Location: PHPKode > projects > SnortCenter 2.x > snortcenter-release/sensor_rules.php
<?php
    /*
    ** SnortCenter Copyright (C) 2001,2002,2003 Stefan Dens
    **
    ** Author: Stefan Dens <hide@address.com>
    **
    ** This program is free software; you can redistribute it and/or modify
    ** it under the terms of the GNU General Public License as published by
    ** the Free Software Foundation; either version 2 of the License, or
    ** (at your option) any later version.
    **
    ** This program is distributed in the hope that it will be useful,
        ** but WITHOUT ANY WARRANTY; without even the implied warranty of
    ** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    ** GNU General Public License for more details.
    **
    ** You should have received a copy of the GNU General Public License
    ** along with this program; if not, write to the Free Software
    ** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
    */
?>
<?php
    include("config.php");
    include("list.inc.php");
     
    $db = NewACIDDBConnection($DBlib_path, $DBtype);
    $db->acidConnect($DB_dbname, $DB_host, $DB_port, $DB_user, $DB_password);

    if(!$sensor_id) {
	$result = $db->acidExecute("SELECT id FROM sensor ORDER BY sensor_name");
        $myrow = $result->acidFetchRow();
	$sensor_id = $myrow[0];
    }

    if ($do == 'Deactivate') {
        deactivate($rule, 'rules', $sensor_id, $db);
    }
    if ($do == 'Activate') {
        activate($rule, 'rules', $sensor_id, $db);
    }
    if ($do == 'Deactivate_template') {
        deactivate($template_id, 'rules_template', $sensor_id, $db);
    }
    if ($do == 'Activate_template') {
        activate($template_id, 'rules_template', $sensor_id, $db);
    }
    if ($do == 'Deactivate_template_sid') {
        activate($rule, 'rem_sid_rules_template', $sensor_id, $db);
    }
    if ($do == 'Activate_template_sid') {
        deactivate($rule, 'rem_sid_rules_template', $sensor_id, $db);
    }
     
    // goto rule
    if ($goto) {
        $found = 0;
        if ($find_what == 'sid') {
            $result = $db->acidExecute("SELECT category FROM rules where sid='$goto'");
            $message = $goto;
            $goto_sid = $goto;
            $myrow = $result->acidFetchRow();
            $tmp_category = $myrow[0];
        } else {
            $result = $db->acidExecute("SELECT category, sid FROM rules where msg LIKE '%$goto%'");
            $message = $goto;
            $myrow = $result->acidFetchRow();
            $tmp_category = $myrow[0];
            $goto = $myrow[1];
            $goto_sid = $goto;
        }
        //echo $tmp_category;
        $result = $db->acidExecute("SELECT sid FROM rules where category='$tmp_category'");
        $counter = 0;
        while (($myrow = $result->acidFetchRow()) && ($found == 0)) {
            $counter++;
            if ($goto == $myrow[0]) {
                $found = 1;
                $category = $tmp_category;
            }
        }
        if ($found == 0) {
            $counter = 0;
            $error_msg = "<FONT color='white'><BLINK><B>$lang[59] $message $lang[60]</B></BLINK></FONT>";
        }
        $counter = $counter / $max_lines;
        $counter = floor($counter);
        //echo $counter;
        $s_pos = $counter;
    }
    $rule_act = get_active('rules', $sensor_id, $db);
    $rules_template_act = get_active('rules_template', $sensor_id, $db);
    include('top.inc.php');
    
    echo "<TABLE align=center><TR valign=top><TD width=33%>&nbsp;";
    
    echo "$error_msg</TD><TD width=33%>";
    if ($viewtype != $lang[229]) {
	display_hide_active($sensor_id, $category);
    } else { echo "&nbsp;"; }
    echo "</TD><TD width=33%>";
    display_goto($sensor_id);
    echo "</TD></TR></TABLE>";

