IPFire-SCM

ipfire-scm@lists.ipfire.org

1 participants
7849 discussions

[IPFire-SCM] [git.ipfire.org] IPFire 2.x development tree branch, master, updated. 0ad0c03e624b884c923803b36b0eaa0209442bfe
by git＠ipfire.org 17 Jun '10

17 Jun '10

This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, master has been updated via 0ad0c03e624b884c923803b36b0eaa0209442bfe (commit) from 8dc25f04ba659b6f88f0eef91258088c4b3fe978 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 0ad0c03e624b884c923803b36b0eaa0209442bfe Author: Arne Fitzenreiter <arne_f(a)ipfire.org> Date: Thu Jun 17 23:42:32 2010 +0200 Don't report an error if snort was not started at shutdown. ----------------------------------------------------------------------- Summary of changes: src/initscripts/init.d/snort | 3 +++ 1 files changed, 3 insertions(+), 0 deletions(-) Difference in files: diff --git a/src/initscripts/init.d/snort b/src/initscripts/init.d/snort index 6323e2b..d22cbc4 100644 --- a/src/initscripts/init.d/snort +++ b/src/initscripts/init.d/snort @@ -122,6 +122,9 @@ case "$1" in boot_mesg "Stopping Guardian..." killproc /usr/local/bin/guardian.pl fi + + # Don't report returncode of rm if snort was not started + exit 0 ;; status) hooks/post-receive -- IPFire 2.x development tree

1 0

[IPFire-SCM] [git.ipfire.org] IPFire 2.x development tree branch, master, updated. 8dc25f04ba659b6f88f0eef91258088c4b3fe978
by git＠ipfire.org 17 Jun '10

