alterator-snort-0.2.4/ 0000755 0000000 0000000 00000000000 12110343461 0014646 5 ustar 00root root 0000000 0000000 alterator-snort-0.2.4/Makefile 0000644 0000000 0000000 00000000475 12110343461 0016314 0 ustar 00root root 0000000 0000000 NAME=snort
INSTALL=/usr/bin/install
libexecdir?=/usr/lib
TOOLSDIR=tools
all:
clean:
install: install-module install-tools
install-tools:
${INSTALL} -d ${libexecdir}/alterator-${NAME}/
${INSTALL} -m755 ${TOOLSDIR}/reset-snort-db.sh ${libexecdir}/alterator-${NAME}/
include /usr/share/alterator/build/module.mak
alterator-snort-0.2.4/applications/ 0000755 0000000 0000000 00000000000 12110343461 0017334 5 ustar 00root root 0000000 0000000 alterator-snort-0.2.4/applications/snort.desktop 0000644 0000000 0000000 00000000377 12110343461 0022103 0 ustar 00root root 0000000 0000000 [Desktop Entry]
Type=Application
Categories=X-Alterator-Firewall
Icon=snort
Terminal=false
Name=Intrusion Detection System
X-Alterator-URI=/snort
X-Alterator-UI=html
X-Alterator-Help=snort
Name[ru]=Система обнаружения вторжений
alterator-snort-0.2.4/backend3/ 0000755 0000000 0000000 00000000000 12110343461 0016320 5 ustar 00root root 0000000 0000000 alterator-snort-0.2.4/backend3/snort 0000755 0000000 0000000 00000033643 12110343461 0017424 0 ustar 00root root 0000000 0000000 #!/bin/sh
module_name=alterator-snort
po_domain="$module_name"
alterator_api_version=1
. alterator-sh-functions
. shell-config
. alterator-net-functions
CONFDIR=/etc/snort
CONFIG="$CONFDIR/snort.conf"
RULESDIR=
RULESET_BEGIN_DEFAULT_TEMPLATE='# Include all relevant rulesets here'
RULESET_BEGIN_ALTERATOR_SNORT_TEMPLATE="# Rulesets list. Generated by $module_name."
BARNYARDCONF=/etc/barnyard2/barnyard2.conf
MYSQL_PASSWD="$(sed -n 's;^output[[:blank:]]\+database:.*mysql.*password=\([^[:blank:]]\+\).*;\1;p' "$BARNYARDCONF")"
MYSQL_COMM="/usr/bin/mysql --skip-column-names --batch -u snort --password='$MYSQL_PASSWD' snort"
SERVICE=/sbin/service
CHKCONFIG=/sbin/chkconfig
SNORT=/usr/sbin/snort
RULES_URL='http://www.snort.org/pub-bin/oinkmaster.cgi'
RULES_FILENAME=snortrules-snapshot
RULES_EXT=tar.gz
OINKMASTER=/usr/bin/oinkmaster
OINKMASTER_CONF=/etc/oinkmaster.conf
CRON_FILE=/etc/cron.d/alterator-snort
###
list_weekday()
{
write_enum_item "1" "`_ "monday"`"
write_enum_item "2" "`_ "tuesday"`"
write_enum_item "3" "`_ "wednesday"`"
write_enum_item "4" "`_ "thursday"`"
write_enum_item "5" "`_ "friday"`"
write_enum_item "6" "`_ "saturday"`"
write_enum_item "0" "`_ "sunday"`"
}
set_rules_dir()
{
local rules_path=
[ -r "$CONFIG" ] || return
rules_path="$(sed -n 's;^var[[:blank:]]\+RULE_PATH[[:blank:]]\+\(.\+\)$;\1;p' "$CONFIG")"
[ -n "$rules_path" ] && RULESDIR="$rules_path"
}
list_rules()
{
sed -n "s;^[[:blank:]]*include[[:blank:]]\+\$RULE_PATH/\(.*\).rules.*$;\1;p" "$CONFIG"
}
list_rules_unused()
{
for rule in $(ls -1 "$RULESDIR" | sed -n 's;^\(.\+\)\.rules$;\1;p'); do
if grep -qs "^[[:blank:]]*include[[:blank:]]\$RULE_PATH/$rule.rules" "$CONFIG" || \
! grep -qs '^[^#]' "$RULESDIR/$rule.rules"; then
continue
fi
echo "$rule"
done
}
read_rule_description()
{
local id_str='^#[[:blank:]]*\$Id:'
[ -n "$1" ] || return
sed -n "/$id_str/,/^[^#]/ { /$id_str/d; s|^#[[:blank:]]*\(.*\)$|\1|p }" "$RULESDIR/$1.rules"
}
rules_list_to_ruleset()
{
[ -n "$1" ] || return
local IFS=';'
local ruleset_str=
for i in $1; do
ruleset_str="$ruleset_str${ruleset_str:+\n}include \$RULE_PATH/$i.rules"
done
echo "$ruleset_str"
}
write_ruleset()
{
local rule_regexp='^#*[[:blank:]]*include[[:blank:]]\+\$RULE_PATH/.*\.rules.*$'
[ -n "$1" ] || return
if ! grep -qs "^$RULESET_BEGIN_ALTERATOR_SNORT_TEMPLATE" "$CONFIG"; then
sed -i "\|$RULESET_BEGIN_DEFAULT_TEMPLATE|,\|$rule_regexp| { \|$rule_regexp|i$RULESET_BEGIN_ALTERATOR_SNORT_TEMPLATE
}" "$CONFIG"
grep -qs "^$RULESET_BEGIN_ALTERATOR_SNORT_TEMPLATE" "$CONFIG" ||
printf "\n$RULESET_BEGIN_ALTERATOR_SNORT_TEMPLATE" >>"$CONFIG"
fi
sed -i "\|$rule_regexp|d" "$CONFIG"
sed -i "\|^$RULESET_BEGIN_ALTERATOR_SNORT_TEMPLATE|a$1" "$CONFIG"
}
num_to_ipv4addr()
{
num="$1"; shift
printf '%s.%s.%s.%s\n' \
"$(($num >> 24 & 0xff))" \
"$(($num >> 16 & 0xff))" \
"$(($num >> 8 & 0xff))" \
"$(($num & 0xff))"
}
utc_to_local_time()
{
date --date=$1+00:00 +'%F %T'
}
local_to_utc_time()
{
local z="$(date +%z)"
date -u --date="$1$z" +'%F %T'
}
get_sig_name()
{
echo "SELECT sig_name FROM signature WHERE sig_id=$1;" | eval "$MYSQL_COMM"
}
list_events()
{
local start_date="$1"; shift
local start_time="$1"; shift
local end_date="$1"; shift
local end_time="$1"; shift
local iface= sid= sign_name=
local start_datetime="$(local_to_utc_time "$start_date $start_time")"
local end_datetime="$(local_to_utc_time "$end_date $end_time")"
local IFS=$'\n'
for i in $(echo "SELECT sid,interface FROM sensor;" | eval "$MYSQL_COMM"); do
iface="$(echo "$i" | cut -f2)"
sid="$(echo "$i" | cut -f1)"
for j in $(echo "SELECT signature,COUNT(cid),MAX(timestamp) FROM event WHERE sid=$sid AND \
timestamp>='$start_datetime' AND timestamp<='$end_datetime' \
GROUP BY signature ORDER BY COUNT(cid) DESC;" | eval "$MYSQL_COMM"); do
sig_id="$(echo "$j" | cut -f1)"
count="$(echo "$j" | cut -f2)"
[ "$count" -gt 0 ] || continue
last_event_time="$(echo "$j" | cut -f3)"
sign_name="$(get_sig_name "$sig_id")"
write_table_item \
name "$sid/$sig_id" \
iface "$iface" \
description "$sign_name" \
count "$count" \
last_event_time "$(utc_to_local_time "$last_event_time")"
done
done
}
is_snortd_enabled()
{
$SERVICE snortd status >/dev/null 2>&1
}
read_state()
{
if is_snortd_enabled; then
write_bool_param state_enabled true
else
write_bool_param state_enabled false
fi
}
read_dates()
{
local curr_date="$(date +%F 2>/dev/null)"
write_string_param start_date "$curr_date"
write_string_param start_time '00:00:00'
write_string_param end_date "$curr_date"
write_string_param end_time '23:59:59'
}
write_state()
{
if [ "$1" = '#f' ]; then
if is_snortd_enabled; then
"$CHKCONFIG" snortd off 2>/dev/null
"$SERVICE" snortd stop >/dev/null 2>&1
fi
else
if is_snortd_enabled; then
"$SERVICE" snortd reload 2>/dev/null
else
"$CHKCONFIG" mysqld on 2>/dev/null
"$CHKCONFIG" snortd on 2>/dev/null
"$SERVICE" mysqld start >/dev/null 2>&1
