<?php
/*
** SnortCenter Copyright (C) 2001,2002,2003 Stefan Dens
**
** Author: Stefan Dens <hide@address.com>
**
** This program is free software; you can redistribute it and/or modify
** it under the terms of the GNU General Public License as published by
** the Free Software Foundation; either version 2 of the License, or
** (at your option) any later version.
**
** This program is distributed in the hope that it will be useful,
** but WITHOUT ANY WARRANTY; without even the implied warranty of
** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
** GNU General Public License for more details.
**
** You should have received a copy of the GNU General Public License
** along with this program; if not, write to the Free Software
** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
?>
<?php
include("config.php");
include("list.inc.php");
$db = NewACIDDBConnection($DBlib_path, $DBtype);
$db->acidConnect($DB_dbname, $DB_host, $DB_port, $DB_user, $DB_password);
if(!$sensor_id) {
$result = $db->acidExecute("SELECT id FROM sensor ORDER BY sensor_name");
$myrow = $result->acidFetchRow();
$sensor_id = $myrow[0];
}
if ($do == 'Deactivate') {
deactivate($rule, 'rules', $sensor_id, $db);
}
if ($do == 'Activate') {
activate($rule, 'rules', $sensor_id, $db);
}
if ($do == 'Deactivate_template') {
deactivate($template_id, 'rules_template', $sensor_id, $db);
}
if ($do == 'Activate_template') {
activate($template_id, 'rules_template', $sensor_id, $db);
}
if ($do == 'Deactivate_template_sid') {
activate($rule, 'rem_sid_rules_template', $sensor_id, $db);
}
if ($do == 'Activate_template_sid') {
deactivate($rule, 'rem_sid_rules_template', $sensor_id, $db);
}
// goto rule
if ($goto) {
$found = 0;
if ($find_what == 'sid') {
$result = $db->acidExecute("SELECT category FROM rules where sid='$goto'");
$message = $goto;
$goto_sid = $goto;
$myrow = $result->acidFetchRow();
$tmp_category = $myrow[0];
} else {
$result = $db->acidExecute("SELECT category, sid FROM rules where msg LIKE '%$goto%'");
$message = $goto;
$myrow = $result->acidFetchRow();
$tmp_category = $myrow[0];
$goto = $myrow[1];
$goto_sid = $goto;
}
//echo $tmp_category;
$result = $db->acidExecute("SELECT sid FROM rules where category='$tmp_category'");
$counter = 0;
while (($myrow = $result->acidFetchRow()) && ($found == 0)) {
$counter++;
if ($goto == $myrow[0]) {
$found = 1;
$category = $tmp_category;
}
}
if ($found == 0) {
$counter = 0;
$error_msg = "<FONT color='white'><BLINK><B>$lang[59] $message $lang[60]</B></BLINK></FONT>";
}
$counter = $counter / $max_lines;
$counter = floor($counter);
//echo $counter;
$s_pos = $counter;
}
$rule_act = get_active('rules', $sensor_id, $db);
$rules_template_act = get_active('rules_template', $sensor_id, $db);
include('top.inc.php');
echo "<TABLE align=center><TR valign=top><TD width=33%> ";
echo "$error_msg</TD><TD width=33%>";
if ($viewtype != $lang[229]) {
display_hide_active($sensor_id, $category);
} else { echo " "; }
echo "</TD><TD width=33%>";
display_goto($sensor_id);
echo "</TD></TR></TABLE>";
# Begin Template overview
echo "<TABLE width=100% align=center><TR><TD width=25% align=left valign=top>";
display_scope($sensor_id, $category, $s_pos, 1, $db);
display_list_start($sensor_id, 1);
echo "<FONT color=white><B>$lang[278]</B></FONT>";
echo "</TD></TR><TR><TD> </TD></TR>";
