This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, next has been updated via d2b54a312f520291539637ac891b874dd34ef436 (commit) from bf62652ecfbe1331f0eef5d198b8ac6db417a4d4 (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit d2b54a312f520291539637ac891b874dd34ef436 Author: Stefan Schantl stefan.schantl@ipfire.org Date: Tue May 7 19:17:16 2019 +0200
guardian: Remove snort related options.
IPFire has moved to suricata as IDS/IPS system, therefore all snort related options has become obsolete.
Signed-off-by: Stefan Schantl stefan.schantl@ipfire.org Signed-off-by: Arne Fitzenreiter arne_f@ipfire.org
-----------------------------------------------------------------------
Summary of changes: config/guardian/guardian.de.pl | 4 +--- config/guardian/guardian.en.pl | 4 +--- config/guardian/guardian.tr.pl | 4 +--- html/cgi-bin/guardian.cgi | 51 +++++------------------------------------- lfs/guardian | 2 +- 5 files changed, 10 insertions(+), 55 deletions(-)
Difference in files: diff --git a/config/guardian/guardian.de.pl b/config/guardian/guardian.de.pl index 344d04543..c03c98525 100644 --- a/config/guardian/guardian.de.pl +++ b/config/guardian/guardian.de.pl @@ -6,7 +6,7 @@ 'guardian block httpd brute-force' => 'httpd-Brute-Force-Erkennung', 'guardian block owncloud brute-force' => 'Owncloud-Brute-Force-Erkennung', 'guardian block ssh brute-force' => 'SSH-Brute-Force-Erkennung', -'guardian blockcount' => 'Trefferschwelle (Snort)', +'guardian blockcount' => 'Trefferschwelle', 'guardian blocked hosts' => 'Aktuell geblockte Hosts', 'guardian blocking of this address is not allowed' => 'Diese Addresse darf nicht geblockt werden.', 'guardian blocktime' => 'Blockzeit (Sekunden)', @@ -36,9 +36,7 @@ 'guardian priolevel_medium' => '2 - Mittel', 'guardian priolevel_low' => '3 - Niedrig', 'guardian priolevel_very_low' => '4 - Sehr niedrig', -'guardian priority level' => 'Prioritätslevel (Snort)', 'guardian service' => 'Guardian-Dienst', -'guardian watch snort alertfile' => 'Snort-Alarme auswerten',
);
diff --git a/config/guardian/guardian.en.pl b/config/guardian/guardian.en.pl index f6be8654d..c94484f7e 100644 --- a/config/guardian/guardian.en.pl +++ b/config/guardian/guardian.en.pl @@ -6,7 +6,7 @@ 'guardian block httpd brute-force' => 'httpd Brute Force Detection', 'guardian block owncloud brute-force' => 'Owncloud Brute Force detection', 'guardian block ssh brute-force' => 'SSH Brute Force Detection', -'guardian blockcount' => 'Strike Threshold (Snort)', +'guardian blockcount' => 'Strike Threshold', 'guardian blocked hosts' => 'Currently blocked hosts', 'guardian blocking of this address is not allowed' => 'Blocking of the given address is not allowed.', 'guardian blocktime' => 'Block Time (seconds)', @@ -36,9 +36,7 @@ 'guardian priolevel_medium' => '2 - Medium', 'guardian priolevel_low' => '3 - Low', 'guardian priolevel_very_low' => '4 - Very low', -'guardian priority level' => 'Priority Level (Snort)', 'guardian service' => 'Guardian Service', -'guardian watch snort alertfile' => 'Monitor Snort Alert File',
);
