From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michael Tremer To: development@lists.ipfire.org Subject: Re: IPFire meets Suricata - Call for tester Date: Wed, 02 Jan 2019 15:54:35 +0000 Message-ID: In-Reply-To: <9795d2668f4aece36cd937e9f54b134c339da17a.camel@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============3998983247268905936==" List-Id: --===============3998983247268905936== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hello Stefan, Thanks for baking a new image. I just installed this and gave it a little tes= t. I will start with some comments on the UI: * The error messages are a bit shouty. =E2=80=9CNo ruleset available, PLEASE = DOWNLOAD ONE!!!111!!!=E2=80=9D Is not really how these usually go. The is two ways how to solve this: a) rephrase the messages and b) avoid that= the user is shown this anyways. For example: grey out the enable checkbox wh= en no ruleset has been downloaded and show a small note that this is a requir= ement. * I think the top box can be merged with the settings box. There is too many = headlines and this is rather confusing. It is one box in all other add-ons. * It is not possible to click the Download button for rules when Save hasn=E2= =80=99t been clicked before. That doesn=E2=80=99t make much sense. * Downloading rules does not work. The log file says that no ruleset was sele= cted although it was. Doesn=E2=80=99t work with any. * In the German translation the word =E2=80=9CRegelset=E2=80=9D and =E2=80=9C= Regelsatz=E2=80=9D are being used. I think the latter is the correct version. So, I could not get this to work. What should I do? -Michael > On 1 Jan 2019, at 13:32, Stefan Schantl wrote: >=20 > Hello list followers, >=20 > a very happy new year to all of you! >=20 > I had some free time during the christmas days and backed a new testing > image for suricata: >=20 > https://people.ipfire.org/~stevee/suricata/Images/ipfire-2.21.x86_64-surica= ta-beta4-full-core127.iso >=20 > It contains a lot of bug fixes and improvements suggested on this list. >=20 > As usual please do a lot of testing and report back any issues and > suggestions. >=20 > Thanks in advance, >=20 > -Stefan >=20 >=20 >> Hello list followers, >>=20 >> some time ago development for the new implementation of the Intrusion >> Detection functionality in IPFire has been started. >>=20 >> The main goal, in a nutshell, was to give IPFire a modern, feature- >> rich=20 >> and user-friendly Intrusion Detection Engine. During this progress, >> the >> detection framework has been replaced - now suricata is used instead >> of >> snort. >>=20 >> Suricata uses a very modern and multi-threaded detection engine with >> support to perform actions on malicious traffic. So it provides the >> functionality of detecting any kind of intrusion attempts and the >> ability of guardian to block them under the same hood. >>=20 >> It was a lot of work, but finaly I'm happy to announce the first test >> version. It is almost feature complete and without any kind of bigger >> issues. >>=20 >> Because Intrusion Detection is a key feature of a firewall system, a >> lot of testing is required until the new implementation can become >> part >> of IPFire - therefore we need your help! >>=20 >> Download the test image ( >> https://people.ipfire.org/~stevee/suricata/Images/), do a lot of hard >> testing and provide your feedback or suggestions on the develoment >> mailing list (https://lists.ipfire.org/mailman/listinfo/development). >>=20 >> If you find any bugs please file them in the IPFire Bugtracker ( >> https://bugzilla.ipfire.org/). >>=20 >> Many thanks in advance, >>=20 >> -Stefan --===============3998983247268905936==--