From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michael Tremer To: development@lists.ipfire.org Subject: Re: Betatest Guardian 2.0 Date: Thu, 21 Jul 2016 12:28:07 +0100 Message-ID: <1469100487.2710.251.camel@ipfire.org> In-Reply-To: <8987e03f-e8e3-c8cc-dc09-96a0937a0f2e@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============8987600644543242159==" List-Id: --===============8987600644543242159== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit On Thu, 2016-07-21 at 13:25 +0200, Matthias Fischer wrote: > Hi, > > I mentioned this earlier, but it seems that 'guardian' has some kind of > memory leak? Probably not a leak, but it seems that some used data is not freed. Maybe the log files that guardian reads? > It started about two days ago with ~14 MB RAM. Then it jumped to ~34 MB, > then to ~48 MB - today it suddenly uses 71 MB. Is this RSS or VIRT? > And if I start it on my testmachine (offline!) it uses ~90 MB. > > Can someone confirm? > > Besides this, its working without seen problems. > > Best, > Matthias > > On 20.07.2016 15:33, Stefan Schantl wrote: > > Hello testers, > > > > I've uploaded  a new test version (003). > > > > Update or fresh install works like described in the announcement mail. > > > > The Changelog can be found here: > > > > http://people.ipfire.org/~stevee/guardian-2.0/Changelog.txt > > > > At the moment I'm missing feedback for the following functions: > > > > * Manually blocking / unblocking addresses. > > * Dealing with the ignore list. > > * Owncloud message parser. > > * Logrotate, there should be an corresponding log entry in the guardian > > logfile after rotation of the logfiles have been done. > > * Reload of the ignore list after "Red" has been reconnected. There > > also a corresponding log entry should be logged to the logfile and the > > new "Red-address" should also be logged as part of the ignore list (If > > you own an dynamic assigned one). > > > > As always please report your bugs or experience with the new version to > > this list. > > > > Best regards, > > > > -Stefan > > > > > Hello mailing list followers, > > > > > > this is the official release announcement for the first beta release > > > of > > > the new Guardian 2.0 approach. > > > > > > > > > - What are the differences to the current version of guardian > > > (legacy) > > > and the first approach of guardian 2.0? > > > > > > The most important difference is, that the new version of Guardian > > > 2.0 > > > completely has been re-written from scratch and released under the > > > terms of the GPLv3. The legacy version of guardian is not maintained > > > anymore by it's developer and the software has been released without > > > any license details at all. > > > > > > Guardian 2.0 has a very modular code base and has been designed as a > > > multi-threaded application. This allows a parallel parsing of all > > > monitored logfiles and faster actions, if one of the used modules > > > detects an attack. > > > > > > A very important difference to the legacy version is the support of > > > configuring and managing the entire service through the IPFire > > > webinterface. The entire configuration, managing of current blocked > > > hosts, unblocking them or editing the ignored hosts list now can be > > > done in a graphical way.  > > > > > > The legacy version of guardian only supported parsing snort alerts. > > > HTTPD and SSH support has been patched by the IPFire development team > > > some time ago. Guardian 2.0 supports all of them out of the box and > > > includes a filter to detect owncloud login brute-force attempts. As a > > > benefit of the new modular design, additional filters easily can be > > > added. > > > > > > Guardian 2.0 is able to reload it's configuration, reloading > > > the ignore list during runtime and handle, if the logfiles will get > > > rotated by logrotate. This actions can be called by using the > > > webinterface or from the command line interface by using > > > "guardianctrl". > > > > > > These are just a handful of the changes and benefits which comes with > > > Guardian 2.0, a complete list would be to long for this mailing list. > > > > > > > > > - How to join testing? > > > > > > To get part of the testing team, simple navigate to http://people.ipf > > > ir > > > e.org/~stevee/guardian-2.0/ and download the latest tarball > > > (currently > > > 002). Please take care to download the correct one, based on your > > > used > > > architecture. The i585 packages are for 32Bit installations of > > > IPFire, > > > the x86_64 packages only can be used on 64Bit installations. > > > > > > Put the downloaded file on your IPFire test system and extract the > > > package by using "tar -xvf guardian-2.0-002..tar.gz -C /". > > > > > > The final installation step would be to regenerate the language cache > > > by executing "update-lang-cache" on the console. > > > > > > From now you can find a new menu item called "Guardian" in your > > > "Service" menu after you have logged-in into your IPFire's > > > webinterface. > > > > > > Documentation can be found on the IPFire wiki: http://wiki.ipfire.org > > > /e > > > n/addons/guardian/start#the_guardian_20_addon > > > > > > > > > - Where to post bugs reports or provide feedback? > > > > > > If you find any bugs, please report them as usual on the IPFire > > > bugtracker, which can be found at https://bugzilla.ipfire.org. > > > > > > To provide feedback or to join a discussion, please send your mails > > > to > > > "development(a)lists.ipfire.org" (Please register first at http://lists > > > .i > > > pfire.org if not yet done). > > > > > > The source code can be found at http://git.ipfire.org/?p=people/steve > > > e/ > > > guardian.git;a=summary > > > > > > > > > Happy testing, > > > > > > -Stefan > > > > > > --===============8987600644543242159== Content-Type: application/pgp-signature Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="signature.asc" MIME-Version: 1.0 LS0tLS1CRUdJTiBQR1AgU0lHTkFUVVJFLS0tLS0KVmVyc2lvbjogR251UEcgdjIKCmlRSWNCQUFC Q2dBR0JRSlhrTEhIQUFvSkVJQjU4UDl2a0FrSEpOb1FBSVVzcy8wN3BhSXZPaS8rS1A4Ykw0S3AK cnh0MXArRGhQYzVBT2F2cXFjaXhIOE5tdFU2YlpSMFdYcG1iTmZic01QNWpBN1pQZ0RQYVN0czdL LzFkcjUyQgpTRDdMSTFtaGdVckpLdVRNWVZsSFZCSXdiN01qNTFrWDdEcnFjbDF1Z2VCZGRubnhB RnRjSVcrTVZ4L2hHNVRlCjdpb1pHWGlQUE5jNTc3cXdlaGtObnBvLzIwQ0pqeHRLbWZZOHdVUm5v SzVHZmtGcDhSVDF5eVJhNmxsZW9oQUwKbUsvQTErRzdFc3A1SERXaFNUNys3cTFnRGVldnhjWFg2 SGJSMC9wcEk1VG5ib0l0VzJYT2FWTCt2dzZseUFiYwpaY2hVSlQ3emhhMmtyYlB3bTl6a2swekJx ZzdmOHJ2Q09oRGR6b0oxbERram9wdVgyejRQTWVjUklTaUJOcllaCmxaZzJoVXhHdFRKSlNxKzhk VVVZZ2lOUncvSHZPTHpyS0ZrZ1piRjErZXZPMWtXbWxVT0U1b0s4d3FlTkYxdGkKeVpITmJkald2 N2lxMFZGai8zdStraVY3ZXhlVXhKOWJpN244VUtHUFFnOXlpdUoxdHhtWHpRZHljZmZWVWk2QQpK b3lSNlJBMTdHS3RnUVpQcFhITE1HQVF1Yy85UUI0NVd1VFBZMGxJNkRpcDJwU3RmTkFtZEc0YU1O V0FwaW5PCkl4YU5SbVNrbTJmbi9jY0pkY0lkY2RzRUdXc0ljN3cyU2xLbVRobGw5YlQwYi9WQS8y L1J3Y3RlZmVNeUY2R0MKTC9sQVp5K2RaVVFaOGVaekw2WGsvRzFacGIyQkhYSHZrMFZCb21XZTFv dWxtS2h4ODllUGhzNnprSEVILzNKZApmdjJSV0d0QUZaQThhSHozRE1FZAo9Z2NFZgotLS0tLUVO RCBQR1AgU0lHTkFUVVJFLS0tLS0K --===============8987600644543242159==--