Feature #2008: Packet display in snort alerts - pfSense Packages - pfSense bugtracker

Actions

Copy link

Feature #2008

closed

Packet display in snort alerts

Added by Dick Nixon about 13 years ago. Updated over 12 years ago.

Status:

Rejected

Priority:

Normal

Assignee:

Category:

Snort

Target version:

Start date:

11/15/2011

Due date:

% Done:

100%

Estimated time:

Plus Target Version:

Description

Here's a quick hack to allow optional display of snort alerts packets.
Default is to not display. A checkbox is provided to Show Packets. When the Save button is clicked then the code to display packet contents is activated and a column is added to the page. It overflows the page a bit depending on the theme page background.

It only displays packets from the current run of snort. Previous alert packets are displayed as 'empty'.

Also added a whois lookup from dnsstuff for the source and destination ip addresses.

Files

snort_alerts.php (19.1 KB) snort_alerts.php

Dick Nixon, 11/15/2011 08:49 PM

History
Notes
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense » pfSense Packages

Custom queries

Feature #2008

Packet display in snort alerts

Updated by Ermal Luçi over 12 years ago