# Begin Template overview    
    echo "<TABLE width=100% align=center><TR><TD width=25% align=left valign=top>";
    display_scope($sensor_id, $category, $s_pos, 1, $db);

    display_list_start($sensor_id, 1);
    echo "<FONT color=white><B>$lang[278]</B></FONT>";
    echo "</TD></TR><TR><TD>&nbsp;</TD></TR>";
    $result_id = $db->acidExecute("SELECT id, template_name, template_description , def_template from rules_template where def_template = 'yes'");
    while ($myrow = $result_id->acidFetchRow()) {
        list($template_id , $template_name, $template_description, $def_template) = $myrow;
	$color = '#fffaa8';
	echo "<TR border=1 style='border : $color;' bgcolor=$color>";
	echo "<TD width=25>&nbsp;</TD>";
	echo "<TD width=25>";
        if (in_array ("|$template_id|", $rules_template_act)) {
            echo"<A href=\"sensor_rules.php?template_id[]=$template_id&do=Deactivate_template&category=$category&sensor_id=$sensor_id&s_pos=$s_pos&hide_active=$hide_active&hide_deactive=$hide_deactive&show_rulechanges=$show_rulechanges&hide_policy=$hide_policy&viewtype=$viewtype\"><img height=20 border=0 title=\"Deactivate\" src='./images/green.png'></A>";
        } else {
            echo"<A href=\"sensor_rules.php?template_id[]=$template_id&do=Activate_template&category=$category&sensor_id=$sensor_id&s_pos=$s_pos&hide_active=$hide_active&hide_deactive=$hide_deactive&show_rulechanges=$show_rulechanges&hide_policy=$hide_policy&viewtype=$viewtype\"><img height=20 border=0 title=\"Activate\" src='./images/red.png'></A>";
        }
	echo "</TD><TD title='$template_description'>&nbsp;$template_name&nbsp;</TD></TR>";
    }
    # echo "<TR border=1 style='border : $color;' bgcolor=$color><TD colspan=3><HR></TD></TR>";
    $result_id = $db->acidExecute("SELECT id, template_name, template_description , def_template from rules_template where def_template = 'no'");
    while ($myrow = $result_id->acidFetchRow()) {
        list($template_id , $template_name, $template_description, $def_template) = $myrow;
	if ($color  != "white") {
            $color = "white";
        } else {
            $color = "#DDDDDD";
        }
	echo "<TR border=1 style='border : $color;' bgcolor=$color>";
	echo "<TD width=25>&nbsp;<A href=\"template.php?template_id=$template_id&sensor_id=$sensor_id&category=$category&s_pos=$s_pos\"><img title='Edit' border=0 height=15 src='./images/edit_button.png'></A>&nbsp;</TD>";
	echo "<TD width=25>";
        if (in_array ("|$template_id|", $rules_template_act)) {
            echo"<A href=\"sensor_rules.php?template_id[]=$template_id&do=Deactivate_template&category=$category&sensor_id=$sensor_id&s_pos=$s_pos&hide_active=$hide_active&hide_deactive=$hide_deactive&show_rulechanges=$show_rulechanges&hide_policy=$hide_policy&viewtype=$viewtype\"><img height=20 border=0 title=\"Deactivate\" src='./images/green.png'></A>";
        } else {
            echo"<A href=\"sensor_rules.php?template_id[]=$template_id&do=Activate_template&category=$category&sensor_id=$sensor_id&s_pos=$s_pos&hide_active=$hide_active&hide_deactive=$hide_deactive&show_rulechanges=$show_rulechanges&hide_policy=$hide_policy&viewtype=$viewtype\"><img height=20 border=0 title=\"Activate\" src='./images/red.png'></A>";
        }
	echo "</TD><TD title='$template_description'>&nbsp;$template_name&nbsp;</TD></TR>";
    }
    echo "<TR><TD>&nbsp;</TD></TR>";
    $result_id->acidFreeRows();
    display_list_end(0);
    echo "</TD><TD valign=top>";
# end Template overview    

# rule group overview
if ($viewtype == $lang[229]) {
    $result = $db->acidExecute("SELECT distinct(category) FROM rules ORDER BY category ASC");
    $cat = array();
    while ($myrow = $result->acidFetchRow()) {
        list($sid_category) = $myrow;
        $cat[] = $sid_category;
    }
    // count active rules in a category
    foreach($cat as $tmp_cat) {
        $result = $db->acidExecute("SELECT sid FROM rules where category='$tmp_cat'");
        $count_cat[$tmp_cat] = 0;
        $total_cat[$tmp_cat] = 0;
        settype($count_cat[$tmp_cat], "integer");
        settype($total_cat[$tmp_cat], "integer");
        while ($myrow = $result->acidFetchRow()) {
            list($sid) = $myrow;
            if (in_array("|$sid|", $rule_act)) {
                $count_cat[$tmp_cat]++;
            }
            $total_cat[$tmp_cat]++;
        }
    }
     
    display_list_start($sensor_id, 1);

    echo "<TR><TD width=33%>&nbsp;</TD><TD width=33%>&nbsp;</TD><TD align=center width=33%><B><INPUT style=\"color: #FFFFFF; background-color: #3b577a;\" type=submit name=viewtype value=\"$lang[7]\"></B>";
    echo "</TD></TR><TR><TD>&nbsp;</TD></TR>";

    echo '<table style="font-size:10px; font-family: Verdana;" border=0 cellpadding=2 cellspacing=0 width=100%>';