$result_id = $db->acidExecute("SELECT id, template_name, template_description , def_template from rules_template where def_template = 'yes'");
while ($myrow = $result_id->acidFetchRow()) {
list($template_id , $template_name, $template_description, $def_template) = $myrow;
$color = '#fffaa8';
echo "<TR border=1 style='border : $color;' bgcolor=$color>";
echo "<TD width=25> </TD>";
echo "<TD width=25>";
if (in_array ("|$template_id|", $rules_template_act)) {
echo"<A href=\"sensor_rules.php?template_id[]=$template_id&do=Deactivate_template&category=$category&sensor_id=$sensor_id&s_pos=$s_pos&hide_active=$hide_active&hide_deactive=$hide_deactive&show_rulechanges=$show_rulechanges&hide_policy=$hide_policy&viewtype=$viewtype\"><img height=20 border=0 title=\"Deactivate\" src='./images/green.png'></A>";
} else {
echo"<A href=\"sensor_rules.php?template_id[]=$template_id&do=Activate_template&category=$category&sensor_id=$sensor_id&s_pos=$s_pos&hide_active=$hide_active&hide_deactive=$hide_deactive&show_rulechanges=$show_rulechanges&hide_policy=$hide_policy&viewtype=$viewtype\"><img height=20 border=0 title=\"Activate\" src='./images/red.png'></A>";
}
echo "</TD><TD title='$template_description'> $template_name </TD></TR>";
}
# echo "<TR border=1 style='border : $color;' bgcolor=$color><TD colspan=3><HR></TD></TR>";
$result_id = $db->acidExecute("SELECT id, template_name, template_description , def_template from rules_template where def_template = 'no'");
while ($myrow = $result_id->acidFetchRow()) {
list($template_id , $template_name, $template_description, $def_template) = $myrow;
if ($color != "white") {
$color = "white";
} else {
$color = "#DDDDDD";
}
echo "<TR border=1 style='border : $color;' bgcolor=$color>";
echo "<TD width=25> <A href=\"template.php?template_id=$template_id&sensor_id=$sensor_id&category=$category&s_pos=$s_pos\"><img title='Edit' border=0 height=15 src='./images/edit_button.png'></A> </TD>";
echo "<TD width=25>";
if (in_array ("|$template_id|", $rules_template_act)) {
echo"<A href=\"sensor_rules.php?template_id[]=$template_id&do=Deactivate_template&category=$category&sensor_id=$sensor_id&s_pos=$s_pos&hide_active=$hide_active&hide_deactive=$hide_deactive&show_rulechanges=$show_rulechanges&hide_policy=$hide_policy&viewtype=$viewtype\"><img height=20 border=0 title=\"Deactivate\" src='./images/green.png'></A>";
} else {
echo"<A href=\"sensor_rules.php?template_id[]=$template_id&do=Activate_template&category=$category&sensor_id=$sensor_id&s_pos=$s_pos&hide_active=$hide_active&hide_deactive=$hide_deactive&show_rulechanges=$show_rulechanges&hide_policy=$hide_policy&viewtype=$viewtype\"><img height=20 border=0 title=\"Activate\" src='./images/red.png'></A>";
}
echo "</TD><TD title='$template_description'> $template_name </TD></TR>";
}
echo "<TR><TD> </TD></TR>";
$result_id->acidFreeRows();
display_list_end(0);
echo "</TD><TD valign=top>";
# end Template overview
# rule group overview
if ($viewtype == $lang[229]) {
$result = $db->acidExecute("SELECT distinct(category) FROM rules ORDER BY category ASC");
$cat = array();
while ($myrow = $result->acidFetchRow()) {
list($sid_category) = $myrow;
$cat[] = $sid_category;
}
// count active rules in a category
foreach($cat as $tmp_cat) {
$result = $db->acidExecute("SELECT sid FROM rules where category='$tmp_cat'");
