Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
O
OpnSense
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Kulya
OpnSense
Commits
9910a79f
Commit
9910a79f
authored
Feb 03, 2016
by
Ad Schellevis
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
(ids) refactor model for user defined rules
parent
9dd8a244
Changes
6
Hide whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
62 additions
and
69 deletions
+62
-69
SettingsController.php
...c/app/controllers/OPNsense/IDS/Api/SettingsController.php
+34
-34
IndexController.php
...ense/mvc/app/controllers/OPNsense/IDS/IndexController.php
+1
-1
dialogUserDefined.xml
.../app/controllers/OPNsense/IDS/forms/dialogUserDefined.xml
+4
-4
TextField.php
...nse/mvc/app/models/OPNsense/Base/FieldTypes/TextField.php
+1
-1
IDS.xml
src/opnsense/mvc/app/models/OPNsense/IDS/IDS.xml
+7
-5
index.volt
src/opnsense/mvc/app/views/OPNsense/IDS/index.volt
+15
-24
No files found.
src/opnsense/mvc/app/controllers/OPNsense/IDS/Api/SettingsController.php
View file @
9910a79f
...
@@ -490,37 +490,37 @@ class SettingsController extends ApiControllerBase
...
@@ -490,37 +490,37 @@ class SettingsController extends ApiControllerBase
}
}
/**
/**
* search
fingerprint
s
* search
user defined rule
s
* @return array list of found
fingerprint
s
* @return array list of found
user rule
s
*/
*/
public
function
search
Fingerprint
Action
()
public
function
search
UserRule
Action
()
{
{
$this
->
sessionClose
();
$this
->
sessionClose
();
$mdlIDS
=
$this
->
getModel
();
$mdlIDS
=
$this
->
getModel
();
$grid
=
new
UIModelGrid
(
$mdlIDS
->
rules
->
fingerprint
);
$grid
=
new
UIModelGrid
(
$mdlIDS
->
userDefinedRules
->
rule
);
return
$grid
->
fetchBindRequest
(
return
$grid
->
fetchBindRequest
(
$this
->
request
,
$this
->
request
,
array
(
"enabled"
,
"action"
,
"description"
,
"fingerprint"
),
array
(
"enabled"
,
"action"
,
"description"
),
"description"
"description"
);
);
}
}
/**
/**
* update
fingerprint
* update
user defined rules
* @param string $uuid
fingerprint
internal id
* @param string $uuid internal id
* @return array save result + validation output
* @return array save result + validation output
* @throws \Phalcon\Validation\Exception
* @throws \Phalcon\Validation\Exception
*/
*/
public
function
set
Fingerprint
Action
(
$uuid
)
public
function
set
UserRule
Action
(
$uuid
)
{
{
$result
=
array
(
"result"
=>
"failed"
);
$result
=
array
(
"result"
=>
"failed"
);
if
(
$this
->
request
->
isPost
()
&&
$this
->
request
->
hasPost
(
"
fingerprint
"
))
{
if
(
$this
->
request
->
isPost
()
&&
$this
->
request
->
hasPost
(
"
rule
"
))
{
$mdlIDS
=
$this
->
getModel
();
$mdlIDS
=
$this
->
getModel
();
if
(
$uuid
!=
null
)
{
if
(
$uuid
!=
null
)
{
$node
=
$mdlIDS
->
getNodeByReference
(
'
rules.fingerprint
.'
.
$uuid
);
$node
=
$mdlIDS
->
getNodeByReference
(
'
userDefinedRules.rule
.'
.
$uuid
);
if
(
$node
!=
null
)
{
if
(
$node
!=
null
)
{
$node
->
setNodes
(
$this
->
request
->
getPost
(
"
fingerprint
"
));
$node
->
setNodes
(
$this
->
request
->
getPost
(
"
rule
"
));
$validations
=
$mdlIDS
->
validate
(
$node
->
__reference
,
"
fingerprint
"
);
$validations
=
$mdlIDS
->
validate
(
$node
->
__reference
,
"
rule
"
);
if
(
count
(
$validations
))
{
if
(
count
(
$validations
))
{
$result
[
'validations'
]
=
$validations
;
$result
[
'validations'
]
=
$validations
;
}
else
{
}
else
{
...
