Commit 9910a79f authored by Ad Schellevis's avatar Ad Schellevis

(ids) refactor model for user defined rules

parent 9dd8a244
...@@ -490,37 +490,37 @@ class SettingsController extends ApiControllerBase ...@@ -490,37 +490,37 @@ class SettingsController extends ApiControllerBase
} }
/** /**
* search fingerprints * search user defined rules
* @return array list of found fingerprints * @return array list of found user rules
*/ */
public function searchFingerprintAction() public function searchUserRuleAction()
{ {
$this->sessionClose(); $this->sessionClose();
$mdlIDS = $this->getModel(); $mdlIDS = $this->getModel();
$grid = new UIModelGrid($mdlIDS->rules->fingerprint); $grid = new UIModelGrid($mdlIDS->userDefinedRules->rule);
return $grid->fetchBindRequest( return $grid->fetchBindRequest(
$this->request, $this->request,
array("enabled", "action", "description", "fingerprint"), array("enabled", "action", "description"),
"description" "description"
); );
} }
/** /**
* update fingerprint * update user defined rules
* @param string $uuid fingerprint internal id * @param string $uuid internal id
* @return array save result + validation output * @return array save result + validation output
* @throws \Phalcon\Validation\Exception * @throws \Phalcon\Validation\Exception
*/ */
public function setFingerprintAction($uuid) public function setUserRuleAction($uuid)
{ {
$result = array("result"=>"failed"); $result = array("result"=>"failed");
if ($this->request->isPost() && $this->request->hasPost("fingerprint")) { if ($this->request->isPost() && $this->request->hasPost("rule")) {
$mdlIDS = $this->getModel(); $mdlIDS = $this->getModel();
if ($uuid != null) { if ($uuid != null) {
$node = $mdlIDS->getNodeByReference('rules.fingerprint.'.$uuid); $node = $mdlIDS->getNodeByReference('userDefinedRules.rule.'.$uuid);
if ($node != null) { if ($node != null) {
$node->setNodes($this->request->getPost("fingerprint")); $node->setNodes($this->request->getPost("rule"));
$validations = $mdlIDS->validate($node->__reference, "fingerprint"); $validations = $mdlIDS->validate($node->__reference, "rule");
if (count($validations)) { if (count($validations)) {
$result['validations'] = $validations; $result['validations'] = $validations;
} else { } else {
...@@ -536,18 +536,18 @@ class SettingsController extends ApiControllerBase ...@@ -536,18 +536,18 @@ class SettingsController extends ApiControllerBase
} }
/** /**
* add new fingerprint * add new user defined rule
* @return array save result + validation output * @return array save result + validation output
* @throws \Phalcon\Validation\Exception * @throws \Phalcon\Validation\Exception
*/ */
public function addFingerprintAction() public function addUserRuleAction()
{ {
$result = array("result"=>"failed"); $result = array("result"=>"failed");
if ($this->request->isPost() && $this->request->hasPost("fingerprint")) { if ($this->request->isPost() && $this->request->hasPost("rule")) {
$mdlIDS = $this->getModel(); $mdlIDS = $this->getModel();
$node = $mdlIDS->rules->fingerprint->Add(); $node = $mdlIDS->userDefinedRules->rule->Add();
$node->setNodes($this->request->getPost("fingerprint")); $node->setNodes($this->request->getPost("rule"));
$validations = $mdlIDS->validate($node->__reference, "fingerprint"); $validations = $mdlIDS->validate($node->__reference, "rule");
if (count($validations)) { if (count($validations)) {
$result['validations'] = $validations; $result['validations'] = $validations;
} else { } else {
...@@ -561,39 +561,39 @@ class SettingsController extends ApiControllerBase ...@@ -561,39 +561,39 @@ class SettingsController extends ApiControllerBase
} }
/** /**
* get fingerprint properties * get properties of user defined rule
* @param null|string $uuid fingerprint internal id * @param null|string $uuid user rule internal id
* @return array fingerprint properties * @return array user defined properties
*/ */
public function getFingerprintAction($uuid = null) public function getUserRuleAction($uuid = null)
{ {
$mdlIDS = $this->getModel(); $mdlIDS = $this->getModel();
if ($uuid != null) { if ($uuid != null) {
$node = $mdlIDS->getNodeByReference('rules.fingerprint.'.$uuid); $node = $mdlIDS->getNodeByReference('userDefinedRules.rule.'.$uuid);
if ($node != null) { if ($node != null) {
// return node // return node
return array("fingerprint" => $node->getNodes()); return array("rule" => $node->getNodes());
