Re: Guardian 2

Re: Guardian 2

[Matthias Fischer]

[-- Attachment #1: Type: text/plain, Size: 2506 bytes --]

Hi,

Ok, next.

Am I right assuming that the '2.0-002'-version at
http://people.ipfire.org/~stevee/guardian-2.0/ plus
http://people.ipfire.org/~stevee/guardian-2.0/packages/dependencies/ is
the latest!?

Best,
Matthias

On 16.07.2016 04:03, Mark Coolen wrote:
> I'm willing to test it as well. I take it the instructions from
> http://planet.ipfire.org/post/introducing-guardian-2-0-for-ipfire are still
> good?
> 
> On Fri, Jul 15, 2016 at 8:23 PM, R. W. Rodolico <rodo(a)dailydata.net> wrote:
> 
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Tell me what I need to do to test Guardian. I've never installed it,
>> but I am doing it now.
>>
>> Rod
>>
>> On 07/15/2016 05:00 AM, Michael Tremer wrote:
>> > Hi guys,
>> >
>> > even if you have a conversation on the phone, please try keeping us
>> > in the loop.
>> >
>> > So the key points of what I know:
>> >
>> > * A release is targeted for core update 104
>> >
>> > * There are a few changes required so that re-blocking a host after
>> > it has been manually unblocked allows this host the configured
>> > number of tries again and not only one.
>> >
>> > * Many more testers are required since feedback is really low at
>> > this point.
>> >
>> > Did I get this right? What is the ETA for a set of patches on the
>> > mailing list?
>> >
>> > What is the plan to engage more testers?
>> >
>> > Best, -Michael
>> >
>> > On Thu, 2016-07-14 at 14:36 +0200, Daniel Weismüller wrote:
>> >> Hi Stevee I know you are very busy and working hard on the this.
>> >> But if you want to release the new Guardian 2 with Core 104 we
>> >> still need to do some work and it must be tested! So please tell
>> >> us something about the new guardian2 and the state of your work.
>> >>
>> >> Maybe we find more testers here on the list.
>> >>
>> >> Meanwhile I've talked with Michael about the state which I know
>> >> of the guardian2 and we both go confirm that the list of blocked
>> >> IPs which runs in the background isn't a good idea. Please let us
>> >> talk by phone about it again.
>> >>
>> >> - Daniel
>>
>> - --
>> Rod Rodolico
>> Daily Data, Inc.
>> POB 140465
>> Dallas TX 75214-0465
>> 214.827.2170
>> http://www.dailydata.net
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1.4.12 (GNU/Linux)
>>
>> iEYEARECAAYFAleJfncACgkQuVY3UpYMlTQ1ywCfdXuAC8ByMYEOKBpkvV0R+BRm
>> hhAAnR9juXlTjDlTiFMPbGOpDAP9LkOG
>> =5XbU
>> -----END PGP SIGNATURE-----
>>
> 
> 
> 

Re: Guardian 2

[R. W. Rodolico]

[-- Attachment #1: Type: text/plain, Size: 8900 bytes --]

hmmm. that is what I tried, but it didn't work. Maybe I need to go get
another oinkcode or something.