    $row = 0;
    foreach($cat as $tmp_cat) {
         
        if ($row == 0) {
            if ($color  != "white") {
                $color = "white";
            } else {
                $color = "#DDDDDD";
            }
            echo "<TR border=1 style='border : $color;' bgcolor=$color valign=bottom>";
        }
        $row++;
        if ($count_cat[$tmp_cat] == 0) {
            $count_color = '#FF005F';
        }
        elseif($total_cat[$tmp_cat] == $count_cat[$tmp_cat]) {
            $count_color = '#00FF00';
        } else {
            $count_color = '#FFF000';
        }
        echo "<TD width=70><FONT style=\"background-color: $count_color;\" bgcolor=$count_color>&nbsp;$count_cat[$tmp_cat] / $total_cat[$tmp_cat]&nbsp;</FONT></TD>";
        echo "<TD><A href='sensor_rules.php?sensor_id=$sensor_id&category=$tmp_cat'>$tmp_cat</A></TD>";
         
        if ($row == 3) {
            echo "</TR>";
            $row = 0;
        }
    }
    if ($row  != 0) {
        for($i = $row; $i < 3; $i++) {
            echo "<TD>&nbsp;</TD><TD>&nbsp;</TD>";
        }
        echo "</TR>";
    }
    echo "<TR><TD>&nbsp;</TD></TR>";
    display_list_end(0);
}

# detailed overciew
else {
    display_list_start($sensor_id, $db);
    $result_id = $db->acidExecute("SELECT sid from rulechange where sensor_id='$sensor_id'");
    while ($myrow = $result_id->acidFetchRow()) {
        $rule_change[] = $myrow[0];
    }
    $result_id->acidFreeRows();

    $result_id = $db->acidExecute("SELECT rules, rem_sid_rules_template, rules_template from sensor where id = '$sensor_id'");     
    $myrow_id = $result_id->acidFetchRow();
    $no_template = $myrow_id[1];
    $sensor_act = $myrow_id[0];

    $rule_template_act = explode(";", $myrow_id[2]);
    $template_rem = '';
    foreach($rule_template_act as $key) {
	$template_id = trim($key, '|');
	$result_id = $db->acidExecute("SELECT rem_sid from rules_template where id = '$template_id'");
	$myrow_id = $result_id->acidFetchRow();
	$template_rem .= $myrow_id[0];
    }     

    if ($hide_active == 'yes') {
        $tel = 0;
        foreach ($rule_act as $sid_select) {
            $sid_select = trim($sid_select, '|');
            if ($tel == 0) {
                $where_active = " ! ( sid='$sid_select'";
                $tel++;
            } else {
                $where_active  .= " OR sid='$sid_select'";
            }
        }
        if ($where_active) $where_active  .= ' )';
    }
    
    if ($hide_deactive == 'yes') {
        $tel = 0;
        foreach ($rule_act as $sid_select) {
            $sid_select = trim($sid_select, '|');
            if ($tel == 0) {
                $where_active = " ( sid='$sid_select'";
                $tel++;
            } else {
                $where_active  .= " OR sid='$sid_select'";
            }
        }
	if ($where_active) $where_active  .= ' )';
    }

    if ($show_rulechanges == 'yes') {
        $tel = 0;
     if ($rule_change) {    
	foreach ($rule_change as $sid_select) {
            if ($tel == 0) {
                $where_rulechange = " ( sid='$sid_select'";
                $tel++;
            } else {
                $where_rulechange  .= " OR sid='$sid_select'";
            }
        }
     }
     if ($where_rulechange) $where_rulechange  .= ' )';
    }

    if ($hide_policy == 'yes') {
	$tel = 0;
	foreach($rule_template_act as $key) {
	    $template_id = trim($key, '|');
    	    $result_id = $db->acidExecute("SELECT rem_sid, add_sid from rules_template where id = '$template_id'");
	    $myrow_id = $result_id->acidFetchRow();
	    $template_rem_add .= $myrow_id[0] . $myrow_id[1];
	}
	$no_template_array = explode(";", $no_template);
        foreach($no_template_array as $key) {
	    if ($key != '') {
		list($part_1, $part_2) = explode("$key;", $template_rem_add, 2);
        	$template_rem_add = $part_1 . $part_2;
	    }
        }
	$template_array = explode(";", $template_rem_add);
	foreach ($template_array as $sid_select) {
            $sid_select = trim($sid_select, '|');
            if ($tel == 0) {
                $where_active_policy = " ! ( sid='$sid_select'";
                $tel++;
            } else {
                $where_active_policy  .= " OR sid='$sid_select'";
            }
        }
	if ($where_active_policy) $where_active_policy  .= ' )';
    }
     
