GNU General Public License
** along with this program; if not, write to the Free Software
** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
?>
<?php
include("config.php");
include_once("sensor.inc.php");
include("list.inc.php");
$db = NewACIDDBConnection($DBlib_path, $DBtype);
$db->acidConnect($DB_dbname, $DB_host, $DB_port, $DB_user, $DB_password);
include('top.inc.php');
if ($sensor_ctl != "view") {
echo'<BR>';
}
if ($do == "sensor_del") {
?>
<SCRIPT type="text/javascript" language="javascript">
function confirmLink(theLink, theSqlQuery)
{
// Confirmation is not required in the configuration file
// or browser is Opera (crappy js implementation)
if (confirmMsg == '' || typeof(window.opera) != 'undefined') {
return true;
}
var is_confirmed = confirm(confirmMsg + ' :\n' + theSqlQuery);
if (is_confirmed) {
theLink.href += '&js_confirmed=1';
theLink.elements['js_confirmed'].value = 1;
return true;
}
return is_confirmed;
} // end of the 'confirmLink()' function
var confirmMsg = 'Do you really want to ';
</SCRIPT>
<?php
echo "<BR>";
echo "<table align=center border=0 cellpadding=1 cellspacing=0 width=30%><tr bgcolor=#f9f890><td>";
echo "<table style=\"font-size:12px; font-family: Verdana;\" align=center border=0 cellspacing=0 cellpadding=0 width=100%>";
echo "<FORM action=\"\" method=GET onsubmit=\"return confirmLink(this, 'DELETE this Sensor')\">";
echo "<INPUT TYPE='hidden' name='sensor_delete' value='delete'>";
echo "<INPUT TYPE='hidden' name='js_confirmed'>";
echo "<TR><TD><B>Delete Sensor</B></TD></TR>";
echo "<TR bgcolor=#DDDDDD><TD> </TD></TR>";
echo "<TR bgcolor=#DDDDDD><TD> <SELECT NAME='sensor_id'>";
$result = $db->acidExecute("select sensor_name, id from sensor");
while ($myrow = $result->acidFetchRow()) {
echo "<OPTION value='$myrow[1]'>$myrow[0]</OPTION>";
}
$result->acidFreeRows();
echo '</SELECT>';
echo " <INPUT TYPE='submit' NAME='submit' value='Delete'></TD></TR></FORM>";
echo "<TR bgcolor=#DDDDDD><TD> </TD></TR>";
echo "</TABLE></TD></TR></TABLE><BR>";
}
if ($sensor_delete && $js_confirmed == 1) {
$result = $db->acidExecute("delete from sensor where id='$sensor_id'");
}
if ($sensor_ctl == 'system status') {
$result = $db->acidExecute("select interface from sensor where id ='$sensor_id'");
$myrow = $result->acidFetchRow();
$url = get_curl_url("index", $sensor_id, $db);
if (strpos($_SERVER["SERVER_SOFTWARE"], "Win") !== false) {
if ($curl_path != '') {
$curl_path = rtrim($curl_path, '\\') . '\\';
}
} else {
if ($curl_path != '') {
$curl_path = rtrim($curl_path, '/') . '/';
}
}
$r_option = find_interface_pid($sensor_id, $db);
$curl_option = get_curl_option();
exec($curl_path."curl $curl_option -s -S --connect-timeout $curl_timeout -d \"sensor_control=system%20status&interface=$myrow[interface]&r_option=$r_option\" $url 2>&1", $return_string);
foreach ($return_string as $tmp_line) {
$line .= $tmp_line;
}
$snortver = show_snort_version($sensor_id, $db);
$system_status_msg = "<TABLE bgcolor=#FFFFFF align=center><TR><TD><CENTER><B>$snortver</B></CENTER><BR>$line</TD></TR></TABLE>";