Thank you

On 07/18/2016 12:48 PM, Mark Coolen wrote:
> You have to register on snort.org <http://snort.org>. I think I just
> followed the instructions on the IDS page in the IPFire GUI and then
> input my oinkcode.
> I have no idea which rules to enable once I have them downloaded, but I
> spent awhile going throught them awhile back and guessed ;-)
> 
> I does work, and Guardian 2 watches the snort logs and automagically
> blocks IPs.
> 
> On Mon, Jul 18, 2016 at 12:37 AM, R. W. Rodolico <rodo(a)dailydata.net
> <mailto:rodo(a)dailydata.net>> wrote:
> 
>     Can you give me a clue on how to set up Snort? I got nothing on my
>     intrusion logs. I "attacked" it from a remote server (all machines are
>     mine, so I can do that :) and saw nothing. I downloaded some rules from
>     EmergingThreats.net Community Rules and turned several of them on, but
>     saw nothing.
> 
>     I had tried to do te Snort/VRT GPLv2 Community Rules and no rules showed
>     up. Just tried the SourceFire VRT Rules for registered users and got an
>     error, and no new rules showed up.
> 
>     I guess I need to clean this whole thing out and start over, if I can
>     figure out how to clean out the Snort ruleset.
> 
>     If anyone can give me a clue on this, I'll be happy to set it up and try
>     attacking myself.
> 
>     Selective blocking/unblocking works like a charm.
> 
>     Rod
> 
>     On 07/17/2016 06:47 PM, Mark Coolen wrote:
>     > OK. Now I have everything working well. Guardian is auto-blocking and
>     > allowing me to selectively block and unblock as well as unblock all.
>     >
>     > I think the IDS module really needs some kind of default settings for
>     > those who want to use it but don't understand the complexities of
>     > Snort's rules. I just guessed at things when I set Snort up, but it does
>     > produce logs of possible intrusion attempts and Guardian does respond
>     > appropriately.
>     >
>     > On Sat, Jul 16, 2016 at 2:43 PM, R. W. Rodolico <rodo(a)dailydata.net <mailto:rodo(a)dailydata.net>
>     > <mailto:rodo(a)dailydata.net <mailto:rodo(a)dailydata.net>>> wrote:
>     >
>     >     I saw the same issue and filed a bug report
>     >     (https://bugzilla.ipfire.org/show_bug.cgi?id=11146).
>     >
>     >     When something like this pops up, I generally
>     >     https://bugzilla.ipfire.org/show_bug.cgi?id=11146
>     >     immediately after the problem shows up; that usually gives some
>     >     indication of the problem.
>     >
>     >     As Matthias says, it is a permissions issue on the
>     configuration file
>     >     directory. Either manually create the files (with correct
>     ownership and
>     >     permission) or change ownership/permission on the directory.
>     Then, you
>     >     have a nice, pretty GUI.
>     >
>     >     I was able to efficiently block myself from the GUI after
>     that. Since I
>     >     don't know anything about how to test Snort, I'm having
>     problems getting
>     >     it to block automatically, but that is another issue.
>     >
>     >     Rod
>     >
>     >     On 07/16/2016 09:19 AM, Mark Coolen wrote:
>     >     > I'm a bit confused about that. Why would 2.0-002 be newer
>     than 2.0-010?
>     >     > There's a 2.0-012 under 'old approach' but those files have
>     an older
>     >     > timestamp. The 2.0-002 is a tarball, but the 2.0-010 is an
>     ipfire
>     >     > package as are the 'dependancies'. I've used Guardian 2
>     several times in
>     >     > the past by just extracting according to the instructions on
>     stevee's
>     >     > ;--) page, but that doesn't seem to work with the 2.0-002
>     tarball. I
>     >     > just get a completely blank page in the GUI.
>     >     > How do we test?
>     >     >
>     >     > On Sat, Jul 16, 2016 at 2:59 AM, Matthias Fischer
>     >     > <matthias.fischer(a)ipfire.org
>     <mailto:matthias.fischer(a)ipfire.org>
>     <mailto:matthias.fischer(a)ipfire.org
>     <mailto:matthias.fischer(a)ipfire.org>>
>     >     <mailto:matthias.fischer(a)ipfire.org
>     <mailto:matthias.fischer(a)ipfire.org>
>     >     <mailto:matthias.fischer(a)ipfire.org <mailto:matthias.fischer(a)ipfire.org>>>>