"$SERVICE" snortd start >/dev/null 2>&1
fi
fi
}
list_details()
{
local list="$1"; shift
local start_date="$1"; shift
local start_time="$1"; shift
local end_date="$1"; shift
local end_time="$1"; shift
local IFS=$'\n'
local IFS="$IFS;"
local iface= sid= sig_id= sig_name= source_ip= dest_ip= min_time= max_time=
local start_datetime="$(local_to_utc_time "$start_date $start_time")"
local end_datetime="$(local_to_utc_time "$end_date $end_time")"
for i in $list; do
[ "$i" = on ] && continue
sid="${i%/*}"
sig_id="${i#*/}"
iface="$(echo "SELECT interface FROM sensor WHERE sid=$sid;" | eval "$MYSQL_COMM")"
sig_name="$(get_sig_name "$sig_id")"
for tmp in $(echo "SELECT COUNT(event.cid),MIN(event.timestamp),MAX(event.timestamp),iphdr.ip_src,iphdr.ip_dst \
FROM event,iphdr WHERE event.sid=$sid AND iphdr.sid=$sid AND event.signature=$sig_id \
AND event.cid=iphdr.cid AND event.timestamp>='$start_datetime' \
AND event.timestamp<='$end_datetime' \
GROUP BY iphdr.ip_src,iphdr.ip_dst ORDER BY COUNT(event.cid) DESC;" | eval "$MYSQL_COMM"); do
count="$(echo "$tmp" | cut -f1)"
min_time="$(echo "$tmp" | cut -f2)"
max_time="$(echo "$tmp" | cut -f3)"
source_ip="$(echo "$tmp" | cut -f4)"
dest_ip="$(echo "$tmp" | cut -f5)"
write_table_item \
iface "$iface" \
description "$sig_name" \
source_ip "$(num_to_ipv4addr "$source_ip")" \
dest_ip "$(num_to_ipv4addr "$dest_ip")" \
count "$count" \
min_time "$(utc_to_local_time "$min_time")" \
max_time "$(utc_to_local_time "$max_time")"
done
done
}
check_oinkconf_url()
{
grep -qs "^[[:blank:]]*url[[:blank:]]*=" "$OINKMASTER_CONF"
}
write_oinkconf_url()
{
url="$1"; shift
[ -n "$url" ] || return
if check_oinkconf_url; then
sed -i "s;^[[:blank:]]*url[[:blank:]]*=.*$;url = $url;" "$OINKMASTER_CONF"
else
echo "url = $url" >>"$OINKMASTER_CONF"
fi
}
read_oinkconf_url()
{
sed -n "s;^[[:blank:]]*url[[:blank:]]*=[[:blank:]]*\(.*\)#*.*$;\1;p" "$OINKMASTER_CONF"
}
write_oinkcode()
{
local oinkcode="$1"; shift
local snort_version="$($SNORT -V 2>&1 | sed -n 's;^.*Version \([1-9]\+\.[0-9]\+\).*$;\1;p')"
local url=
[ -n "$snort_version" -a -n "$oinkcode" ] || return
url="$RULES_URL/$oinkcode/$RULES_FILENAME-$snort_version.$RULES_EXT"
write_oinkconf_url "$url"
}
read_oinkcode()
{
sed -n "s;^[[:blank:]]*url[[:blank:]]*=[[:blank:]]*$RULES_URL/\(.*\)/.*$;\1;p" "$OINKMASTER_CONF"
}
read_cron_data()
{
if [ -s "$CRON_FILE" ] ;then
write_bool_param "auto_update" true
while read min hour monthday month weekday rest;do
[ -n "${min%\#*}" ] || continue
write_string_param "time" "$hour:$min:00"
if [ "$monthday" = "*" -a "$month" = "*" -a "$weekday" = "*" ]; then
write_string_param "period" "daily"
elif [ "$monthday" = "*" -a "$month" = "*" -a "$weekday" != "*" ];then
write_string_param "period" "weekly"
write_string_param "weekday" "$weekday"
elif [ "$monthday" != "*" -a "$month" = "*" -a "$weekday" = "*" ]; then
write_string_param "period" "monthly"
write_string_param "monthday" "$monthday"
else
write_string_param "period" "daily"
fi
return
done <"$CRON_FILE"
else
write_bool_param "auto_update" false
