From c3541ad17daf8ea82a92fedd6ac6a3a0b0a49efc Mon Sep 17 00:00:00 2001
From: Ad Schellevis <ad@opnsense.org>
Date: Sun, 7 Jun 2015 19:43:52 +0200
Subject: [PATCH] (IDS) add initial stub code

---
 .../OPNsense/IDS/Api/ServiceController.php    | 55 +++++++++++++++++
 .../OPNsense/IDS/Api/SettingsController.php   | 41 +++++++++++++
 .../OPNsense/IDS/IndexController.php          | 43 ++++++++++++++
 .../mvc/app/models/OPNsense/IDS/IDS.php       | 35 +++++++++++
 .../mvc/app/models/OPNsense/IDS/IDS.xml       |  8 +++
 .../mvc/app/views/OPNsense/IDS/index.volt     | 59 +++++++++++++++++++
 .../service/templates/OPNsense/IDS/+MANIFEST  |  8 +++
 .../service/templates/OPNsense/IDS/+TARGETS   |  1 +
 .../service/templates/OPNsense/IDS/rc.conf.d  |  3 +
 9 files changed, 253 insertions(+)
 create mode 100644 src/opnsense/mvc/app/controllers/OPNsense/IDS/Api/ServiceController.php
 create mode 100644 src/opnsense/mvc/app/controllers/OPNsense/IDS/Api/SettingsController.php
 create mode 100644 src/opnsense/mvc/app/controllers/OPNsense/IDS/IndexController.php
 create mode 100644 src/opnsense/mvc/app/models/OPNsense/IDS/IDS.php
 create mode 100644 src/opnsense/mvc/app/models/OPNsense/IDS/IDS.xml
 create mode 100644 src/opnsense/mvc/app/views/OPNsense/IDS/index.volt
 create mode 100644 src/opnsense/service/templates/OPNsense/IDS/+MANIFEST
 create mode 100644 src/opnsense/service/templates/OPNsense/IDS/+TARGETS
 create mode 100644 src/opnsense/service/templates/OPNsense/IDS/rc.conf.d

diff --git a/src/opnsense/mvc/app/controllers/OPNsense/IDS/Api/ServiceController.php b/src/opnsense/mvc/app/controllers/OPNsense/IDS/Api/ServiceController.php
new file mode 100644
index 000000000..7f47be169
--- /dev/null
+++ b/src/opnsense/mvc/app/controllers/OPNsense/IDS/Api/ServiceController.php
@@ -0,0 +1,55 @@
+<?php
+/**
+ *    Copyright (C) 2015 Deciso B.V.
+ *
+ *    All rights reserved.
+ *
+ *    Redistribution and use in source and binary forms, with or without
+ *    modification, are permitted provided that the following conditions are met:
+ *
+ *    1. Redistributions of source code must retain the above copyright notice,
+ *       this list of conditions and the following disclaimer.
+ *
+ *    2. Redistributions in binary form must reproduce the above copyright
+ *       notice, this list of conditions and the following disclaimer in the
+ *       documentation and/or other materials provided with the distribution.
+ *
+ *    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ *    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ *    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ *    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ *    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ *    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ *    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ *    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ *    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ *    POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+namespace OPNsense\IDS\Api;
+
+use \OPNsense\Base\ApiControllerBase;
+use \OPNsense\Core\Backend;
+
+/**
+ * Class ServiceController
+ * @package OPNsense\IDS
+ */
+class ServiceController extends ApiControllerBase
+{
+
+    /**
+     *
+     */
+    public function reconfigureAction()
+    {
+        if ($this->request->isPost()) {
+            // close session for long running action
+            $this->sessionClose();
+
+            return array("status" => "failed");
+        } else {
+            return array("status" => "failed");
+        }
+    }
+}
diff --git a/src/opnsense/mvc/app/controllers/OPNsense/IDS/Api/SettingsController.php b/src/opnsense/mvc/app/controllers/OPNsense/IDS/Api/SettingsController.php
new file mode 100644
index 000000000..fec1b392e
--- /dev/null
+++ b/src/opnsense/mvc/app/controllers/OPNsense/IDS/Api/SettingsController.php
@@ -0,0 +1,41 @@
+<?php
+/**
+ *    Copyright (C) 2015 Deciso B.V.
