Found the problem with clearing the ALERTS tab and log file. Naming the form button with the ID "delete" seems to trigger some jQuery stuff in pfSenseHelpers.js that intercepts the workflow. That should not be happening with the button on the ALERTS tab. To fix it, change the ID to "clear" like this:
$group->add(new Form_Button(
'clear',
'Clear',
null,
'fa-trash'
))->removeClass('btn-default')->addClass('btn-danger btn-sm')
->setHelp('The active alerts log will be cleared');
Also note that the help text is a little misleading and should instead read as shown above.
Once the form button is renamed, the code handling the $_POST needs to change as shown below:
if ($_POST['clear']) {
suricata_post_delete_logs($suricata_uuid);
$fd = @fopen("{$suricatalogdir}suricata_{$if_real}{$suricata_uuid}/alerts.log", "w+");
if ($fd)
fclose($fd);
/* XXX: This is needed if suricata is run as suricata user */
mwexec('/bin/chmod 660 {$suricatalogdir}*', true);
header("Location: /suricata/suricata_alerts.php?instance={$instanceid}");
exit;
}
The problem with adding a SUPPRESS LIST entry not working is caused by the new font-awesome icon not generating a form.submit() call when clicked. Some additional code is needed to set a mode field (add src_ip, dst_ip, etc.), an IP address field and then submit the form when the icon is clicked. I have this working in the Snort package Bootstrap GUI and will be happy to share the file. The relevant code can be copied out and used in Suricata.
Bill
Updated by Anonymous 
Updated by 
Updated by 
Updated by 
Updated by 