>     wrote:
>     >     >
>     >     >     Hi,
>     >     >
>     >     >     Ok, next.
>     >     >
>     >     >     Am I right assuming that the '2.0-002'-version at
>     >     >     http://people.ipfire.org/~stevee/guardian-2.0/ plus
>     >     >     http://people.ipfire.org/~stevee/guardian-2.0/packages/dependencies/ is
>     >     >     the latest!?
>     >     >
>     >     >     Best,
>     >     >     Matthias
>     >     >
>     >     >     On 16.07.2016 04:03, Mark Coolen wrote:
>     >     >     > I'm willing to test it as well. I take it the instructions from
>     >     >     > http://planet.ipfire.org/post/introducing-guardian-2-0-for-ipfire
>     >     >     are still
>     >     >     > good?
>     >     >     >
>     >     >     > On Fri, Jul 15, 2016 at 8:23 PM, R. W. Rodolico
>     >     >     <rodo(a)dailydata.net <mailto:rodo(a)dailydata.net>
>     <mailto:rodo(a)dailydata.net <mailto:rodo(a)dailydata.net>>
>     >     <mailto:rodo(a)dailydata.net <mailto:rodo(a)dailydata.net>
>     <mailto:rodo(a)dailydata.net <mailto:rodo(a)dailydata.net>>>> wrote:
>     >     >     >
>     >     > Tell me what I need to do to test Guardian. I've never
>     installed it,
>     >     > but I am doing it now.
>     >     >
>     >     > Rod
>     >     >
>     >     > On 07/15/2016 05:00 AM, Michael Tremer wrote:
>     >     >> Hi guys,
>     >     >
>     >     >> even if you have a conversation on the phone, please try
>     keeping us
>     >     >> in the loop.
>     >     >
>     >     >> So the key points of what I know:
>     >     >
>     >     >> * A release is targeted for core update 104
>     >     >
>     >     >> * There are a few changes required so that re-blocking a
>     host after
>     >     >> it has been manually unblocked allows this host the configured
>     >     >> number of tries again and not only one.
>     >     >
>     >     >> * Many more testers are required since feedback is really
>     low at
>     >     >> this point.
>     >     >
>     >     >> Did I get this right? What is the ETA for a set of patches
>     on the
>     >     >> mailing list?
>     >     >
>     >     >> What is the plan to engage more testers?
>     >     >
>     >     >> Best, -Michael
>     >     >
>     >     >> On Thu, 2016-07-14 at 14:36 +0200, Daniel Weismüller wrote:
>     >     >>> Hi Stevee I know you are very busy and working hard on the
>     this.
>     >     >>> But if you want to release the new Guardian 2 with Core 104 we
>     >     >>> still need to do some work and it must be tested! So
>     please tell
>     >     >>> us something about the new guardian2 and the state of your
>     work.
>     >     >>>
>     >     >>> Maybe we find more testers here on the list.
>     >     >>>
>     >     >>> Meanwhile I've talked with Michael about the state which I
>     know
>     >     >>> of the guardian2 and we both go confirm that the list of
>     blocked
>     >     >>> IPs which runs in the background isn't a good idea. Please
>     let us
>     >     >>> talk by phone about it again.
>     >     >>>
>     >     >>> - Daniel
>     >     >
>     >     >     >>
>     >     >     >
>     >     >     >
>     >     >     >
>     >     >
>     >     >
>     >     >
>     >     >
>     >     > --
>     >     >  _  _           _     ___         _
>     >     >  )\/,) ___  __  )L,   ))  __  __  )) __ _ _
>     >     > ((`(( ((_( (|  ((\   ((__((_)((_)(( (('((\(
>     >
>     >     --
>     >     Rod Rodolico
>     >     Daily Data, Inc.
>     >     POB 140465
>     >     Dallas TX 75214-0465
>     >     214.827.2170 <tel:214.827.2170> <tel:214.827.2170
>     <tel:214.827.2170>>
>     >     http://www.dailydata.net
>     >
>     >
>     >
>     >
>     > --
>     >  _  _           _     ___         _
>     >  )\/,) ___  __  )L,   ))  __  __  )) __ _ _
>     > ((`(( ((_( (|  ((\   ((__((_)((_)(( (('((\(
> 
>     --
>     Rod Rodolico
>     Daily Data, Inc.
>     POB 140465
>     Dallas TX 75214-0465
>     214.827.2170 <tel:214.827.2170>
>     http://www.dailydata.net
> 
> 
> 
> 
> -- 
>  _  _           _     ___         _         
>  )\/,) ___  __  )L,   ))  __  __  )) __ _ _
> ((`(( ((_( (|  ((\   ((__((_)((_)(( (('((\(