17 Jun '10

This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, master has been updated via 8dc25f04ba659b6f88f0eef91258088c4b3fe978 (commit) via 6886b70cfc71c0af11833c0284b42bbb4f7ef648 (commit) from aa1dd87807c51d381351a24d84137f99f5cb0b90 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 8dc25f04ba659b6f88f0eef91258088c4b3fe978 Author: Arne Fitzenreiter <arne_f(a)ipfire.org> Date: Thu Jun 17 23:23:02 2010 +0200 Snort scripts and config update. commit 6886b70cfc71c0af11833c0284b42bbb4f7ef648 Author: Arne Fitzenreiter <arne_f(a)ipfire.org> Date: Thu Jun 17 18:10:38 2010 +0200 Removed .ko from framebuffer blacklist. ----------------------------------------------------------------------- Summary of changes: config/rootfiles/common/initscripts | 2 + config/rootfiles/core/38/filelists/files | 2 + config/rootfiles/core/38/update.sh | 4 +- config/snort/snort.conf | 14 ++++-- lfs/initscripts | 2 + lfs/linux | 2 +- src/initscripts/init.d/snort | 88 +++++++++++++++--------------- 7 files changed, 64 insertions(+), 50 deletions(-) Difference in files: diff --git a/config/rootfiles/common/initscripts b/config/rootfiles/common/initscripts index c4747ac..d50af87 100644 --- a/config/rootfiles/common/initscripts +++ b/config/rootfiles/common/initscripts @@ -118,6 +118,7 @@ etc/rc.d/rc0.d/K08fcron etc/rc.d/rc0.d/K28apache etc/rc.d/rc0.d/K30sshd etc/rc.d/rc0.d/K45random +etc/rc.d/rc0.d/K78snort etc/rc.d/rc0.d/K79leds etc/rc.d/rc0.d/K80network #etc/rc.d/rc0.d/K84bluetooth @@ -152,6 +153,7 @@ etc/rc.d/rc6.d/K08fcron etc/rc.d/rc6.d/K28apache etc/rc.d/rc6.d/K30sshd etc/rc.d/rc6.d/K45random +etc/rc.d/rc6.d/K78snort etc/rc.d/rc6.d/K79leds etc/rc.d/rc6.d/K80network #etc/rc.d/rc6.d/K84bluetooth diff --git a/config/rootfiles/core/38/filelists/files b/config/rootfiles/core/38/filelists/files index 3459b83..0110c6b 100644 --- a/config/rootfiles/core/38/filelists/files +++ b/config/rootfiles/core/38/filelists/files @@ -6,8 +6,10 @@ etc/rc.d/init.d/leds etc/rc.d/init.d/rc etc/rc.d/init.d/snort etc/rc.d/init.d/networking/red.up/50-ovpn +etc/rc.d/rc0.d/K78snort etc/rc.d/rc0.d/K79leds etc/rc.d/rc3.d/S21leds +etc/rc.d/rc6.d/K78snort etc/rc.d/rc6.d/K79leds etc/udev/rules.d/52-nut-usbups.rules etc/udev/rules.d/xpp.rules diff --git a/config/rootfiles/core/38/update.sh b/config/rootfiles/core/38/update.sh index 350a372..3cb9654 100644 --- a/config/rootfiles/core/38/update.sh +++ b/config/rootfiles/core/38/update.sh @@ -70,6 +70,7 @@ tar cjvf /var/ipfire/backup/core-upgrade_$KVER.tar.bz2 \ /etc/init.d/collectd stop /etc/init.d/squid stop /etc/init.d/ipsec stop +/etc/init.d/snort stop echo echo Update Kernel to $KVER ... @@ -90,9 +91,10 @@ rm -rf /lib/modules/2.6.27.31-ipfire-xen rm -rf /usr/lib/ipsec rm -rf /usr/libexec/ipsec # -# old snort libs ... +# old snort libs and rules ... # rm -rf /usr/lib/snort_* +rm -rf /etc/snort # # Backup grub.conf diff --git a/config/snort/snort.conf b/config/snort/snort.conf index 2b294eb..bf46406 100644 --- a/config/snort/snort.conf +++ b/config/snort/snort.conf @@ -21,14 +21,18 @@ # Step #1: Set the network variables. For more information, see README.variables ################################################### +include /etc/snort/vars + # Setup the network addresses you are protecting -var HOME_NET any +# taken from /etc/snort vars +#var HOME_NET any # Set up the external network addresses. A good start may be "any" var EXTERNAL_NET any # List of DNS servers on your network -var DNS_SERVERS $HOME_NET +# taken from /etc/snort vars +#var DNS_SERVERS $HOME_NET # List of SMTP servers on your network var SMTP_SERVERS $HOME_NET @@ -45,6 +49,9 @@ var TELNET_SERVERS $HOME_NET # List of ports you run web servers on portvar HTTP_PORTS [80,2301,3128,7777,7779,8000,8008,8028,8080,8180,8888,9999] +# List of ssh ports +portvar SSH_PORTS [22,222] + # List of ports you want to look for SHELLCODE on. portvar SHELLCODE_PORTS !80 @@ -61,6 +68,7 @@ var RULE_PATH /etc/snort/rules var SO_RULE_PATH /etc/snort/so_rules var PREPROC_RULE_PATH /etc/snort/preproc_rules + ################################################### # Step #2: Configure the decoder. For more information, see README.decode ################################################### @@ -299,5 +307,3 @@ include /etc/snort/rules/reference.config # site specific rules -# Event thresholding or suppression commands. See threshold.conf -# include threshold.conf \ No newline at end of file diff --git a/lfs/initscripts b/lfs/initscripts index 38870b8..a9fadf4 100644 --- a/lfs/initscripts +++ b/lfs/initscripts @@ -119,6 +119,8 @@ $(TARGET) : ln -sf ../init.d/fcron /etc/rc.d/rc0.d/K08fcron ln -sf ../init.d/fcron /etc/rc.d/rc3.d/S40fcron ln -sf ../init.d/fcron /etc/rc.d/rc6.d/K08fcron + ln -sf ../init.d/snort /etc/rc.d/rc0.d/K78snort + ln -sf ../init.d/snort /etc/rc.d/rc6.d/K78snort ln -sf ../init.d/network /etc/rc.d/rc0.d/K80network ln -sf ../init.d/network /etc/rc.d/rc3.d/S20network ln -sf ../init.d/network /etc/rc.d/rc6.d/K80network diff --git a/lfs/linux b/lfs/linux index 34bddd8..68e7df4 100644 --- a/lfs/linux +++ b/lfs/linux @@ -197,7 +197,7 @@ ifneq "$(XEN)" "1" for f in $$(ls -1 /lib/modules/$(VER)-$(VERSUFIX)/kernel/drivers/gpu/drm/*/*.ko); do \ echo "blacklist $$(basename $$f)" >> /etc/modprobe.d/framebuffer ; \ done - + sed -i -e "s|.ko||g" /etc/modprobe.d/framebuffer endif @rm -rf $(DIR_SRC)/patch-o-matic* $(DIR_SRC)/iptables* $(DIR_SRC)/squashfs* $(DIR_SRC)/netfilter-layer7-* diff --git a/src/initscripts/init.d/snort b/src/initscripts/init.d/snort index 5446094..6323e2b 100644 --- a/src/initscripts/init.d/snort +++ b/src/initscripts/init.d/snort @@ -20,57 +20,57 @@ PATH=/usr/local/sbin:/usr/local/bin:/bin:/usr/bin:/sbin:/usr/sbin; export PATH eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings) eval $(/usr/local/bin/readhash /var/ipfire/snort/settings) -if [ "$ENABLE_SNORT_ORANGE" == "on" ]; then - HOME_NET+="$ORANGE_ADDRESS," - DEVICES+="$ORANGE_DEV " -fi +case "$1" in + start) + if [ "$BLUE_NETADDRESS" ]; then + BLUE_NET="$BLUE_NETADDRESS/$BLUE_NETMASK," + BLUE_IP="$BLUE_ADDRESS," + fi -if [ "$ENABLE_SNORT_GREEN" == "on" ]; then - HOME_NET+="$GREEN_ADDRESS," - DEVICES+="$GREEN_DEV " -fi + if [ "$ORANGE_NETADDRESS" ]; then + ORANGE_NET="$ORANGE_NETADDRESS/$ORANGE_NETMASK," + ORANGE_IP="$ORANGE_ADDRESS," + fi -if [ "$ENABLE_SNORT_BLUE" == "on" ]; then - HOME_NET+="$BLUE_ADDRESS," - DEVICES+="$BLUE_DEV " -fi + if [ "$ENABLE_SNORT_ORANGE" == "on" ]; then + DEVICES+="$ORANGE_DEV " + HOMENET+="$ORANGE_IP" + else + HOMENET+="$ORANGE_NET" + fi -if [ "$ENABLE_SNORT" == "on" ]; then - LOCAL_IP=`cat /var/ipfire/red/local-ipaddress` - if [ "$LOCAL_IP" ]; then - HOME_NET+="$LOCAL_IP," - else - exit 1 ## Add error handling here - fi - DEVICES+=`cat /var/ipfire/red/iface 2>/dev/null` -fi + if [ "$ENABLE_SNORT_BLUE" == "on" ]; then + DEVICES+="$BLUE_DEV " + HOMENET+="$BLUE_IP" + else + HOMENET+="$BLUE_NET" + fi -COUNT=`echo $HOME_NET | wc -m` -HOME_NET=`echo $HOME_NET | cut -c $[$COUNT - 2]` - -echo "var HOME_NET [$HOME_NET]" > /etc/snort/vars -echo "var EXTERNAL_NET ANY" >> /etc/snort/vars + if [ "$ENABLE_SNORT_GREEN" == "on" ]; then + DEVICES+="$GREEN_DEV " + HOMENET+="$GREEN_ADDRESS," + else + HOMENET+="$GREEN_NETADDRESS/$GREEN_NETMASK," + fi -DNS1=`cat /var/ipfire/red/dns1 2>/dev/null` -DNS2=`cat /var/ipfire/red/dns2 2>/dev/null` + if [ "$ENABLE_SNORT" == "on" ]; then + DEVICES+=`cat /var/ipfire/red/iface 2>/dev/null` + LOCAL_IP=`cat /var/ipfire/red/local-ipaddress 2>/dev/null` + if [ "$LOCAL_IP" ]; then + HOMENET+="$LOCAL_IP," + fi + fi + HOMENET+="127.0.0.1" + echo "var HOME_NET [$HOMENET]" > /etc/snort/vars -if [ "$DNS2" ]; then - echo "var DNS_SERVERS [$DNS1,$DNS2]" >> /etc/snort/vars -else - echo "var DNS_SERVERS $DNS1" >> /etc/snort/vars -fi + DNS1=`cat /var/ipfire/red/dns1 2>/dev/null` + DNS2=`cat /var/ipfire/red/dns2 2>/dev/null` -case "$1" in - start) - # Disable incompatible rules - boot_mesg "Check/Fix Intrusion Detection rules..." - for file in $(ls /etc/snort/rules/*.rules 2>/dev/null); do - sed -i 's|^alert.*!\[\$DNS_SERVERS|#&|g' $file - sed -i 's|^alert.*!\$SSH_PORTS|#&|g' $file - sed -i 's|^alert.*!\$HOME_NET|#&|g' $file - sed -i 's|^alert.*!\$SQL_SERVERS|#&|g' $file - done - echo_ok + if [ "$DNS2" ]; then + echo "var DNS_SERVERS [$DNS1,$DNS2]" >> /etc/snort/vars + else + echo "var DNS_SERVERS $DNS1" >> /etc/snort/vars + fi for DEVICE in $DEVICES; do boot_mesg "Starting Intrusion Detection System on $DEVICE..." hooks/post-receive -- IPFire 2.x development tree