} }
} else { } else {
// generate new node, but don't save to disc // generate new node, but don't save to disc
$node = $mdlIDS->rules->fingerprint->add() ; $node = $mdlIDS->userDefinedRules->rule->add() ;
return array("fingerprint" => $node->getNodes()); return array("rule" => $node->getNodes());
} }
return array(); return array();
} }
/** /**
* delete fingerprint item * delete user rule item
* @param string $uuid fingerprint internal id * @param string $uuid user rule internal id
* @return array * @return array
* @throws \Phalcon\Validation\Exception * @throws \Phalcon\Validation\Exception
*/ */
public function delFingerprintAction($uuid) public function delUserRuleAction($uuid)
{ {
$result = array("result"=>"failed"); $result = array("result"=>"failed");
if ($this->request->isPost() && $uuid != null) { if ($this->request->isPost() && $uuid != null) {
$mdlIDS = $this->getModel(); $mdlIDS = $this->getModel();
if ($mdlIDS->rules->fingerprint->del($uuid)) { if ($mdlIDS->userDefinedRules->rule->del($uuid)) {
// if item is removed, serialize to config and save // if item is removed, serialize to config and save
$mdlIDS->serializeToConfig(); $mdlIDS->serializeToConfig();
Config::getInstance()->save(); Config::getInstance()->save();
...@@ -606,17 +606,17 @@ class SettingsController extends ApiControllerBase ...@@ -606,17 +606,17 @@ class SettingsController extends ApiControllerBase
} }
/** /**
* toggle fingerprint by uuid (enable/disable) * toggle user defined rule by uuid (enable/disable)
* @param $uuid fingerprint internal id * @param $uuid user defined rule internal id
* @param $enabled desired state enabled(1)/disabled(1), leave empty for toggle * @param $enabled desired state enabled(1)/disabled(1), leave empty for toggle
* @return array status * @return array status
*/ */
public function toggleFingerprintAction($uuid, $enabled = null) public function toggleUserRuleAction($uuid, $enabled = null)
{ {
$result = array("result" => "failed"); $result = array("result" => "failed");
if ($this->request->isPost() && $uuid != null) { if ($this->request->isPost() && $uuid != null) {
$mdlIDS = $this->getModel(); $mdlIDS = $this->getModel();
$node = $mdlIDS->getNodeByReference('rules.fingerprint.' . $uuid); $node = $mdlIDS->getNodeByReference('userDefinedRules.rule.' . $uuid);
if ($node != null) { if ($node != null) {
if ($enabled == "0" || $enabled == "1") { if ($enabled == "0" || $enabled == "1") {
$node->enabled = (string)$enabled; $node->enabled = (string)$enabled;
......
...@@ -50,7 +50,7 @@ class IndexController extends \OPNsense\Base\IndexController ...@@ -50,7 +50,7 @@ class IndexController extends \OPNsense\Base\IndexController
// link alert list dialog // link alert list dialog
$this->view->formDialogRuleset = $this->getForm("dialogRuleset"); $this->view->formDialogRuleset = $this->getForm("dialogRuleset");
// link fingerprint dialog // link fingerprint dialog
$this->view->formDialogFingerprint = $this->getForm("dialogFingerprint"); $this->view->formDialogUserDefined = $this->getForm("dialogUserDefined");
// choose template // choose template
$this->view->pick('OPNsense/IDS/index'); $this->view->pick('OPNsense/IDS/index');
} }
......
<form> <form>
<field> <field>
<id>fingerprint.enabled</id> <id>rule.enabled</id>
<label>enabled</label> <label>enabled</label>
<type>checkbox</type> <type>checkbox</type>
<help>enable this fingerprint rule</help> <help>enable this fingerprint rule</help>
</field> </field>
<field> <field>
<id>fingerprint.fingerprint</id> <id>rule.fingerprint</id>
<label>Fingerprint</label> <label>Fingerprint</label>
<type>text</type> <type>text</type>
<help>the SSL fingerprint, for example B5:E1:B3:70:5E:7C:FF:EB:92:C4:29:E5:5B:AC:2F:AE:70:17:E9:9E</help> <help>the SSL fingerprint, for example B5:E1:B3:70:5E:7C:FF:EB:92:C4:29:E5:5B:AC:2F:AE:70:17:E9:9E</help>
</field> </field>
<field> <field>
<id>fingerprint.action</id> <id>rule.action</id>
<label>Action</label> <label>Action</label>
<type>dropdown</type> <type>dropdown</type>
<help>set action to perform here, only used when in IPS mode</help> <help>set action to perform here, only used when in IPS mode</help>
</field> </field>
<field> <field>
<id>fingerprint.description</id> <id>rule.description</id>
<label>Description</label> <label>Description</label>
<type>text</type> <type>text</type>
</field> </field>
......
