From mboxrd@z Thu Jan  1 00:00:00 1970
From: Stefan Schantl <stefan.schantl@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH] guardian: Remove snort related options.
Date: Tue, 07 May 2019 19:17:16 +0200
Message-ID: <20190507171716.5631-1-stefan.schantl@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============9099038468601096049=="
List-Id: <development.lists.ipfire.org>

--===============9099038468601096049==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

IPFire has moved to suricata as IDS/IPS system, therefore all snort related
options has become obsolete.

Signed-off-by: Stefan Schantl <stefan.schantl(a)ipfire.org>
---
 config/guardian/guardian.de.pl |  4 +--
 config/guardian/guardian.en.pl |  4 +--
 config/guardian/guardian.tr.pl |  4 +--
 html/cgi-bin/guardian.cgi      | 51 ++++------------------------------
 lfs/guardian                   |  2 +-
 5 files changed, 10 insertions(+), 55 deletions(-)

diff --git a/config/guardian/guardian.de.pl b/config/guardian/guardian.de.pl
index 344d04543..c03c98525 100644
--- a/config/guardian/guardian.de.pl
+++ b/config/guardian/guardian.de.pl
@@ -6,7 +6,7 @@
 'guardian block httpd brute-force' =3D> 'httpd-Brute-Force-Erkennung',
 'guardian block owncloud brute-force' =3D> 'Owncloud-Brute-Force-Erkennung',
 'guardian block ssh brute-force' =3D> 'SSH-Brute-Force-Erkennung',
-'guardian blockcount' =3D> 'Trefferschwelle (Snort)',
+'guardian blockcount' =3D> 'Trefferschwelle',
 'guardian blocked hosts' =3D> 'Aktuell geblockte Hosts',
 'guardian blocking of this address is not allowed' =3D> 'Diese Addresse darf=
 nicht geblockt werden.',
 'guardian blocktime' =3D> 'Blockzeit (Sekunden)',
@@ -36,9 +36,7 @@
 'guardian priolevel_medium' =3D> '2 - Mittel',
 'guardian priolevel_low' =3D> '3 - Niedrig',
 'guardian priolevel_very_low' =3D> '4 - Sehr niedrig',
-'guardian priority level' =3D> 'Priorit=C3=A4tslevel (Snort)',
 'guardian service' =3D> 'Guardian-Dienst',
-'guardian watch snort alertfile' =3D> 'Snort-Alarme auswerten',
=20
 );
=20
diff --git a/config/guardian/guardian.en.pl b/config/guardian/guardian.en.pl
index f6be8654d..c94484f7e 100644
--- a/config/guardian/guardian.en.pl
+++ b/config/guardian/guardian.en.pl
@@ -6,7 +6,7 @@
 'guardian block httpd brute-force' =3D> 'httpd Brute Force Detection',
 'guardian block owncloud brute-force' =3D> 'Owncloud Brute Force detection',
 'guardian block ssh brute-force' =3D> 'SSH Brute Force Detection',
-'guardian blockcount' =3D> 'Strike Threshold (Snort)',
+'guardian blockcount' =3D> 'Strike Threshold',
 'guardian blocked hosts' =3D> 'Currently blocked hosts',