    if (($category) and ($category  != 'All rules')) {
        $where = " where (category='$category')";
        if ($where_active) {
            $where  .= " AND ".$where_active;
        }
	if ($where_active_policy) {
            $where  .= " AND ".$where_active_policy;
        }
	if ($where_rulechange) {
            $where  .= " AND ".$where_rulechange;
        }
    }
    elseif($where_active) {
        $where = " where $where_active";
	if ($where_active_policy) {
            $where  .= " AND ".$where_active_policy;
        }
	if ($where_rulechange) {
            $where  .= " AND ".$where_rulechange;
        }
    }
    elseif($where_active_policy) {
        $where = " where $where_active_policy";
	if ($where_rulechange) {
            $where  .= " AND ".$where_rulechange;
        }
    }
    elseif ($where_rulechange) {
            $where  = " where ".$where_rulechange;
	    echo $where;
        }
     
    if ($s_pos == '' || $s_pos === '<<') {
        $s_pos = 0;
    }
     
    $result = $db->acidExecute("SELECT COUNT(sid) FROM rules" . $where);
    $myrow = $result->acidFetchRow();
    $max = $myrow[0];
     
    $tmp = ($max % 100);
    if ($s_pos === '>>') {
        $s_pos = round((($max / $max_lines)), 0);
        $r_pos = $max-$max_lines;
        if ($tmp >= 50 && $tmp > 0) {
            $end_pos = $s_pos +1;
            $tmp_max = $max / $max_lines;
            $tmp_max = round($tmp_max, 0);
        } else {
            $end_pos = $s_pos;
            $tmp_max = $max / $max_lines;
            $tmp_max = round($tmp_max, 0)-1;
        }
    } else {
        $r_pos = $s_pos * $max_lines;
        if ($tmp >= 50 && $tmp > 0) {
            $end_pos = $s_pos;
            $tmp_max = $max / $max_lines;
            $tmp_max = round($tmp_max, 0);
        } else {
            $end_pos = $s_pos;
            $tmp_max = $max / $max_lines;
            $tmp_max = ceil($tmp_max)-1;
        }
    }
    if ($tmp_max == 0) $tmp_max = 1;
    $max_page = $r_pos + $max_lines;
    if ($max_page > $max) $max_page = $max;
    $limit = $r_pos;
    #$limit = " LIMIT $r_pos,$max_lines";
    $r_pos = $r_pos+1;
     
    echo "<TR><TD align=center width=33%><FONT color='#FFFFFF'><B>&nbsp;$lang[75] $lang[61]&nbsp;</B></FONT><BR>&nbsp;<SELECT name=category onchange='this.form.submit();'><OPTION>All rules</OPTION>";
    $result = $db->acidExecute("SELECT distinct(category) from rules ORDER BY category ASC");
    while ($myrow = $result->acidFetchRow()) {
        echo "<OPTION ";
        if ($category == $myrow[0]) echo 'selected';
        echo ">$myrow[0]</OPTION>";
    }
    $result->acidFreeRows();
    echo '</SELECT></TD>';
    echo "<INPUT TYPE=HIDDEN NAME=hide_active VALUE=$hide_active><INPUT TYPE=HIDDEN NAME=hide_deactive VALUE=$hide_deactive>";
    echo "<input type=hidden name=hide_policy value=$hide_policy><input type=hidden name=show_rulechanges value=$show_rulechanges>"; 
    # -- Make limit selection table --
    if ($max > $max_lines) {
        echo "<TD width=45% align=center><FONT color='#FFFFFF'><B>$lang[62] [$r_pos - $max_page] $lang[63] $max</B><BR>";
        if ($s_pos -5 > 0) {
            echo ("<INPUT TYPE=SUBMIT name=s_pos value ='<<'> ");
        }
        for ($i = $s_pos - 5; $i < $end_pos; $i++) {
            if ($i >= 0) {
                echo ("<INPUT TYPE=SUBMIT name=s_pos value ='$i'> ");
            }
            else $to_low++;
        }
        echo ("$end_pos ");
        for ($i = $end_pos + 1; $i <= $end_pos + $to_low + 5 and $i <= $tmp_max; $i++) {
            echo ("<INPUT TYPE=SUBMIT name=s_pos value ='$i'> ");
            $c++;
        }
        if ($end_pos < ($tmp_max-$c)) {
            echo ("<INPUT TYPE=SUBMIT name=s_pos value ='>>'> ");
        }
        echo("</TD></FONT>");
    }
    # END-- Make limit selection table --
        echo "<TD align=center width=33%><FONT color='#ffffff'><B><INPUT style=\"color: #FFFFFF; background-color: #3b577a;\" type=submit name=viewtype value=\"$lang[229]\"></B>";
        echo '</TD></TR><TR colspan=3><TD>&nbsp;</TD></TR></TABLE>
        <table style="font-size:10px; font-family: Times;" border=0 cellpadding=2 cellspacing=0 width=100%>';
#    echo '<TD width=33%>&nbsp;</TD></TR></TABLE>
#        <table style="font-size:10px; font-family: Times;" border=0 cellpadding=2 cellspacing=0 width=100%>';
       
