From 2d5ea554113b7d0184c82e519af5ffc83d37f38d Mon Sep 17 00:00:00 2001 From: Ad Schellevis Date: Fri, 12 Jun 2015 16:18:20 +0200 Subject: [PATCH] (ids) work in progress suricata IDS component (frontend/middleware) --- .../OPNsense/IDS/Api/SettingsController.php | 36 +++++++++++++++- .../OPNsense/IDS/IndexController.php | 2 + .../OPNsense/IDS/forms/dialogRule.xml | 27 ++++++++++++ .../mvc/app/views/OPNsense/IDS/index.volt | 43 ++++++++++--------- 4 files changed, 86 insertions(+), 22 deletions(-) create mode 100644 src/opnsense/mvc/app/controllers/OPNsense/IDS/forms/dialogRule.xml diff --git a/src/opnsense/mvc/app/controllers/OPNsense/IDS/Api/SettingsController.php b/src/opnsense/mvc/app/controllers/OPNsense/IDS/Api/SettingsController.php index 7fc5f638e..36944dc41 100644 --- a/src/opnsense/mvc/app/controllers/OPNsense/IDS/Api/SettingsController.php +++ b/src/opnsense/mvc/app/controllers/OPNsense/IDS/Api/SettingsController.php @@ -96,7 +96,6 @@ class SettingsController extends ApiControllerBase $searchPhrase .= "classtype/".$this->request->getPost("classtype", "string", '').' '; } - // request list of installed rules $backend = new Backend(); $response = $backend->configdpRun("ids list installedrules", array($itemsPerPage, @@ -138,7 +137,42 @@ class SettingsController extends ApiControllerBase if ($data != null && array_key_exists("rows", $data) && count($data['rows'])>0) { $row = $data['rows'][0]; + // set current enable status (default + registered offset) $row['enabled'] = $this->getModel()->getRuleStatus($row['sid'], $row['enabled']); + if (isset($row['reference']) && $row['reference'] != '') { + // browser friendly reference data + $row['reference_html'] = ''; + foreach (explode("\n", $row['reference']) as $ref) { + $ref = trim($ref); + $item_html = '%ref%'; + if (substr($ref, 0, 4) == 'url,') { + $item_html = str_replace("%url%", 'http://'.substr($ref, 4), $item_html); + $item_html = str_replace("%ref%", substr($ref, 4), $item_html); + } elseif (substr($ref, 0, 7) == "system,") { + $item_html = str_replace("%url%", substr($ref, 7), $item_html); + $item_html = str_replace("%ref%", substr($ref, 7), $item_html); + } elseif (substr($ref, 0, 8) == "bugtraq,") { + $item_html = str_replace("%url%", "http://www.securityfocus.com/bid/". + substr($ref, 8), $item_html); + $item_html = str_replace("%ref%", "bugtraq ".substr($ref, 8), $item_html); + } elseif (substr($ref, 0, 4) == "cve,") { + $item_html = str_replace("%url%", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=". + substr($ref, 4), $item_html); + $item_html = str_replace("%ref%", substr($ref, 4), $item_html); + } elseif (substr($ref, 0, 7) == "nessus,") { + $item_html = str_replace("%url%", "http://cgi.nessus.org/plugins/dump.php3?id=". + substr($ref, 7), $item_html); + $item_html = str_replace("%ref%", 'nessus '.substr($ref, 7), $item_html); + } elseif (substr($ref, 0, 7) == "mcafee,") { + $item_html = str_replace("%url%", "http://vil.nai.com/vil/dispVirus.asp?virus_k=". + substr($ref, 7), $item_html); + $item_html = str_replace("%ref%", 'macafee '.substr($ref, 7), $item_html); + } else { + continue; + } + $row['reference_html'] .= $item_html.'
'; + } + } return $row; } else { return array(); diff --git a/src/opnsense/mvc/app/controllers/OPNsense/IDS/IndexController.php b/src/opnsense/mvc/app/controllers/OPNsense/IDS/IndexController.php index deb467b9c..ab6eeba3c 100644 --- a/src/opnsense/mvc/app/controllers/OPNsense/IDS/IndexController.php +++ b/src/opnsense/mvc/app/controllers/OPNsense/IDS/IndexController.php @@ -37,6 +37,8 @@ class IndexController extends \OPNsense\Base\IndexController public function indexAction() { $this->view->title = "IDS"; + // link dialog + $this->view->formDialogRule = $this->getForm("dialogRule"); // choose template $this->view->pick('OPNsense/IDS/index'); } diff --git a/src/opnsense/mvc/app/controllers/OPNsense/IDS/forms/dialogRule.xml b/src/opnsense/mvc/app/controllers/OPNsense/IDS/forms/dialogRule.xml new file mode 100644 index 000000000..7d26d0d61 --- /dev/null +++ b/src/opnsense/mvc/app/controllers/OPNsense/IDS/forms/dialogRule.xml @@ -0,0 +1,27 @@ +
+ + sid + + info + + + gid + + info + + + classtype + + info + + + msg + + info + + + reference_html + + info + +
\ No newline at end of file diff --git a/src/opnsense/mvc/app/views/OPNsense/IDS/index.volt b/src/opnsense/mvc/app/views/OPNsense/IDS/index.volt index d19b5ed37..8c92a651f 100644 --- a/src/opnsense/mvc/app/views/OPNsense/IDS/index.volt +++ b/src/opnsense/mvc/app/views/OPNsense/IDS/index.volt @@ -39,23 +39,31 @@ POSSIBILITY OF SUCH DAMAGE. } $("#grid-installedrules").UIBootgrid( - { 'search':'/api/ids/settings/searchinstalledrules', - 'options':{ - 'requestHandler':addFilters, - 'formatters':{ - "rowtoggle": function (column, row) { + { search:'/api/ids/settings/searchinstalledrules', + get:'/api/ids/settings/getRuleInfo/', + set:'/api/ids/settings/setRuleInfo/', + options:{ + multiSelect:false, + selection:false, + requestHandler:addFilters, + formatters:{ + rowtoggle: function (column, row) { if (parseInt(row[column.id], 2) == 1) { - return ""; + var toggle = ""; } else { - return ""; + var toggle = ""; } + toggle += "   "; + return toggle; } } }, - 'toggle':'/api/ids/settings/toggleRule/' + toggle:'/api/ids/settings/toggleRule/' } ); + + // list all known classtypes and add to selection box ajaxGet(url="/api/ids/settings/listRuleClasstypes",sendData={}, callback=function(data, status) { if (status == "success") { @@ -77,12 +85,12 @@ POSSIBILITY OF SUCH DAMAGE.
-
+
@@ -93,27 +101,18 @@ POSSIBILITY OF SUCH DAMAGE.
- +
- + - - - - - -
sid Source ClassType Messageenabledenabled / info
- - -
@@ -127,3 +126,5 @@ POSSIBILITY OF SUCH DAMAGE.
+ +{{ partial("layout_partials/base_dialog",['fields':formDialogRule,'id':'DialogRule','label':'Rule details','hasSaveBtn':'false','msgzone_width':1])}}