 'guardian blocking of this address is not allowed' =3D> 'Blocking of the giv=
en address is not allowed.',
 'guardian blocktime' =3D> 'Block Time (seconds)',
@@ -36,9 +36,7 @@
 'guardian priolevel_medium' =3D> '2 - Medium',
 'guardian priolevel_low' =3D> '3 - Low',
 'guardian priolevel_very_low' =3D> '4 - Very low',
-'guardian priority level' =3D> 'Priority Level (Snort)',
 'guardian service' =3D> 'Guardian Service',
-'guardian watch snort alertfile' =3D> 'Monitor Snort Alert File',
=20
 );
=20
diff --git a/config/guardian/guardian.tr.pl b/config/guardian/guardian.tr.pl
index cb64a358d..c4d9c5aab 100644
--- a/config/guardian/guardian.tr.pl
+++ b/config/guardian/guardian.tr.pl
@@ -6,7 +6,7 @@
 'guardian block httpd brute-force' =3D> 'httpd kaba kuvvet alg=C4=B1lama',
 'guardian block owncloud brute-force' =3D> 'Owncloud kaba kuvvet alg=C4=B1la=
ma',
 'guardian block ssh brute-force' =3D> 'SSH kaba kuvvet alg=C4=B1lama',
-'guardian blockcount' =3D> 'Vurgu e=C5=9Fi=C4=9Fi (Snort)',
+'guardian blockcount' =3D> 'Vurgu e=C5=9Fi=C4=9Fi',
 'guardian blocked hosts' =3D> '=C5=9Eu anda engellenen ana makineler',
 'guardian blocking of this address is not allowed' =3D> 'Verilen adresin eng=
ellenmesine izin verilmiyor.',
 'guardian blocktime' =3D> 'Engelleme zaman=C4=B1 (saniye)',
@@ -36,9 +36,7 @@
 'guardian priolevel_medium' =3D> '2 - Orta',
 'guardian priolevel_low' =3D> '3 - D=C3=BC=C5=9F=C3=BCk',
 'guardian priolevel_very_low' =3D> '4 - =C3=87ok d=C3=BC=C5=9F=C3=BCk',
-'guardian priority level' =3D> '=C3=96ncelik seviyesi (Snort)',
 'guardian service' =3D> 'Koruyucu servisi',
-'guardian watch snort alertfile' =3D> 'Snort uyar=C4=B1 dosyas=C4=B1',
=20
 );
=20
diff --git a/html/cgi-bin/guardian.cgi b/html/cgi-bin/guardian.cgi
index 6144aca02..36d84bb5b 100644
--- a/html/cgi-bin/guardian.cgi
+++ b/html/cgi-bin/guardian.cgi
@@ -52,7 +52,6 @@ my $ignorefile =3D'/var/ipfire/guardian/guardian.ignore';
 # file locations on IPFire systems.
 my %module_file_locations =3D (
 	"HTTPD" =3D> "/var/log/httpd/error_log",
-	"SNORT" =3D> "/var/log/snort/alert",
 	"SSH" =3D> "/var/log/messages",
 );
=20
@@ -78,7 +77,6 @@ our %ignored  =3D ();
 $settings{'ACTION'} =3D '';
=20
 $settings{'GUARDIAN_ENABLED'} =3D 'off';
-$settings{'GUARDIAN_MONITOR_SNORT'} =3D 'on';
 $settings{'GUARDIAN_MONITOR_SSH'} =3D 'on';
 $settings{'GUARDIAN_MONITOR_HTTPD'} =3D 'on';
 $settings{'GUARDIAN_MONITOR_OWNCLOUD'} =3D '';
@@ -88,7 +86,6 @@ $settings{'GUARDIAN_BLOCKCOUNT'} =3D '3';
 $settings{'GUARDIAN_BLOCKTIME'} =3D '86400';
 $settings{'GUARDIAN_FIREWALL_ACTION'} =3D 'DROP';
 $settings{'GUARDIAN_LOGFILE'} =3D '/var/log/guardian/guardian.log';