    $result = $db->acidExecute("SELECT action, proto ,src_ip, src_port, operator, dst_ip, dst_port, msg, ttl, tos, id, ipoption, ip_proto, fragbits, dsize, flags, window, seq, ack, itype, icode, icmp_id, icmp_seq,  content_list, session, rpc, resp, react, classtype, priority, tag, sameip, stateless, sid, rev, activates,  activates_by, count, logto, flow, fragoffset, pcre, flowbits, threshold, snortsam, multiple_rest, rule_mark FROM rules" . $where ." ORDER BY category ASC ", $limit, $max_lines);
    $count = 0;
    $color = "gray";
    while ($myrow = $result->acidFetchRow()) {
        list($action, $proto , $src_ip, $src_port, $operator, $dst_ip, $dst_port, $msg, $ttl, $tos, $id, $ipoption, $ip_proto, $fragbits, $dsize, $flags, $window, $seq, $ack, $itype, $icode, $icmp_id, $icmp_seq, $content_list, $session, $rpc, $resp, $react, $classtype, $priority, $tag, $sameip, $stateless, $sid, $rev, $activates, $activates_by, $count, $logto, $flow, $fragoffset, $pcre, $flowbits, $threshold, $snortsam, $multiple_rest, $rule_mark) = $myrow;
        $content = '';
        $uricontent = '';
        $reference = '';
        $result_content = $db->acidExecute("SELECT content, off_set, depth, nocase, regex, rawbytes, distance, within, byte_jump, byte_test, isdataat, asn1 FROM content WHERE sid='$sid' ORDER BY sequence");
        while ($myrow_content = $result_content->acidFetchRow()) {
            list($content_tmp, $off_set, $depth, $nocase, $regex, $rawbytes, $distance, $within, $byte_jump, $byte_test, $isdataat, $asn1) = $myrow_content;
            if ($content_tmp) {
	    	$content  .= " content: $content_tmp;";
	    }
            if ($off_set >= '0') {
                $content  .= " offset: $off_set;";
            }
            if ($depth >= '0') {
                $content  .= " depth: $depth;";
            }
            if ($distance >= '0') {
                $content  .= " distance: $distance;";
            }
            if ($within >= '0') {
                $content  .= " within: $within;";
            }
	    if ($byte_jump) {
                $content  .= " byte_jump: $byte_jump;";
            }
	    if ($byte_test) {
                $content  .= " byte_test: $byte_test;";
            }
            if ($isdataat) {
                $content  .= " isdataat: $isdataat;";
            }
            if ($asn1)  {
                $content  .= " asn1: $asn1;";
            }    
            if ($nocase) {
                $content  .= " nocase;";
            }
            if ($regex) {
                $content  .= " regex;";
            }
            if ($rawbytes) {
                $content  .= " rawbytes;";
            }
        }
        $result_uricontent = $db->acidExecute("SELECT uricontent, off_set, depth, nocase, regex, distance, within, byte_jump, byte_test FROM uricontent WHERE sid='$sid'");
        while ($myrow_uricontent = $result_uricontent->acidFetchRow()) {
            list($uricontent_tmp, $off_set, $depth, $nocase, $regex, $distance, $within, $byte_jump, $byte_test) = $myrow_uricontent;
            $uricontent  .= " uricontent: $uricontent_tmp;";
            if ($off_set >= '0') {
                $uricontent  .= " offset: $off_set;";
            }
            if ($depth >= '0') {
                $uricontent  .= " depth: $depth;";
            }
	    if ($distance >= '0') {
                $uricontent  .= " distance: $distance;";
            }
            if ($within >= '0') {
                $uricontent  .= " within: $within;";
            }
	    if ($byte_jump) {
                $uricontent  .= " byte_jump: $byte_jump;";
            }
	    if ($byte_test) {
                $uricontent  .= " byte_test: $byte_test;";
            }
            if ($nocase) {
                $uricontent  .= " nocase;";
            }
            if ($regex) {
                $uricontent  .= " regex;";
            }
        }
        $result_reference = $db->acidExecute("SELECT reference FROM reference WHERE sid='$sid'");
        while ($myrow_reference = $result_reference->acidFetchRow()) {
            list($reference_tmp) = $myrow_reference;
            $reference_array = explode(',', $reference_tmp, 2);
            if (trim($reference_array[0]) == "bugtraq") {
                $reference  .= "<A href='$reference_url[bugtraq]$reference_array[1]' target='NEW'> reference: $reference_tmp;</A>";
            }
            elseif(trim($reference_array[0]) == "cve") {
                $reference  .= "<A href='$reference_url[cve]$reference_array[1]' target='NEW'> reference: $reference_tmp;</A>";
            }
            elseif((trim($reference_array[0]) == "arachNIDS") || (trim($reference_array[0]) == "arachnids")) {
                $reference  .= "<A href='$reference_url[arachNIDS]$reference_array[1]' target='NEW'> reference: $reference_tmp;</A>";
            }
            elseif(trim($reference_array[0]) == "url") {
                $reference  .= "<A href='http://$reference_array[1]' target='NEW'> reference: $reference_tmp;</A>";
            }
            elseif(trim($reference_array[0]) == "nessus") {
                $reference  .= "<A href='$reference_url[nessus]$reference_array[1]' target='NEW'> reference: $reference_tmp;</A>";
            }
            elseif((trim($reference_array[0]) == "McAfee") || (trim($reference_array[0]) == "mcafee") || (trim($reference_array[0]) == "MCAFEE")) {
                $reference  .= "<A href='$reference_url[McAfee]$reference_array[1].htm' target='NEW'> reference: $reference_tmp;</A>";
            } else {
                $reference  .= " reference: $reference_tmp;";
            }
        }
         