-- 
Rod Rodolico
Daily Data, Inc.
POB 140465
Dallas TX 75214-0465
214.827.2170
http://www.dailydata.net

Re: Guardian 2

[R. W. Rodolico]

[-- Attachment #1: Type: text/plain, Size: 6375 bytes --]

Can you give me a clue on how to set up Snort? I got nothing on my
intrusion logs. I "attacked" it from a remote server (all machines are
mine, so I can do that :) and saw nothing. I downloaded some rules from
EmergingThreats.net Community Rules and turned several of them on, but
saw nothing.

I had tried to do te Snort/VRT GPLv2 Community Rules and no rules showed
up. Just tried the SourceFire VRT Rules for registered users and got an
error, and no new rules showed up.

I guess I need to clean this whole thing out and start over, if I can
figure out how to clean out the Snort ruleset.

If anyone can give me a clue on this, I'll be happy to set it up and try
attacking myself.

Selective blocking/unblocking works like a charm.

Rod

On 07/17/2016 06:47 PM, Mark Coolen wrote:
> OK. Now I have everything working well. Guardian is auto-blocking and
> allowing me to selectively block and unblock as well as unblock all.
> 
> I think the IDS module really needs some kind of default settings for
> those who want to use it but don't understand the complexities of
> Snort's rules. I just guessed at things when I set Snort up, but it does
> produce logs of possible intrusion attempts and Guardian does respond
> appropriately.
> 
> On Sat, Jul 16, 2016 at 2:43 PM, R. W. Rodolico <rodo(a)dailydata.net
> <mailto:rodo(a)dailydata.net>> wrote:
> 
>     I saw the same issue and filed a bug report
>     (https://bugzilla.ipfire.org/show_bug.cgi?id=11146).
> 
>     When something like this pops up, I generally
>     https://bugzilla.ipfire.org/show_bug.cgi?id=11146
>     immediately after the problem shows up; that usually gives some
>     indication of the problem.
> 
>     As Matthias says, it is a permissions issue on the configuration file
>     directory. Either manually create the files (with correct ownership and
>     permission) or change ownership/permission on the directory. Then, you
>     have a nice, pretty GUI.
> 
>     I was able to efficiently block myself from the GUI after that. Since I
>     don't know anything about how to test Snort, I'm having problems getting
>     it to block automatically, but that is another issue.
> 
>     Rod
> 
>     On 07/16/2016 09:19 AM, Mark Coolen wrote:
>     > I'm a bit confused about that. Why would 2.0-002 be newer than 2.0-010?
>     > There's a 2.0-012 under 'old approach' but those files have an older
>     > timestamp. The 2.0-002 is a tarball, but the 2.0-010 is an ipfire
>     > package as are the 'dependancies'. I've used Guardian 2 several times in
>     > the past by just extracting according to the instructions on stevee's
>     > ;--) page, but that doesn't seem to work with the 2.0-002 tarball. I
>     > just get a completely blank page in the GUI.
>     > How do we test?
>     >
>     > On Sat, Jul 16, 2016 at 2:59 AM, Matthias Fischer
>     > <matthias.fischer(a)ipfire.org <mailto:matthias.fischer(a)ipfire.org>
>     <mailto:matthias.fischer(a)ipfire.org
