[nst-cvs] wui/cgi-bin/networking snort.cgi, 1.130, 1.131 snort_rules.cgi, 1.54, 1.55
A network security analysis and monitoring toolkit Linux distribution.
Brought to you by:
pblankenbaker,
rwhalb
Menu
▾
▴
[nst-cvs] wui/cgi-bin/networking snort.cgi, 1.130, 1.131 snort_rules.cgi, 1.54, 1.55
|
From: Ronald W. H. <rw...@us...> - 2008-11-29 16:54:33
|
Update of /cvsroot/nst/wui/cgi-bin/networking In directory fdv4jf1.ch3.sourceforge.com:/tmp/cvs-serv14145/wui/cgi-bin/networking Modified Files: snort.cgi snort_rules.cgi Log Message: - many dom tooltip updates... - default snort install should start ok now with default start settings.. - updated ntop to SVN: 3633... Index: snort_rules.cgi =================================================================== RCS file: /cvsroot/nst/wui/cgi-bin/networking/snort_rules.cgi,v retrieving revision 1.54 retrieving revision 1.55 diff -C2 -d -r1.54 -r1.55 *** snort_rules.cgi 10 Jun 2008 15:18:07 -0000 1.54 --- snort_rules.cgi 29 Nov 2008 16:54:27 -0000 1.55 *************** *** 1,3 **** ! @bashCgiBegin("$Id$","2005-03-01","Adjust Snort Rules") # --- 1,41 ---- ! #! /bin/bash ! ! @bashCgiBegin("$Id$","2005-03-01","Snort Rules Management",," ! ! @comment("Preload javascript network info...") ! ! @htmlEntity("script",," ! @htmlAttr("src","@topDir()/javascript/nic.js") ! @htmlAttr("type","text/javascript")") ! ! @htmlEntity("script",," ! @htmlAttr("src","@topDir()/php/networking/interface-json.php?op=script") ! @htmlAttr("type","text/javascript")") ! ! @javascriptBegin() ! ! // ! // Disable checking on all "span" tags: One will need ! // to register each individual span for net int info... ! NstDom.disableSpanEnhance(); ! ! // ! // Display NIC Adapters 5 nics per row... ! function fiveColNicDisp(node) { ! Nic.appendInterfaceImages(node, 5); ! } ! ! // ! // Selective registration for: "dispNicAdapters"... ! NstDom.addIdEnhance('dispNicAdapters', fiveColNicDisp); ! ! // ! // Enable Network Interface DOM Tooltips ! // ====== ======= ========= === ======== ! NstWui.initialize(); ! ! @javascriptEnd() ! ! ") # *************** *** 159,167 **** @trLabeled("Interface"," ! <input@htmlAttr("onmouseover","domTT_activate(this, event, 'content', 'Select manual rules update for interface: ${QUERY_interface} only...')") ! @wuiInputCheckboxAttr("all","false") /> <span@htmlAttr("class","labeledFieldLabelRight")>${QUERY_interface}</span> ! <br /> ! <input@htmlAttr("onmouseover","domTT_activate(this, event, 'content', 'Select All Snort instances for manual rules update...')") @wuiInputCheckboxAttr("all","true") /> <span@htmlAttr("class","labeledFieldLabelRight")>All Interfaces</span> ") --- 197,223 ---- @trLabeled("Interface"," ! <table@htmlAttr("border","0") ! @htmlAttr("width","100%")> ! <colgroup> ! <col@htmlAttr("width","20%") ! @htmlAttr("align","left")> ! <col@htmlAttr("width","80%")> ! </colgroup> ! <tr> ! <td> ! <input@htmlAttr("onmouseover","domTT_activate(this, event, 'content', 'Select manual rules update for interface: ${QUERY_interface} only...')") ! @wuiInputCheckboxAttr("all","false") /> <span@htmlAttr("class","labeledFieldLabelRight")>${QUERY_interface}</span> ! ! @verticalGapSmall() ! ! <input@htmlAttr("onmouseover","domTT_activate(this, event, 'content', 'Select All Snort instances for manual rules update...')") @wuiInputCheckboxAttr("all","true") /> <span@htmlAttr("class","labeledFieldLabelRight")>All Interfaces</span> + </td> + <td> + <div id="dispNicAdapters"></div> + </td> + </tr> + </table> + @wuiInputNote("Click on a @bold("NIC Adapter Icon") for detailed @bold("Interface") information.","Note:") ") *************** *** 201,205 **** @bashCgiOutBegin() ! @wuiHtmlHeader("rules_nav1","Snort Rules Page Navigation: "<font color=@capresults()>${QUERY_interface}<\\/font>"") @p("Use the following buttons to quickly navigate through the Snort rules --- 257,261 ---- @bashCgiOutBegin() ! @wuiHtmlHeader("rules_nav1","Snort Rules Management: "<font color=@capresults()>${QUERY_interface}<\\/font>"") @p("Use the following buttons to quickly navigate through the Snort rules *************** *** 253,257 **** \"@bold("${QUERY_interface}")\". All selected Snort rule set categories will be included in the Snort configuration file: ! \"@bold("/etc/snort_${QUERY_interface}/snort.conf")\" for this network interface when the \"@bold("Include Selected Rules")\" button is applied below.") --- 309,314 ---- \"@bold("${QUERY_interface}")\". All selected Snort rule set categories will be included in the Snort configuration file: ! \"@bold("@tailLinkEval("/etc/snort_${QUERY_interface}/snort.conf","all","/etc/snort_${QUERY_interface}/snort.conf","../networking/snort_rules.cgi#manage_rules",,"ASCII",,,"${QUERY_interface}")")\" ! for this network interface when the \"@bold("Include Selected Rules")\" button is applied below.") *************** *** 287,290 **** --- 344,348 ---- @wuiInputHidden("lines","all") @wuiInputHidden("return","../networking/snort_rules.cgi#manage_rules") + @wuiInputHidden("return_label","Return") @wuiInputHidden("interface","${QUERY_interface}") @wuiInputHidden("synckey","${QUERY_interface}") *************** *** 361,365 **** @bashCgiOutBegin() ! <a@htmlAttr("href","/nstwui/cgi-bin/system/tail.cgi?filename=${RULE_PATH}/${AVAILABLE_RULES[i]}.rules&lines=all&return=@outUrl()/cgi-bin/networking/snort_rules.cgi%23manage_rules&interface=${QUERY_interface}&synckey=${QUERY_interface}") @htmlAttr("onmouseover","domTT_activate(this, event, 'content', 'View/modify rule set category: ${AVAILABLE_RULES[i]}...')")> <font size=2> --- 419,423 ---- @bashCgiOutBegin() ! <a@htmlAttr("href","/nstwui/cgi-bin/system/tail.cgi?filename=${RULE_PATH}/${AVAILABLE_RULES[i]}.rules&lines=all&return=@outUrl()/cgi-bin/networking/snort_rules.cgi%23manage_rules&return_label=Return&interface=${QUERY_interface}&synckey=${QUERY_interface}") @htmlAttr("onmouseover","domTT_activate(this, event, 'content', 'View/modify rule set category: ${AVAILABLE_RULES[i]}...')")> <font size=2> *************** *** 1032,1035 **** --- 1090,1094 ---- @wuiInputHidden("lines","all") @wuiInputHidden("return","../networking/snort_rules.cgi#display") + @wuiInputHidden("return_label","Return") @wuiInputHidden("interface","${QUERY_interface}") @wuiInputHidden("synckey","${QUERY_interface}") Index: snort.cgi =================================================================== RCS file: /cvsroot/nst/wui/cgi-bin/networking/snort.cgi,v retrieving revision 1.130 retrieving revision 1.131 diff -C2 -d -r1.130 -r1.131 *** snort.cgi 28 Nov 2008 22:41:29 -0000 1.130 --- snort.cgi 29 Nov 2008 16:54:27 -0000 1.131 *************** *** 1,5 **** #! /bin/bash ! @bashCgiBegin("$Id$","2003-11-18","Snort",," @comment("Preload javascript network info...") --- 1,5 ---- #! /bin/bash ! @bashCgiBegin("$Id$","2003-11-18","Snort - Network Intrusion Detection System (IDS)",," @comment("Preload javascript network info...") *************** *** 147,162 **** @nstWUIHeader("alerts_review","Snort (IDS) Alerts Review Tools") ! @p("Use the \"@bold("@php_baseLink("BASE")")\", ! \"@bold("@snorterLink("SNORTER","SNORTER")")\", ! or \"@bold("@snortslingerLink("SnortSlinger")")\", application buttons