}
if ($sensor_ctl == 'start' && is_array($sensor_id_array)) {
foreach($sensor_id_array as $key) {
$line = '';
$return_string = '';
$result = $db->acidExecute("select interface from sensor where id ='$key'");
$myrow = $result->acidFetchRow();
$url = get_curl_url("index", $key, $db);
if (strpos($_SERVER["SERVER_SOFTWARE"], "Win") !== false) {
if ($curl_path != '') {
$curl_path = rtrim($curl_path, '\\') . '\\';
}
} else {
if ($curl_path != '') {
$curl_path = rtrim($curl_path, '/') . '/';
}
}
$r_option = find_interface_pid($key, $db);
$curl_option = get_curl_option();
exec($curl_path."curl $curl_option -s -S --connect-timeout $curl_timeout -d \"sensor_control=start&interface=$myrow[interface]&r_option=$r_option\" $url 2>&1", $return_string);
foreach ($return_string as $tmp_line) {
$line .= $tmp_line;
}
$sensor_msg .= $line.'<BR>';
sleep(1);
# give snort time to start
}
}
if ($sensor_ctl == 'stop' && is_array($sensor_id_array)) {
foreach($sensor_id_array as $key) {
$line = '';
$return_string = '';
$result = $db->acidExecute("select interface from sensor where id ='$key'");
$myrow = $result->acidFetchRow();
$url = get_curl_url("index", $key, $db);
if (strpos($_SERVER["SERVER_SOFTWARE"], "Win") !== false) {
if ($curl_path != '') {
$curl_path = rtrim($curl_path, '\\') . '\\';
}
} else {
if ($curl_path != '') {
$curl_path = rtrim($curl_path, '/') . '/';
}
}
$r_option = find_interface_pid($key, $db);
$curl_option = get_curl_option();
exec($curl_path."curl $curl_option -s -S --connect-timeout $curl_timeout -d \"sensor_control=stop&interface=$myrow[interface]&r_option=$r_option\" $url 2>&1", $return_string);
foreach ($return_string as $tmp_line) {
$line .= $tmp_line;
}
$sensor_msg .= $line.'<BR>';
}
}
if (($sensor_ctl == 'push' || $sensor_ctl == 'push_restart') && is_array($sensor_id_array)) {
foreach($sensor_id_array as $key) {
$line= '';
$return_string = '';
$cmd_err = '';
$result = $db->acidExecute("select interface from sensor where id ='$key'");
$myrow = $result->acidFetchRow();
$url = get_curl_url("upload", $key, $db);
$sensor_name = create_config("push", $key, $db);
if (strpos($_SERVER["SERVER_SOFTWARE"], "Win") !== false) {
if ($curl_path != '') {
$curl_path = rtrim($curl_path, '\\') . '\\';
}
# $filename= "c:/temp/$sensor_name";
$filename = $senstmpfnam;
} else {
if ($curl_path != '') {
$curl_path = rtrim($curl_path, '/') . '/';
}
# $filename= "/tmp/$sensor_name";
$filename = $senstmpfnam;
}
$r_option = find_interface_pid($key, $db);
$curl_option = get_curl_option();
exec($curl_path."curl $curl_option -s -S --connect-timeout $curl_timeout -F \"interface=$myrow[interface]\" -F \"r_option=$r_option\" -F upload=@\"$senstmpfnam\" $url ", $return_string);
foreach ($return_string as $tmp_line) {
$line .= "$tmp_line<BR>";
}
$cmd_err = push_cmd_line($key, $db);
$sensor_msg .= "$line<BR>$cmd_err";
unlink($filename);
}
}
if (($sensor_ctl == 'restart' || $sensor_ctl == 'push_restart') && is_array($sensor_id_array)) {
foreach($sensor_id_array as $key) {
$line= '';
$return_string = '';