@@ -536,18 +536,18 @@ class SettingsController extends ApiControllerBase
...
@@ -536,18 +536,18 @@ class SettingsController extends ApiControllerBase
}
}
/**
/**
* add new
fingerprint
* add new
user defined rule
* @return array save result + validation output
* @return array save result + validation output
* @throws \Phalcon\Validation\Exception
* @throws \Phalcon\Validation\Exception
*/
*/
public
function
add
Fingerprint
Action
()
public
function
add
UserRule
Action
()
{
{
$result
=
array
(
"result"
=>
"failed"
);
$result
=
array
(
"result"
=>
"failed"
);
if
(
$this
->
request
->
isPost
()
&&
$this
->
request
->
hasPost
(
"
fingerprint
"
))
{
if
(
$this
->
request
->
isPost
()
&&
$this
->
request
->
hasPost
(
"
rule
"
))
{
$mdlIDS
=
$this
->
getModel
();
$mdlIDS
=
$this
->
getModel
();
$node
=
$mdlIDS
->
rules
->
fingerprint
->
Add
();
$node
=
$mdlIDS
->
userDefinedRules
->
rule
->
Add
();
$node
->
setNodes
(
$this
->
request
->
getPost
(
"
fingerprint
"
));
$node
->
setNodes
(
$this
->
request
->
getPost
(
"
rule
"
));
$validations
=
$mdlIDS
->
validate
(
$node
->
__reference
,
"
fingerprint
"
);
$validations
=
$mdlIDS
->
validate
(
$node
->
__reference
,
"
rule
"
);
if
(
count
(
$validations
))
{
if
(
count
(
$validations
))
{
$result
[
'validations'
]
=
$validations
;
$result
[
'validations'
]
=
$validations
;
}
else
{
}
else
{
...
@@ -561,39 +561,39 @@ class SettingsController extends ApiControllerBase
...
@@ -561,39 +561,39 @@ class SettingsController extends ApiControllerBase
}
}
/**
/**
* get
fingerprint properties
* get
properties of user defined rule
* @param null|string $uuid
fingerprint
internal id
* @param null|string $uuid
user rule
internal id
* @return array
fingerprint
properties
* @return array
user defined
properties
*/
*/
public
function
get
Fingerprint
Action
(
$uuid
=
null
)
public
function
get
UserRule
Action
(
$uuid
=
null
)
{
{
$mdlIDS
=
$this
->
getModel
();
$mdlIDS
=
$this
->
getModel
();
if
(
$uuid
!=
null
)
{
if
(
$uuid
!=
null
)
{
$node
=
$mdlIDS
->
getNodeByReference
(
'
rules.fingerprint
.'
.
$uuid
);
$node
=
$mdlIDS
->
getNodeByReference
(
'
userDefinedRules.rule
.'
.