+ *
+ *    All rights reserved.
+ *
+ *    Redistribution and use in source and binary forms, with or without
+ *    modification, are permitted provided that the following conditions are met:
+ *
+ *    1. Redistributions of source code must retain the above copyright notice,
+ *       this list of conditions and the following disclaimer.
+ *
+ *    2. Redistributions in binary form must reproduce the above copyright
+ *       notice, this list of conditions and the following disclaimer in the
+ *       documentation and/or other materials provided with the distribution.
+ *
+ *    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ *    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ *    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ *    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ *    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ *    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ *    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ *    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ *    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ *    POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+namespace OPNsense\IDS\Api;
+
+use \OPNsense\Base\ApiControllerBase;
+use \OPNsense\IDS\IDS;
+
+/**
+ * Class SettingsController Handles settings related API actions for the IDS module
+ * @package OPNsense\IDS
+ */
+class SettingsController extends ApiControllerBase
+{
+
+}
diff --git a/src/opnsense/mvc/app/controllers/OPNsense/IDS/IndexController.php b/src/opnsense/mvc/app/controllers/OPNsense/IDS/IndexController.php
new file mode 100644
index 000000000..deb467b9c
--- /dev/null
+++ b/src/opnsense/mvc/app/controllers/OPNsense/IDS/IndexController.php
@@ -0,0 +1,43 @@
+<?php
+/**
+ *    Copyright (C) 2015 Deciso B.V.
+ *
+ *    All rights reserved.
+ *
+ *    Redistribution and use in source and binary forms, with or without
+ *    modification, are permitted provided that the following conditions are met:
+ *
+ *    1. Redistributions of source code must retain the above copyright notice,
+ *       this list of conditions and the following disclaimer.
+ *
+ *    2. Redistributions in binary form must reproduce the above copyright
+ *       notice, this list of conditions and the following disclaimer in the
+ *       documentation and/or other materials provided with the distribution.
+ *
+ *    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ *    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ *    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ *    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ *    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ *    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ *    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ *    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ *    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ *    POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+namespace OPNsense\IDS;
+
+/**
+ * Class IndexController
+ * @package OPNsense\IDS
+ */
+class IndexController extends \OPNsense\Base\IndexController
+{
+    public function indexAction()
+    {
+        $this->view->title = "IDS";
+        // choose template
+        $this->view->pick('OPNsense/IDS/index');
+    }
+}
diff --git a/src/opnsense/mvc/app/models/OPNsense/IDS/IDS.php b/src/opnsense/mvc/app/models/OPNsense/IDS/IDS.php
new file mode 100644
index 000000000..cb87a2483
--- /dev/null
+++ b/src/opnsense/mvc/app/models/OPNsense/IDS/IDS.php
@@ -0,0 +1,35 @@
+<?php
+/**
+ *    Copyright (C) 2015 Deciso B.V.
+ *
+ *    All rights reserved.
+ *
+ *    Redistribution and use in source and binary forms, with or without
+ *    modification, are permitted provided that the following conditions are met:
+ *
+ *    1. Redistributions of source code must retain the above copyright notice,
+ *       this list of conditions and the following disclaimer.
+ *
+ *    2. Redistributions in binary form must reproduce the above copyright
+ *       notice, this list of conditions and the following disclaimer in the
+ *       documentation and/or other materials provided with the distribution.