1 0

[IPFire-SCM] [git.ipfire.org] IPFire 2.x development tree branch, master, updated. aa1dd87807c51d381351a24d84137f99f5cb0b90
by git＠ipfire.org 16 Jun '10

16 Jun '10

This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, master has been updated via aa1dd87807c51d381351a24d84137f99f5cb0b90 (commit) from 19682056b02da8f3644cc5ce50065b720972658b (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit aa1dd87807c51d381351a24d84137f99f5cb0b90 Author: Arne Fitzenreiter <arne_f(a)ipfire.org> Date: Thu Jun 17 00:08:22 2010 +0200 Blacklist als new drm framebuffer modules. ----------------------------------------------------------------------- Summary of changes: lfs/linux | 7 ++++++- 1 files changed, 6 insertions(+), 1 deletions(-) Difference in files: diff --git a/lfs/linux b/lfs/linux index 91b2968..34bddd8 100644 --- a/lfs/linux +++ b/lfs/linux @@ -189,10 +189,15 @@ endif # rm -rvf /lib/modules/$(VER)-$(VERSUFIX)/kernel/drivers/isdn/hardware/mISDN ifneq "$(XEN)" "1" - # Blacklist all framebuffer modules + # Blacklist old framebuffer modules for f in $$(find /lib/modules/$(VER)-$(VERSUFIX)/kernel/drivers/video -name *fb.ko); do \ echo "blacklist $$(basename $$f)" >> /etc/modprobe.d/framebuffer ; \ done + # Blacklist new drm framebuffer modules + for f in $$(ls -1 /lib/modules/$(VER)-$(VERSUFIX)/kernel/drivers/gpu/drm/*/*.ko); do \ + echo "blacklist $$(basename $$f)" >> /etc/modprobe.d/framebuffer ; \ + done + endif @rm -rf $(DIR_SRC)/patch-o-matic* $(DIR_SRC)/iptables* $(DIR_SRC)/squashfs* $(DIR_SRC)/netfilter-layer7-* hooks/post-receive -- IPFire 2.x development tree

1 0

[IPFire-SCM] [git.ipfire.org] IPFire 2.x development tree branch, master, updated. 19682056b02da8f3644cc5ce50065b720972658b
by git＠ipfire.org 16 Jun '10

16 Jun '10

This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, master has been updated via 19682056b02da8f3644cc5ce50065b720972658b (commit) from 030a57c5e89e0523faaf950d1cf594aaaaa886af (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 19682056b02da8f3644cc5ce50065b720972658b Author: Arne Fitzenreiter <arne_f(a)ipfire.org> Date: Wed Jun 16 23:24:38 2010 +0200 Hide "Cannot open ENABLED" 2nd try. grrrr ----------------------------------------------------------------------- Summary of changes: src/initscripts/init.d/networking/red.up/50-ovpn | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Difference in files: diff --git a/src/initscripts/init.d/networking/red.up/50-ovpn b/src/initscripts/init.d/networking/red.up/50-ovpn index 6008fdd..a53b920 100644 --- a/src/initscripts/init.d/networking/red.up/50-ovpn +++ b/src/initscripts/init.d/networking/red.up/50-ovpn @@ -1,5 +1,5 @@ #!/bin/bash -/usr/local/bin/openvpnctrl -s > /dev/null +/usr/local/bin/openvpnctrl -s > /dev/null 2>&1 exit 0 hooks/post-receive -- IPFire 2.x development tree

1 0

[IPFire-SCM] [git.ipfire.org] IPFire 2.x development tree branch, master, updated. 030a57c5e89e0523faaf950d1cf594aaaaa886af
by git＠ipfire.org 16 Jun '10