...@@ -62,7 +62,7 @@ class TextField extends BaseField ...@@ -62,7 +62,7 @@ class TextField extends BaseField
*/ */
public function getValidators() public function getValidators()
{ {
$validators = array() ; $validators = array();
if ($this->internalValidationMessage == null) { if ($this->internalValidationMessage == null) {
$msg = "text validation error" ; $msg = "text validation error" ;
} else { } else {
......
...@@ -23,14 +23,16 @@ ...@@ -23,14 +23,16 @@
</OptionValues> </OptionValues>
</action> </action>
</rule> </rule>
<fingerprint type="ArrayField"> </rules>
<!--SSL fingerprints --> <userDefinedRules>
<rule type="ArrayField">
<!--user defined rules -->
<enabled type="BooleanField"> <enabled type="BooleanField">
<default>1</default> <default>1</default>
<Required>Y</Required> <Required>Y</Required>
</enabled> </enabled>
<fingerprint type="TextField"> <fingerprint type="TextField">
<Required>Y</Required> <Required>N</Required>
<mask>/^([0-9a-fA-F:]){59,59}$/u</mask> <mask>/^([0-9a-fA-F:]){59,59}$/u</mask>
<ValidationMessage>A SSL fingerprint should be a 59 character long hex value</ValidationMessage> <ValidationMessage>A SSL fingerprint should be a 59 character long hex value</ValidationMessage>
</fingerprint> </fingerprint>
...@@ -47,8 +49,8 @@ ...@@ -47,8 +49,8 @@
<drop>Drop</drop> <drop>Drop</drop>
</OptionValues> </OptionValues>
</action> </action>
</fingerprint> </rule>
</rules> </userDefinedRules>
<files> <files>
<file type="ArrayField"> <file type="ArrayField">
<filename type="TextField"> <filename type="TextField">
......
...@@ -252,15 +252,15 @@ POSSIBILITY OF SUCH DAMAGE. ...@@ -252,15 +252,15 @@ POSSIBILITY OF SUCH DAMAGE.
}, },
} }
}); });
} else if (e.target.id == 'ssl_tab') { } else if (e.target.id == 'userrules_tab') {
$('#grid-fingerprints').bootgrid('destroy'); // always destroy previous grid, so data is always fresh $('#grid-userrules').bootgrid('destroy'); // always destroy previous grid, so data is always fresh
$("#grid-fingerprints").UIBootgrid({ $("#grid-userrules").UIBootgrid({
search:'/api/ids/settings/searchfingerprint', search:'/api/ids/settings/searchUserRule',
get:'/api/ids/settings/getFingerprint/', get:'/api/ids/settings/getUserRule/',
set:'/api/ids/settings/setFingerprint/', set:'/api/ids/settings/setUserRule/',
add:'/api/ids/settings/addFingerprint/', add:'/api/ids/settings/addUserRule/',
del:'/api/ids/settings/delFingerprint/', del:'/api/ids/settings/delUserRule/',
toggle:'/api/ids/settings/toggleFingerprint/' toggle:'/api/ids/settings/toggleUserRule/'
} }
); );
...@@ -404,7 +404,7 @@ POSSIBILITY OF SUCH DAMAGE. ...@@ -404,7 +404,7 @@ POSSIBILITY OF SUCH DAMAGE.
<ul class="nav nav-tabs" data-tabs="tabs" id="maintabs"> <ul class="nav nav-tabs" data-tabs="tabs" id="maintabs">
<li class="active"><a data-toggle="tab" href="#settings" id="settings_tab">{{ lang._('Settings') }}</a></li> <li class="active"><a data-toggle="tab" href="#settings" id="settings_tab">{{ lang._('Settings') }}</a></li>
<li><a data-toggle="tab" href="#rules" id="rule_tab">{{ lang._('Rules') }}</a></li> <li><a data-toggle="tab" href="#rules" id="rule_tab">{{ lang._('Rules') }}</a></li>
<li><a data-toggle="tab" href="#ssl" id="ssl_tab">{{ lang._('SSL') }}</a></li> <li><a data-toggle="tab" href="#userrules" id="userrules_tab">{{ lang._('User defined') }}</a></li>
<li><a data-toggle="tab" href="#alerts" id="alert_tab">{{ lang._('Alerts') }}</a></li> <li><a data-toggle="tab" href="#alerts" id="alert_tab">{{ lang._('Alerts') }}</a></li>
<li><a href="" id="scheduled_updates" style="display:none">{{ lang._('Schedule') }}</a></li> <li><a href="" id="scheduled_updates" style="display:none">{{ lang._('Schedule') }}</a></li>
</ul> </ul>
...@@ -487,23 +487,14 @@ POSSIBILITY OF SUCH DAMAGE. ...@@ -487,23 +487,14 @@ POSSIBILITY OF SUCH DAMAGE.
