This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, master has been updated
via 6b19d192f93843df8e431d686d6830ebd1e93ccd (commit)
from 34d72e754243fe86fb1772d39e1b45876b8c72f4 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 6b19d192f93843df8e431d686d6830ebd1e93ccd
Author: Stefan Schantl <stefan.schantl(a)ipfire.org>
Date: Tue May 7 19:17:16 2019 +0200
guardian: Remove snort related options.
IPFire has moved to suricata as IDS/IPS system, therefore all snort related
options has become obsolete.
Signed-off-by: Stefan Schantl <stefan.schantl(a)ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f(a)ipfire.org>
-----------------------------------------------------------------------
Summary of changes:
config/guardian/guardian.de.pl | 4 +---
config/guardian/guardian.en.pl | 4 +---
config/guardian/guardian.tr.pl | 4 +---
html/cgi-bin/guardian.cgi | 51 +++++-------------------------------------
lfs/guardian | 2 +-
5 files changed, 10 insertions(+), 55 deletions(-)
Difference in files:
diff --git a/config/guardian/guardian.de.pl b/config/guardian/guardian.de.pl
index 344d04543..c03c98525 100644
--- a/config/guardian/guardian.de.pl
+++ b/config/guardian/guardian.de.pl
@@ -6,7 +6,7 @@
'guardian block httpd brute-force' => 'httpd-Brute-Force-Erkennung',
'guardian block owncloud brute-force' => 'Owncloud-Brute-Force-Erkennung',
'guardian block ssh brute-force' => 'SSH-Brute-Force-Erkennung',
-'guardian blockcount' => 'Trefferschwelle (Snort)',
+'guardian blockcount' => 'Trefferschwelle',
'guardian blocked hosts' => 'Aktuell geblockte Hosts',
'guardian blocking of this address is not allowed' => 'Diese Addresse darf nicht geblockt werden.',
'guardian blocktime' => 'Blockzeit (Sekunden)',
@@ -36,9 +36,7 @@
'guardian priolevel_medium' => '2 - Mittel',
'guardian priolevel_low' => '3 - Niedrig',
'guardian priolevel_very_low' => '4 - Sehr niedrig',
-'guardian priority level' => 'Prioritätslevel (Snort)',
'guardian service' => 'Guardian-Dienst',
-'guardian watch snort alertfile' => 'Snort-Alarme auswerten',
);
diff --git a/config/guardian/guardian.en.pl b/config/guardian/guardian.en.pl
index f6be8654d..c94484f7e 100644
--- a/config/guardian/guardian.en.pl
+++ b/config/guardian/guardian.en.pl
@@ -6,7 +6,7 @@
'guardian block httpd brute-force' => 'httpd Brute Force Detection',
'guardian block owncloud brute-force' => 'Owncloud Brute Force detection',
'guardian block ssh brute-force' => 'SSH Brute Force Detection',
-'guardian blockcount' => 'Strike Threshold (Snort)',
+'guardian blockcount' => 'Strike Threshold',
'guardian blocked hosts' => 'Currently blocked hosts',
'guardian blocking of this address is not allowed' => 'Blocking of the given address is not allowed.',
'guardian blocktime' => 'Block Time (seconds)',
@@ -36,9 +36,7 @@
'guardian priolevel_medium' => '2 - Medium',
'guardian priolevel_low' => '3 - Low',
'guardian priolevel_very_low' => '4 - Very low',
-'guardian priority level' => 'Priority Level (Snort)',
'guardian service' => 'Guardian Service',
-'guardian watch snort alertfile' => 'Monitor Snort Alert File',
);
diff --git a/config/guardian/guardian.tr.pl b/config/guardian/guardian.tr.pl
index cb64a358d..c4d9c5aab 100644
--- a/config/guardian/guardian.tr.pl
+++ b/config/guardian/guardian.tr.pl
@@ -6,7 +6,7 @@
'guardian block httpd brute-force' => 'httpd kaba kuvvet algılama',
'guardian block owncloud brute-force' => 'Owncloud kaba kuvvet algılama',
'guardian block ssh brute-force' => 'SSH kaba kuvvet algılama',
-'guardian blockcount' => 'Vurgu eÅŸiÄŸi (Snort)',
+'guardian blockcount' => 'Vurgu eÅŸiÄŸi',
'guardian blocked hosts' => 'Åžu anda engellenen ana makineler',
'guardian blocking of this address is not allowed' => 'Verilen adresin engellenmesine izin verilmiyor.',
'guardian blocktime' => 'Engelleme zamanı (saniye)',
@@ -36,9 +36,7 @@
'guardian priolevel_medium' => '2 - Orta',
'guardian priolevel_low' => '3 - Düşük',
'guardian priolevel_very_low' => '4 - Çok düşük',
-'guardian priority level' => 'Öncelik seviyesi (Snort)',
'guardian service' => 'Koruyucu servisi',
-'guardian watch snort alertfile' => 'Snort uyarı dosyası',
);
diff --git a/html/cgi-bin/guardian.cgi b/html/cgi-bin/guardian.cgi
index 6144aca02..36d84bb5b 100644
--- a/html/cgi-bin/guardian.cgi
+++ b/html/cgi-bin/guardian.cgi
@@ -52,7 +52,6 @@ my $ignorefile ='/var/ipfire/guardian/guardian.ignore';