$uuid
);
if
(
$node
!=
null
)
{
if
(
$node
!=
null
)
{
// return node
// return node
return
array
(
"
fingerprint
"
=>
$node
->
getNodes
());
return
array
(
"
rule
"
=>
$node
->
getNodes
());
}
}
}
else
{
}
else
{
// generate new node, but don't save to disc
// generate new node, but don't save to disc
$node
=
$mdlIDS
->
rules
->
fingerprint
->
add
()
;
$node
=
$mdlIDS
->
userDefinedRules
->
rule
->
add
()
;
return
array
(
"
fingerprint
"
=>
$node
->
getNodes
());
return
array
(
"
rule
"
=>
$node
->
getNodes
());
}
}
return
array
();
return
array
();
}
}
/**
/**
* delete
fingerprint
item
* delete
user rule
item
* @param string $uuid
fingerprint
internal id
* @param string $uuid
user rule
internal id
* @return array
* @return array
* @throws \Phalcon\Validation\Exception
* @throws \Phalcon\Validation\Exception
*/
*/
public
function
del
Fingerprint
Action
(
$uuid
)
public
function
del
UserRule
Action
(
$uuid
)
{
{
$result
=
array
(
"result"
=>
"failed"
);
$result
=
array
(
"result"
=>
"failed"
);
if
(
$this
->
request
->
isPost
()
&&
$uuid
!=
null
)
{
if
(
$this
->
request
->
isPost
()
&&
$uuid
!=
null
)
{
$mdlIDS
=
$this
->
getModel
();
$mdlIDS
=
$this
->
getModel
();
if
(
$mdlIDS
->
rules
->
fingerprint
->
del
(
$uuid
))
{
if
(
$mdlIDS
->
userDefinedRules
->
rule
->
del
(
$uuid
))
{
// if item is removed, serialize to config and save
// if item is removed, serialize to config and save
$mdlIDS
->
serializeToConfig
();
$mdlIDS
->
serializeToConfig
();
Config
::
getInstance
()
->
save
();
Config
::
getInstance
()
->
save
();
...
@@ -606,17 +606,17 @@ class SettingsController extends ApiControllerBase
...
@@ -606,17 +606,17 @@ class SettingsController extends ApiControllerBase
}
}
/**
/**
* toggle
fingerprint
by uuid (enable/disable)
* toggle
user defined rule
by uuid (enable/disable)
* @param $uuid
fingerprint
internal id
* @param $uuid
user defined rule
internal id
* @param $enabled desired state enabled(1)/disabled(1), leave empty for toggle
* @param $enabled desired state enabled(1)/disabled(1), leave empty for toggle
* @return array status
* @return array status
*/
*/
public
function
toggle
Fingerprint
Action
(
$uuid
,
$enabled
=
null
)
public
function
toggle
UserRule
Action
(
$uuid
,
$enabled
=
null
)
{
{
$result
=
array
(
"result"
=>
"failed"
);
$result
=
array
(
"result"
=>
"failed"
);
if
(
$this
->
request
->
isPost
()
&&
$uuid
!=
null
)
{
if
(
$this
->
request
->
isPost
()
&&
$uuid
!=
null
)
{
$mdlIDS
=
$this
->
getModel
();
$mdlIDS
=
$this
->
getModel
();
$node
=
$mdlIDS
->
getNodeByReference
(
'
rules.fingerprint
.'
.
$uuid
);
$node
=
$mdlIDS
->
getNodeByReference
(
'
userDefinedRules.rule
.'
.
$uuid
);
if
(
$node
!=
null
)
{
if
(
$node
!=
null
)
{
if
(
$enabled
==
"0"
||
$enabled
==
"1"
)
{
if
(
$enabled
==
"0"
||
$enabled
==
"1"
)
{
$node
->
enabled
=
(
string
)
$enabled
;
$node
->
enabled
=
(
string
)
$enabled
;
...
...
src/opnsense/mvc/app/controllers/OPNsense/IDS/IndexController.php
View file @
9910a79f
...
@@ -50,7 +50,7 @@ class IndexController extends \OPNsense\Base\IndexController
...
@@ -50,7 +50,7 @@ class IndexController extends \OPNsense\Base\IndexController
// link alert list dialog
// link alert list dialog
$this
->
view
->
formDialogRuleset
=
$this
->
getForm
(
"dialogRuleset"
);
$this
->
view
->
formDialogRuleset
=
$this
->
getForm
(
"dialogRuleset"
);
// link fingerprint dialog
// link fingerprint dialog
$this
->
view
->
formDialog
Fingerprint
=
$this
->
getForm
(
"dialogFingerprint
"
);
$this
->
view
->
formDialog
UserDefined
=
$this
->
getForm
(
"dialogUserDefined
"
);
// choose template
// choose template
$this
->
view
->
pick
(
'OPNsense/IDS/index'
);
$this
->
view
->
pick
(
'OPNsense/IDS/index'
);
}
}
...
...
src/opnsense/mvc/app/controllers/OPNsense/IDS/forms/dialog
Fingerprint
.xml
→
src/opnsense/mvc/app/controllers/OPNsense/IDS/forms/dialog
UserDefined
.xml
View file @
9910a79f
<form>
<form>
<field>
<field>
<id>
fingerprint
.enabled
</id>
<id>
rule
.enabled
</id>
<label>
enabled
</label>
<label>
enabled
</label>
<type>
checkbox
</type>
<type>
checkbox
</type>
<help>
enable this fingerprint rule
</help>
<help>
enable this fingerprint rule
</help>
</field>
</field>
<field>
<field>
<id>
fingerprint
.fingerprint
</id>
<id>
rule
.fingerprint
</id>
<label>
Fingerprint
</label>
<label>
Fingerprint
</label>
<type>
text
</type>
<type>
text
</type>
<help>
the SSL fingerprint, for example B5:E1:B3:70:5E:7C:FF:EB:92:C4:29:E5:5B:AC:2F:AE:70:17:E9:9E
</help>
<help>
the SSL fingerprint, for example B5:E1:B3:70:5E:7C:FF:EB:92:C4:29:E5:5B:AC:2F:AE:70:17:E9:9E
</help>
</field>
</field>
<field>
<field>
<id>
fingerprint
.action
</id>
<id>
rule
.action
</id>
<label>
Action
</label>
<label>
Action
</label>
<type>
dropdown
</type>
<type>
dropdown
</type>
<help>
set action to perform here, only used when in IPS mode
</help>
<help>
set action to perform here, only used when in IPS mode
</help>
</field>
</field>
<field>
<field>
<id>
fingerprint
.description
</id>
<id>
rule
.description
</id>
<label>
Description
</label>
<label>
Description
</label>
<type>
text
</type>
<type>
text
</type>
</field>
</field>
...
...
src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes/TextField.php
View file @
9910a79f
...
@@ -62,7 +62,7 @@ class TextField extends BaseField
...
@@ -62,7 +62,7 @@ class TextField extends BaseField
*/
*/
public
function
getValidators
()
public
function
getValidators
()
{
{
$validators
=
array
()
;
$validators
=
array
();
if
(
$this
->
internalValidationMessage
==
null
)
{
if
(
$this
->
internalValidationMessage
==
null
)
{
$msg
=
"text validation error"
;
$msg
=
"text validation error"
;
}
else
{
}
else
{
...
...
src/opnsense/mvc/app/models/OPNsense/IDS/IDS.xml
View file @
9910a79f
...
@@ -23,14 +23,16 @@
...
@@ -23,14 +23,16 @@
</OptionValues>
</OptionValues>
</action>
</action>
</rule>
</rule>
<fingerprint
type=
"ArrayField"
>
</rules>
<!--SSL fingerprints -->
<userDefinedRules>
<rule
type=
"ArrayField"
>
<!--user defined rules -->
<enabled
type=
"BooleanField"
>
<enabled
type=
"BooleanField"
>
<default>
1
</default>
<default>
1
</default>
<Required>
Y
</Required>
<Required>
Y
</Required>
</enabled>
</enabled>
<fingerprint
type=
"TextField"
>
<fingerprint
type=
"TextField"
>
<Required>
Y
</Required>
<Required>
N
</Required>
<mask>
/^([0-9a-fA-F:]){59,59}$/u
</mask>
<mask>
/^([0-9a-fA-F:]){59,59}$/u
</mask>
<ValidationMessage>
A SSL fingerprint should be a 59 character long hex value
</ValidationMessage>
<ValidationMessage>
A SSL fingerprint should be a 59 character long hex value
</ValidationMessage>
</fingerprint>
</fingerprint>
...