$count_cat[$tmp_cat] = 0;
$total_cat[$tmp_cat] = 0;
settype($count_cat[$tmp_cat], "integer");
settype($total_cat[$tmp_cat], "integer");
while ($myrow = $result->acidFetchRow()) {
list($sid) = $myrow;
if (in_array("|$sid|", $rule_act)) {
$count_cat[$tmp_cat]++;
}
$total_cat[$tmp_cat]++;
}
}
display_list_start($sensor_id, 1);
echo "<TR><TD width=33%> </TD><TD width=33%> </TD><TD align=center width=33%><B><INPUT style=\"color: #FFFFFF; background-color: #3b577a;\" type=submit name=viewtype value=\"$lang[7]\"></B>";
echo "</TD></TR><TR><TD> </TD></TR>";
echo '<table style="font-size:10px; font-family: Verdana;" border=0 cellpadding=2 cellspacing=0 width=100%>';
$row = 0;
foreach($cat as $tmp_cat) {
if ($row == 0) {
if ($color != "white") {
$color = "white";
} else {
$color = "#DDDDDD";
}
echo "<TR border=1 style='border : $color;' bgcolor=$color valign=bottom>";
}
$row++;
if ($count_cat[$tmp_cat] == 0) {
$count_color = '#FF005F';
}
elseif($total_cat[$tmp_cat] == $count_cat[$tmp_cat]) {
$count_color = '#00FF00';
} else {
$count_color = '#FFF000';
}
echo "<TD width=70><FONT style=\"background-color: $count_color;\" bgcolor=$count_color> $count_cat[$tmp_cat] / $total_cat[$tmp_cat] </FONT></TD>";
echo "<TD><A href='sensor_rules.php?sensor_id=$sensor_id&category=$tmp_cat'>$tmp_cat</A></TD>";
if ($row == 3) {
echo "</TR>";
$row = 0;
}
}
if ($row != 0) {
for($i = $row; $i < 3; $i++) {
echo "<TD> </TD><TD> </TD>";
}
echo "</TR>";
}
echo "<TR><TD> </TD></TR>";
display_list_end(0);
}
# detailed overciew
else {
display_list_start($sensor_id, $db);
$result_id = $db->acidExecute("SELECT sid from rulechange where sensor_id='$sensor_id'");
while ($myrow = $result_id->acidFetchRow()) {
$rule_change[] = $myrow[0];
}
$result_id->acidFreeRows();
$result_id = $db->acidExecute("SELECT rules, rem_sid_rules_template, rules_template from sensor where id = '$sensor_id'");
$myrow_id = $result_id->acidFetchRow();
$no_template = $myrow_id[1];
$sensor_act = $myrow_id[0];
$rule_template_act = explode(";", $myrow_id[2]);
$template_rem = '';
foreach($rule_template_act as $key) {
$template_id = trim($key, '|');
$result_id = $db->acidExecute("SELECT rem_sid from rules_template where id = '$template_id'");
$myrow_id = $result_id->acidFetchRow();
$template_rem .= $myrow_id[0];
}
if ($hide_active == 'yes') {
$tel = 0;
foreach ($rule_act as $sid_select) {
$sid_select = trim($sid_select, '|');
if ($tel == 0) {
$where_active = " ! ( sid='$sid_select'";
$tel++;
} else {
$where_active .= " OR sid='$sid_select'";
}
}
if ($where_active) $where_active .= ' )';
}
if ($hide_deactive == 'yes') {
$tel = 0;
foreach ($rule_act as $sid_select) {
$sid_select = trim($sid_select, '|');
if ($tel == 0) {
$where_active = " ( sid='$sid_select'";
$tel++;
} else {
$where_active .= " OR sid='$sid_select'";
}
}
if ($where_active) $where_active .= ' )';
}
if ($show_rulechanges == 'yes') {
$tel = 0;
if ($rule_change) {
foreach ($rule_change as $sid_select) {
if ($tel == 0) {
$where_rulechange = " ( sid='$sid_select'";
$tel++;
} else {
$where_rulechange .= " OR sid='$sid_select'";
}
}
}
if ($where_rulechange) $where_rulechange .= ' )';
}
if ($hide_policy == 'yes') {
$tel = 0;
foreach($rule_template_act as $key) {
$template_id = trim($key, '|');
$result_id = $db->acidExecute("SELECT rem_sid, add_sid from rules_template where id = '$template_id'");