16 Jun '10

This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, master has been updated via 030a57c5e89e0523faaf950d1cf594aaaaa886af (commit) from ed51f39bcadab76339c6731922a98822e26da3f4 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 030a57c5e89e0523faaf950d1cf594aaaaa886af Author: Arne Fitzenreiter <arne_f(a)ipfire.org> Date: Wed Jun 16 20:18:35 2010 +0200 Blacklist framebuffer modules. ----------------------------------------------------------------------- Summary of changes: config/rootfiles/common/linux | 1 + lfs/linux | 7 +++++++ 2 files changed, 8 insertions(+), 0 deletions(-) Difference in files: diff --git a/config/rootfiles/common/linux b/config/rootfiles/common/linux index df6179c..bf979d3 100644 --- a/config/rootfiles/common/linux +++ b/config/rootfiles/common/linux @@ -3,6 +3,7 @@ boot/System.map-ipfire boot/config-KVER-ipfire boot/vmlinuz-KVER-ipfire boot/vmlinuz-ipfire +etc/modprobe.d/framebuffer #lib/firmware/keyspan/usa19qi.fw lib/modules/KVER-ipfire #lib/modules/KVER-ipfire/build diff --git a/lfs/linux b/lfs/linux index a4bf286..91b2968 100644 --- a/lfs/linux +++ b/lfs/linux @@ -188,5 +188,12 @@ endif # rm -rvf /lib/modules/$(VER)-$(VERSUFIX)/kernel/drivers/isdn/mISDN # rm -rvf /lib/modules/$(VER)-$(VERSUFIX)/kernel/drivers/isdn/hardware/mISDN +ifneq "$(XEN)" "1" + # Blacklist all framebuffer modules + for f in $$(find /lib/modules/$(VER)-$(VERSUFIX)/kernel/drivers/video -name *fb.ko); do \ + echo "blacklist $$(basename $$f)" >> /etc/modprobe.d/framebuffer ; \ + done +endif + @rm -rf $(DIR_SRC)/patch-o-matic* $(DIR_SRC)/iptables* $(DIR_SRC)/squashfs* $(DIR_SRC)/netfilter-layer7-* @$(POSTBUILD) hooks/post-receive -- IPFire 2.x development tree

1 0

[IPFire-SCM] [git.ipfire.org] IPFire 2.x development tree branch, master, updated. ed51f39bcadab76339c6731922a98822e26da3f4
by git＠ipfire.org 16 Jun '10

16 Jun '10

This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, master has been updated via ed51f39bcadab76339c6731922a98822e26da3f4 (commit) from 405401cba4cdc65b411474c9f7c628c490aed9db (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit ed51f39bcadab76339c6731922a98822e26da3f4 Author: Arne Fitzenreiter <arne_f(a)ipfire.org> Date: Wed Jun 16 19:16:03 2010 +0200 Hide "Cannot read ENABLED" if red=static and openvpn disabled. ----------------------------------------------------------------------- Summary of changes: config/rootfiles/core/38/filelists/files | 1 + src/initscripts/init.d/networking/red.up/50-ovpn | 2 +- 2 files changed, 2 insertions(+), 1 deletions(-) Difference in files: diff --git a/config/rootfiles/core/38/filelists/files b/config/rootfiles/core/38/filelists/files index 2465565..3459b83 100644 --- a/config/rootfiles/core/38/filelists/files +++ b/config/rootfiles/core/38/filelists/files @@ -5,6 +5,7 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf etc/rc.d/init.d/leds etc/rc.d/init.d/rc etc/rc.d/init.d/snort +etc/rc.d/init.d/networking/red.up/50-ovpn etc/rc.d/rc0.d/K79leds etc/rc.d/rc3.d/S21leds etc/rc.d/rc6.d/K79leds diff --git a/src/initscripts/init.d/networking/red.up/50-ovpn b/src/initscripts/init.d/networking/red.up/50-ovpn index ace5ee2..6008fdd 100644 --- a/src/initscripts/init.d/networking/red.up/50-ovpn +++ b/src/initscripts/init.d/networking/red.up/50-ovpn @@ -1,5 +1,5 @@ #!/bin/bash -/usr/local/bin/openvpnctrl -s +/usr/local/bin/openvpnctrl -s > /dev/null exit 0 hooks/post-receive -- IPFire 2.x development tree

1 0

[IPFire-SCM] [git.ipfire.org] IPFire 2.x development tree branch, master, updated. 405401cba4cdc65b411474c9f7c628c490aed9db
by git＠ipfire.org 16 Jun '10