@@ -47,8 +49,8 @@
...
@@ -47,8 +49,8 @@
<drop>
Drop
</drop>
<drop>
Drop
</drop>
</OptionValues>
</OptionValues>
</action>
</action>
</
fingerprint
>
</
rule
>
</
r
ules>
</
userDefinedR
ules>
<files>
<files>
<file
type=
"ArrayField"
>
<file
type=
"ArrayField"
>
<filename
type=
"TextField"
>
<filename
type=
"TextField"
>
...
...
src/opnsense/mvc/app/views/OPNsense/IDS/index.volt
View file @
9910a79f
...
@@ -252,15 +252,15 @@ POSSIBILITY OF SUCH DAMAGE.
...
@@ -252,15 +252,15 @@ POSSIBILITY OF SUCH DAMAGE.
},
},
}
}
});
});
} else if (e.target.id == '
ssl
_tab') {
} else if (e.target.id == '
userrules
_tab') {
$('#grid-
fingerprint
s').bootgrid('destroy'); // always destroy previous grid, so data is always fresh
$('#grid-
userrule
s').bootgrid('destroy'); // always destroy previous grid, so data is always fresh
$("#grid-
fingerprint
s").UIBootgrid({
$("#grid-
userrule
s").UIBootgrid({
search:'/api/ids/settings/search
fingerprint
',
search:'/api/ids/settings/search
UserRule
',
get:'/api/ids/settings/get
Fingerprint
/',
get:'/api/ids/settings/get
UserRule
/',
set:'/api/ids/settings/set
Fingerprint
/',
set:'/api/ids/settings/set
UserRule
/',
add:'/api/ids/settings/add
Fingerprint
/',
add:'/api/ids/settings/add
UserRule
/',
del:'/api/ids/settings/del
Fingerprint
/',
del:'/api/ids/settings/del
UserRule
/',
toggle:'/api/ids/settings/toggle
Fingerprint
/'
toggle:'/api/ids/settings/toggle
UserRule
/'
}
}
);
);
...
@@ -404,7 +404,7 @@ POSSIBILITY OF SUCH DAMAGE.
...
@@ -404,7 +404,7 @@ POSSIBILITY OF SUCH DAMAGE.
<ul class="nav nav-tabs" data-tabs="tabs" id="maintabs">
<ul class="nav nav-tabs" data-tabs="tabs" id="maintabs">
<li class="active"><a data-toggle="tab" href="#settings" id="settings_tab">{{ lang._('Settings') }}</a></li>
<li class="active"><a data-toggle="tab" href="#settings" id="settings_tab">{{ lang._('Settings') }}</a></li>
<li><a data-toggle="tab" href="#rules" id="rule_tab">{{ lang._('Rules') }}</a></li>
<li><a data-toggle="tab" href="#rules" id="rule_tab">{{ lang._('Rules') }}</a></li>
<li><a data-toggle="tab" href="#
ssl" id="ssl_tab">{{ lang._('SSL
') }}</a></li>
<li><a data-toggle="tab" href="#
userrules" id="userrules_tab">{{ lang._('User defined
') }}</a></li>
<li><a data-toggle="tab" href="#alerts" id="alert_tab">{{ lang._('Alerts') }}</a></li>
<li><a data-toggle="tab" href="#alerts" id="alert_tab">{{ lang._('Alerts') }}</a></li>
<li><a href="" id="scheduled_updates" style="display:none">{{ lang._('Schedule') }}</a></li>
<li><a href="" id="scheduled_updates" style="display:none">{{ lang._('Schedule') }}</a></li>
</ul>
</ul>
...
@@ -487,23 +487,14 @@ POSSIBILITY OF SUCH DAMAGE.
...
