The Emerging Threats ruleset server supports HTTPS. It should be used for downloading the ruleset in IPFire, too.
This also needs to be applied on the upcoming ids.cgi file for Suricata which I will do in a second patch.
Signed-off-by: Peter Müller peter.mueller@link38.eu --- html/cgi-bin/ids.cgi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi index 9863251e2..d9d697deb 100644 --- a/html/cgi-bin/ids.cgi +++ b/html/cgi-bin/ids.cgi @@ -265,7 +265,7 @@ if (!$errormessage) { } elsif ($snortsettings{'RULES'} eq 'community') { $url=" https://www.snort.org/rules/community"; } else { - $url="http://rules.emergingthreats.net/open/snort-2.9.0/emerging.rules.tar.gz"; + $url="https://rules.emergingthreats.net/open/snort-2.9.0/emerging.rules.tar.gz"; }
if ($snortsettings{'ACTION'} eq $Lang::tr{'save'} && $snortsettings{'ACTION2'} eq "snort" ) {
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Hi,
this is another patch that just doesn't to apply. I downloaded the email in mbox format and got this:
[root@hughes ipfire-2.x]# git am -s /home/ms/Downloads/[PATCH]_download_ET_IDS_rules_via_HTTPS.mbox Applying: download ET IDS rules via HTTPS error: corrupt patch at line 14 Patch failed at 0001 download ET IDS rules via HTTPS Use 'git am --show-current-patch' to see the failed patch When you have resolved this problem, run "git am --continue". If you prefer to skip this patch, run "git am --skip" instead. To restore the original branch and stop patching, run "git am --abort".
Looking at "git am --show-current-patch":
diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi index 9863251e2..d9d697deb 100644 - --- a/html/cgi-bin/ids.cgi +++ b/html/cgi-bin/ids.cgi @@ -265,7 +265,7 @@ if (!$errormessage) { } elsif ($snortsettings{'RULES'} eq 'community') { $url=3D" https://www.snort.org/rules/community"; } else { - - $url=3D"http://rules.emergingthreats.net/open/snort-2.9.0/emerging.rul= es.tar.gz"; + $url=3D"https://rules.emergingthreats.net/open/snort-2.9.0/emerging.ru= les.tar.gz"; } =20 if ($snortsettings{'ACTION'} eq $Lang::tr{'save'} && $snortsettings{'AC= TION2'} eq "snort" ) { - --=20 2.16.4
There are fancy line-wraps in that patch.
Is that the PGP stuff that is adding them?
Best, - -Michael
On Sun, 2018-08-12 at 11:50 +0200, Peter Müller wrote:
The Emerging Threats ruleset server supports HTTPS. It should be used for downloading the ruleset in IPFire, too.
This also needs to be applied on the upcoming ids.cgi file for Suricata which I will do in a second patch.
Signed-off-by: Peter Müller peter.mueller@link38.eu
html/cgi-bin/ids.cgi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi index 9863251e2..d9d697deb 100644 --- a/html/cgi-bin/ids.cgi +++ b/html/cgi-bin/ids.cgi @@ -265,7 +265,7 @@ if (!$errormessage) { } elsif ($snortsettings{'RULES'} eq 'community') { $url=" https://www.snort.org/rules/community"; } else {
$url="http://rules.emergingthreats.net/open/snort-2.9.0/emerging.rules.tar.gz";
$url="https://rules.emergingthreats.net/open/snort-2.9.0/emerging.rules.tar.gz";}
if ($snortsettings{'ACTION'} eq $Lang::tr{'save'} && $snortsettings{'ACTION2'} eq "snort" ) {
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Hello Michael,
thanks for the hint.
These linewraps did not occur again after switching to inline PGP signatures, so I suspect it was because of a bug in PGP/MIME implementation of my MUA.
Sorry for the delay. All affected patches were re-sent.
Let me know if there is any trouble with them.
Thanks, and best regards, Peter Müller - -- "We don't care. We don't have to. We're the Phone Company."
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
On Wed, 2018-08-15 at 16:57 +0200, Peter Müller wrote:
Hello Michael,
thanks for the hint.
These linewraps did not occur again after switching to inline PGP signatures, so I suspect it was because of a bug in PGP/MIME implementation of my MUA.
Sorry for the delay. All affected patches were re-sent.
Let me know if there is any trouble with them.
Yes there was. I responded on another email.
Thanks, and best regards, Peter Müller
-
Michael Tremer -
Peter Müller