        if ($color  != "white") {
            $color = "white";
        } else {
            $color = "#DDDDDD";
        }
         
        if ($rule_change) {
            if (in_array ("$sid", $rule_change)) {
                $result_change = $db->acidExecute("SELECT action, src_ip, src_port, dst_ip, dst_port FROM rulechange where sid='$sid' and sensor_id='$sensor_id'");
                $myrow_change = $result_change->acidFetchRow();
                if ($myrow_change  != 0) {
                    list($action, $src_ip, $src_port, $dst_ip, $dst_port) = $myrow_change;
                    #     if($rule_change) $color = "#bcf2ba";
                    if ($rule_change) $color = "#df9ff4";
                }
            }
        }
#	if ($rule_mark == 'del') {
#	    $color = "black";
#	    echo "<font color='white'>";
#	}
        if ($goto_sid == $sid) $color = "yellow";
	    $rowspan = 2;
        echo "<TR border=1 style='border : $color;' bgcolor=$color><TD rowspan=$rowspan><INPUT style=\"background-color: $color;\" TYPE=checkbox name=rule[$count] value=\"$sid\" id=\"$sid\"></TD>
            <TD nowrap align=right rowspan=$rowspan>";
    # Template active lookup    
	if (strstr($no_template, "|$sid|;") && in_array ("|$sid|", $rule_act)) {
	    echo"<A href=\"sensor_rules.php?rule[$count]=$sid&do=Activate_template_sid&category=$category&sensor_id=$sensor_id&s_pos=$s_pos&hide_active=$hide_active&hide_deactive=$hide_deactive&show_rulechanges=$show_rulechanges&hide_policy=$hide_policy\"><img height=20 border=0 alt=\"NP\" title=\"Activate Follow Policy Template\" src='./images/pt_red.png'></A>";
	    echo"<A href=\"sensor_rules.php?rule[$count]=$sid&do=Deactivate&category=$category&sensor_id=$sensor_id&s_pos=$s_pos&hide_active=$hide_active&hide_deactive=$hide_deactive&show_rulechanges=$show_rulechanges&hide_policy=$hide_policy\"><img height=20 border=0 title=\"Deactivate Rule\" src='./images/green.png'></A>";		
	} elseif (strstr($no_template, "|$sid|;") && !in_array ("|$sid|", $rule_act)) {
	    echo"<A href=\"sensor_rules.php?rule[$count]=$sid&do=Activate_template_sid&category=$category&sensor_id=$sensor_id&s_pos=$s_pos&hide_active=$hide_active&hide_deactive=$hide_deactive&show_rulechanges=$show_rulechanges&hide_policy=$hide_policy\"><img height=20 border=0 alt=\"NP\" title=\"Activate Follow Policy Template\" src='./images/pt_red.png'></A>";
	    echo"<A href=\"sensor_rules.php?rule[$count]=$sid&do=Activate&category=$category&sensor_id=$sensor_id&s_pos=$s_pos&hide_active=$hide_active&hide_deactive=$hide_deactive&show_rulechanges=$show_rulechanges&hide_policy=$hide_policy\"><img height=20 border=0 title=\"Activate Rule\" src='./images/red.png'></A>";
        } elseif (in_array ("|$sid|", $rule_act) && strstr($sensor_act, "|$sid|;")) {
	    echo"<A href=\"sensor_rules.php?rule[$count]=$sid&do=Activate_template_sid&category=$category&sensor_id=$sensor_id&s_pos=$s_pos&hide_active=$hide_active&hide_deactive=$hide_deactive&show_rulechanges=$show_rulechanges&hide_policy=$hide_policy\"><img height=20 border=0 alt=\"NP\" title=\"Activate Follow Policy Template\" src='./images/pt_red.png'></A>";	
	    echo"<A href=\"sensor_rules.php?rule[$count]=$sid&do=Deactivate&category=$category&sensor_id=$sensor_id&s_pos=$s_pos&hide_active=$hide_active&hide_deactive=$hide_deactive&show_rulechanges=$show_rulechanges&hide_policy=$hide_policy\"><img height=20 border=0 title=\"Deactivate Rule\" src='./images/green.png'></A>";
	} elseif (in_array ("|$sid|", $rule_act) && !strstr($sensor_act, "|$sid|;")) {
    	    echo"<A href=\"sensor_rules.php?rule[$count]=$sid&do=Deactivate_template_sid&category=$category&sensor_id=$sensor_id&s_pos=$s_pos&hide_active=$hide_active&hide_deactive=$hide_deactive&show_rulechanges=$show_rulechanges&hide_policy=$hide_policy\"><img height=20 border=0 alt=\"P\" title=\"Deactivate Follow Policy Template\" src='./images/pt_green.png'></A>";
	    echo"<img height=20 border=0 title=\"Activated by Policy Template\" src='./images/green.png'>";
	} elseif (strstr($template_rem, "|$sid|;")) {
    	    echo"<A href=\"sensor_rules.php?rule[$count]=$sid&do=Deactivate_template_sid&category=$category&sensor_id=$sensor_id&s_pos=$s_pos&hide_active=$hide_active&hide_deactive=$hide_deactive&show_rulechanges=$show_rulechanges&hide_policy=$hide_policy\"><img height=20 border=0 alt=\"P\" title=\"Deactivate Follow policy Template\" src='./images/pt_green.png'></A>";