@@ -487,23 +487,14 @@ POSSIBILITY OF SUCH DAMAGE.
</tfoot>
</tfoot>
</table>
</table>
</div>
</div>
<div id="ssl" class="tab-pane fade in">
<div id="userrules" class="tab-pane fade in">
<!-- tab page "ssl" -->
<!-- tab page "userrules" -->
<div class="bootgrid-header container-fluid">
<table id="grid-userrules" class="table table-condensed table-hover table-striped table-responsive" data-editDialog="DialogUserDefined">
<div class="row">
<div class="col-sm-12">
<strong>SSL Fingerprints</strong>
</div>
</div>
</div>
<hr/>
<table id="grid-fingerprints" class="table table-condensed table-hover table-striped table-responsive" data-editDialog="DialogFingerprint">
<thead>
<thead>
<tr>
<tr>
<th data-column-id="enabled" data-formatter="rowtoggle" data-sortable="false" data-width="10em">{{ lang._('Enabled') }}</th>
<th data-column-id="enabled" data-formatter="rowtoggle" data-sortable="false" data-width="10em">{{ lang._('Enabled') }}</th>
<th data-column-id="fingerprint" data-type="string" data-sortable="true">{{ lang._('Fingerprint') }}</th>
<th data-column-id="description" data-type="string" data-sortable="true">{{ lang._('Description') }}</th>
<th data-column-id="action" data-type="string" data-sortable="true">{{ lang._('Action') }}</th>
<th data-column-id="action" data-type="string" data-sortable="true">{{ lang._('Action') }}</th>
<th data-column-id="description" data-type="string" data-sortable="true">{{ lang._('Description') }}</th>
<th data-column-id="uuid" data-type="string" data-identifier="true" data-visible="false">{{ lang._('ID') }}</th>
<th data-column-id="uuid" data-type="string" data-identifier="true" data-visible="false">{{ lang._('ID') }}</th>
<th data-column-id="commands" data-width="7em" data-formatter="commands" data-sortable="false">{{ lang._('Commands') }}</th>
<th data-column-id="commands" data-width="7em" data-formatter="commands" data-sortable="false">{{ lang._('Commands') }}</th>
</tr>
</tr>
...
@@ -586,4 +577,4 @@ POSSIBILITY OF SUCH DAMAGE.
...
@@ -586,4 +577,4 @@ POSSIBILITY OF SUCH DAMAGE.
{{ partial("layout_partials/base_dialog",['fields':formDialogRule,'id':'DialogRule','label':'Rule details','hasSaveBtn':'true','msgzone_width':1])}}
{{ partial("layout_partials/base_dialog",['fields':formDialogRule,'id':'DialogRule','label':'Rule details','hasSaveBtn':'true','msgzone_width':1])}}
{{ partial("layout_partials/base_dialog",['fields':formDialogAlert,'id':'DialogAlert','label':'Alert details','hasSaveBtn':'false','msgzone_width':1])}}
{{ partial("layout_partials/base_dialog",['fields':formDialogAlert,'id':'DialogAlert','label':'Alert details','hasSaveBtn':'false','msgzone_width':1])}}
{{ partial("layout_partials/base_dialog",['fields':formDialogRuleset,'id':'DialogRuleset','label':'Ruleset details','hasSaveBtn':'true','msgzone_width':1])}}
{{ partial("layout_partials/base_dialog",['fields':formDialogRuleset,'id':'DialogRuleset','label':'Ruleset details','hasSaveBtn':'true','msgzone_width':1])}}
{{ partial("layout_partials/base_dialog",['fields':formDialog
Fingerprint,'id':'DialogFingerprint','label':'Fingerprint
details','hasSaveBtn':'true'])}}
{{ partial("layout_partials/base_dialog",['fields':formDialog
UserDefined,'id':'DialogUserDefined','label':'Rule
details','hasSaveBtn':'true'])}}
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment