From mboxrd@z Thu Jan 1 00:00:00 1970 From: Peter =?utf-8?q?M=C3=BCller?= To: development@lists.ipfire.org Subject: Feedback regarding version 8 of the "IDS multiple provider" feature Date: Sat, 08 Jan 2022 11:37:05 +0100 Message-ID: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============7306950510360888420==" List-Id: --===============7306950510360888420== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hello Stefan, as discussed on Monday (https://wiki.ipfire.org/devel/telco/2022-01-03), I te= sted version 8 of the "IDS multiple provider" feature you developed. First of all, thank you= very much for all the efforts you have put into this! As you told me on the phone the other day, I downloaded the .tar.gz file, and= extracted it directly into / : [root(a)maverick ~]# sha256sum ids-multiple-providers-008.tar.gz=20 8fc42820a833f4a096c311d3e21a28f4a8dac7d772ca9b72ec0fbbbaad65be82 ids-multipl= e-providers-008.tar.gz [root(a)maverick ~]# tar xvzf ids-multiple-providers-008.tar.gz -C / usr/share/suricata/rules/app-layer-events.rules var/ipfire/langs/ etc/ var/ipfire/backup/ usr/share/suricata/rules/stream-events.rules usr/share/suricata/rules/files.rules usr/share/suricata/rules/http-events.rules usr/share/ usr/share/suricata/classification.config var/ipfire/suricata/oinkmaster.conf usr/share/suricata/rules/decoder-events.rules srv/ usr/share/suricata/rules/nfs-events.rules usr/ usr/local/bin/update-ids-ruleset etc/suricata/suricata.yaml usr/share/suricata/threshold.config var/ipfire/langs/de.pl var/ipfire/backup/bin/backup.pl usr/local/ usr/share/suricata/rules/smb-events.rules var/ipfire/backup/bin/ usr/share/suricata/rules/dhcp-events.rules usr/local/bin/ usr/share/suricata/rules/modbus-events.rules var/ipfire/ids-functions.pl usr/share/suricata/rules/ntp-events.rules var/ipfire/langs/en.pl var/ipfire/suricata/ usr/share/suricata/rules/dnp3-events.rules usr/share/suricata/reference.config usr/share/suricata/rules/smtp-events.rules usr/share/suricata/rules/ var/ipfire/backup/include srv/web/ipfire/ usr/share/suricata/rules/kerberos-events.rules usr/sbin/convert-ids-multiple-providers usr/share/suricata/ srv/web/ usr/share/suricata/rules/ipsec-events.rules srv/web/ipfire/cgi-bin/ids.cgi usr/sbin/convert-snort srv/web/ipfire/cgi-bin/ var/ipfire/ usr/sbin/ usr/share/suricata/rules/tls-events.rules var/ etc/suricata/ usr/share/suricata/rules/dns-events.rules var/ipfire/suricata/ruleset-sources Afterwards, I updated the language cache and ran the convert script: [root(a)maverick ~]# update-lang-cache=20 [root(a)maverick ~]# /usr/sbin/convert-ids-multiple-providers The does not exist. Cannot change the ownership! Aside from the message emitted by /usr/sbin/convert-ids-multiple-providers (b= ug #12758 has been filed for investigating on this one), I came across a file permission error while writi= ng /var/ipfire/suricata/suricata-default-rules.yaml (see bug #12759 for details). Apart from these, the CGI looks good, is sufficiently translated (sometimes, = "zur=C3=BCck" is spelled in capital letters, sometimes, it is not - but that's merely an aesthetic issue), and be= haves like expected. So, I'd treat it al almost being ready for production. :-) Please take a look at bug #12758 and #12759, and reply to me there if I shall= provide further information. Thank you in advance for your efforts. Thanks, and best regards, Peter M=C3=BCller --===============7306950510360888420==--