write_string_param "time" "02:00:00"
write_string_param "period" "daily"
fi
}
write_cron_data()
{
if test_bool "$in_auto_update"; then
if [ "$in_period" = "weekly" -a -z "$in_weekday" ]; then
write_error "`_ "Day of week should be selected"`"
return
fi
if [ "$in_period" = "monthly" -a -z "$in_monthday" ];then
write_error "`_ "Day of month should be defined"`"
return
fi
in_time="${in_time%:*}"
local hour="${in_time%:*}"
local min="${in_time#*:}"
local cmd="$OINKMASTER -Q -U $CONFIG -o $RULESDIR"
local tmp="$(mktemp "$CRON_FILE.XXXXXXXXXX")"
if [ -z "$tmp" ]; then
write_error "`_ "Unable to create temp file"`"
return
fi
printf "#autogenerated by alterator-snort\n" >"$tmp"
case "$in_period" in
daily)
printf '%s %s * * * root %s\n' "$min" "$hour" "$cmd"
;;
weekly)
printf '%s %s * * %s root %s\n' "$min" "$hour" "$in_weekday" "$cmd"
;;
monthly)
printf '%s %s %s * * root %s\n' "$min" "$hour" "$in_monthday" "$cmd"
;;
esac >>"$tmp"
mv -f "$tmp" "$CRON_FILE"
else
rm -f "$CRON_FILE"
fi
}
download_rules()
{
if ! check_oinkconf_url; then
write_error "`_ "URL not specified"`"
return 1
fi
"$OINKMASTER" -Q -U $CONFIG -o "$RULESDIR" ||
write_error "`_ "Download rules failed"`"
}
on_message()
{
[ -n "$RULESDIR" ] || set_rules_dir
case "$in_action" in
type)
write_type_item start_date date
write_type_item start_time time
write_type_item end_date date
write_type_item end_time time
write_type_item time time
;;
read)
case "$in__objects" in
state_enabled)
read_state
;;
rule-description)
[ -n "$in_rules" ] &&
write_string_param rule_description "$(read_rule_description "$in_rules")"
;;
dates)
read_dates
;;
download-data)
local oinkcode="$(read_oinkcode)"
if [ -n "$oinkcode" ]; then
write_string_param rules_url 'oinkcode'
write_string_param oinkcode "$oinkcode"
else
local custom_url="$(read_oinkconf_url)"
if [ -n "$custom_url" ]; then
write_string_param rules_url 'custom'
write_string_param custom_url "$custom_url"
fi
fi
read_cron_data
;;
esac
;;
write)
case "$in__objects" in
state_enabled)
[ -n "$in_state_enabled" ] && write_state "$in_state_enabled"
;;
rules-list)
[ -n "$in_rules_list" ] && write_ruleset "$(rules_list_to_ruleset "$in_rules_list")"
;;
download-now)
download_rules
;;
download-data)
case "$in_rules_url" in
oinkcode)
if [ -n "$in_oinkcode" ]; then
write_oinkcode "$in_oinkcode"
elif test_bool "$in_auto_update"; then
write_error "`_ "Oinkcode not specified!"`"
return
fi
;;
custom)
if [ -n "$in_custom_url" ]; then
write_oinkconf_url "$in_custom_url"
elif test_bool "$in_auto_update"; then
write_error "`_ "URL not specified!"`"
return
fi
;;
*)
;;
esac
write_cron_data
;;
esac
;;
list)
case "${in__objects##*/}" in
avail_rules) #list_rules | write_enum
for i in $(list_rules); do
write_table_item \
name "$i" \
rule "$i"
done
;;
avail_unused_rules)
for i in $(list_rules_unused); do
write_table_item \
name "$i" \
rule "$i"
done
;;
avail_weekday)
list_weekday
;;
events)
[ -n "$in_start_date" -a -n "$in_end_date" -a -n "$in_start_time" -a -n "$in_end_time" ] &&
list_events "$in_start_date" "$in_start_time" "$in_end_date" "$in_end_time"