-$settings{'GUARDIAN_SNORT_PRIORITY_LEVEL'} =3D '3';
=20
 my $errormessage =3D '';
=20
@@ -379,9 +376,6 @@ sub showMainBox() {
 	$checked{'GUARDIAN_ENABLED'}{'on'} =3D '';
 	$checked{'GUARDIAN_ENABLED'}{'off'} =3D '';
 	$checked{'GUARDIAN_ENABLED'}{$settings{'GUARDIAN_ENABLED'}} =3D 'checked';
-	$checked{'GUARDIAN_MONITOR_SNORT'}{'off'} =3D '';
-	$checked{'GUARDIAN_MONITOR_SNORT'}{'on'} =3D '';
-	$checked{'GUARDIAN_MONITOR_SNORT'}{$settings{'GUARDIAN_MONITOR_SNORT'}} =3D=
 "checked=3D'checked'";
 	$checked{'GUARDIAN_MONITOR_SSH'}{'off'} =3D '';
 	$checked{'GUARDIAN_MONITOR_SSH'}{'on'} =3D '';
 	$checked{'GUARDIAN_MONITOR_SSH'}{$settings{'GUARDIAN_MONITOR_SSH'}} =3D "ch=
ecked=3D'checked'";
@@ -394,7 +388,6 @@ sub showMainBox() {
=20
 	$selected{'GUARDIAN_LOG_FACILITY'}{$settings{'GUARDIAN_LOG_FACILITY'}} =3D =
'selected';
 	$selected{'GUARDIAN_LOGLEVEL'}{$settings{'GUARDIAN_LOGLEVEL'}} =3D 'selecte=
d';
-	$selected{'GUARDIAN_SNORT_PRIORITY_LEVEL'}{$settings{'GUARDIAN_SNORT_PRIORI=
TY_LEVEL'}} =3D 'selected';
 	$selected{'GUARDIAN_FIREWALL_ACTION'}{$settings{'GUARDIAN_FIREWALL_ACTION'}=
} =3D 'selected';
=20
 	&Header::openpage($Lang::tr{'guardian configuration'}, 1, '');
@@ -447,19 +440,6 @@ sub showMainBox() {
 			\$("#GUARDIAN_LOG_FACILITY").change(update_options);
 			\$("#GUARDIAN_LOGLEVEL").change(update_options);
 			update_options();
-
-			// Show / Hide snort priority level option, based if
-			// snort is enabled / disabled.
-			if (\$('input[name=3DGUARDIAN_MONITOR_SNORT]:checked').val() =3D=3D 'on')=
 {
-				\$('.GUARDIAN_SNORT_PRIORITY_LEVEL').show();
-			} else {
-				\$('.GUARDIAN_SNORT_PRIORITY_LEVEL').hide();
-			}
-
-			// Show/Hide snort priority level when GUARDIAN_MONITOR_SNORT get changed.
-			\$('input[name=3DGUARDIAN_MONITOR_SNORT]').change(function() {
-				\$('.GUARDIAN_SNORT_PRIORITY_LEVEL').toggle();
-			});
 		});
 	</script>
 END
@@ -533,12 +513,6 @@ END
 				<td colspan=3D'2'><br></td>
 			</tr>
=20
-			<tr>
-				<td width=3D'25%' class=3D'base'>$Lang::tr{'guardian watch snort alertfi=
le'}</td>
-				<td align=3D'left'>on <input type=3D'radio' name=3D'GUARDIAN_MONITOR_SNO=
RT' value=3D'on' $checked{'GUARDIAN_MONITOR_SNORT'}{'on'} /> /
-				<input type=3D'radio' name=3D'GUARDIAN_MONITOR_SNORT' value=3D'off' $che=
cked{'GUARDIAN_MONITOR_SNORT'}{'off'} /> off</td>
-			</tr>
-
 			<tr>
 				<td width=3D'25%' class=3D'base'>$Lang::tr{'guardian block ssh brute-for=
ce'}</td>
 				<td align=3D'left'>on <input type=3D'radio' name=3D'GUARDIAN_MONITOR_SSH=
' value=3D'on' $checked{'GUARDIAN_MONITOR_SSH'}{'on'} /> /
@@ -580,17 +554,15 @@ END
 				<td><input type=3D'text' name=3D'GUARDIAN_LOGFILE' value=3D'$settings{'G=