below to ! review the last \"@bold("<font ! color="red">$(add_commas ${snort_alerts_cnt:-"N/A"})</font>")\" detected ! @bold("@snortLink()") alert(s). These security incidents occurred between: ! \"@bold("<font color="red">${first_alert_timestamp:-"N/A"}</font>")\" and ! \"@bold("<font color="red">${last_alert_timestamp:-"N/A"}</font>")\". The last ! incident was detected on @bold("NST") host: \"@bold("<font ! color="red">${last_sensor_host:-"N/A"}</font>")\" by sensor network interface: ! \"@bold("<font color="red">${last_sensor_int:-"N/A"}</font>")\".") <center> --- 147,164 ---- @nstWUIHeader("alerts_review","Snort (IDS) Alerts Review Tools") ! @p("Use the @baseRefLink(), @snorterRefLink() ! or \"@bold("SnortSlinger")\" application buttons below to ! review the last ! \"<span@htmlAttr("style","color: red; font-weight: bold;")>$(add_commas ${snort_alerts_cnt:-"N/A"})</span>\" ! detected @snortRefLink() alert(s). These security incidents occurred between: ! \"<span@htmlAttr("style","color: red; font-weight: bold;")>${first_alert_timestamp:-"N/A"}</span>\" ! and ! \"<span@htmlAttr("style","color: red; font-weight: bold;")>${last_alert_timestamp:-"N/A"}</span>\" ! . The last ! incident was detected on @nst() host: ! \"<span@htmlAttr("style","color: green; font-weight: bold;")>${last_sensor_host:-"N/A"}</span>\" ! by sensor network interface: ! \"<span@htmlAttr("style","color: green; font-weight: bold;")>${last_sensor_int:-"N/A"}</span>\".") <center> *************** *** 165,169 **** <td> @formBegin("/base/base_main.php","basenav2","@htmlAttr("target","_blank")") ! @wuiInputButton("submit","BASE","Enter the @jsq("Basic Analysis and Security Engine") (BASE) interface...") @formEnd() </td> --- 167,171 ---- <td> @formBegin("/base/base_main.php","basenav2","@htmlAttr("target","_blank")") ! @wuiInputButton("submit","BASE","@toolTipAttr("@jsn("Enter") the @jstc("Basic Analysis and Security Engine","@toolTipEmphasis()") (@jstc("BASE","@toolTipEmphasis()")) application...","430")") @formEnd() </td> *************** *** 171,175 **** <td> @formBegin("@topDir()/cgi-bin/networking/snorter.cgi","snorternav2") ! @wuiInputButton("submit","SNORTER","Enter the @jsq("SNORTER") HTML reporting tool for @jsq("Snort")...") @formEnd() </td> --- 173,177 ---- <td> @formBegin("@topDir()/cgi-bin/networking/snorter.cgi","snorternav2") ! @wuiInputButton("submit","SNORTER","@toolTipAttr("@jsn("Enter") the @jsqh("SNORTER") @jstc("HTML","@toolTipValue()") reporting for @jsqh("Snort")...","320")") @formEnd() </td> *************** *** 177,181 **** <td> @formBegin("@topDir()/cgi-bin/networking/snortslinger.cgi","snortslingernav2") ! @wuiInputButton("submit","SnortSlinger","Enter the @jsq("SnortSlinger") text and email alert reporting tool for @jsq("Snort")...") @formEnd() </td> --- 179,183 ---- <td> @formBegin("@topDir()/cgi-bin/networking/snortslinger.cgi","snortslingernav2") ! @wuiInputButton("submit","SnortSlinger","@toolTipAttr("@jsn("Enter") the @jsqh("SnortSlinger") @jstc("Text","@toolTipValue()") and <i>@jstc("e","@toolTipValue()")</i>@jstc("Mail Alert","@toolTipValue()") reporting tool for @jsqh("Snort")...","460")") @formEnd() </td> *************** *** 184,188 **** @formBegin("@topDir()/cgi-bin/networking/snort.cgi","updatenav2") @wuiInputHidden("forcerefresh","${cur_date}") ! @wuiInputButton("submit","Update","Update and refresh the latest @jsq("Snort") IDS alert incident information above...") @formEnd() </td> --- 186,190 ---- @formBegin("@topDir()/cgi-bin/networking/snort.cgi","updatenav2") @wuiInputHidden("forcerefresh","${cur_date}") ! @wuiInputButton("submit","Update","@toolTipAttr("@jsn("Update") and @jsn("Refresh") the latest @jsqh("Snort IDS Alert Incident") information above...","500")") @formEnd() </td> *************** *** 197,201 **** if [ "${NUM_INTERFACES}" != "0" ]; then @bashCgiOutBegin() ! @p("Use the buttons in the table below to manage all @bold("@snortLink()") instances currently configured and/or running on this @nst() probe:") --- 199,203 ---- if [ "${NUM_INTERFACES}" != "0" ]; then @bashCgiOutBegin() ! @p("Use the buttons in the table below to manage all @snortRefLink() instances currently configured and/or running on this @nst() probe:") *************** *** 580,586 **** @p("You can use the table below to <u>start</u> or <u>stop</u> the ! @bold("@mysqlLink()") and @bold("@snortLink()") services and to control whether they are <u>started</u> at system boot time. Be <u>careful</u>, the ! @bold("@snortLink()") service requires that the @bold("@mysqlLink()") service to be <u>running</u>.") --- 582,588 ---- @p("You can use the table below to <u>start</u> or <u>stop</u> the ! @bold("@mysqlLink()") and @snortRefLink() services and to control whether they are <u>started</u> at system boot time. Be <u>careful</u>, the ! @snortRefLink() service requires that the @bold("@mysqlLink()") service to be <u>running</u>.") *************** *** 717,724 **** @p("If you have just attempted to start up a new instance of ! @snortLink() and don't see it listed in a table above, wait for a period of 5 to 10 seconds and then press the button \"@bold("Refresh")\". Use the \"@bold("Destroy ALL Snort Instances")\" button to kill all running ! @bold("@snortLink()") processes and clean up all associated configuration files and runtime directories.") --- 719,726 ---- @p("If you have just attempted to start up a new instance of ! @snortRefLink() and don't see it listed in a table above, wait for a period of 5 to 10 seconds and then press the button \"@bold("Refresh")\". Use the \"@bold("Destroy ALL Snort Instances")\" button to kill all running ! @snortRefLink() processes and clean up all associated configuration files and runtime directories.") *************** *** 752,756 **** @p("It is sometimes desirable to directly inspect (or dump) the ! @bold("@mysql("MySQL")") database used by @bold("@snortLink()"). You can use the buttons below to access the @bold("@phpMyAdminLink()") interface to examine and administer the @bold("@mysql("MySQL")") server.") --- 754,758 ---- @p("It is sometimes desirable to directly inspect (or dump) the ! @bold("@mysql("MySQL")") database used by @snortRefLink(). You can use the buttons below to access the @bold("@phpMyAdminLink()") interface to examine and administer the @bold("@mysql("MySQL")") server.") *************** *** 824,828 **** @nstWUIHeader("starting","Starting Snort") ! @p("Invoking the following to start @snortLink() process(es):") @runCommand("${CMD}") --- 826,830 ---- @nstWUIHeader("starting","Starting Snort") ! @p("Invoking the following to start @snortRefLink() process(es):") @runCommand("${CMD}") *************** *** 849,853 **** @p("Invoking the following to send the @bold("${SIG}") signal to the ! @snortLink() process(es):") @runCommand("${CMD}") --- 851,855 ---- @p("Invoking the following to send the @bold("${SIG}") signal to the ! @snortRefLink() process(es):") @runCommand("${CMD}") *************** *** 882,886 **** @nstWUIHeader("killing","Killing Snort") ! @p("Invoking the following to kill @snortLink() process(es):") @runCommand("${CMD}") --- 884,888 ---- @nstWUIHeader("killing","Killing Snort") ! @p("Invoking