# file locations on IPFire systems.
my %module_file_locations = (
"HTTPD" => "/var/log/httpd/error_log",
- "SNORT" => "/var/log/snort/alert",
"SSH" => "/var/log/messages",
);
@@ -78,7 +77,6 @@ our %ignored = ();
$settings{'ACTION'} = '';
$settings{'GUARDIAN_ENABLED'} = 'off';
-$settings{'GUARDIAN_MONITOR_SNORT'} = 'on';
$settings{'GUARDIAN_MONITOR_SSH'} = 'on';
$settings{'GUARDIAN_MONITOR_HTTPD'} = 'on';
$settings{'GUARDIAN_MONITOR_OWNCLOUD'} = '';
@@ -88,7 +86,6 @@ $settings{'GUARDIAN_BLOCKCOUNT'} = '3';
$settings{'GUARDIAN_BLOCKTIME'} = '86400';
$settings{'GUARDIAN_FIREWALL_ACTION'} = 'DROP';
$settings{'GUARDIAN_LOGFILE'} = '/var/log/guardian/guardian.log';
-$settings{'GUARDIAN_SNORT_PRIORITY_LEVEL'} = '3';
my $errormessage = '';
@@ -379,9 +376,6 @@ sub showMainBox() {
$checked{'GUARDIAN_ENABLED'}{'on'} = '';
$checked{'GUARDIAN_ENABLED'}{'off'} = '';
$checked{'GUARDIAN_ENABLED'}{$settings{'GUARDIAN_ENABLED'}} = 'checked';
- $checked{'GUARDIAN_MONITOR_SNORT'}{'off'} = '';
- $checked{'GUARDIAN_MONITOR_SNORT'}{'on'} = '';
- $checked{'GUARDIAN_MONITOR_SNORT'}{$settings{'GUARDIAN_MONITOR_SNORT'}} = "checked='checked'";
$checked{'GUARDIAN_MONITOR_SSH'}{'off'} = '';
$checked{'GUARDIAN_MONITOR_SSH'}{'on'} = '';
$checked{'GUARDIAN_MONITOR_SSH'}{$settings{'GUARDIAN_MONITOR_SSH'}} = "checked='checked'";
@@ -394,7 +388,6 @@ sub showMainBox() {
$selected{'GUARDIAN_LOG_FACILITY'}{$settings{'GUARDIAN_LOG_FACILITY'}} = 'selected';
$selected{'GUARDIAN_LOGLEVEL'}{$settings{'GUARDIAN_LOGLEVEL'}} = 'selected';
- $selected{'GUARDIAN_SNORT_PRIORITY_LEVEL'}{$settings{'GUARDIAN_SNORT_PRIORITY_LEVEL'}} = 'selected';
$selected{'GUARDIAN_FIREWALL_ACTION'}{$settings{'GUARDIAN_FIREWALL_ACTION'}} = 'selected';
&Header::openpage($Lang::tr{'guardian configuration'}, 1, '');
@@ -447,19 +440,6 @@ sub showMainBox() {
\$("#GUARDIAN_LOG_FACILITY").change(update_options);
\$("#GUARDIAN_LOGLEVEL").change(update_options);
update_options();
-
- // Show / Hide snort priority level option, based if
- // snort is enabled / disabled.
- if (\$('input[name=GUARDIAN_MONITOR_SNORT]:checked').val() == 'on') {
- \$('.GUARDIAN_SNORT_PRIORITY_LEVEL').show();
- } else {
- \$('.GUARDIAN_SNORT_PRIORITY_LEVEL').hide();
- }
-
- // Show/Hide snort priority level when GUARDIAN_MONITOR_SNORT get changed.
