Hello Stefan,
Thanks for baking a new image. I just installed this and gave it a little test.
I will start with some comments on the UI:
* The error messages are a bit shouty. “No ruleset available, PLEASE DOWNLOAD ONE!!!111!!!” Is not really how these usually go.
The is two ways how to solve this: a) rephrase the messages and b) avoid that the user is shown this anyways. For example: grey out the enable checkbox when no ruleset has been downloaded and show a small note that this is a requirement.
* I think the top box can be merged with the settings box. There is too many headlines and this is rather confusing. It is one box in all other add-ons.
* It is not possible to click the Download button for rules when Save hasn’t been clicked before. That doesn’t make much sense.
* Downloading rules does not work. The log file says that no ruleset was selected although it was. Doesn’t work with any.
* In the German translation the word “Regelset” and “Regelsatz” are being used. I think the latter is the correct version.
So, I could not get this to work. What should I do?
-Michael
On 1 Jan 2019, at 13:32, Stefan Schantl stefan.schantl@ipfire.org wrote:
Hello list followers,
a very happy new year to all of you!
I had some free time during the christmas days and backed a new testing image for suricata:
https://people.ipfire.org/~stevee/suricata/Images/ipfire-2.21.x86_64-suricat...
It contains a lot of bug fixes and improvements suggested on this list.
As usual please do a lot of testing and report back any issues and suggestions.
Thanks in advance,
-Stefan
Hello list followers,
some time ago development for the new implementation of the Intrusion Detection functionality in IPFire has been started.
The main goal, in a nutshell, was to give IPFire a modern, feature- rich and user-friendly Intrusion Detection Engine. During this progress, the detection framework has been replaced - now suricata is used instead of snort.
Suricata uses a very modern and multi-threaded detection engine with support to perform actions on malicious traffic. So it provides the functionality of detecting any kind of intrusion attempts and the ability of guardian to block them under the same hood.
It was a lot of work, but finaly I'm happy to announce the first test version. It is almost feature complete and without any kind of bigger issues.
Because Intrusion Detection is a key feature of a firewall system, a lot of testing is required until the new implementation can become part of IPFire - therefore we need your help!
Download the test image ( https://people.ipfire.org/~stevee/suricata/Images/), do a lot of hard testing and provide your feedback or suggestions on the develoment mailing list (https://lists.ipfire.org/mailman/listinfo/development).
If you find any bugs please file them in the IPFire Bugtracker ( https://bugzilla.ipfire.org/).
Many thanks in advance,
-Stefan