>     <mailto:matthias.fischer(a)ipfire.org>>> wrote:
>     >
>     >     Hi,
>     >
>     >     Ok, next.
>     >
>     >     Am I right assuming that the '2.0-002'-version at
>     >     http://people.ipfire.org/~stevee/guardian-2.0/ plus
>     >     http://people.ipfire.org/~stevee/guardian-2.0/packages/dependencies/ is
>     >     the latest!?
>     >
>     >     Best,
>     >     Matthias
>     >
>     >     On 16.07.2016 04:03, Mark Coolen wrote:
>     >     > I'm willing to test it as well. I take it the instructions from
>     >     > http://planet.ipfire.org/post/introducing-guardian-2-0-for-ipfire
>     >     are still
>     >     > good?
>     >     >
>     >     > On Fri, Jul 15, 2016 at 8:23 PM, R. W. Rodolico
>     >     <rodo(a)dailydata.net <mailto:rodo(a)dailydata.net>
>     <mailto:rodo(a)dailydata.net <mailto:rodo(a)dailydata.net>>> wrote:
>     >     >
>     > Tell me what I need to do to test Guardian. I've never installed it,
>     > but I am doing it now.
>     >
>     > Rod
>     >
>     > On 07/15/2016 05:00 AM, Michael Tremer wrote:
>     >> Hi guys,
>     >
>     >> even if you have a conversation on the phone, please try keeping us
>     >> in the loop.
>     >
>     >> So the key points of what I know:
>     >
>     >> * A release is targeted for core update 104
>     >
>     >> * There are a few changes required so that re-blocking a host after
>     >> it has been manually unblocked allows this host the configured
>     >> number of tries again and not only one.
>     >
>     >> * Many more testers are required since feedback is really low at
>     >> this point.
>     >
>     >> Did I get this right? What is the ETA for a set of patches on the
>     >> mailing list?
>     >
>     >> What is the plan to engage more testers?
>     >
>     >> Best, -Michael
>     >
>     >> On Thu, 2016-07-14 at 14:36 +0200, Daniel Weismüller wrote:
>     >>> Hi Stevee I know you are very busy and working hard on the this.
>     >>> But if you want to release the new Guardian 2 with Core 104 we
>     >>> still need to do some work and it must be tested! So please tell
>     >>> us something about the new guardian2 and the state of your work.
>     >>>
>     >>> Maybe we find more testers here on the list.
>     >>>
>     >>> Meanwhile I've talked with Michael about the state which I know
>     >>> of the guardian2 and we both go confirm that the list of blocked
>     >>> IPs which runs in the background isn't a good idea. Please let us
>     >>> talk by phone about it again.
>     >>>
>     >>> - Daniel
>     >
>     >     >>
>     >     >
>     >     >
>     >     >
>     >
>     >
>     >
>     >
>     > --
>     >  _  _           _     ___         _
>     >  )\/,) ___  __  )L,   ))  __  __  )) __ _ _
>     > ((`(( ((_( (|  ((\   ((__((_)((_)(( (('((\(
> 
>     --
>     Rod Rodolico
>     Daily Data, Inc.
>     POB 140465
>     Dallas TX 75214-0465
>     214.827.2170 <tel:214.827.2170>
>     http://www.dailydata.net
> 
> 
> 
> 
> -- 
>  _  _           _     ___         _         
>  )\/,) ___  __  )L,   ))  __  __  )) __ _ _
> ((`(( ((_( (|  ((\   ((__((_)((_)(( (('((\(

