Skip to content

Address conflicts with $config #24

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Address conflicts with $config #24

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
4b61b0a
- Move require_once() calls to near start of script.
gatheall Jul 30, 2023
65e7249
- Renamed array used to hold configuration settings from dshield.ini …
gatheall Jul 30, 2023
d10acb4
- Moved From address check to support pulling it from the pfSense con…
gatheall Jul 30, 2023
a3bc5a3
- Invert test for SMTP server definition in pfSense.
gatheall Jul 30, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
69 changes: 35 additions & 34 deletions dshield.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,43 +22,49 @@

$version='0.000006';

$config=parse_ini_file("dshield.ini",true);
$config=$config['dshield'];
# include some standard libraries
require_once("globals.inc");
require_once("functions.inc");
require_once("filter.inc"); // In pfSense 2.5, filter_log.inc was renamed to filter.inc


$dshield_config=parse_ini_file("dshield.ini",true);
$dshield_config=$dshield_config['dshield'];


# for debugging, change the 'To' address or add a second address
$toaddr='[email protected]';

$debug=(int)($config['debug']);
$interfaces=explode(',',$config['interfaces']);
$authorized_source_ip=explode(',',$config['authorized_source_ip']);
$debug=(int)($dshield_config['debug']);
$interfaces=explode(',',$dshield_config['interfaces']);
$authorized_source_ip=explode(',',$dshield_config['authorized_source_ip']);

if ( $config['apikey'] == '' ) {
if ( $dshield_config['apikey'] == '' ) {
print "An API Key is required. Check dshield.ini\n";
exit();
}else{
$apikey=$config['apikey'];
$apikey=$dshield_config['apikey'];
}

if ( $config['fromaddr'] == '' ) {
if ($dshield_config['fromaddr'] == '' ) {
$from = $config['notifications']['smtp']['fromaddress'];
} else {
$from = $dshield_config['fromaddr'];
}
if ( $from == '' ) {
print "A 'From Address' is required. Check dshield.ini\n";
exit();
}

if ($config['fromaddr'] == '' ) {
$from = $config['notifications']['smtp']['fromaddress'];
} else {
$from = $config['fromaddr'];
}
# some older versions used userid instead of uid. allowing for both.
if ( $config['uid'] == '' && $config['userid'] == '' ) {
if ( $dshield_config['uid'] == '' && $dshield_config['userid'] == '' ) {
print "A DShield UID is required. Check dshield.ini\n";
exit();
} else {
if ( $config['uid'] == '' ) {
$uid=$config['userid'];
if ( $dshield_config['uid'] == '' ) {
$uid=$dshield_config['userid'];
} else {
$uid = $config['uid'];
$uid = $dshield_config['uid'];
}
}

Expand All @@ -76,38 +82,33 @@
print "SMTP is disabled under Systems->Advanced->Notifcations\n";
exit();
}
if (isset($config['notifications']['smtp']['ipaddress'])) {
if (!isset($config['notifications']['smtp']['ipaddress'])) {
print "No SMTP server is defined under Systems->Advanced->Notifications\n";
exit();
}

$src_exc_lo = array();
$src_exc_hi = array();
if ($config['source_exclude']) {
load_excludes($config['source_exclude'], $src_exc_lo, $src_exc_hi, True);
if ($dshield_config['source_exclude']) {
load_excludes($dshield_config['source_exclude'], $src_exc_lo, $src_exc_hi, True);
}
$tgt_exc_lo = array();
$tgt_exc_hi = array();
if ($config['target_exclude']) {
load_excludes($config['target_exclude'], $tgt_exc_lo, $tgt_exc_hi, True);
if ($dshield_config['target_exclude']) {
load_excludes($dshield_config['target_exclude'], $tgt_exc_lo, $tgt_exc_hi, True);
}
$src_port_exc_lo = array();
$src_port_exc_hi = array();
if ($config['source_port_exclude']) {
load_excludes($config['source_port_exclude'], $src_port_exc_lo, $src_port_exc_hi, False);
if ($dshield_config['source_port_exclude']) {
load_excludes($dshield_config['source_port_exclude'], $src_port_exc_lo, $src_port_exc_hi, False);
}
$tgt_port_exc_lo = array();
$tgt_port_exc_hi = array();
if ($config['target_port_exclude']) {
load_excludes($config['target_port_exclude'], $tgt_port_exc_lo, $tgt_port_exc_hi, False);
if ($dshield_config['target_port_exclude']) {
load_excludes($dshield_config['target_port_exclude'], $tgt_port_exc_lo, $tgt_port_exc_hi, False);
}


# include some standard libraries
require_once("globals.inc");
require_once("functions.inc");
require_once("filter.inc"); // In pfSense 2.5, filter_log.inc was renamed to filter.inc

# figure out local timezone
$sTZ=date('P');
# assemble subject line
Expand Down Expand Up @@ -190,7 +191,7 @@
}
continue;
}
$linesout.=date("Y-m-d H:i:s P",$time)."\t{$config['uid']}\t1\t{$flent['srcip']}\t{$flent['srcport']}\t{$flent['dstip']}\t{$flent['dstport']}\t{$flent['proto']}\t{$flent['tcpflags']}\n";
$linesout.=date("Y-m-d H:i:s P",$time)."\t{$dshield_config['uid']}\t1\t{$flent['srcip']}\t{$flent['srcport']}\t{$flent['dstip']}\t{$flent['dstport']}\t{$flent['proto']}\t{$flent['tcpflags']}\n";
$flent='';
$linecnt++;
} else {
Expand Down Expand Up @@ -227,8 +228,8 @@
# sending log via email
#

if ( $config['ccaddr'] !== '' ) {
$toaddr = $toaddr ."," .$config['ccaddr'];
if ( $dshield_config['ccaddr'] !== '' ) {
$toaddr = $toaddr ."," .$dshield_config['ccaddr'];
}

$headers = array(
Expand Down