$myrow_id = $result_id->acidFetchRow();
$template_rem_add .= $myrow_id[0] . $myrow_id[1];
}
$no_template_array = explode(";", $no_template);
foreach($no_template_array as $key) {
if ($key != '') {
list($part_1, $part_2) = explode("$key;", $template_rem_add, 2);
$template_rem_add = $part_1 . $part_2;
}
}
$template_array = explode(";", $template_rem_add);
foreach ($template_array as $sid_select) {
$sid_select = trim($sid_select, '|');
if ($tel == 0) {
$where_active_policy = " ! ( sid='$sid_select'";
$tel++;
} else {
$where_active_policy .= " OR sid='$sid_select'";
}
}
if ($where_active_policy) $where_active_policy .= ' )';
}
if (($category) and ($category != 'All rules')) {
$where = " where (category='$category')";
if ($where_active) {
$where .= " AND ".$where_active;
}
if ($where_active_policy) {
$where .= " AND ".$where_active_policy;
}
if ($where_rulechange) {
$where .= " AND ".$where_rulechange;
}
}
elseif($where_active) {
$where = " where $where_active";
if ($where_active_policy) {
$where .= " AND ".$where_active_policy;
}
if ($where_rulechange) {
$where .= " AND ".$where_rulechange;
}
}
elseif($where_active_policy) {
$where = " where $where_active_policy";
if ($where_rulechange) {
$where .= " AND ".$where_rulechange;
}
}
elseif ($where_rulechange) {
$where = " where ".$where_rulechange;
echo $where;
}
if ($s_pos == '' || $s_pos === '<<') {
$s_pos = 0;
}
$result = $db->acidExecute("SELECT COUNT(sid) FROM rules" . $where);
$myrow = $result->acidFetchRow();
$max = $myrow[0];
$tmp = ($max % 100);
if ($s_pos === '>>') {
$s_pos = round((($max / $max_lines)), 0);
$r_pos = $max-$max_lines;
if ($tmp >= 50 && $tmp > 0) {
$end_pos = $s_pos +1;
$tmp_max = $max / $max_lines;
$tmp_max = round($tmp_max, 0);
} else {
$end_pos = $s_pos;
$tmp_max = $max / $max_lines;
$tmp_max = round($tmp_max, 0)-1;
}
} else {
$r_pos = $s_pos * $max_lines;
if ($tmp >= 50 && $tmp > 0) {
$end_pos = $s_pos;
$tmp_max = $max / $max_lines;
$tmp_max = round($tmp_max, 0);
} else {
$end_pos = $s_pos;
$tmp_max = $max / $max_lines;
$tmp_max = ceil($tmp_max)-1;
}
}
if ($tmp_max == 0) $tmp_max = 1;
$max_page = $r_pos + $max_lines;
if ($max_page > $max) $max_page = $max;
$limit = $r_pos;
#$limit = " LIMIT $r_pos,$max_lines";
$r_pos = $r_pos+1;
echo "<TR><TD align=center width=33%><FONT color='#FFFFFF'><B> $lang[75] $lang[61] </B></FONT><BR> <SELECT name=category onchange='this.form.submit();'><OPTION>All rules</OPTION>";
$result = $db->acidExecute("SELECT distinct(category) from rules ORDER BY category ASC");
while ($myrow = $result->acidFetchRow()) {
echo "<OPTION ";
if ($category == $myrow[0]) echo 'selected';
echo ">$myrow[0]</OPTION>";
}
$result->acidFreeRows();
echo '</SELECT></TD>';
echo "<INPUT TYPE=HIDDEN NAME=hide_active VALUE=$hide_active><INPUT TYPE=HIDDEN NAME=hide_deactive VALUE=$hide_deactive>";
echo "<input type=hidden name=hide_policy value=$hide_policy><input type=hidden name=show_rulechanges value=$show_rulechanges>";
# -- Make limit selection table --
if ($max > $max_lines) {
echo "<TD width=45% align=center><FONT color='#FFFFFF'><B>$lang[62] [$r_pos - $max_page] $lang[63] $max</B><BR>";
if ($s_pos -5 > 0) {
echo ("<INPUT TYPE=SUBMIT name=s_pos value ='<<'> ");
}
for ($i = $s_pos - 5; $i < $end_pos; $i++) {
if ($i >= 0) {
echo ("<INPUT TYPE=SUBMIT name=s_pos value ='$i'> ");
}
else $to_low++;
}
echo ("$end_pos ");
for ($i = $end_pos + 1; $i <= $end_pos + $to_low + 5 and $i <= $tmp_max; $i++) {
echo ("<INPUT TYPE=SUBMIT name=s_pos value ='$i'> ");
$c++;
}
if ($end_pos < ($tmp_max-$c)) {
echo ("<INPUT TYPE=SUBMIT name=s_pos value ='>>'> ");
}
echo("</TD></FONT>");
}
# END-- Make limit selection table --
echo "<TD align=center width=33%><FONT color='#ffffff'><B><INPUT style=\"color: #FFFFFF; background-color: #3b577a;\" type=submit name=viewtype value=\"$lang[229]\"></B>";
echo '</TD></TR><TR colspan=3><TD> </TD></TR></TABLE>
<table style="font-size:10px; font-family: Times;" border=0 cellpadding=2 cellspacing=0 width=100%>';
# echo '<TD width=33%> </TD></TR></TABLE>
# <table style="font-size:10px; font-family: Times;" border=0 cellpadding=2 cellspacing=0 width=100%>';
$result = $db->acidExecute("SELECT action, proto ,src_ip, src_port, operator, dst_ip, dst_port, msg, ttl, tos, id, ipoption, ip_proto, fragbits, dsize, flags, window, seq, ack, itype, icode, icmp_id, icmp_seq, content_list, session, rpc, resp, react, classtype, priority, tag, sameip, stateless, sid, rev, activates, activates_by, count, logto, flow, fragoffset, pcre, flowbits, threshold, snortsam, multiple_rest, rule_mark FROM rules" . $where ." ORDER BY category ASC ", $limit, $max_lines);
$count = 0;
$color = "gray";
while ($myrow = $result->acidFetchRow()) {
list($action, $proto , $src_ip, $src_port, $operator, $dst_ip, $dst_port, $msg, $ttl, $tos, $id, $ipoption, $ip_proto, $fragbits, $dsize, $flags, $window, $seq, $ack, $itype, $icode, $icmp_id, $icmp_seq, $content_list, $session, $rpc, $resp, $react, $classtype, $priority, $tag, $sameip, $stateless, $sid, $rev, $activates, $activates_by, $count, $logto, $flow, $fragoffset, $pcre, $flowbits, $threshold, $snortsam, $multiple_rest, $rule_mark) = $myrow;
$content = '';
$uricontent = '';
$reference = '';
$result_content = $db->acidExecute("SELECT content, off_set, depth, nocase, regex, rawbytes, distance, within, byte_jump, byte_test, isdataat, asn1 FROM content WHERE sid='$sid' ORDER BY sequence");
while ($myrow_content = $result_content->acidFetchRow()) {
list($content_tmp, $off_set, $depth, $nocase, $regex, $rawbytes, $distance, $within, $byte_jump, $byte_test, $isdataat, $asn1) = $myrow_content;
if ($content_tmp) {
$content .= " content: $content_tmp;";
}
if ($off_set >= '0') {
$content .= " offset: $off_set;";
}
if ($depth >= '0') {
$content .= " depth: $depth;";
}
if ($distance >= '0') {
$content .= " distance: $distance;";
}
if ($within >= '0') {
$content .= " within: $within;";
}
if ($byte_jump) {
$content .= " byte_jump: $byte_jump;";
}
if ($byte_test) {
$content .= " byte_test: $byte_test;";
}
if ($isdataat) {
$content .= " isdataat: $isdataat;";
}
if ($asn1) {
$content .= " asn1: $asn1;";
}
if ($nocase) {
$content .= " nocase;";
}
if ($regex) {
$content .= " regex;";
}
if ($rawbytes) {
$content .= " rawbytes;";
}
}
$result_uricontent = $db->acidExecute("SELECT uricontent, off_set, depth, nocase, regex, distance, within, byte_jump, byte_test FROM uricontent WHERE sid='$sid'");
while ($myrow_uricontent = $result_uricontent->acidFetchRow()) {
list($uricontent_tmp, $off_set, $depth, $nocase, $regex, $distance, $within, $byte_jump, $byte_test) = $myrow_uricontent;
$uricontent .= " uricontent: $uricontent_tmp;";
if ($off_set >= '0') {
$uricontent .= " offset: $off_set;";
}
if ($depth >= '0') {
$uricontent .= " depth: $depth;";
}
if ($distance >= '0') {
$uricontent .= " distance: $distance;";
}
if ($within >= '0') {
$uricontent .= " within: $within;";
}
if ($byte_jump) {
$uricontent .= " byte_jump: $byte_jump;";
}
if ($byte_test) {
$uricontent .= " byte_test: $byte_test;";
}
if ($nocase) {
$uricontent .= " nocase;";
}
if ($regex) {
$uricontent .= " regex;";
}
}
$result_reference = $db->acidExecute("SELECT reference FROM reference WHERE sid='$sid'");
while ($myrow_reference = $result_reference->acidFetchRow()) {
list($reference_tmp) = $myrow_reference;
$reference_array = explode(',', $reference_tmp, 2);
if (trim($reference_array[0]) == "bugtraq") {
$reference .= "<A href='$reference_url[bugtraq]$reference_array[1]' target='NEW'> reference: $reference_tmp;</A>";
}
elseif(trim($reference_array[0]) == "cve") {
$reference .= "<A href='$reference_url[cve]$reference_array[1]' target='NEW'> reference: $reference_tmp;</A>";
}
elseif((trim($reference_array[0]) == "arachNIDS") || (trim($reference_array[0]) == "arachnids")) {
$reference .= "<A href='$reference_url[arachNIDS]$reference_array[1]' target='NEW'> reference: $reference_tmp;</A>";
}
elseif(trim($reference_array[0]) == "url") {
$reference .= "<A href='http://$reference_array[1]' target='NEW'> reference: $reference_tmp;</A>";
}
elseif(trim($reference_array[0]) == "nessus") {
$reference .= "<A href='$reference_url[nessus]$reference_array[1]' target='NEW'> reference: $reference_tmp;</A>";
}
elseif((trim($reference_array[0]) == "McAfee") || (trim($reference_array[0]) == "mcafee") || (trim($reference_array[0]) == "MCAFEE")) {
$reference .= "<A href='$reference_url[McAfee]$reference_array[1].htm' target='NEW'> reference: $reference_tmp;</A>";
} else {
$reference .= " reference: $reference_tmp;";
}
}
if ($color != "white") {
$color = "white";
} else {
$color = "#DDDDDD";
}
if ($rule_change) {
if (in_array ("$sid", $rule_change)) {
$result_change = $db->acidExecute("SELECT action, src_ip, src_port, dst_ip, dst_port FROM rulechange where sid='$sid' and sensor_id='$sensor_id'");
$myrow_change = $result_change->acidFetchRow();
if ($myrow_change != 0) {
list($action, $src_ip, $src_port, $dst_ip, $dst_port) = $myrow_change;
# if($rule_change) $color = "#bcf2ba";
if ($rule_change) $color = "#df9ff4";
}
}
}
# if ($rule_mark == 'del') {
# $color = "black";
# echo "<font color='white'>";
# }
if ($goto_sid == $sid) $color = "yellow";
$rowspan = 2;
echo "<TR border=1 style='border : $color;' bgcolor=$color><TD rowspan=$rowspan><INPUT style=\"background-color: $color;\" TYPE=checkbox name=rule[$count] value=\"$sid\" id=\"$sid\"></TD>
<TD nowrap align=right rowspan=$rowspan>";
# Template active lookup
if (strstr($no_template, "|$sid|;") && in_array ("|$sid|", $rule_act)) {
echo"<A href=\"sensor_rules.php?rule[$count]=$sid&do=Activate_template_sid&category=$category&sensor_id=$sensor_id&s_pos=$s_pos&hide_active=$hide_active&hide_deactive=$hide_deactive&show_rulechanges=$show_rulechanges&hide_policy=$hide_policy\"><img height=20 border=0 alt=\"NP\" title=\"Activate Follow Policy Template\" src='./images/pt_red.png'></A>";
echo"<A href=\"sensor_rules.php?rule[$count]=$sid&do=Deactivate&category=$category&sensor_id=$sensor_id&s_pos=$s_pos&hide_active=$hide_active&hide_deactive=$hide_deactive&show_rulechanges=$show_rulechanges&hide_policy=$hide_policy\"><img height=20 border=0 title=\"Deactivate Rule\" src='./images/green.png'></A>";
} elseif (strstr($no_template, "|$sid|;") && !in_array ("|$sid|", $rule_act)) {
echo"<A href=\"sensor_rules.php?rule[$count]=$sid&do=Activate_template_sid&category=$category&sensor_id=$sensor_id&s_pos=$s_pos&hide_active=$hide_active&hide_deactive=$hide_deactive&show_rulechanges=$show_rulechanges&hide_policy=$hide_policy\"><img height=20 border=0 alt=\"NP\" title=\"Activate Follow Policy Template\" src='./images/pt_red.png'></A>";
echo"<A href=\"sensor_rules.php?rule[$count]=$sid&do=Activate&category=$category&sensor_id=$sensor_id&s_pos=$s_pos&hide_active=$hide_active&hide_deactive=$hide_deactive&show_rulechanges=$show_rulechanges&hide_policy=$hide_policy\"><img height=20 border=0 title=\"Activate Rule\" src='./images/red.png'></A>";
} elseif (in_array ("|$sid|", $rule_act) && strstr($sensor_act, "|$sid|;")) {
echo"<A href=\"sensor_rules.php?rule[$count]=$sid&do=Activate_template_sid&category=$category&sensor_id=$sensor_id&s_pos=$s_pos&hide_active=$hide_active&hide_deactive=$hide_deactive&show_rulechanges=$show_rulechanges&hide_policy=$hide_policy\"><img height=20 border=0 alt=\"NP\" title=\"Activate Follow Policy Template\" src='./images/pt_red.png'></A>";
echo"<A href=\"sensor_rules.php?rule[$count]=$sid&do=Deactivate&category=$category&sensor_id=$sensor_id&s_pos=$s_pos&hide_active=$hide_active&hide_deactive=$hide_deactive&show_rulechanges=$show_rulechanges&hide_policy=$hide_policy\"><img height=20 border=0 title=\"Deactivate Rule\" src='./images/green.png'></A>";
} elseif (in_array ("|$sid|", $rule_act) && !strstr($sensor_act, "|$sid|;")) {
echo"<A href=\"sensor_rules.php?rule[$count]=$sid&do=Deactivate_template_sid&category=$category&sensor_id=$sensor_id&s_pos=$s_pos&hide_active=$hide_active&hide_deactive=$hide_deactive&show_rulechanges=$show_rulechanges&hide_policy=$hide_policy\"><img height=20 border=0 alt=\"P\" title=\"Deactivate Follow Policy Template\" src='./images/pt_green.png'></A>";
echo"<img height=20 border=0 title=\"Activated by Policy Template\" src='./images/green.png'>";
} elseif (strstr($template_rem, "|$sid|;")) {
echo"<A href=\"sensor_rules.php?rule[$count]=$sid&do=Deactivate_template_sid&category=$category&sensor_id=$sensor_id&s_pos=$s_pos&hide_active=$hide_active&hide_deactive=$hide_deactive&show_rulechanges=$show_rulechanges&hide_policy=$hide_policy\"><img height=20 border=0 alt=\"P\" title=\"Deactivate Follow policy Template\" src='./images/pt_green.png'></A>";
echo"<img height=20 border=0 title=\"Deactivated by Policy Template\" src='./images/red.png'>";
} else {
echo"<A href=\"sensor_rules.php?rule[$count]=$sid&do=Activate&category=$category&sensor_id=$sensor_id&s_pos=$s_pos&hide_active=$hide_active&hide_deactive=$hide_deactive&show_rulechanges=$show_rulechanges&hide_policy=$hide_policy\"><img height=20 border=0 title=\"Deactivate Follow Policy Template & Activate Rule\" src='./images/black.png'></A>";
}
echo "</TD>
<TD rowspan=$rowspan><A href=\"edit_rule.php?sid=$sid&rev=$rev&sensor_id=$sensor_id&category=$category&s_pos=$s_pos&edit_type=sensor\"><img title='Edit' border=0 height=15 src='./images/edit_button.png'></A></TD>
<TD><label for=\"$sid\">";
# if ($rule_mark == 'del') { echo "<font color='white'>";}
echo "$action $proto $src_ip $src_port $operator $dst_ip $dst_port</label></TD></TR>";
echo "<TR bgcolor=$color><TD colspan=7><label for=\"$sid\">";
# if ($rule_mark == 'del') {
# echo "<font color='white'>";
# }
echo '(';
if ($sid) {
echo " sid: <B>".htmlspecialchars($sid).";</B>";
}
if ($rev) {
echo " rev: <B>".htmlspecialchars($rev).";</B>";
}
if ($msg) {
echo " msg: <B>".htmlspecialchars($msg).";</B>";
}
if ($flow) {
echo " flow: ".htmlspecialchars($flow).";";
}
if ($ttl || $ttl == '0') {
echo " ttl: ".htmlspecialchars($ttl).";";
}
if ($id || $id == '0') {
echo " id: ".htmlspecialchars($id).";";
}
if ($ipoption || $ipoption == '0') {
echo " ipopts: ".htmlspecialchars($ipoption).";";
}
if ($ip_proto || $ip_proto == '0') {
echo " ip_proto: ".htmlspecialchars($ip_proto).";";
}
if ($fragbits) {
echo " fragbits: ".htmlspecialchars($fragbits).";";
}
if ($fragoffset || $fragoffset == '0') {
echo " fragoffset: ".htmlspecialchars($fragoffset).";";
}
if ($dsize || $dsize == '0') {
echo " dsize: ".htmlspecialchars($dsize).";";
}
if ($flags || $flags == '0') {
echo " flags: ".htmlspecialchars($flags).";";
}
if ($window || $window == '0') {
echo " window: ".htmlspecialchars($window).";";
}
if ($seq || $seq == '0') {
echo " seq: ".htmlspecialchars($seq).";";
}
if ($ack || $ack == '0') {
echo " ack: ".htmlspecialchars($ack).";";
}
if ($itype || $itype == '0') {
echo " itype: ".htmlspecialchars($itype).";";
}
if ($icode || $icode == '0') {
echo " icode: ".htmlspecialchars($icode).";";
}
if ($icmp_id || $icmp_id == '0') {
echo " icmp_id: ".htmlspecialchars($icmp_id).";";
}
if ($icmp_seq || $icmp_seq == '0') {
echo " icmp_seq: ".htmlspecialchars($icmp_seq).";";
}
if ($content) {
echo htmlspecialchars($content);
}
if ($uricontent) {
echo htmlspecialchars($uricontent);
}
if ($content_list) {
echo " content_list: ".htmlspecialchars($content_list).";";
}
if ($session) {
echo " session: ".htmlspecialchars($session).";";
}
//Additional Vars added Here
if ($pcre) {
echo " pcre: ".htmlspecialchars($pcre).";";
}
if ($flowbits) {
echo " flowbits: ".htmlspecialchars($flowbits).";";
}
if ($threshold) {
echo " threshold: ".htmlspecialchars($threshold).";";
}
//End Additional Vars
if ($rpc) {
echo " rpc: ".htmlspecialchars($rpc).";";
}
if ($resp) {
echo " resp: ".htmlspecialchars($resp).";";
}
if ($react) {
echo " react: ".htmlspecialchars($react).";";
}
if ($reference) {
echo $reference;
}
if ($snortsam) {
echo " fwsam: ".htmlspecialchars($snortsam).";";
}
if ($classtype) {
echo " classtype: ".htmlspecialchars($classtype).";";
}
if ($priority || $priority == '0') {
echo " priority: ".htmlspecialchars($priority).";";
}
if ($tag) {
echo " tag: ".htmlspecialchars($tag).";";
}
if ($sameip) {
echo " sameip;";
}
if ($stateless) {
echo " stateless;";
}
if ($activates) {
echo " activates: ".htmlspecialchars($activates).";";
}
if ($activates_by) {
echo " activates_by: ".htmlspecialchars($activates_by).";";
}
if ($count || $count == '0') {
echo " count: ".htmlspecialchars($count).";";
}
if ($logto) {
echo " logto: ".htmlspecialchars($logto).";";
}
if ($multiple_rest) {
echo " ".htmlspecialchars($multiple_rest);
}
echo ")</label></TD></TR>";
$count++;
}
display_list_end(1);
}
echo "</TD></TR></TABLE>";
include('bottom.inc.php');
$result->acidFreeRows();
$db->acidClose();
?>