Hello Blago Culjak,
Hello Stefan, I have updated, now seems fine. Will do even more testing in days to come.
I have two suggestions, one for community, other is for features in new version:
- I think that you should rename Guardian 2.0 to Intrusion
Prevention. Lots of people don't know (outside Linux world) about this package, but they do know Intrusion Preventon, what stands for. This is unique feature of IPFire, and should be considered like that. Ofcourse, give credit to orginal Guardian. This is entirly up to Michael and Project leaders, but I think this is great feature, that must be better promoted.
Hey, IPFire has Guardian 2.0. What the hell is that?
or
Hey, IPFire has Intrusion Prevention. Ooo,nice...
See what I mean?
The decision was to keep the old name to give tribute to this really great piece of software. The legacy version of guardian has been introduced more than a decade ago. So I think the term "guardian" is well known in the certain group of people which currently are using (or have used) one of the various free and open firewall solutions out there. Renaming the software to a different name will break those recognition.
I don't agree in using a name like "IPS" or a similar one would help anybody in the decision to use the software or not, nor to promote it.
- Stefan, I have asked you, and I will try again. Can we make
guardian even more better then just Intrusion Prevention? Can you block bad IP's that are destined from our network? Please have a look at the thread on forum. http://forum.ipfire.org/viewtopic.php?f=52&t=12639
This is not really a guardian related issue, it affects the intrusion detection system. Snort is currently not configured to monitor the traffic inside the network zones or between them.
This will be one of the next points on my personal "todo-list" and guardian 2.0 was just on of the first steps of extending IDS/IPS on IPFire.
Best regards,
-Stefan
Regards
Subject: Guardian 2.0 Testversion 011 From: stefan.schantl@ipfire.org To: development@lists.ipfire.org Date: Sat, 28 Feb 2015 14:50:35 +0100
Hello followers,
at first I have to thanks to all of you which have joined the guardian 2.0 testing team. I've got a lot of positive feedback but also has been noticed about several tiny issues.
I've uploaded an updated test version to http://people.ipfire.org/~stevee/guardian-2.0/.
The installation / update works in the same way as described in the planet post: http://planet.ipfire.org/post/introducing-guardian-2-0-for-ipfire
IMPORTANT: Please create a backup of your files stored in "/var/ipfire/guardian/", otherwise the will be overwritten by the update!
Changelog:
- Matthias Fischer detected some small problems in the "guardian.cgi"
and provided some patches for them. http://git.ipfire.org/?p=people/stevee/ipfire-2.x.git;a=commit;h=19d6abcce57... http://git.ipfire.org/?p=people/stevee/ipfire-2.x.git;a=commit;h=0a6c3cb8964... http://git.ipfire.org/?p=people/stevee/ipfire-2.x.git;a=commit;h=82208c83c70...
- Blago Culjak informed me about problems on starting guardian and
displaying it's status in the web interface. This behaviour only happens when the legacy version of guardian has been un-installed and not just replaced by the guardian. In the updated version contains the required file which is used by various IPFire scripts to detect if an addon is installed or not.
- The CLI switch "-d" called "debug mode" has been replaced by "-f" to
launch guardian and run it in the foreground. http://git.ipfire.org/?p=people/stevee/ipfire-2.x.git;a=commit;h=a58bd674863...
- Some new code has been added to prevent from starting multiple
instances of guardian. http://git.ipfire.org/?p=people/stevee/ipfire-2.x.git;a=commit;h=9d44c0d9952...
Best regards,
-Stefan
_______________________________________________ Development mailing list Development@lists.ipfire.org http://lists.ipfire.org/mailman/listinfo/development