;;
details)
[ -n "$in_details" -a "$in_details" != '#f' -a -n "$in_start_date" -a -n "$in_end_date" \
-a -n "$in_start_time" -a -n "$in_end_time" ] &&
list_details "$in_details" "$in_start_date" "$in_start_time" "$in_end_date" "$in_end_time"
;;
esac
;;
esac
}
message_loop
alterator-snort-0.2.4/tools/ 0000755 0000000 0000000 00000000000 12110343461 0016006 5 ustar 00root root 0000000 0000000 alterator-snort-0.2.4/tools/reset-snort-db.sh 0000644 0000000 0000000 00000003255 12110343461 0021217 0 ustar 00root root 0000000 0000000 #!/bin/sh
SNORT_CONFIG=/etc/snort/snort.conf
SERVICE=/sbin/service
CHKCONFIG=/sbin/chkconfig
MYSQL=/usr/bin/mysql
SNORT=/usr/sbin/snort
SYSCONFIG_FILE=/etc/sysconfig/snort
# '$' is not valid symbol in snort.conf
while [ -z "$pass" ] || echo "$pass" | grep -qs '\$'; do
pass=`/usr/bin/pwqgen`
done
$SERVICE mysqld start
STATUS=1
i=0
while [ "$STATUS" != "0" ] && [ $i -lt 10 ]; do
sleep 1
i="$(($i+1))"
echo "DROP DATABASE IF EXISTS snort;" | $MYSQL
echo "CREATE DATABASE snort;" | $MYSQL
STATUS=$?
done
snort_version="$($SNORT -V 2>&1 | sed -n 's;^.*Version \([1-9.]\+\).*$;\1;p')"
$MYSQL -D snort -u root >"$SNORT_CONFIG"
fi
fi
$SERVICE snortd condrestart ||:
alterator-snort-0.2.4/ui/ 0000755 0000000 0000000 00000000000 12110343461 0015263 5 ustar 00root root 0000000 0000000 alterator-snort-0.2.4/ui/snort/ 0000755 0000000 0000000 00000000000 12110343461 0016430 5 ustar 00root root 0000000 0000000 alterator-snort-0.2.4/ui/snort/ajax.scm 0000644 0000000 0000000 00000004170 12110343461 0020061 0 ustar 00root root 0000000 0000000 (define-module (ui snort ajax)
:use-module (alterator ajax)
:use-module (alterator woo)
:export (init))
(define (read-state)
(catch/message
(lambda()
(form-update-value-list '("state_enabled") (woo-read-first "/snort/state_enabled"
'language (form-value "language"))))))
(define (read-statistics)
(catch/message
(lambda()
(form-update-enum "statistics" (woo-list "/snort/events"
'start_date (form-value "start_date")
'start_time (form-value "start_time")
'end_date (form-value "end_date")
'end_time (form-value "end_time"))))))
(define (ui-init)
(form-update-enum "statistics" '())
(form-update-enum "details" '())
(read-state)
(catch/message
(lambda()
(form-update-value-list '("start_date" "start_time" "end_date" "end_time")
(woo-read-first "/snort/dates"
'language (form-value "language")))))
(read-statistics))
(define (on-show)
(read-statistics))
(define (on-details)
(catch/message
(lambda()
(form-update-enum "details" (woo-list "/snort/details"
'details (form-value "statistics")
'start_date (form-value "start_date")
'start_time (form-value "start_time")
'end_date (form-value "end_date")
'end_time (form-value "end_time")))))
(read-state))
(define (on-apply-state)
(catch/message
(lambda()
(woo-write "/snort/state_enabled"
'state_enabled (form-value "state_enabled")
'language (form-value "language")))))
(define (init)
(form-bind "apply_state_button" "click" on-apply-state)
(form-bind "details_button" "click" on-details)
(form-bind "show_button" "click" on-show)