-- 
Rod Rodolico
Daily Data, Inc.
POB 140465
Dallas TX 75214-0465
214.827.2170
http://www.dailydata.net

Re: Guardian 2

[R. W. Rodolico]

[-- Attachment #1: Type: text/plain, Size: 3888 bytes --]

I saw the same issue and filed a bug report
(https://bugzilla.ipfire.org/show_bug.cgi?id=11146).

When something like this pops up, I generally
https://bugzilla.ipfire.org/show_bug.cgi?id=11146
immediately after the problem shows up; that usually gives some
indication of the problem.

As Matthias says, it is a permissions issue on the configuration file
directory. Either manually create the files (with correct ownership and
permission) or change ownership/permission on the directory. Then, you
have a nice, pretty GUI.

I was able to efficiently block myself from the GUI after that. Since I
don't know anything about how to test Snort, I'm having problems getting
it to block automatically, but that is another issue.

Rod

On 07/16/2016 09:19 AM, Mark Coolen wrote:
> I'm a bit confused about that. Why would 2.0-002 be newer than 2.0-010?
> There's a 2.0-012 under 'old approach' but those files have an older
> timestamp. The 2.0-002 is a tarball, but the 2.0-010 is an ipfire
> package as are the 'dependancies'. I've used Guardian 2 several times in
> the past by just extracting according to the instructions on stevee's
> ;--) page, but that doesn't seem to work with the 2.0-002 tarball. I
> just get a completely blank page in the GUI.
> How do we test?
> 
> On Sat, Jul 16, 2016 at 2:59 AM, Matthias Fischer
> <matthias.fischer(a)ipfire.org <mailto:matthias.fischer(a)ipfire.org>> wrote:
> 
>     Hi,
> 
>     Ok, next.
> 
>     Am I right assuming that the '2.0-002'-version at
>     http://people.ipfire.org/~stevee/guardian-2.0/ plus
>     http://people.ipfire.org/~stevee/guardian-2.0/packages/dependencies/ is
>     the latest!?
> 
>     Best,
>     Matthias
> 
>     On 16.07.2016 04:03, Mark Coolen wrote:
>     > I'm willing to test it as well. I take it the instructions from
>     > http://planet.ipfire.org/post/introducing-guardian-2-0-for-ipfire
>     are still
>     > good?
>     >
>     > On Fri, Jul 15, 2016 at 8:23 PM, R. W. Rodolico
>     <rodo(a)dailydata.net <mailto:rodo(a)dailydata.net>> wrote:
>     >
> Tell me what I need to do to test Guardian. I've never installed it,
> but I am doing it now.
> 
> Rod
> 
> On 07/15/2016 05:00 AM, Michael Tremer wrote:
>> Hi guys,
> 
>> even if you have a conversation on the phone, please try keeping us
>> in the loop.
> 
>> So the key points of what I know:
> 
>> * A release is targeted for core update 104
> 
>> * There are a few changes required so that re-blocking a host after
>> it has been manually unblocked allows this host the configured
>> number of tries again and not only one.
> 
>> * Many more testers are required since feedback is really low at
>> this point.
> 
>> Did I get this right? What is the ETA for a set of patches on the
>> mailing list?
> 
>> What is the plan to engage more testers?
> 
>> Best, -Michael
> 
>> On Thu, 2016-07-14 at 14:36 +0200, Daniel Weismüller wrote:
>>> Hi Stevee I know you are very busy and working hard on the this.
>>> But if you want to release the new Guardian 2 with Core 104 we
>>> still need to do some work and it must be tested! So please tell
>>> us something about the new guardian2 and the state of your work.
>>>
>>> Maybe we find more testers here on the list.
>>>
>>> Meanwhile I've talked with Michael about the state which I know
>>> of the guardian2 and we both go confirm that the list of blocked
>>> IPs which runs in the background isn't a good idea. Please let us
>>> talk by phone about it again.
>>>
>>> - Daniel
> 
>     >>
>     >
>     >
>     >
> 
> 
> 
> 
> -- 
>  _  _           _     ___         _         
>  )\/,) ___  __  )L,   ))  __  __  )) __ _ _
> ((`(( ((_( (|  ((\   ((__((_)((_)(( (('((\(

-- 
Rod Rodolico
Daily Data, Inc.
POB 140465
Dallas TX 75214-0465
214.827.2170
http://www.dailydata.net

Re: Guardian 2

[Matthias Fischer]

[-- Attachment #1: Type: text/plain, Size: 5151 bytes --]

Hi,

you're not alone - I was a bit confused, too.

Being curious, I did the following:

Downloaded the newer tarball from here, hoping it would be the right one:
http://people.ipfire.org/~stevee/guardian-2.0/guardian-2.0-002.i586.tar.gz

Downloaded the 'dependencies' from here:
http://people.ipfire.org/~stevee/guardian-2.0/packages/dependencies/i586/perl-Net-IP-1.26-1.ipfire
http://people.ipfire.org/~stevee/guardian-2.0/packages/dependencies/i586/perl-common-sense-3.74-1.ipfire
http://people.ipfire.org/~stevee/guardian-2.0/packages/dependencies/i586/perl-inotify2-1.22-1.ipfire

Unpacked the tarball and the three pakfire-archives and got it installed
on my testmachine (offline).

Hint:
Take a 'close* look at the 'user:group'-rights. ;-)

I don't know how Stefan created the 'tarball', but most of the files in
it had 'samba:samba' assignments, even the symlinks (for these I used
'chown -h root:root' ...).

The original archive looks like this:

...
drwxr-xr-x 3 root root 4096 Jul 16 18:04 web
[root(a)ipfiretest srv]# cd web
[root(a)ipfiretest web]# ls -l
total 4
drwxr-xr-x 3 samba samba 4096 Jul  4 11:03 ipfire
[root(a)ipfiretest web]# cd ipfire
[root(a)ipfiretest ipfire]# ls -l
total 4
drwxr-xr-x 2 root root 4096 Jul 16 18:04 cgi-bin
[root(a)ipfiretest ipfire]# cd cgi-bin/
[root(a)ipfiretest cgi-bin]# ls -l
total 64
-rwxr-xr-x 1 samba samba 37174 Jul 14 14:51 guardian.cgi
-rwxr-xr-x 1 samba samba 23201 Oct 22  2014 ids.cgi
...

The whole thing is still offline, GUI seems to work, I can start/stop
'guardian' and edit the 'ignore'-list.
But I'd like to hear something like "That was ok, go for it...", before
I put this in production. ;-)

HTH,
Matthias

On 16.07.2016 16:19, Mark Coolen wrote:
> I'm a bit confused about that. Why would 2.0-002 be newer than 2.0-010?
> There's a 2.0-012 under 'old approach' but those files have an older
> timestamp. The 2.0-002 is a tarball, but the 2.0-010 is an ipfire package
> as are the 'dependancies'. I've used Guardian 2 several times in the past
> by just extracting according to the instructions on stevee's ;--) page, but
> that doesn't seem to work with the 2.0-002 tarball. I just get a completely
> blank page in the GUI.
> How do we test?
> 
> On Sat, Jul 16, 2016 at 2:59 AM, Matthias Fischer <
> matthias.fischer(a)ipfire.org> wrote:
> 
>> Hi,
>>
>> Ok, next.
>>
>> Am I right assuming that the '2.0-002'-version at
>> http://people.ipfire.org/~stevee/guardian-2.0/ plus
>> http://people.ipfire.org/~stevee/guardian-2.0/packages/dependencies/ is
>> the latest!?
>>
>> Best,
>> Matthias
>>
>> On 16.07.2016 04:03, Mark Coolen wrote:
>> > I'm willing to test it as well. I take it the instructions from
>> > http://planet.ipfire.org/post/introducing-guardian-2-0-for-ipfire are
>> still
>> > good?
>> >
>> > On Fri, Jul 15, 2016 at 8:23 PM, R. W. Rodolico <rodo(a)dailydata.net>
>> wrote:
>> >
>> >> -----BEGIN PGP SIGNED MESSAGE-----
>> >> Hash: SHA1
>> >>
>> >> Tell me what I need to do to test Guardian. I've never installed it,
>> >> but I am doing it now.
>> >>
>> >> Rod
>> >>
>> >> On 07/15/2016 05:00 AM, Michael Tremer wrote:
>> >> > Hi guys,
>> >> >
>> >> > even if you have a conversation on the phone, please try keeping us
>> >> > in the loop.
>> >> >
>> >> > So the key points of what I know:
>> >> >
>> >> > * A release is targeted for core update 104
>> >> >
>> >> > * There are a few changes required so that re-blocking a host after
>> >> > it has been manually unblocked allows this host the configured
>> >> > number of tries again and not only one.
>> >> >
>> >> > * Many more testers are required since feedback is really low at
>> >> > this point.
>> >> >
>> >> > Did I get this right? What is the ETA for a set of patches on the
>> >> > mailing list?
>> >> >
>> >> > What is the plan to engage more testers?
>> >> >
>> >> > Best, -Michael
>> >> >
>> >> > On Thu, 2016-07-14 at 14:36 +0200, Daniel Weismüller wrote:
>> >> >> Hi Stevee I know you are very busy and working hard on the this.
>> >> >> But if you want to release the new Guardian 2 with Core 104 we
>> >> >> still need to do some work and it must be tested! So please tell
>> >> >> us something about the new guardian2 and the state of your work.
>> >> >>
>> >> >> Maybe we find more testers here on the list.
>> >> >>
>> >> >> Meanwhile I've talked with Michael about the state which I know
>> >> >> of the guardian2 and we both go confirm that the list of blocked
>> >> >> IPs which runs in the background isn't a good idea. Please let us
>> >> >> talk by phone about it again.
>> >> >>
>> >> >> - Daniel
>> >>
>> >> - --
>> >> Rod Rodolico
>> >> Daily Data, Inc.
>> >> POB 140465
>> >> Dallas TX 75214-0465
>> >> 214.827.2170
>> >> http://www.dailydata.net
>> >> -----BEGIN PGP SIGNATURE-----
>> >> Version: GnuPG v1.4.12 (GNU/Linux)
>> >>
>> >> iEYEARECAAYFAleJfncACgkQuVY3UpYMlTQ1ywCfdXuAC8ByMYEOKBpkvV0R+BRm
>> >> hhAAnR9juXlTjDlTiFMPbGOpDAP9LkOG
>> >> =5XbU
>> >> -----END PGP SIGNATURE-----
>> >>
>> >
>> >
>> >
>>
>>
> 
> 