diff --git a/config/guardian/guardian.tr.pl b/config/guardian/guardian.tr.pl index cb64a358d..c4d9c5aab 100644 --- a/config/guardian/guardian.tr.pl +++ b/config/guardian/guardian.tr.pl @@ -6,7 +6,7 @@ 'guardian block httpd brute-force' => 'httpd kaba kuvvet algılama', 'guardian block owncloud brute-force' => 'Owncloud kaba kuvvet algılama', 'guardian block ssh brute-force' => 'SSH kaba kuvvet algılama', -'guardian blockcount' => 'Vurgu eşiği (Snort)', +'guardian blockcount' => 'Vurgu eşiği', 'guardian blocked hosts' => 'Şu anda engellenen ana makineler', 'guardian blocking of this address is not allowed' => 'Verilen adresin engellenmesine izin verilmiyor.', 'guardian blocktime' => 'Engelleme zamanı (saniye)', @@ -36,9 +36,7 @@ 'guardian priolevel_medium' => '2 - Orta', 'guardian priolevel_low' => '3 - Düşük', 'guardian priolevel_very_low' => '4 - Çok düşük', -'guardian priority level' => 'Öncelik seviyesi (Snort)', 'guardian service' => 'Koruyucu servisi', -'guardian watch snort alertfile' => 'Snort uyarı dosyası',
);
diff --git a/html/cgi-bin/guardian.cgi b/html/cgi-bin/guardian.cgi index 6144aca02..36d84bb5b 100644 --- a/html/cgi-bin/guardian.cgi +++ b/html/cgi-bin/guardian.cgi @@ -52,7 +52,6 @@ my $ignorefile ='/var/ipfire/guardian/guardian.ignore'; # file locations on IPFire systems. my %module_file_locations = ( "HTTPD" => "/var/log/httpd/error_log", - "SNORT" => "/var/log/snort/alert", "SSH" => "/var/log/messages", );
@@ -78,7 +77,6 @@ our %ignored = (); $settings{'ACTION'} = '';
$settings{'GUARDIAN_ENABLED'} = 'off'; -$settings{'GUARDIAN_MONITOR_SNORT'} = 'on'; $settings{'GUARDIAN_MONITOR_SSH'} = 'on'; $settings{'GUARDIAN_MONITOR_HTTPD'} = 'on'; $settings{'GUARDIAN_MONITOR_OWNCLOUD'} = ''; @@ -88,7 +86,6 @@ $settings{'GUARDIAN_BLOCKCOUNT'} = '3'; $settings{'GUARDIAN_BLOCKTIME'} = '86400'; $settings{'GUARDIAN_FIREWALL_ACTION'} = 'DROP'; $settings{'GUARDIAN_LOGFILE'} = '/var/log/guardian/guardian.log'; -$settings{'GUARDIAN_SNORT_PRIORITY_LEVEL'} = '3';
my $errormessage = '';
@@ -379,9 +376,6 @@ sub showMainBox() { $checked{'GUARDIAN_ENABLED'}{'on'} = ''; $checked{'GUARDIAN_ENABLED'}{'off'} = ''; $checked{'GUARDIAN_ENABLED'}{$settings{'GUARDIAN_ENABLED'}} = 'checked'; - $checked{'GUARDIAN_MONITOR_SNORT'}{'off'} = ''; - $checked{'GUARDIAN_MONITOR_SNORT'}{'on'} = ''; - $checked{'GUARDIAN_MONITOR_SNORT'}{$settings{'GUARDIAN_MONITOR_SNORT'}} = "checked='checked'"; $checked{'GUARDIAN_MONITOR_SSH'}{'off'} = ''; $checked{'GUARDIAN_MONITOR_SSH'}{'on'} = ''; $checked{'GUARDIAN_MONITOR_SSH'}{$settings{'GUARDIAN_MONITOR_SSH'}} = "checked='checked'"; @@ -394,7 +388,6 @@ sub showMainBox() {
$selected{'GUARDIAN_LOG_FACILITY'}{$settings{'GUARDIAN_LOG_FACILITY'}} = 'selected'; $selected{'GUARDIAN_LOGLEVEL'}{$settings{'GUARDIAN_LOGLEVEL'}} = 'selected'; - $selected{'GUARDIAN_SNORT_PRIORITY_LEVEL'}{$settings{'GUARDIAN_SNORT_PRIORITY_LEVEL'}} = 'selected'; $selected{'GUARDIAN_FIREWALL_ACTION'}{$settings{'GUARDIAN_FIREWALL_ACTION'}} = 'selected';
&Header::openpage($Lang::tr{'guardian configuration'}, 1, ''); @@ -447,19 +440,6 @@ sub showMainBox() { $("#GUARDIAN_LOG_FACILITY").change(update_options); $("#GUARDIAN_LOGLEVEL").change(update_options); update_options(); - - // Show / Hide snort priority level option, based if - // snort is enabled / disabled. - if ($('input[name=GUARDIAN_MONITOR_SNORT]:checked').val() == 'on') { - $('.GUARDIAN_SNORT_PRIORITY_LEVEL').show(); - } else { - $('.GUARDIAN_SNORT_PRIORITY_LEVEL').hide(); - } - - // Show/Hide snort priority level when GUARDIAN_MONITOR_SNORT get changed. - $('input[name=GUARDIAN_MONITOR_SNORT]').change(function() { - $('.GUARDIAN_SNORT_PRIORITY_LEVEL').toggle(); - }); }); </script> END @@ -533,12 +513,6 @@ END <td colspan='2'><br></td> </tr>
- <tr> - <td width='25%' class='base'>$Lang::tr{'guardian watch snort alertfile'}</td> - <td align='left'>on <input type='radio' name='GUARDIAN_MONITOR_SNORT' value='on' $checked{'GUARDIAN_MONITOR_SNORT'}{'on'} /> / - <input type='radio' name='GUARDIAN_MONITOR_SNORT' value='off' $checked{'GUARDIAN_MONITOR_SNORT'}{'off'} /> off</td> - </tr> - <tr> <td width='25%' class='base'>$Lang::tr{'guardian block ssh brute-force'}</td> <td align='left'>on <input type='radio' name='GUARDIAN_MONITOR_SSH' value='on' $checked{'GUARDIAN_MONITOR_SSH'}{'on'} /> / @@ -580,17 +554,15 @@ END <td><input type='text' name='GUARDIAN_LOGFILE' value='$settings{'GUARDIAN_LOGFILE'}' size='30' /></td> </tr>
- <tr class="GUARDIAN_SNORT_PRIORITY_LEVEL"> + <tr> <td colspan='2'><br></td> </tr>
- <tr class="GUARDIAN_SNORT_PRIORITY_LEVEL"> - <td align='left' width='20%'>$Lang::tr{'guardian priority level'}:</td> - <td><select name='GUARDIAN_SNORT_PRIORITY_LEVEL'> - <option value='1' $selected{'GUARDIAN_SNORT_PRIORITY_LEVEL'}{'1'}>$Lang::tr{'guardian priolevel_high'}</option> - <option value='2' $selected{'GUARDIAN_SNORT_PRIORITY_LEVEL'}{'2'}>$Lang::tr{'guardian priolevel_medium'}</option> - <option value='3' $selected{'GUARDIAN_SNORT_PRIORITY_LEVEL'}{'3'}>$Lang::tr{'guardian priolevel_low'}</option> - <option value='4' $selected{'GUARDIAN_SNORT_PRIORITY_LEVEL'}{'4'}>$Lang::tr{'guardian priolevel_very_low'}</option> + <tr> + <td width='25%' class='base'>$Lang::tr{'guardian firewallaction'}:</td> + <td><select name='GUARDIAN_FIREWALL_ACTION'> + <option value='DROP' $selected{'GUARDIAN_FIREWALL_ACTION'}{'DROP'}>Drop</option> + <option value='REJECT' $selected{'GUARDIAN_FIREWALL_ACTION'}{'REJECT'}>Reject</option> </select></td>
<td width='25%' class='base'>$Lang::tr{'guardian blockcount'}:</td> @@ -602,12 +574,6 @@ END </tr>
<tr> - <td width='25%' class='base'>$Lang::tr{'guardian firewallaction'}:</td> - <td><select name='GUARDIAN_FIREWALL_ACTION'> - <option value='DROP' $selected{'GUARDIAN_FIREWALL_ACTION'}{'DROP'}>Drop</option> - <option value='REJECT' $selected{'GUARDIAN_FIREWALL_ACTION'}{'REJECT'}>Reject</option> - </select></td> - <td width='25%' class='base'>$Lang::tr{'guardian blocktime'}:</td> <td><input type='text' name='GUARDIAN_BLOCKTIME' value='$settings{'GUARDIAN_BLOCKTIME'}' size='10' /></td> </tr> @@ -977,11 +943,6 @@ sub BuildConfiguration() {
# Module settings. print FILE "\n# Module settings.\n"; - # Check if SNORT is enabled and add snort priority. - if ($settings{'GUARDIAN_MONITOR_SNORT'} eq "on") { - print FILE "SnortPriorityLevel = $settings{'GUARDIAN_SNORT_PRIORITY_LEVEL'}\n"; - } - close(FILE);
# Generate ignore file. diff --git a/lfs/guardian b/lfs/guardian index 2eaf77212..d84ca64f3 100644 --- a/lfs/guardian +++ b/lfs/guardian @@ -33,7 +33,7 @@ DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP)
PROG = guardian -PAK_VER = 15 +PAK_VER = 16
DEPS = "perl-inotify2 perl-Net-IP"
hooks/post-receive -- IPFire 2.x development tree