(ui-init))
alterator-snort-0.2.4/ui/snort/index.html 0000644 0000000 0000000 00000011643 12110343461 0020432 0 ustar 00root root 0000000 0000000
alterator-snort-0.2.4/ui/snort/rules/ 0000755 0000000 0000000 00000000000 12110343461 0017562 5 ustar 00root root 0000000 0000000 alterator-snort-0.2.4/ui/snort/rules/ajax.scm 0000644 0000000 0000000 00000016137 12110343461 0021221 0 ustar 00root root 0000000 0000000 (define-module (ui snort rules ajax)
:use-module (alterator ajax)
:use-module (alterator woo)
:use-module (alterator effect)
:use-module (srfi srfi-1)
:use-module (srfi srfi-2)
:use-module (srfi srfi-11)
:export (init))
(define *rules-list* '())
(define *rules-unused-list* '())
(define *changed* #f)
(define (read-state)
(catch/message
(lambda()
(form-update-value-list '("state_enabled")
(woo-read-first "/snort/state_enabled"
'language (form-value "language"))))))
(define (update-rules-list rlist)
(set! *rules-list* rlist)
(form-update-enum "rules" rlist))
(define (update-rules-unused-list rlist)
(set! *rules-unused-list* rlist)
(form-update-enum "rules_unused" rlist)
(form-update-activity "add_button" (not (null? rlist))))
(define (read-rules-list)
(catch/message
(lambda()
(update-rules-list (woo-list "/snort/avail_rules" 'language (form-value "language"))))))
(define (read-rules-unused-list)
(catch/message
(lambda()
(update-rules-unused-list (woo-list "/snort/avail_unused_rules" 'language (form-value "language"))))))
(define (rules-list)
(map
(lambda(x)
(second (member 'name x)))
*rules-list*))
(define (rules-list-changed changed)
(set! *changed* changed)
(form-update-activity "apply_button" changed))
(define (rules-list-elem-name rlist)
(second (member 'name rlist)))
(define (rules-list-elem-index name rlist)
(and (string? name)
(not (string=? name ""))
(list-index (lambda(x)
(string=? name (rules-list-elem-name x)))
rlist)))
(define (rules-list-elem name rlist)
(find (lambda(x)
(string=? name (rules-list-elem-name x)))
rlist))
(define (rules-list-elem=? el1 el2)
(string=? (rules-list-elem-name el1) (rules-list-elem-name el2)))
(define (swap-elements n rlist)
(let*-values (((head temp-tail) (split-at rlist n))
((pair tail) (split-at temp-tail 2)))
(append head (cdr pair) (list (car pair)) tail)))
(define (move-element n)
(and-let* ((name (form-value "rules"))
(index (rules-list-elem-index name *rules-list*))
(shift (- index n)))
(and (>= shift 0)
(< (+ shift 1)(length *rules-list*))
(begin
(update-rules-list (swap-elements shift *rules-list*))
(form-update-value "rules" name)))))
(define (update-activity)
(let ((val (form-value "auto_update")))
(form-update-activity "weekday" (and val
(string=? "weekly" (form-value "period"))))
(form-update-activity "monthday" (and val
(string=? "monthly" (form-value "period"))))))
(define (ui-read)
(read-rules-list)
(read-rules-unused-list)
(rules-list-changed #f))
(define (read-download-data)
(form-update-value-list '("rules_url" "oinkcode" "custom_url" "auto_update" "period" "weekday" "monthday" "time")
(woo-read-first "/snort/download-data" 'language (form-value "language")))