16 Jun '10

This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, master has been updated via 405401cba4cdc65b411474c9f7c628c490aed9db (commit) from 19a1dfbc7148b67f718afdd14e3c75dcf6ff17f2 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 405401cba4cdc65b411474c9f7c628c490aed9db Author: Arne Fitzenreiter <arne_f(a)ipfire.org> Date: Wed Jun 16 18:19:43 2010 +0200 Fix snort errormessage if no rules are present to check. ----------------------------------------------------------------------- Summary of changes: src/initscripts/init.d/snort | 4 +++- 1 files changed, 3 insertions(+), 1 deletions(-) Difference in files: diff --git a/src/initscripts/init.d/snort b/src/initscripts/init.d/snort index 2e2f4f2..5446094 100644 --- a/src/initscripts/init.d/snort +++ b/src/initscripts/init.d/snort @@ -63,12 +63,14 @@ fi case "$1" in start) # Disable incompatible rules - for file in $(ls /etc/snort/rules/*.rules); do + boot_mesg "Check/Fix Intrusion Detection rules..." + for file in $(ls /etc/snort/rules/*.rules 2>/dev/null); do sed -i 's|^alert.*!\[\$DNS_SERVERS|#&|g' $file sed -i 's|^alert.*!\$SSH_PORTS|#&|g' $file sed -i 's|^alert.*!\$HOME_NET|#&|g' $file sed -i 's|^alert.*!\$SQL_SERVERS|#&|g' $file done + echo_ok for DEVICE in $DEVICES; do boot_mesg "Starting Intrusion Detection System on $DEVICE..." hooks/post-receive -- IPFire 2.x development tree

1 0

[IPFire-SCM] [git.ipfire.org] IPFire 2.x development tree branch, master, updated. 19a1dfbc7148b67f718afdd14e3c75dcf6ff17f2
by git＠ipfire.org 15 Jun '10

15 Jun '10

This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, master has been updated via 19a1dfbc7148b67f718afdd14e3c75dcf6ff17f2 (commit) from ce0e83b3badfd2b4048762ffffc8041c7f92cb19 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 19a1dfbc7148b67f718afdd14e3c75dcf6ff17f2 Author: Arne Fitzenreiter <arne_f(a)ipfire.org> Date: Tue Jun 15 07:20:47 2010 +0200 Fix white page at first start of ids.cgi. ----------------------------------------------------------------------- Summary of changes: config/snort/snort.conf | 75 ----------------------------------------------- 1 files changed, 0 insertions(+), 75 deletions(-) Difference in files: diff --git a/config/snort/snort.conf b/config/snort/snort.conf index 8962844..2b294eb 100644 --- a/config/snort/snort.conf +++ b/config/snort/snort.conf @@ -298,81 +298,6 @@ include /etc/snort/rules/reference.config ################################################### # site specific rules -# include $RULE_PATH/local.rules - -# include $RULE_PATH/exploit.rules -# include $RULE_PATH/ftp.rules -# include $RULE_PATH/telnet.rules -# include $RULE_PATH/rpc.rules -# include $RULE_PATH/rservices.rules -# include $RULE_PATH/dos.rules -# include $RULE_PATH/ddos.rules -# include $RULE_PATH/dns.rules - -# include $RULE_PATH/web-cgi.rules -# include $RULE_PATH/web-coldfusion.rules -# include $RULE_PATH/web-iis.rules -# include $RULE_PATH/web-frontpage.rules -# include $RULE_PATH/web-misc.rules -# include $RULE_PATH/web-client.rules -# include $RULE_PATH/web-php.rules - -# include $RULE_PATH/sql.rules -# include $RULE_PATH/x11.rules -# include $RULE_PATH/netbios.rules -# include $RULE_PATH/misc.rules -# include $RULE_PATH/attack-responses.rules -# include $RULE_PATH/oracle.rules -# include $RULE_PATH/mysql.rules - -# include $RULE_PATH/smtp.rules -# include $RULE_PATH/imap.rules -# include $RULE_PATH/pop2.rules -# include $RULE_PATH/pop3.rules - -# include $RULE_PATH/nntp.rules -# include $RULE_PATH/backdoor.rules - -# include $RULE_PATH/snmp.rules -# include $RULE_PATH/icmp.rules -# include $RULE_PATH/tftp.rules -# include $RULE_PATH/scan.rules -# include $RULE_PATH/finger.rules -# include $RULE_PATH/web-attacks.rules -# include $RULE_PATH/shellcode.rules -# include $RULE_PATH/policy.rules -# include $RULE_PATH/info.rules -# include $RULE_PATH/icmp-info.rules -# include $RULE_PATH/virus.rules -# include $RULE_PATH/chat.rules -# include $RULE_PATH/multimedia.rules -# include $RULE_PATH/p2p.rules -# include $RULE_PATH/spyware-put.rules -# include $RULE_PATH/specific-threats.rules -# include $RULE_PATH/voip.rules -# include $RULE_PATH/other-ids.rules -# include $RULE_PATH/bad-traffic.rules - -# decoder and preprocessor event rules -# include $PREPROC_RULE_PATH/preprocessor.rules -# include $PREPROC_RULE_PATH/decoder.rules - -# dynamic library rules -# include $SO_RULE_PATH/bad-traffic.rules -# include $SO_RULE_PATH/chat.rules -# include $SO_RULE_PATH/dos.rules -# include $SO_RULE_PATH/exploit.rules -# include $SO_RULE_PATH/imap.rules -# include $SO_RULE_PATH/misc.rules -# include $SO_RULE_PATH/multimedia.rules -# include $SO_RULE_PATH/netbios.rules -# include $SO_RULE_PATH/nntp.rules -# include $SO_RULE_PATH/p2p.rules -# include $SO_RULE_PATH/smtp.rules -# include $SO_RULE_PATH/sql.rules -# include $SO_RULE_PATH/web-activex.rules -# include $SO_RULE_PATH/web-client.rules -# include $SO_RULE_PATH/web-misc.rules # Event thresholding or suppression commands. See threshold.conf # include threshold.conf \ No newline at end of file hooks/post-receive -- IPFire 2.x development tree

1 0

[IPFire-SCM] [git.ipfire.org] IPFire 2.x development tree branch, master, updated. ce0e83b3badfd2b4048762ffffc8041c7f92cb19
by git＠ipfire.org 14 Jun '10

14 Jun '10

This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, master has been updated via ce0e83b3badfd2b4048762ffffc8041c7f92cb19 (commit) from 535732392737e14f44a1595feafcb844396a7cc1 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit ce0e83b3badfd2b4048762ffffc8041c7f92cb19 Author: Arne Fitzenreiter <arne_f(a)ipfire.org> Date: Mon Jun 14 19:00:26 2010 +0200 Replaced snort gpl community rules by emergingthreats.net rules. ----------------------------------------------------------------------- Summary of changes: html/cgi-bin/ids.cgi | 7 ++++++- langs/de/cgi-bin/de.pl | 4 ++-- langs/en/cgi-bin/en.pl | 2 +- langs/es/cgi-bin/es.pl | 2 +- langs/fr/cgi-bin/fr.pl | 2 +- src/initscripts/init.d/snort | 8 ++++++++ 6 files changed, 19 insertions(+), 6 deletions(-) Difference in files: diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi index 02e0adf..353643d 100644 --- a/html/cgi-bin/ids.cgi +++ b/html/cgi-bin/ids.cgi @@ -268,7 +268,7 @@ if ($snortsettings{'RULES'} eq 'subscripted') { $url="http://dl.snort.org/reg-rules/snortrules-snapshot-2860.tar.gz?oink_code=$sn…'OINKCODE'}"; #$url="http://www.snort.org/pub-bin/oinkmaster.cgi/$snortsettings{'OINKCODE'}/snortrules-snapshot-2.8.tar.gz"; } else { - $url="http://www.snort.org/pub-bin/downloads.cgi/Download/comm_rules/Community-Ru…"; + $url="http://www.emergingthreats.net/rules/emerging.rules.tar.gz"; } if ($snortsettings{'ACTION'} eq $Lang::tr{'save'} && $snortsettings{'ACTION2'} eq "snort" ) @@ -559,6 +559,11 @@ if ( -e "${General::swroot}/snort/enable" || -e "${General::swroot}/snort/enable foreach my $rulefile (sort keys(%snortrules)) { my $rulechecked = ''; + # Hide inkompatible Block rules + if ($rulefile =~'-BLOCK.rules') { + next; + } + # Check if reached half-way through rule file rules to start new column if ($ruledisplaycnt > $rulecnt) { print "</TABLE></TD><TD VALIGN='TOP'><TABLE>"; diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index 00f95f2..9572e7a 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -483,7 +483,7 @@ 'clock last synchronized at' => 'Die Uhr wurde zuletzt synchronisiert um', 'comment' => 'Kommentar', 'common name' => 'Gemeinsamer Name', -'community rules' => 'Snort GPL Community Rules', +'community rules' => 'Emergingthreats.net Community Rules', 'comp-lzo' => 'LZO-Kompression', 'compression' => 'Kompression:', 'computer to modem rate' => 'Übertragungsrate zwischen Computer und Modem:', @@ -919,7 +919,7 @@ 'intrusion detection' => 'Einbruchdetektierung', 'intrusion detection system' => 'Intrusion Detection System', 'intrusion detection system log viewer' => 'Betrachter der IDS-Logfiles', -'intrusion detection system rules' => 'Íntrusion Detection System Regeln', +'intrusion detection system rules' => 'Intrusion Detection System Regeln', 'intrusion detection system2' => 'Intrusion Detection System:', 'invalid broadcast ip' => 'Ungültige Broadcast-IP', 'invalid cache size' => 'Ungültige Cache-Größe.', diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index dab1b94..9e00a60 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -507,7 +507,7 @@ 'clock last synchronized at' => 'Clock was last synchronized at', 'comment' => 'Description:', 