Re: Guardian 2

[R. W. Rodolico]

[-- Attachment #1: Type: text/plain, Size: 1746 bytes --]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Tell me what I need to do to test Guardian. I've never installed it,
but I am doing it now.

Rod

On 07/15/2016 05:00 AM, Michael Tremer wrote:
> Hi guys,
> 
> even if you have a conversation on the phone, please try keeping us
> in the loop.
> 
> So the key points of what I know:
> 
> * A release is targeted for core update 104
> 
> * There are a few changes required so that re-blocking a host after
> it has been manually unblocked allows this host the configured
> number of tries again and not only one.
> 
> * Many more testers are required since feedback is really low at
> this point.
> 
> Did I get this right? What is the ETA for a set of patches on the
> mailing list?
> 
> What is the plan to engage more testers?
> 
> Best, -Michael
> 
> On Thu, 2016-07-14 at 14:36 +0200, Daniel Weismüller wrote:
>> Hi Stevee I know you are very busy and working hard on the this. 
>> But if you want to release the new Guardian 2 with Core 104 we
>> still need to do some work and it must be tested! So please tell
>> us something about the new guardian2 and the state of your work.
>> 
>> Maybe we find more testers here on the list.
>> 
>> Meanwhile I've talked with Michael about the state which I know
>> of the guardian2 and we both go confirm that the list of blocked
>> IPs which runs in the background isn't a good idea. Please let us
>> talk by phone about it again.
>> 
>> - Daniel

- -- 
Rod Rodolico
Daily Data, Inc.
POB 140465
Dallas TX 75214-0465
214.827.2170
http://www.dailydata.net
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAleJfncACgkQuVY3UpYMlTQ1ywCfdXuAC8ByMYEOKBpkvV0R+BRm
hhAAnR9juXlTjDlTiFMPbGOpDAP9LkOG
=5XbU
-----END PGP SIGNATURE-----

Re: Guardian 2

[Michael Tremer]

[-- Attachment #1: Type: text/plain, Size: 1240 bytes --]

Hi guys,

even if you have a conversation on the phone, please try keeping us in the loop.

So the key points of what I know:

* A release is targeted for core update 104

* There are a few changes required so that re-blocking a host after it has been
manually unblocked allows this host the configured number of tries again and not
only one.

* Many more testers are required since feedback is really low at this point.

Did I get this right? What is the ETA for a set of patches on the mailing list?

What is the plan to engage more testers?

Best,
-Michael

On Thu, 2016-07-14 at 14:36 +0200, Daniel Weismüller wrote:
> Hi Stevee
> I know you are very busy and working hard on the this.
> But if you want to release the new Guardian 2 with Core 104 we still 
> need to do some work and it must be tested!
> So please tell us something about the new guardian2 and the state of 
> your work.
> 
> Maybe we find more testers here on the list.
> 
> Meanwhile I've talked with Michael about the state which I know of the 
> guardian2 and we both go confirm that the list of blocked IPs which runs 
> in the background isn't a good idea.
> Please let us talk by phone about it again.
> 
> -
> Daniel

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 819 bytes --]

Guardian 2

[Daniel Weismüller]

[-- Attachment #1: Type: text/plain, Size: 544 bytes --]

Hi Stevee
I know you are very busy and working hard on the this.
But if you want to release the new Guardian 2 with Core 104 we still 
need to do some work and it must be tested!
So please tell us something about the new guardian2 and the state of 
your work.

Maybe we find more testers here on the list.

Meanwhile I've talked with Michael about the state which I know of the 
guardian2 and we both go confirm that the list of blocked IPs which runs 
in the background isn't a good idea.
Please let us talk by phone about it again.

-
Daniel