$result = $db->acidExecute("select interface from sensor where id ='$key'");
$myrow = $result->acidFetchRow();
$url = get_curl_url("index", $key, $db);
if (strpos($_SERVER["SERVER_SOFTWARE"], "Win") !== false) {
if ($curl_path != '') {
$curl_path = rtrim($curl_path, '\\') . '\\';
}
} else {
if ($curl_path != '') {
$curl_path = rtrim($curl_path, '/') . '/';
}
}
$r_option = find_interface_pid($key, $db);
$curl_option = get_curl_option();
exec($curl_path."curl $curl_option -s -S --connect-timeout $curl_timeout -d \"sensor_control=restart&interface=$myrow[interface]&r_option=$r_option\" $url 2>&1", $return_string);
foreach ($return_string as $tmp_line) {
$line .= $tmp_line;
}
$sensor_msg .= $line;
sleep(1);
# give snort time to start
}
}
if ($sensor_ctl == "view") {
create_config('view', $sensor_id, $db);
}
if ((!$do || $sensor_ctl || $download) && ($sensor_ctl != 'view') && ($sensor_ctl != 'test')) {
?>
<style>
TD {
FONT-FAMILY: Verdana,Helvetica; FONT-SIZE: 10px;
}
</style>
<center>
<?php
display_list_start($sensor_id, 0);
echo "<table align=center border=0 cellpadding=0 cellspacing=0 width=100%>";
$result = $db->acidExecute("select sensor_name, sensor_ip, sensor_port, id, sensor_user, sensor_passw, net_proto, interface, enable, cmd_line from sensor order by sensor_name");
while ($myrow = $result->acidFetchRow()) {
# if cmd_line has -u or -t reload not possible by snort
$cmd_line = $myrow[cmd_line];
if (strpos($cmd_line, '-u') < 0 and strpos ($cmd_line, '-t') < 0) {
$reload = 1;
}
if ($color != "white") {
$color = "white";
} else {
$color = "#DDDDDD";
}
echo "<TR border=1 style='border : $color;' bgcolor=$color>";
if ($myrow[enable] == '1') {
$status = check_status($myrow['id'], $db);
}
else $status = 'disable';
if ($status == 'disable') {
echo "<TD><INPUT style=\"background-color: $color;\" TYPE=checkbox name=sensor_id_array[] value=\"$myrow[3]\"><A href='add_sensor.php?sensor_id=$myrow[3]'> <img title='Edit' border=0 height=15 src='./images/edit_button.png'> </A></TD><TD bgcolor=#ff0000><B> $myrow[0] -> $myrow[interface] </B></TD><TD width=5> </TD><TD>$lang[227]</TD>";
$connect = 2;
}
elseif(strstr($status, 'Snort not Running')) {
echo "<TD><INPUT style=\"background-color: $color;\" TYPE=checkbox name=sensor_id_array[] value=\"$myrow[3]\"><A href='add_sensor.php?sensor_id=$myrow[3]'> <img title='Edit' border=0 height=15 src='./images/edit_button.png'> </A></TD><TD bgcolor=#ffD000><B> $myrow[0] -> $myrow[interface] </B></TD><TD width=5> </TD><TD>$lang[34]</TD>";
$connect = 1;
$show = "start";
}
elseif(strstr($status, 'Pid')) {
echo "<TD><INPUT style=\"background-color: $color;\" TYPE=checkbox name=sensor_id_array[] value=\"$myrow[3]\"><A href='add_sensor.php?sensor_id=$myrow[3]'> <img title='Edit' border=0 height=15 src='./images/edit_button.png'> </A></TD><TD bgcolor=#00ff00><B> $myrow[0] -> $myrow[interface] </B></TD><TD width=5> </TD><TD>$status</TD>";
$connect = 1;
$show = "stop";
} else {
echo "<TD><INPUT style=\"background-color: $color;\" TYPE=checkbox name=sensor_id_array[] value=\"$myrow[3]\"><A href='add_sensor.php?sensor_id=$myrow[3]'> <img title='Edit' border=0 height=15 src='./images/edit_button.png'> </A></TD><TD bgcolor=#ff0000><B> $myrow[0] -> $myrow[interface] </B></TD><TD width=5> </TD><TD>$lang[35] $myrow[1]:$myrow[2]</TD>";
$sensor_msg = $status;
$connect = 0;
}
if ($connect == 1) {
echo '<TD width=5> </TD>';
if ($show == "start") {
echo "<TD align=center><B>$lang[33]</B><BR><A href='?sensor_ctl=start&sensor_id_array[]=$myrow[id]'>$lang[37]</A></TD>";
}
if ($show == "stop") {
echo "<TD align=center><B>$lang[33]</B><BR><A href='?sensor_ctl=stop&sensor_id_array[]=$myrow[id]'>$lang[38]</A>";
if ($reload) {
echo " - <A href='?sensor_ctl=restart&sensor_id_array[]=$myrow[id]'>$lang[39]</A> ";
}
echo "</TD>";
}
echo "<TD align=center width=10> </TD>";
echo "<TD align=center><B>$lang[228]</B><BR><A href='?sensor_ctl=push&sensor_id_array[]=$myrow[id]'>$lang[40]</A> - ";
echo "<A href='?sensor_ctl=view&sensor_id=$myrow[id]'>$lang[41]</A> - ";
echo "<A href='?sensor_ctl=download&sensor_id=$myrow[id]'>$lang[42]</A> </TD>";
# echo "<A href='?sensor_ctl=download&sensor_id=$myrow[id]'>$lang[42]</A> - ";
# echo "<A href='?sensor_ctl=test&sensor_id=$myrow[id]'>$lang[43]</A> </TD>";
echo "<TD align=center width=10> </TD>";
echo "<TD nowrap><BR><A href='?sensor_ctl=system%20status&sensor_id=$myrow[id]'>$lang[44]</A> </TD>";
}
elseif($connect == 2) echo "<TD width=5> </TD><TD colspan=5> </TD>";
else echo "<TD width=5> </TD><TD colspan=5><A href='?sensor_ctl=Sensor_Status&sensor_ip=$myrow[1]&sensor_port=$myrow[2]&sensor_id=$myrow[3]'>$lang[45]</A></TD>";
echo '</TR>';
}
$result->acidFreeRows();
display_list_end(3);
if ($system_status_msg) {
echo '
<style>
TD {
FONT-FAMILY: Verdana,Helvetica; FONT-SIZE: 10px;
}
</style>
<table align="center" border="0" cellspacing="0" cellpadding="0"><tr>
<td width="12" height="12"><img src="./images/form/up-left.gif" alt="" border="0"></td>
<td background="./images/form/up.gif" align="center" height="12"> </td>
<td><img src="./images/form/up-right.gif" width="12" height="12" alt="" border="0"></td></tr>
<tr>
<td background="./images/form/left.gif" width="12"> </td>
<td bgcolor="#3b577a">
<center>';
echo "<BR>$system_status_msg<BR>";
echo '
</td>
<td background="./images/form/right.gif"> </td></tr><tr>
<td width="12" height="12"><img src="./images/form/down-left.gif" alt="" border="0"></td>
<td background="./images/form/down.gif" align="center" height="12"> </td>
<td><img src="./images/form/down-right.gif" width="12" height="12" alt="" border="0"></td></tr>
</td></tr></table><BR>';
}
echo "<TABLE width=98% align=center border=0 cellspacing=0 cellpadding=2><TR><TD width=30% align=left><FONT color='#FFFFFF'><b>$lang[32]</b></FONT></TD><TD> </TD></TR>";
echo "<TR><TD bgcolor=#fffaa8 colspan=2> ".nl2br($sensor_msg)."</TD></TR></TABLE>";
echo "<BR>";
}
$db->acidClose();
require('bottom.inc.php');
if ($sensor_ctl == 'download') {
echo '<SCRIPT language=javascript>setTimeout("location.href=\'dl.php?sensor_id='.$sensor_id.'\'",0);</SCRIPT>';
}
?>
</body>
</html>