From mboxrd@z Thu Jan 1 00:00:00 1970 From: Stefan Schantl To: development@lists.ipfire.org Subject: Re: Guardian 2.0 Testversion 011 Date: Mon, 02 Mar 2015 19:35:38 +0100 Message-ID: <1425321338.2564.24.camel@ipfire.org> In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============2253313757208061293==" List-Id: --===============2253313757208061293== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hello Blago Culjak, > Hello Stefan, > I have updated, now seems fine. Will do even more testing in days to > come. >=20 > I have two suggestions, one for community, other is for features in > new version: >=20 > 1. I think that you should rename Guardian 2.0 to Intrusion > Prevention. Lots of people don't know (outside Linux world) about this > package, but they do know Intrusion Preventon, what stands for. This > is unique feature of IPFire, and should be considered like that. > Ofcourse, give credit to orginal Guardian. This is entirly up to > Michael and Project leaders, but I think this is great feature, that > must be better promoted. >=20 > Hey, IPFire has Guardian 2.0. What the hell is that? >=20 > or >=20 > Hey, IPFire has Intrusion Prevention. Ooo,nice... >=20 > See what I mean? The decision was to keep the old name to give tribute to this really great piece of software. The legacy version of guardian has been introduced more than a decade ago. So I think the term "guardian" is well known in the certain group of people which currently are using (or have used) one of the various free and open firewall solutions out there. Renaming the software to a different name will break those recognition. I don't agree in using a name like "IPS" or a similar one would help anybody in the decision to use the software or not, nor to promote it.=20 > 2. Stefan, I have asked you, and I will try again. Can we make > guardian even more better then just Intrusion Prevention? Can you > block bad IP's that are destined from our network? Please have a look > at the thread on forum. > http://forum.ipfire.org/viewtopic.php?f=3D52&t=3D12639 >=20 This is not really a guardian related issue, it affects the intrusion detection system. Snort is currently not configured to monitor the traffic inside the network zones or between them. This will be one of the next points on my personal "todo-list" and guardian 2.0 was just on of the first steps of extending IDS/IPS on IPFire. Best regards, -Stefan > Regards >=20 >=20 >=20 > Subject: Guardian 2.0 Testversion 011 > From: stefan.schantl(a)ipfire.org > To: development(a)lists.ipfire.org > Date: Sat, 28 Feb 2015 14:50:35 +0100 >=20 > Hello followers, > =20 > at first I have to thanks to all of you which have joined the guardian > 2.0 testing team. I've got a lot of positive feedback but also has been > noticed about several tiny issues. > =20 > I've uploaded an updated test version to > http://people.ipfire.org/~stevee/guardian-2.0/. > =20 > The installation / update works in the same way as described in the > planet post: > http://planet.ipfire.org/post/introducing-guardian-2-0-for-ipfire > =20 > IMPORTANT: Please create a backup of your files stored in > "/var/ipfire/guardian/", otherwise the will be overwritten by the > update! > =20 > Changelog: > =20 > * Matthias Fischer detected some small problems in the "guardian.cgi" > and provided some patches for them. > http://git.ipfire.org/?p=3Dpeople/stevee/ipfire-2.x.git;a=3Dcommit;h=3D19d6= abcce57be35c3bd43ebf45e37d69776f081e http://git.ipfire.org/?p=3Dpeople/stevee= /ipfire-2.x.git;a=3Dcommit;h=3D0a6c3cb89642e2ff567993d810757425cf9ccce7 http:= //git.ipfire.org/?p=3Dpeople/stevee/ipfire-2.x.git;a=3Dcommit;h=3D82208c83c70= 9da1f1c24fd9396e5d351f833fd91 > =20 > * Blago Culjak informed me about problems on starting guardian and > displaying it's status in the web interface. This behaviour only happens > when the legacy version of guardian has been un-installed and not just > replaced by the guardian. In the updated version contains the required > file which is used by various IPFire scripts to detect if an addon is > installed or not. > =20 > * The CLI switch "-d" called "debug mode" has been replaced by "-f" to > launch guardian and run it in the foreground. > http://git.ipfire.org/?p=3Dpeople/stevee/ipfire-2.x.git;a=3Dcommit;h=3Da58b= d674863e1c4fd3cff457f1bd51e105c3eb2b > =20 > * Some new code has been added to prevent from starting multiple > instances of guardian. > http://git.ipfire.org/?p=3Dpeople/stevee/ipfire-2.x.git;a=3Dcommit;h=3D9d44= c0d9952e67f6afad15e2940a5be6f1fe9094 > =20 > Best regards, > =20 > -Stefan > =20 >=20 >=20 > _______________________________________________ Development mailing > list Development(a)lists.ipfire.org > http://lists.ipfire.org/mailman/listinfo/development --===============2253313757208061293== Content-Type: application/pgp-signature Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="signature.asc" MIME-Version: 1.0 LS0tLS1CRUdJTiBQR1AgU0lHTkFUVVJFLS0tLS0KVmVyc2lvbjogR251UEcgdjIKCmlRSWNCQUFC Q2dBR0JRSlU5SzE2QUFvSkVFN1hUaFdQazdMZTkyUVFBSmVJdTJWQm1YUXR2MkQ0WEZDemJoME4K UGdzb0dkb2dqaFc2SS9uK0tOSmJuTEE1b0FUMWliYmkzekJibHhDNUtEQmY2WVRJUmk2YVMzUnpX K00rMUM2RQo2QkZtWGp6T085TC9Oa0xsZVkxUS9RNzBscWRRZDBoQzZDQVN0MU85VDF3R0J0bVQz WFlCUmQzaTJsUEtKTm5ZCnRGQm9MVHhEcTVXc1Z3bkNLaGlxYnFtNmxYMnQ4aFZocStLL3dvd2FM aEliWGVId1hydzFPK0ZMeDdDZ2V4ZlkKdnpvbGkzZWlOeXVlcnMxTkQvOHltQ0MwcFRkU0VPeW5P cnRET043UGlvTjNlSDQ4RXVVRzFkSVJyTHM1emc4dAphaFl4UXlNMWFTN1dNMFFFdVF5bE10d3FV ejNkNE1WcFRLc1h2N3NDM2JEQWRiQ0s5YXhpeWEyRnBMZmRkc2NqCmM3NEloRGc3MWM0NEZITk9K eS8zNDVJM21RK0NmOEs4VUdycStYbU9pcmVoT29qZmpTb09jcERkZmJra0ZNTW0KRlllRFkrL2FW MW1MQk04WVY2MzQ4S1k0TkdkRjQyRXNHc0s0VU9JZWRENjZmUzlMSXE1SEVvTUk1c0lPZ2krUApJ L0NDL1VuQ0grZDYwM1VSSXZWQndXMWpDN1BFMTVPWk5RdlFzQkRRelVGRWdzV09vbDdlMC9CUy9k VGRkdmNECk9pWmtVNTZ1akl1cmZQSzIzQWo3SGZlaENaS0w2MWtvOHRuRXlOVXkvUzlxZ0cvUjV1 a0FrZ3JCYTBSYmlqYmgKd3pFRkRIa2ZET1UvSDlUK0piME91THdLVm1nMktHSGQwa0EvVkhvL2F2 WGtZU0cyTkd3eTV4L2NTZVRRS05VNApuTHBybHhkRnRuZHJtVkh4ekR0awo9c0RPNQotLS0tLUVO RCBQR1AgU0lHTkFUVVJFLS0tLS0K --===============2253313757208061293==--