This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, next has been updated via 2f4d1ecb9aa6f585abd85db557193f0dce682b55 (commit) via 3a3f4c37f2c40b7ecf02af88d6d4bab9eabf4ef3 (commit) via cde7cab264e617a9d9fd2fb9948d82af24e2529c (commit) via 592d3708fe66ef512da765a4f716bf1dd3c77032 (commit) from c846ed161682adfd7a9939d7778ce28b6f677d71 (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit 2f4d1ecb9aa6f585abd85db557193f0dce682b55 Author: Michael Tremer michael.tremer@ipfire.org Date: Fri Jan 3 17:12:32 2020 +0000
lang: Fix typo in "Writen Bytes" and fix grammar
Signed-off-by: Michael Tremer michael.tremer@ipfire.org Signed-off-by: Arne Fitzenreiter arne_f@ipfire.org
commit 3a3f4c37f2c40b7ecf02af88d6d4bab9eabf4ef3 Author: Arne Fitzenreiter arne_f@ipfire.org Date: Fri Jan 3 21:17:05 2020 +0000
core140: add convert-snort to updater
Signed-off-by: Arne Fitzenreiter arne_f@ipfire.org
commit cde7cab264e617a9d9fd2fb9948d82af24e2529c Author: Stefan Schantl stefan.schantl@ipfire.org Date: Fri Jan 3 11:16:53 2020 +0100
convert-snort: Check and convert snort user and group.
Fixes #12102.
Signed-off-by: Stefan Schantl stefan.schantl@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org Signed-off-by: Arne Fitzenreiter arne_f@ipfire.org
commit 592d3708fe66ef512da765a4f716bf1dd3c77032 Author: Arne Fitzenreiter arne_f@ipfire.org Date: Fri Jan 3 21:13:30 2020 +0000
Revert "bind: Update to 9.11.14"
build fails on armv5tel: https://nightly.ipfire.org/next/2020-01-02%2016:17:54%20+0000-c846ed16/armv5...
This reverts commit 7d9b0ab69750c19d51833537652c6b11fc1bc2ab.
-----------------------------------------------------------------------
Summary of changes: config/rootfiles/common/bind | 4 +-- config/rootfiles/core/140/filelists/files | 1 + config/suricata/convert-snort | 59 ++++++++++++++++++++++++------- doc/language_issues.en | 4 +-- langs/en/cgi-bin/en.pl | 4 +-- lfs/bind | 4 +-- 6 files changed, 56 insertions(+), 20 deletions(-)
Difference in files: diff --git a/config/rootfiles/common/bind b/config/rootfiles/common/bind index e5435bd02..df6bbf4b6 100644 --- a/config/rootfiles/common/bind +++ b/config/rootfiles/common/bind @@ -272,11 +272,11 @@ usr/lib/libbind9.so.161.0.4 #usr/lib/libdns.la #usr/lib/libdns.so usr/lib/libdns.so.1107 -usr/lib/libdns.so.1107.1.1 +usr/lib/libdns.so.1107.1.0 #usr/lib/libisc.la #usr/lib/libisc.so usr/lib/libisc.so.1104 -usr/lib/libisc.so.1104.0.1 +usr/lib/libisc.so.1104.0.0 #usr/lib/libisccc.la #usr/lib/libisccc.so usr/lib/libisccc.so.161 diff --git a/config/rootfiles/core/140/filelists/files b/config/rootfiles/core/140/filelists/files index 181ef8cf4..0a38212e7 100644 --- a/config/rootfiles/core/140/filelists/files +++ b/config/rootfiles/core/140/filelists/files @@ -7,3 +7,4 @@ etc/rc.d/init.d/unbound etc/rc.d/init.d/suricata opt/pakfire/lib/functions.pl srv/web/ipfire/cgi-bin/ids.cgi +usr/sbin/convert-snort diff --git a/config/suricata/convert-snort b/config/suricata/convert-snort index 64b6e8b6a..ee52548e9 100644 --- a/config/suricata/convert-snort +++ b/config/suricata/convert-snort @@ -34,7 +34,42 @@ my $snort_config_file = "/etc/snort/snort.conf"; my $snort_rules_tarball = "/var/tmp/snortrules.tar.gz";
# -## Step 1: Setup directory and file layout, if not present and set correct +## Step 1: Convert snort user and group to suricata if exist. +# + +# Check if the snort user exists. +if (getpwnam("snort")) { + # Change username. + my @command = ( + '/usr/sbin/usermod', + '-l', 'suricata', 'snort' + ); + + system(@command) == 0 or die "Could not change username: @command failed: $?\n"; + + # Adjust home directory. + @command = ( + '/usr/sbin/usermod', + '-d', "/var/log/suricata", + 'suricata' + ); + + system(@command) == 0 or die "Failed to adjust home directory: @command failed: $?\n"; +} + +# Check if the snort group exists. +if (getgrnam("snort")) { + # Change groupname + my @command = ( + '/usr/sbin/groupmod', + '-n', 'suricata', 'snort' + ); + + system(@command) == 0 or die "Could not rename groupname: @command failed: $?\n"; +} + +# +## Step 2: Setup directory and file layout, if not present and set correct ## ownership. The converter runs as a privileged user, but the files ## needs to be full access-able by the WUI user and group (nobody:nobody). # @@ -71,7 +106,7 @@ if (-z "$snort_settings_file") { }
# -## Step 2: Import snort settings and convert to the required format for the new IDS +## Step 3: Import snort settings and convert to the required format for the new IDS ## (suricata). #
@@ -135,7 +170,7 @@ if($snortsettings{"OINKCODE"}) { }
# -## Step 3: Import guardian settings and whitelist if the addon is installed. +## Step 4: Import guardian settings and whitelist if the addon is installed. #
# Pakfire meta file for owncloud. @@ -183,7 +218,7 @@ if (-f $guardian_meta) { }
# -## Step 4: Save IDS and rules settings. +## Step 5: Save IDS and rules settings. #
# Write IDS settings. @@ -193,7 +228,7 @@ if (-f $guardian_meta) { &General::writehash("$IDS::rules_settings_file", %rulessettings);
# -## Step 5: Generate and write the file to modify the ruleset. +## Step 6: Generate and write the file to modify the ruleset. #
# Call subfunction and pass the desired IDS action. @@ -203,7 +238,7 @@ if (-f $guardian_meta) { &IDS::set_ownership("$IDS::modify_sids_file");
# -## Step 6: Move rulestarball to its new location. +## Step 7: Move rulestarball to its new location. #
# Check if a rulestarball has been downloaded yet. @@ -230,7 +265,7 @@ if (-f $snort_rules_tarball) { }
# -## Step 7: Call oinkmaster to extract and setup the rules structures. +## Step 8: Call oinkmaster to extract and setup the rules structures. #
# Check if a rulestarball is present. @@ -243,7 +278,7 @@ if (-f $IDS::rulestarball) { }
# -## Step 8: Generate file for the HOME Net. +## Step 9: Generate file for the HOME Net. #
# Call subfunction to generate the file. @@ -253,7 +288,7 @@ if (-f $IDS::rulestarball) { &IDS::set_ownership("$IDS::homenet_file");
# -## Step 9: Generate file for the DNS servers. +## Step 10: Generate file for the DNS servers. #
# Call subfunction to generate the file. @@ -263,7 +298,7 @@ if (-f $IDS::rulestarball) { &IDS::set_ownership("$IDS::dns_servers_file");
# -## Step 10: Setup automatic ruleset updates. +## Step 11: Setup automatic ruleset updates. #
# Check if a ruleset is configured. @@ -273,7 +308,7 @@ if($rulessettings{"RULES"}) { }
# -## Step 11: Grab used ruleset files from snort config file and convert +## Step 12: Grab used ruleset files from snort config file and convert ## them into the new format. #
@@ -319,7 +354,7 @@ close(SNORTCONF); &IDS::write_used_rulefiles_file(@enabled_rule_files);
# -## Step 12: Start the IDS if enabled. +## Step 13: Start the IDS if enabled. #
# Check if the IDS should be started. diff --git a/doc/language_issues.en b/doc/language_issues.en index 475261493..885e85d75 100644 --- a/doc/language_issues.en +++ b/doc/language_issues.en @@ -1522,7 +1522,7 @@ WARNING: untranslated string: quick playlist = Quick Playlist WARNING: untranslated string: ram = RAM WARNING: untranslated string: random number generator daemon = Random Number Generator Daemon WARNING: untranslated string: rdns = rDNS -WARNING: untranslated string: read bytes = Read Bytes +WARNING: untranslated string: read bytes = Bytes Read WARNING: untranslated string: read list = list with readonly hosts WARNING: untranslated string: real address = Real Address WARNING: untranslated string: reboot = Reboot @@ -2204,7 +2204,7 @@ WARNING: untranslated string: wlanap wlan settings = WLan Settings WARNING: untranslated string: wlanap wlan status = WLan Status WARNING: untranslated string: wol wakeup = WakeUp WARNING: untranslated string: workgroup = Workgroup -WARNING: untranslated string: written bytes = Writen Bytes +WARNING: untranslated string: written bytes = Bytes Written WARNING: untranslated string: year = Year WARNING: untranslated string: yes = Yes WARNING: untranslated string: you can only define one roadwarrior connection when using pre-shared key authentication = You can only define one Roadwarrior connection when using pre-shared key authentication.<br />Either you already have a Roadwarrior connection with pre-shared key authentication, or you're trying to add one now. diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index b40ef9390..0d30595b3 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -2070,7 +2070,7 @@ 'ram' => 'RAM', 'random number generator daemon' => 'Random Number Generator Daemon', 'rdns' => 'rDNS', -'read bytes' => 'Read Bytes', +'read bytes' => 'Bytes Read', 'read list' => 'list with readonly hosts', 'real address' => 'Real Address', 'reboot' => 'Reboot', @@ -2940,7 +2940,7 @@ 'wlanap wlan status' => 'WLan Status', 'wol wakeup' => 'WakeUp', 'workgroup' => 'Workgroup', -'written bytes' => 'Writen Bytes', +'written bytes' => 'Bytes Written', 'xtaccess all error' => 'You cannot set an external access to ALL, that is done in the port forwarding record.', 'xtaccess bad transfert' => 'If you specify a port destination range, the source range must be identical !', 'year' => 'Year', diff --git a/lfs/bind b/lfs/bind index 249328843..6bb23a143 100644 --- a/lfs/bind +++ b/lfs/bind @@ -25,7 +25,7 @@
include Config
-VER = 9.11.14 +VER = 9.11.13
THISAPP = bind-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -43,7 +43,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 5aa75bcb6cdad102f151cae4a53f117f +$(DL_FILE)_MD5 = 17de0d024ab1eac377f1c2854dc25057
install : $(TARGET)
hooks/post-receive -- IPFire 2.x development tree