	    echo"<img height=20 border=0 title=\"Deactivated by Policy Template\" src='./images/red.png'>";
	} else {
	    echo"<A href=\"sensor_rules.php?rule[$count]=$sid&do=Activate&category=$category&sensor_id=$sensor_id&s_pos=$s_pos&hide_active=$hide_active&hide_deactive=$hide_deactive&show_rulechanges=$show_rulechanges&hide_policy=$hide_policy\"><img height=20 border=0 title=\"Deactivate Follow Policy Template &amp; Activate Rule\" src='./images/black.png'></A>";	
	}
	echo "</TD>
	    <TD rowspan=$rowspan><A href=\"edit_rule.php?sid=$sid&rev=$rev&sensor_id=$sensor_id&category=$category&s_pos=$s_pos&edit_type=sensor\"><img title='Edit' border=0 height=15 src='./images/edit_button.png'></A></TD>
	    <TD><label for=\"$sid\">";
#	    if ($rule_mark == 'del') { echo "<font color='white'>";}
	    echo "$action $proto $src_ip $src_port $operator $dst_ip $dst_port</label></TD></TR>";
            echo "<TR bgcolor=$color><TD colspan=7><label for=\"$sid\">";
#            if ($rule_mark == 'del') {
#		echo "<font color='white'>";
#    	    }
	    echo '(';
	    if ($sid) {
                echo " sid: <B>".htmlspecialchars($sid).";</B>";
            }
            if ($rev) {
                echo " rev: <B>".htmlspecialchars($rev).";</B>";
            }
            if ($msg) {
                echo " msg: <B>".htmlspecialchars($msg).";</B>";
            }
            if ($flow) {
                echo " flow: ".htmlspecialchars($flow).";";
            }
            if ($ttl || $ttl == '0') {
                echo " ttl: ".htmlspecialchars($ttl).";";
            }
            if ($id || $id == '0') {
                echo " id: ".htmlspecialchars($id).";";
            }
            if ($ipoption || $ipoption == '0') {
                echo " ipopts: ".htmlspecialchars($ipoption).";";
            }
            if ($ip_proto || $ip_proto == '0') {
                echo " ip_proto: ".htmlspecialchars($ip_proto).";";
            }
            if ($fragbits) {
                echo " fragbits: ".htmlspecialchars($fragbits).";";
            }
            if ($fragoffset || $fragoffset == '0') {
                echo " fragoffset: ".htmlspecialchars($fragoffset).";";
            }
            if ($dsize || $dsize == '0') {
                echo " dsize: ".htmlspecialchars($dsize).";";
            }
            if ($flags || $flags == '0') {
                echo " flags: ".htmlspecialchars($flags).";";
            }
            if ($window || $window == '0') {
                echo " window: ".htmlspecialchars($window).";";
            }
            if ($seq || $seq == '0') {
                echo " seq: ".htmlspecialchars($seq).";";
            }
            if ($ack || $ack == '0') {
                echo " ack: ".htmlspecialchars($ack).";";
            }
            if ($itype || $itype == '0') {
                echo " itype: ".htmlspecialchars($itype).";";
            }
            if ($icode || $icode == '0') {
                echo " icode: ".htmlspecialchars($icode).";";
            }
            if ($icmp_id || $icmp_id == '0') {
                echo " icmp_id: ".htmlspecialchars($icmp_id).";";
            }
            if ($icmp_seq || $icmp_seq == '0') {
                echo " icmp_seq: ".htmlspecialchars($icmp_seq).";";
            }
            if ($content) {
                echo htmlspecialchars($content);
            }
            if ($uricontent) {
                echo htmlspecialchars($uricontent);
            }
            if ($content_list) {
                echo " content_list: ".htmlspecialchars($content_list).";";
            }
            if ($session) {
                echo " session: ".htmlspecialchars($session).";";
            }
//Additional Vars added Here
            if ($pcre) {
                echo " pcre: ".htmlspecialchars($pcre).";";
            }
            if ($flowbits) {
                echo " flowbits: ".htmlspecialchars($flowbits).";";
            }
            if ($threshold) {
                echo " threshold: ".htmlspecialchars($threshold).";";
            }
//End Additional Vars