(update-effect)
(update-activity))
(define (ui-init)
(if (and (null? *rules-list*)
(null? *rules-unused-list*))
(ui-read)
(begin (update-rules-list *rules-list*)
(update-rules-unused-list *rules-unused-list*)
(rules-list-changed *changed*)))
(form-update-enum "weekday" (woo-list "/snort/avail_weekday" 'language (form-value "language")))
(read-download-data))
(define (on-add)
(let*-values (((add-list-names) (string-split (or (form-value "rules_unused")
"")
#\;))
((add-list unused-list) (partition
(lambda(x)
(any (lambda(y)
(string=? y (rules-list-elem-name x)))
add-list-names))
*rules-unused-list*)))
(and (not (null? add-list-names))
(begin
(let* ((name (form-value "rules"))
(index (rules-list-elem-index name *rules-list*))
(n (if index
(+ index 1)
(length *rules-list*))))
(update-rules-list (append (take *rules-list* n) add-list (drop *rules-list* n)))
(form-update-value "rules" name)
(update-rules-unused-list unused-list)
(rules-list-changed #t))))))
(define (on-remove)
(let ((elem (rules-list-elem (form-value "rules") *rules-list*)))
(and elem
(not (null? *rules-list*))
(begin
(update-rules-list (remove
(lambda(x)
(rules-list-elem=? x elem))
*rules-list*))
(update-rules-unused-list (append *rules-unused-list* (list elem)))
(rules-list-changed #t)))))
(define (on-up)
(move-element 1))
(define (on-down)
(move-element 0))
(define (on-apply)
(woo-write "/snort/rules-list"
'rules_list (rules-list))
(ui-read))
(define (on-reset)
(ui-read))
(define (read-rule-description)
(catch/message
(lambda()
(let ((rule (form-value "rules")))
(and (string? rule)
(form-update-value-list '("rule_description")
(woo-read-first "/snort/rule-description"
'rules rule
'language (form-value "language"))))))))
(define (on-download-apply)
(catch/message
(lambda()
(apply woo-write "/snort/download-data"
(form-value-list
'("rules_url" "oinkcode" "custom_url" "auto_update" "period" "weekday" "monthday" "time" "language")))))
(read-download-data))
(define (on-download)
(catch/message
(lambda()
(woo-write "/snort/download-now"
'language (form-value "language"))))
(ui-read))
(define (init)
(effect-enable "period" "auto_update" #t)
(effect-enable "time" "auto_update" #t)
(effect-enable "weekday" "period" "weekly")
(effect-enable "monthday" "period" "monthly")
(effect-enable "oinkcode" "rules_url" "oinkcode")
(effect-enable "custom_url" "rules_url" "custom")
(effect-disable "auto_update" "rules_url" #f)
(init-effect)
(form-bind "auto_update" "change" update-activity)
(form-bind "add_button" "click" on-add)
(form-bind "remove_button" "click" on-remove)
(form-bind "up_button" "click" on-up)
(form-bind "down_button" "click" on-down)
(form-bind "apply_button" "click" on-apply)
(form-bind "reset_button" "click" on-reset)
(form-bind "rules" "change" read-rule-description)
(form-bind "download_apply_button" "click" on-download-apply)
(form-bind "download_button" "click" on-download)
(ui-init))
alterator-snort-0.2.4/ui/snort/rules/index.html 0000644 0000000 0000000 00000021462 12110343461 0021564 0 ustar 00root root 0000000 0000000