- \$('input[name=GUARDIAN_MONITOR_SNORT]').change(function() {
- \$('.GUARDIAN_SNORT_PRIORITY_LEVEL').toggle();
- });
});
</script>
END
@@ -533,12 +513,6 @@ END
<td colspan='2'><br></td>
</tr>
- <tr>
- <td width='25%' class='base'>$Lang::tr{'guardian watch snort alertfile'}</td>
- <td align='left'>on <input type='radio' name='GUARDIAN_MONITOR_SNORT' value='on' $checked{'GUARDIAN_MONITOR_SNORT'}{'on'} /> /
- <input type='radio' name='GUARDIAN_MONITOR_SNORT' value='off' $checked{'GUARDIAN_MONITOR_SNORT'}{'off'} /> off</td>
- </tr>
-
<tr>
<td width='25%' class='base'>$Lang::tr{'guardian block ssh brute-force'}</td>
<td align='left'>on <input type='radio' name='GUARDIAN_MONITOR_SSH' value='on' $checked{'GUARDIAN_MONITOR_SSH'}{'on'} /> /
@@ -580,17 +554,15 @@ END
<td><input type='text' name='GUARDIAN_LOGFILE' value='$settings{'GUARDIAN_LOGFILE'}' size='30' /></td>
</tr>
- <tr class="GUARDIAN_SNORT_PRIORITY_LEVEL">
+ <tr>
<td colspan='2'><br></td>
</tr>
- <tr class="GUARDIAN_SNORT_PRIORITY_LEVEL">
- <td align='left' width='20%'>$Lang::tr{'guardian priority level'}:</td>
- <td><select name='GUARDIAN_SNORT_PRIORITY_LEVEL'>
- <option value='1' $selected{'GUARDIAN_SNORT_PRIORITY_LEVEL'}{'1'}>$Lang::tr{'guardian priolevel_high'}</option>
- <option value='2' $selected{'GUARDIAN_SNORT_PRIORITY_LEVEL'}{'2'}>$Lang::tr{'guardian priolevel_medium'}</option>
- <option value='3' $selected{'GUARDIAN_SNORT_PRIORITY_LEVEL'}{'3'}>$Lang::tr{'guardian priolevel_low'}</option>
- <option value='4' $selected{'GUARDIAN_SNORT_PRIORITY_LEVEL'}{'4'}>$Lang::tr{'guardian priolevel_very_low'}</option>
+ <tr>
+ <td width='25%' class='base'>$Lang::tr{'guardian firewallaction'}:</td>
+ <td><select name='GUARDIAN_FIREWALL_ACTION'>
+ <option value='DROP' $selected{'GUARDIAN_FIREWALL_ACTION'}{'DROP'}>Drop</option>
+ <option value='REJECT' $selected{'GUARDIAN_FIREWALL_ACTION'}{'REJECT'}>Reject</option>
</select></td>
<td width='25%' class='base'>$Lang::tr{'guardian blockcount'}:</td>
@@ -602,12 +574,6 @@ END
</tr>
<tr>
- <td width='25%' class='base'>$Lang::tr{'guardian firewallaction'}:</td>
- <td><select name='GUARDIAN_FIREWALL_ACTION'>
- <option value='DROP' $selected{'GUARDIAN_FIREWALL_ACTION'}{'DROP'}>Drop</option>
- <option value='REJECT' $selected{'GUARDIAN_FIREWALL_ACTION'}{'REJECT'}>Reject</option>
- </select></td>
-
<td width='25%' class='base'>$Lang::tr{'guardian blocktime'}:</td>
<td><input type='text' name='GUARDIAN_BLOCKTIME' value='$settings{'GUARDIAN_BLOCKTIME'}' size='10' /></td>
</tr>
@@ -977,11 +943,6 @@ sub BuildConfiguration() {
# Module settings.
print FILE "\n# Module settings.\n";
- # Check if SNORT is enabled and add snort priority.
- if ($settings{'GUARDIAN_MONITOR_SNORT'} eq "on") {
- print FILE "SnortPriorityLevel = $settings{'GUARDIAN_SNORT_PRIORITY_LEVEL'}\n";
- }
-
close(FILE);
# Generate ignore file.
diff --git a/lfs/guardian b/lfs/guardian
index 2eaf77212..d84ca64f3 100644
--- a/lfs/guardian
+++ b/lfs/guardian
@@ -33,7 +33,7 @@ DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = guardian
-PAK_VER = 15
+PAK_VER = 16
DEPS = "perl-inotify2 perl-Net-IP"
hooks/post-receive
--
IPFire 2.x development tree