'common name' => 'Common name', -'community rules' => 'Snort GPL Community Rules', +'community rules' => 'Emergingthreats.net Community Rules', 'comp-lzo' => 'LZO-Compression:', 'compression' => 'Compression:', 'computer to modem rate' => 'Computer to modem rate:', diff --git a/langs/es/cgi-bin/es.pl b/langs/es/cgi-bin/es.pl index dab1b94..9e00a60 100644 --- a/langs/es/cgi-bin/es.pl +++ b/langs/es/cgi-bin/es.pl @@ -507,7 +507,7 @@ 'clock last synchronized at' => 'Clock was last synchronized at', 'comment' => 'Description:', 'common name' => 'Common name', -'community rules' => 'Snort GPL Community Rules', +'community rules' => 'Emergingthreats.net Community Rules', 'comp-lzo' => 'LZO-Compression:', 'compression' => 'Compression:', 'computer to modem rate' => 'Computer to modem rate:', diff --git a/langs/fr/cgi-bin/fr.pl b/langs/fr/cgi-bin/fr.pl index 7c8c4f7..4f8a7b9 100644 --- a/langs/fr/cgi-bin/fr.pl +++ b/langs/fr/cgi-bin/fr.pl @@ -507,7 +507,7 @@ 'clock last synchronized at' => 'Clock was last synchronized at', 'comment' => 'Description:', 'common name' => 'Common name', -'community rules' => 'Snort GPL Community Rules', +'community rules' => 'Emergingthreats.net Community Rules', 'comp-lzo' => 'LZO-Compression:', 'compression' => 'Compression:', 'computer to modem rate' => 'Computer to modem rate:', diff --git a/src/initscripts/init.d/snort b/src/initscripts/init.d/snort index 981362a..2e2f4f2 100644 --- a/src/initscripts/init.d/snort +++ b/src/initscripts/init.d/snort @@ -62,6 +62,14 @@ fi case "$1" in start) + # Disable incompatible rules + for file in $(ls /etc/snort/rules/*.rules); do + sed -i 's|^alert.*!\[\$DNS_SERVERS|#&|g' $file + sed -i 's|^alert.*!\$SSH_PORTS|#&|g' $file + sed -i 's|^alert.*!\$HOME_NET|#&|g' $file + sed -i 's|^alert.*!\$SQL_SERVERS|#&|g' $file + done + for DEVICE in $DEVICES; do boot_mesg "Starting Intrusion Detection System on $DEVICE..." /usr/sbin/snort -c /etc/snort/snort.conf -i $DEVICE -D -l /var/log/snort --create-pidfile --nolock-pidfile --pid-path /var/run/ hooks/post-receive -- IPFire 2.x development tree

1 0

[IPFire-SCM] [git.ipfire.org] IPFire 2.x development tree branch, master, updated. 535732392737e14f44a1595feafcb844396a7cc1
by git＠ipfire.org 14 Jun '10

14 Jun '10

This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, master has been updated via 535732392737e14f44a1595feafcb844396a7cc1 (commit) from b86d9c0a17ef31d3ddbc87be83703bac1d2a432b (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 535732392737e14f44a1595feafcb844396a7cc1 Author: Arne Fitzenreiter <arne_f(a)ipfire.org> Date: Mon Jun 14 07:00:26 2010 +0200 Rootfile update: configroot. ----------------------------------------------------------------------- Summary of changes: config/rootfiles/common/configroot | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) Difference in files: diff --git a/config/rootfiles/common/configroot b/config/rootfiles/common/configroot index c34e725..12d3ddd 100644 --- a/config/rootfiles/common/configroot +++ b/config/rootfiles/common/configroot @@ -54,6 +54,7 @@ var/ipfire/lang.pl var/ipfire/langs #var/ipfire/langs/de.pl #var/ipfire/langs/en.pl +#var/ipfire/langs/es.pl #var/ipfire/langs/fr.pl #var/ipfire/langs/list var/ipfire/logging hooks/post-receive -- IPFire 2.x development tree

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

IPFire-SCM