+ *
+ *    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ *    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ *    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ *    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ *    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ *    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ *    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ *    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ *    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ *    POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+namespace OPNsense\IDS;
+
+use OPNsense\Base\BaseModel;
+
+class IDS extends BaseModel
+{
+}
diff --git a/src/opnsense/mvc/app/models/OPNsense/IDS/IDS.xml b/src/opnsense/mvc/app/models/OPNsense/IDS/IDS.xml
new file mode 100644
index 000000000..3a0f40b0b
--- /dev/null
+++ b/src/opnsense/mvc/app/models/OPNsense/IDS/IDS.xml
@@ -0,0 +1,8 @@
+<model>
+    <mount>//OPNsense/IDS</mount>
+    <description>
+        OPNsense IDS
+    </description>
+    <items>
+    </items>
+</model>
diff --git a/src/opnsense/mvc/app/views/OPNsense/IDS/index.volt b/src/opnsense/mvc/app/views/OPNsense/IDS/index.volt
new file mode 100644
index 000000000..e11271eb9
--- /dev/null
+++ b/src/opnsense/mvc/app/views/OPNsense/IDS/index.volt
@@ -0,0 +1,59 @@
+{#
+
+OPNsense® is Copyright © 2014 – 2015 by Deciso B.V.
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+1.  Redistributions of source code must retain the above copyright notice,
+this list of conditions and the following disclaimer.
+
+2.  Redistributions in binary form must reproduce the above copyright notice,
+this list of conditions and the following disclaimer in the documentation
+and/or other materials provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED “AS IS” AND ANY EXPRESS OR IMPLIED WARRANTIES,
+INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+POSSIBILITY OF SUCH DAMAGE.
+
+#}
+
+<script type="text/javascript">
+
+    $( document ).ready(function() {
+
+
+
+    });
+
+
+</script>
+
+<ul class="nav nav-tabs" data-tabs="tabs" id="maintabs">
+    <li class="active"><a data-toggle="tab" href="#item1">{{ lang._('Item1') }}</a></li>
+    <li><a data-toggle="tab" href="#item2">{{ lang._('Item2') }}</a></li>
+    <li><a data-toggle="tab" href="#item3">{{ lang._('Item3') }}</a></li>
+</ul>
+<div class="tab-content content-box tab-content">
+    <div id="item1" class="tab-pane fade in active">
+
+    </div>
+    <div id="item2" class="tab-pane fade in">
+
+    </div>
+    <div id="item3" class="tab-pane fade in">
+
+    </div>
+    <div class="col-md-12">
+        <hr/>
+        <button class="btn btn-primary"  id="reconfigureAct" type="button"><b>Apply</b><i id="reconfigureAct_progress" class=""></i></button>
+    </div>
+</div>
diff --git a/src/opnsense/service/templates/OPNsense/IDS/+MANIFEST b/src/opnsense/service/templates/OPNsense/IDS/+MANIFEST
new file mode 100644
index 000000000..7cbf57e52
--- /dev/null
+++ b/src/opnsense/service/templates/OPNsense/IDS/+MANIFEST
@@ -0,0 +1,8 @@
+name: opnsense-ids
+version: 0.1
+origin: opnsense/ids
+comment: IDS (suricata) configuration
+desc: configuration templates for suricata
+maintainer: ad at opnsense.org
+www: https://opnsense.org
+prefix: /
diff --git a/src/opnsense/service/templates/OPNsense/IDS/+TARGETS b/src/opnsense/service/templates/OPNsense/IDS/+TARGETS
new file mode 100644
index 000000000..a860f1063
--- /dev/null
+++ b/src/opnsense/service/templates/OPNsense/IDS/+TARGETS
@@ -0,0 +1 @@
+rc.conf.d:/etc/rc.conf.d/suricata
diff --git a/src/opnsense/service/templates/OPNsense/IDS/rc.conf.d b/src/opnsense/service/templates/OPNsense/IDS/rc.conf.d
new file mode 100644
index 000000000..f3466181c
--- /dev/null
+++ b/src/opnsense/service/templates/OPNsense/IDS/rc.conf.d
@@ -0,0 +1,3 @@
+suricata_enable="YES"
+suricata_interface="em0"
+suricata_flags="-D -i em1 --pidfile /var/run/suricata_em1.pid"