the following to kill @snortRefLink() process(es):") @runCommand("${CMD}") *************** *** 911,915 **** @p("The following output is the results from destroying one or more instances ! of @bold("@snortLink()"):") @bashCgiOutEnd() --- 913,917 ---- @p("The following output is the results from destroying one or more instances ! of @snortRefLink():") @bashCgiOutEnd() *************** *** 1131,1135 **** <ul@htmlAttr("class","inputnotelist")> <li>Use: \"@bold("Snort Rules")\" to retrieve custom base snort config/rules from a specific archive site.</li> ! <li>Use: \"@bold("Registered Snort Rules")\" if one has obtained a registered \"@bold("Oink Code")\" from \"@bold("@snortLink("snort.org")")\". Replace: \"@bold("<oinkcode>")\" with your own registered Oinkmaster \"@bold("Oink Code")\".</li> <li>An archive MUST contain at least a valid \"@bold("snort.conf")\" file.</li> <li>Use the \"@bold("User Id")\" and \"@bold("Password")\" fields for base rule site authentication if required".</li> --- 1133,1137 ---- <ul@htmlAttr("class","inputnotelist")> <li>Use: \"@bold("Snort Rules")\" to retrieve custom base snort config/rules from a specific archive site.</li> ! <li>Use: \"@bold("Registered") @snortRulesRefLink("Snort Rules")\" if one has obtained a registered \"@bold("Oink Code")\" from \"@snortRefLink("snort.org")\". Replace: \"@bold("<oinkcode>")\" with your own registered Oinkmaster \"@bold("Oink Code")\".</li> <li>An archive MUST contain at least a valid \"@bold("snort.conf")\" file.</li> <li>Use the \"@bold("User Id")\" and \"@bold("Password")\" fields for base rule site authentication if required".</li> *************** *** 1187,1193 **** \"@bold("network")\" to download a @bold("snort") rule set archive.</li> ! <li>It is possible to start up multiple instances of @bold("@snortLink()") if your machine has more than one network interface. For example, you could start an ! instance of @bold("@snortLink()") on each of the following network interfaces: \"@bold("eth0")\", \"@bold("eth1")\" and \"@bold("eth2")\".</li> --- 1189,1195 ---- \"@bold("network")\" to download a @bold("snort") rule set archive.</li> ! <li>It is possible to start up multiple instances of @snortRefLink() if your machine has more than one network interface. For example, you could start an ! instance of @snortRefLink() on each of the following network interfaces: \"@bold("eth0")\", \"@bold("eth1")\" and \"@bold("eth2")\".</li> *************** *** 1441,1445 **** @nstWUIHeader("settingUp","Setting Up Snort") ! @p("We are now issuing the commands to setup a @snortLink() instance as a background process.") --- 1443,1447 ---- @nstWUIHeader("settingUp","Setting Up Snort") ! @p("We are now issuing the commands to setup a @snortRefLink() instance as a background process.") *************** *** 1450,1454 **** number of rule set categories to be downloaded and configured and the speed of this @nst() probe system. Use the buttons below to continue and check on the ! progress of bringing up this @snortLink() instance:") <center> --- 1452,1456 ---- number of rule set categories to be downloaded and configured and the speed of this @nst() probe system. Use the buttons below to continue and check on the ! progress of bringing up this @snortRefLink() instance:") <center> *************** *** 1502,1506 **** @nstWUIHeader("nologs","No Log Files To Clean Up") ! @p("We did not find any lingering @snortLink() log files.") <center> --- 1504,1508 ---- @nstWUIHeader("nologs","No Log Files To Clean Up") ! @p("We did not find any lingering @snortRefLink() log files.") <center> |