            if ($rpc) {
                echo " rpc: ".htmlspecialchars($rpc).";";
            }
            if ($resp) {
                echo " resp: ".htmlspecialchars($resp).";";
            }
            if ($react) {
                echo " react: ".htmlspecialchars($react).";";
            }
            if ($reference) {
                echo $reference;
            }
            if ($snortsam) {
		echo " fwsam: ".htmlspecialchars($snortsam).";";
	    }
	    if ($classtype) {
                echo " classtype: ".htmlspecialchars($classtype).";";
            }
            if ($priority || $priority == '0') {
                echo " priority: ".htmlspecialchars($priority).";";
            }
            if ($tag) {
                echo " tag: ".htmlspecialchars($tag).";";
            }
            if ($sameip) {
                echo " sameip;";
            }
            if ($stateless) {
                echo " stateless;";
            }
            if ($activates) {
                echo " activates: ".htmlspecialchars($activates).";";
            }
            if ($activates_by) {
                echo " activates_by: ".htmlspecialchars($activates_by).";";
            }
            if ($count || $count == '0') {
                echo " count: ".htmlspecialchars($count).";";
            }
            if ($logto) {
                echo " logto: ".htmlspecialchars($logto).";";
            }
	    if ($multiple_rest) {
                echo " ".htmlspecialchars($multiple_rest);
            }
            echo ")</label></TD></TR>";
	    $count++;
    }
    display_list_end(1);
}
    echo "</TD></TR></TABLE>"; 
     
     
    include('bottom.inc.php');
     
    $result->acidFreeRows();
    $db->acidClose();
?>


Return current item: SnortCenter 2.x