UARDIAN_LOGFILE'}' size=3D'30' /></td>
 			</tr>
=20
-			<tr class=3D"GUARDIAN_SNORT_PRIORITY_LEVEL">
+			<tr>
 				<td colspan=3D'2'><br></td>
 			</tr>
=20
-			<tr class=3D"GUARDIAN_SNORT_PRIORITY_LEVEL">
-				<td align=3D'left' width=3D'20%'>$Lang::tr{'guardian priority level'}:</=
td>
-				<td><select name=3D'GUARDIAN_SNORT_PRIORITY_LEVEL'>
-					<option value=3D'1' $selected{'GUARDIAN_SNORT_PRIORITY_LEVEL'}{'1'}>$La=
ng::tr{'guardian priolevel_high'}</option>
-					<option value=3D'2' $selected{'GUARDIAN_SNORT_PRIORITY_LEVEL'}{'2'}>$La=
ng::tr{'guardian priolevel_medium'}</option>
-					<option value=3D'3' $selected{'GUARDIAN_SNORT_PRIORITY_LEVEL'}{'3'}>$La=
ng::tr{'guardian priolevel_low'}</option>
-					<option value=3D'4' $selected{'GUARDIAN_SNORT_PRIORITY_LEVEL'}{'4'}>$La=
ng::tr{'guardian priolevel_very_low'}</option>
+			<tr>
+				<td width=3D'25%' class=3D'base'>$Lang::tr{'guardian firewallaction'}:</=
td>
+				<td><select name=3D'GUARDIAN_FIREWALL_ACTION'>
+					<option value=3D'DROP' $selected{'GUARDIAN_FIREWALL_ACTION'}{'DROP'}>Dr=
op</option>
+					<option value=3D'REJECT' $selected{'GUARDIAN_FIREWALL_ACTION'}{'REJECT'=
}>Reject</option>
 				</select></td>
=20
 				<td width=3D'25%' class=3D'base'>$Lang::tr{'guardian blockcount'}:</td>
@@ -602,12 +574,6 @@ END
 			</tr>
=20
 			<tr>
-				<td width=3D'25%' class=3D'base'>$Lang::tr{'guardian firewallaction'}:</=
td>
-				<td><select name=3D'GUARDIAN_FIREWALL_ACTION'>
-					<option value=3D'DROP' $selected{'GUARDIAN_FIREWALL_ACTION'}{'DROP'}>Dr=
op</option>
-					<option value=3D'REJECT' $selected{'GUARDIAN_FIREWALL_ACTION'}{'REJECT'=
}>Reject</option>
-				</select></td>
-
 				<td width=3D'25%' class=3D'base'>$Lang::tr{'guardian blocktime'}:</td>
 				<td><input type=3D'text' name=3D'GUARDIAN_BLOCKTIME' value=3D'$settings{=
'GUARDIAN_BLOCKTIME'}' size=3D'10' /></td>
 			</tr>
@@ -977,11 +943,6 @@ sub BuildConfiguration() {
=20
 	# Module settings.
 	print FILE "\n# Module settings.\n";
-	# Check if SNORT is enabled and add snort priority.
-	if ($settings{'GUARDIAN_MONITOR_SNORT'} eq "on") {
-		print FILE "SnortPriorityLevel =3D $settings{'GUARDIAN_SNORT_PRIORITY_LEVE=
L'}\n";
-	}
-
 	close(FILE);
=20
 	# Generate ignore file.
diff --git a/lfs/guardian b/lfs/guardian
index 2eaf77212..d84ca64f3 100644
--- a/lfs/guardian
+++ b/lfs/guardian
@@ -33,7 +33,7 @@ DIR_APP    =3D $(DIR_SRC)/$(THISAPP)
 TARGET     =3D $(DIR_INFO)/$(THISAPP)
=20
 PROG       =3D guardian
-PAK_VER    =3D 15
+PAK_VER    =3D 16
=20
 DEPS       =3D "perl-inotify2 perl-Net-IP"
=20
--=20
2.20.1


--===============9099038468601096049==--