</tfoot> </tfoot>
</table> </table>
</div> </div>
<div id="ssl" class="tab-pane fade in"> <div id="userrules" class="tab-pane fade in">
<!-- tab page "ssl" --> <!-- tab page "userrules" -->
<div class="bootgrid-header container-fluid"> <table id="grid-userrules" class="table table-condensed table-hover table-striped table-responsive" data-editDialog="DialogUserDefined">
<div class="row">
<div class="col-sm-12">
<strong>SSL Fingerprints</strong>
</div>
</div>
</div>
<hr/>
<table id="grid-fingerprints" class="table table-condensed table-hover table-striped table-responsive" data-editDialog="DialogFingerprint">
<thead> <thead>
<tr> <tr>
<th data-column-id="enabled" data-formatter="rowtoggle" data-sortable="false" data-width="10em">{{ lang._('Enabled') }}</th> <th data-column-id="enabled" data-formatter="rowtoggle" data-sortable="false" data-width="10em">{{ lang._('Enabled') }}</th>
<th data-column-id="fingerprint" data-type="string" data-sortable="true">{{ lang._('Fingerprint') }}</th>
<th data-column-id="description" data-type="string" data-sortable="true">{{ lang._('Description') }}</th>
<th data-column-id="action" data-type="string" data-sortable="true">{{ lang._('Action') }}</th> <th data-column-id="action" data-type="string" data-sortable="true">{{ lang._('Action') }}</th>
<th data-column-id="description" data-type="string" data-sortable="true">{{ lang._('Description') }}</th>
<th data-column-id="uuid" data-type="string" data-identifier="true" data-visible="false">{{ lang._('ID') }}</th> <th data-column-id="uuid" data-type="string" data-identifier="true" data-visible="false">{{ lang._('ID') }}</th>
<th data-column-id="commands" data-width="7em" data-formatter="commands" data-sortable="false">{{ lang._('Commands') }}</th> <th data-column-id="commands" data-width="7em" data-formatter="commands" data-sortable="false">{{ lang._('Commands') }}</th>
</tr> </tr>
...@@ -586,4 +577,4 @@ POSSIBILITY OF SUCH DAMAGE. ...@@ -586,4 +577,4 @@ POSSIBILITY OF SUCH DAMAGE.
{{ partial("layout_partials/base_dialog",['fields':formDialogRule,'id':'DialogRule','label':'Rule details','hasSaveBtn':'true','msgzone_width':1])}} {{ partial("layout_partials/base_dialog",['fields':formDialogRule,'id':'DialogRule','label':'Rule details','hasSaveBtn':'true','msgzone_width':1])}}
{{ partial("layout_partials/base_dialog",['fields':formDialogAlert,'id':'DialogAlert','label':'Alert details','hasSaveBtn':'false','msgzone_width':1])}} {{ partial("layout_partials/base_dialog",['fields':formDialogAlert,'id':'DialogAlert','label':'Alert details','hasSaveBtn':'false','msgzone_width':1])}}
{{ partial("layout_partials/base_dialog",['fields':formDialogRuleset,'id':'DialogRuleset','label':'Ruleset details','hasSaveBtn':'true','msgzone_width':1])}} {{ partial("layout_partials/base_dialog",['fields':formDialogRuleset,'id':'DialogRuleset','label':'Ruleset details','hasSaveBtn':'true','msgzone_width':1])}}
{{ partial("layout_partials/base_dialog",['fields':formDialogFingerprint,'id':'DialogFingerprint','label':'Fingerprint details','hasSaveBtn':'true'])}} {{ partial("layout_partials/base_dialog",['fields':formDialogUserDefined,'id':'DialogUserDefined','label':'Rule details','hasSaveBtn':'true'])}}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment