[git.ipfire.org] IPFire 2.x development tree branch, next, updated. e46f7c44ca3bc0f2eb42692866294ed6924e65e1
This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, next has been updated via e46f7c44ca3bc0f2eb42692866294ed6924e65e1 (commit) via 24f05f327190bb245a11ca6d9a726f6c6d7cdfcb (commit) via 688a79a45e8b145561a26791b8f762bd046589fe (commit) via b51ffa68db18e26d0a7ee25334ebe608c3fcfe94 (commit) via 2b163f4497855bc56d00a8cc626c669517e8b95d (commit) via 74e43e149346a5bffb7d6c6ca91d5442d297659b (commit) via 5b2155bfdd1de0553f88c7a19a15e355e74c8001 (commit) via 5b2e3ab6830ac81b3678b3e3b6c9372ed4f60ff9 (commit) via e31708279ac112ac0b0c7dc912765e1977e6cd22 (commit) via fb39daffef9dc7396d65b6b2da0b73d6f625eabb (commit) via 5c424125051c9fbacfe1a2293168bbd36ec135aa (commit) via a5ba61b89b9bcc818fb3f856ae44f4234680e07e (commit) from c7762365dc67c671b79e8869b617ad2e316bcce5 (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit e46f7c44ca3bc0f2eb42692866294ed6924e65e1 Author: Michael Tremer michael.tremer@ipfire.org Date: Fri Dec 4 22:22:55 2015 +0000
Update translations
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 24f05f327190bb245a11ca6d9a726f6c6d7cdfcb Author: Michael Tremer michael.tremer@ipfire.org Date: Fri Dec 4 22:22:41 2015 +0000
Update rootfiles
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 688a79a45e8b145561a26791b8f762bd046589fe Author: Michael Tremer michael.tremer@ipfire.org Date: Fri Dec 4 22:13:44 2015 +0000
libpri: Honour CFLAGS
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit b51ffa68db18e26d0a7ee25334ebe608c3fcfe94 Author: Michael Tremer michael.tremer@ipfire.org Date: Fri Dec 4 22:11:28 2015 +0000
openvmtools: Update to version 10.0.5
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 2b163f4497855bc56d00a8cc626c669517e8b95d Author: Michael Tremer michael.tremer@ipfire.org Date: Fri Dec 4 21:41:56 2015 +0000
Drop tripwire
This add-on is likely to be unused
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 74e43e149346a5bffb7d6c6ca91d5442d297659b Author: Michael Tremer michael.tremer@ipfire.org Date: Fri Dec 4 21:38:05 2015 +0000
xtables-addons: Make sure kernel module directory exists
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 5b2155bfdd1de0553f88c7a19a15e355e74c8001 Author: Michael Tremer michael.tremer@ipfire.org Date: Fri Dec 4 21:32:58 2015 +0000
Drop cryptodev
This module isn't used by openssl any more and therefore quite unnecessary.
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 5b2e3ab6830ac81b3678b3e3b6c9372ed4f60ff9 Author: Michael Tremer michael.tremer@ipfire.org Date: Fri Dec 4 21:18:11 2015 +0000
mISDNuser: Don't build with -Werror
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit e31708279ac112ac0b0c7dc912765e1977e6cd22 Author: Michael Tremer michael.tremer@ipfire.org Date: Fri Dec 4 21:17:27 2015 +0000
liboping: Don't build with -Werror
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit fb39daffef9dc7396d65b6b2da0b73d6f625eabb Author: Michael Tremer michael.tremer@ipfire.org Date: Fri Dec 4 22:17:51 2015 +0000
core96: Ship updated mdadm
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit 5c424125051c9fbacfe1a2293168bbd36ec135aa Author: Michael Tremer michael.tremer@ipfire.org Date: Fri Dec 4 21:15:18 2015 +0000
mdadm: Update to 3.3.4
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit a5ba61b89b9bcc818fb3f856ae44f4234680e07e Author: Michael Tremer michael.tremer@ipfire.org Date: Fri Dec 4 21:14:47 2015 +0000
ebtables: Honour CFLAGS
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
-----------------------------------------------------------------------
Summary of changes: config/menu/EX-tripwire.menu | 5 - config/rootfiles/common/armv5tel/initscripts | 4 - config/rootfiles/common/configroot | 4 - config/rootfiles/common/i586/initscripts | 4 - config/rootfiles/common/misc-progs | 1 - config/rootfiles/common/web-user-interface | 1 - config/rootfiles/common/x86_64/initscripts | 4 - .../{oldcore/87 => core/96}/filelists/mdadm | 0 config/rootfiles/core/96/update.sh | 3 + config/rootfiles/packages/openvmtools | 52 +- config/rootfiles/packages/tripwire | 13 - config/tripwire/settings | 0 config/tripwire/twcfg.txt | 18 - config/tripwire/twpol.txt | 75 --- doc/language_issues.de | 27 ++ doc/language_issues.en | 27 ++ doc/language_issues.es | 27 ++ doc/language_issues.fr | 27 ++ doc/language_issues.it | 27 ++ doc/language_issues.nl | 27 ++ doc/language_issues.pl | 27 ++ doc/language_issues.ru | 27 ++ doc/language_issues.tr | 27 ++ html/cgi-bin/tripwire.cgi | 540 --------------------- lfs/configroot | 4 +- lfs/cryptodev | 89 ---- lfs/ebtables | 2 +- lfs/liboping | 1 + lfs/libpri | 3 +- lfs/mISDNuser | 1 + lfs/mdadm | 4 +- lfs/openvmtools | 15 +- lfs/tripwire | 98 ---- lfs/xtables-addons | 1 + make.sh | 7 - src/initscripts/sysconfig/modules | 4 - src/misc-progs/Makefile | 2 +- src/misc-progs/tripwirectrl.c | 142 ------ 38 files changed, 309 insertions(+), 1031 deletions(-) delete mode 100644 config/menu/EX-tripwire.menu copy config/rootfiles/{oldcore/87 => core/96}/filelists/mdadm (100%) delete mode 100644 config/rootfiles/packages/tripwire delete mode 100755 config/tripwire/settings delete mode 100644 config/tripwire/twcfg.txt delete mode 100644 config/tripwire/twpol.txt delete mode 100644 html/cgi-bin/tripwire.cgi delete mode 100644 lfs/cryptodev delete mode 100644 lfs/tripwire delete mode 100644 src/misc-progs/tripwirectrl.c
Difference in files: diff --git a/config/menu/EX-tripwire.menu b/config/menu/EX-tripwire.menu deleted file mode 100644 index 6a23312..0000000 --- a/config/menu/EX-tripwire.menu +++ /dev/null @@ -1,5 +0,0 @@ - $subipfire->{'40.tripwire'} = {'caption' => $Lang::tr{'tripwire'}, - 'uri' => '/cgi-bin/tripwire.cgi', - 'title' => $Lang::tr{'tripwire'}, - 'enabled' => 1, - }; diff --git a/config/rootfiles/common/armv5tel/initscripts b/config/rootfiles/common/armv5tel/initscripts index e37a905..3718b6c 100644 --- a/config/rootfiles/common/armv5tel/initscripts +++ b/config/rootfiles/common/armv5tel/initscripts @@ -125,7 +125,6 @@ etc/rc.d/init.d/sysctl etc/rc.d/init.d/sysklogd etc/rc.d/init.d/template #etc/rc.d/init.d/tftpd -#etc/rc.d/init.d/tmpfs #etc/rc.d/init.d/tor etc/rc.d/init.d/udev etc/rc.d/init.d/udev_retry @@ -157,7 +156,6 @@ etc/rc.d/rc0.d/K80network etc/rc.d/rc0.d/K82wlanclient #etc/rc.d/rc0.d/K84bluetooth #etc/rc.d/rc0.d/K85messagebus -#etc/rc.d/rc0.d/K85tmpfs etc/rc.d/rc0.d/K90sysklogd etc/rc.d/rc0.d/S60sendsignals etc/rc.d/rc0.d/S70localnet @@ -165,7 +163,6 @@ etc/rc.d/rc0.d/S80mountfs etc/rc.d/rc0.d/S90swap etc/rc.d/rc0.d/S99halt #etc/rc.d/rc3.d -#etc/rc.d/rc3.d/S01tmpfs etc/rc.d/rc3.d/S01vnstat etc/rc.d/rc3.d/S10sysklogd #etc/rc.d/rc3.d/S15messagebus @@ -207,7 +204,6 @@ etc/rc.d/rc6.d/K80network etc/rc.d/rc6.d/K82wlanclient #etc/rc.d/rc6.d/K84bluetooth #etc/rc.d/rc6.d/K85messagebus -#etc/rc.d/rc6.d/K85tmpfs etc/rc.d/rc6.d/K90sysklogd etc/rc.d/rc6.d/S60sendsignals etc/rc.d/rc6.d/S70mountfs diff --git a/config/rootfiles/common/configroot b/config/rootfiles/common/configroot index f6cbb61..71539ef 100644 --- a/config/rootfiles/common/configroot +++ b/config/rootfiles/common/configroot @@ -115,7 +115,6 @@ var/ipfire/menu.d/70-log.menu #var/ipfire/menu.d/EX-mpfire.menu #var/ipfire/menu.d/EX-samba.menu #var/ipfire/menu.d/EX-tor.menu -#var/ipfire/menu.d/EX-tripwire.menu #var/ipfire/menu.d/EX-wlanap.menu var/ipfire/modem #var/ipfire/modem/defaults @@ -182,9 +181,6 @@ var/ipfire/snort #var/ipfire/snort/settings var/ipfire/time #var/ipfire/time/settings -#var/ipfire/tripwire -#var/ipfire/tripwire/report -#var/ipfire/tripwire/settings var/ipfire/updatexlrator var/ipfire/updatexlrator/autocheck var/ipfire/updatexlrator/bin diff --git a/config/rootfiles/common/i586/initscripts b/config/rootfiles/common/i586/initscripts index d5c8f1d..3c5aa63 100644 --- a/config/rootfiles/common/i586/initscripts +++ b/config/rootfiles/common/i586/initscripts @@ -126,7 +126,6 @@ etc/rc.d/init.d/sysctl etc/rc.d/init.d/sysklogd etc/rc.d/init.d/template #etc/rc.d/init.d/tftpd -#etc/rc.d/init.d/tmpfs #etc/rc.d/init.d/tor #etc/rc.d/init.d/transmission etc/rc.d/init.d/udev @@ -159,7 +158,6 @@ etc/rc.d/rc0.d/K80network etc/rc.d/rc0.d/K82wlanclient #etc/rc.d/rc0.d/K84bluetooth #etc/rc.d/rc0.d/K85messagebus -#etc/rc.d/rc0.d/K85tmpfs etc/rc.d/rc0.d/K87acpid etc/rc.d/rc0.d/K90sysklogd etc/rc.d/rc0.d/S60sendsignals @@ -168,7 +166,6 @@ etc/rc.d/rc0.d/S80mountfs etc/rc.d/rc0.d/S90swap etc/rc.d/rc0.d/S99halt #etc/rc.d/rc3.d -#etc/rc.d/rc3.d/S01tmpfs etc/rc.d/rc3.d/S01vnstat etc/rc.d/rc3.d/S10sysklogd etc/rc.d/rc3.d/S12acpid @@ -211,7 +208,6 @@ etc/rc.d/rc6.d/K80network etc/rc.d/rc6.d/K82wlanclient #etc/rc.d/rc6.d/K84bluetooth #etc/rc.d/rc6.d/K85messagebus -#etc/rc.d/rc6.d/K85tmpfs etc/rc.d/rc6.d/K87acpid etc/rc.d/rc6.d/K90sysklogd etc/rc.d/rc6.d/S60sendsignals diff --git a/config/rootfiles/common/misc-progs b/config/rootfiles/common/misc-progs index 349aac7..1917884 100644 --- a/config/rootfiles/common/misc-progs +++ b/config/rootfiles/common/misc-progs @@ -33,7 +33,6 @@ usr/local/bin/sshctrl usr/local/bin/syslogdctrl usr/local/bin/timectrl #usr/local/bin/torctrl -#usr/local/bin/tripwirectrl usr/local/bin/updxlratorctrl usr/local/bin/upnpctrl usr/local/bin/urlfilterctrl diff --git a/config/rootfiles/common/web-user-interface b/config/rootfiles/common/web-user-interface index d22c1a3..b9780ea 100644 --- a/config/rootfiles/common/web-user-interface +++ b/config/rootfiles/common/web-user-interface @@ -78,7 +78,6 @@ srv/web/ipfire/cgi-bin/system.cgi srv/web/ipfire/cgi-bin/time.cgi #srv/web/ipfire/cgi-bin/tor.cgi srv/web/ipfire/cgi-bin/traffic.cgi -#srv/web/ipfire/cgi-bin/tripwire.cgi srv/web/ipfire/cgi-bin/updatexlrator.cgi #srv/web/ipfire/cgi-bin/upnp.cgi srv/web/ipfire/cgi-bin/urlfilter.cgi diff --git a/config/rootfiles/common/x86_64/initscripts b/config/rootfiles/common/x86_64/initscripts index 84c432a..877760e 100644 --- a/config/rootfiles/common/x86_64/initscripts +++ b/config/rootfiles/common/x86_64/initscripts @@ -126,7 +126,6 @@ etc/rc.d/init.d/sysctl etc/rc.d/init.d/sysklogd etc/rc.d/init.d/template #etc/rc.d/init.d/tftpd -etc/rc.d/init.d/tmpfs #etc/rc.d/init.d/tor #etc/rc.d/init.d/transmission etc/rc.d/init.d/udev @@ -157,7 +156,6 @@ etc/rc.d/rc0.d/K80network etc/rc.d/rc0.d/K82wlanclient #etc/rc.d/rc0.d/K84bluetooth #etc/rc.d/rc0.d/K85messagebus -etc/rc.d/rc0.d/K85tmpfs etc/rc.d/rc0.d/K87acpid etc/rc.d/rc0.d/K90sysklogd etc/rc.d/rc0.d/S60sendsignals @@ -166,7 +164,6 @@ etc/rc.d/rc0.d/S80mountfs etc/rc.d/rc0.d/S90swap etc/rc.d/rc0.d/S99halt #etc/rc.d/rc3.d -etc/rc.d/rc3.d/S01tmpfs etc/rc.d/rc3.d/S10sysklogd etc/rc.d/rc3.d/S12acpid #etc/rc.d/rc3.d/S15messagebus @@ -207,7 +204,6 @@ etc/rc.d/rc6.d/K80network etc/rc.d/rc6.d/K82wlanclient #etc/rc.d/rc6.d/K84bluetooth #etc/rc.d/rc6.d/K85messagebus -etc/rc.d/rc6.d/K85tmpfs etc/rc.d/rc6.d/K87acpid etc/rc.d/rc6.d/K90sysklogd etc/rc.d/rc6.d/S60sendsignals diff --git a/config/rootfiles/core/96/filelists/mdadm b/config/rootfiles/core/96/filelists/mdadm new file mode 120000 index 0000000..465808b --- /dev/null +++ b/config/rootfiles/core/96/filelists/mdadm @@ -0,0 +1 @@ +../../../common/mdadm \ No newline at end of file diff --git a/config/rootfiles/core/96/update.sh b/config/rootfiles/core/96/update.sh index b415337..b860207 100644 --- a/config/rootfiles/core/96/update.sh +++ b/config/rootfiles/core/96/update.sh @@ -76,6 +76,9 @@ fi /etc/init.d/dnsmasq restart qosctrl start
+# Disable loading of cryptodev +sed -e "s/^cryptodev/# &/g" -i /etc/sysconfig/modules + # This update need a reboot... #touch /var/run/need_reboot
diff --git a/config/rootfiles/packages/openvmtools b/config/rootfiles/packages/openvmtools index 29f1177..caeb568 100644 --- a/config/rootfiles/packages/openvmtools +++ b/config/rootfiles/packages/openvmtools @@ -3,37 +3,71 @@ etc/rc.d/rc0.d/K01openvmtools etc/rc.d/rc3.d/S60openvmtools etc/rc.d/rc6.d/K01openvmtools etc/vmware-tools -etc/vmware-tools/plugins +etc/vmware-tools/guestproxy-ssl.conf etc/vmware-tools/poweroff-vm-default etc/vmware-tools/poweron-vm-default etc/vmware-tools/resume-vm-default +etc/vmware-tools/scripts +etc/vmware-tools/scripts/vmware +etc/vmware-tools/scripts/vmware/network +etc/vmware-tools/statechange.subr etc/vmware-tools/suspend-vm-default etc/vmware-tools/vm-support sbin/mount.vmhgfs +usr/bin/vmhgfs-fuse usr/bin/vmtoolsd usr/bin/vmware-checkvm +usr/bin/vmware-guestproxycerttool usr/bin/vmware-hgfsclient usr/bin/vmware-rpctool usr/bin/vmware-toolbox-cmd usr/bin/vmware-vmblock-fuse usr/bin/vmware-xferlogs -usr/lib/libguestlib.a -usr/lib/libguestlib.la -usr/lib/libguestlib.so +#usr/include/vmGuestLib +#usr/include/vmGuestLib/includeCheck.h +#usr/include/vmGuestLib/vmGuestLib.h +#usr/include/vmGuestLib/vmSessionId.h +#usr/include/vmGuestLib/vm_basic_types.h +#usr/lib/libguestlib.a +#usr/lib/libguestlib.la +#usr/lib/libguestlib.so usr/lib/libguestlib.so.0 usr/lib/libguestlib.so.0.0.0 -usr/lib/libvmtools.a -usr/lib/libvmtools.la -usr/lib/libvmtools.so +#usr/lib/libhgfs.a +#usr/lib/libhgfs.la +#usr/lib/libhgfs.so +usr/lib/libhgfs.so.0 +usr/lib/libhgfs.so.0.0.0 +#usr/lib/libvmtools.a +#usr/lib/libvmtools.la +#usr/lib/libvmtools.so usr/lib/libvmtools.so.0 usr/lib/libvmtools.so.0.0.0 usr/lib/open-vm-tools usr/lib/open-vm-tools/plugins +#usr/lib/open-vm-tools/plugins/common +#usr/lib/open-vm-tools/plugins/common/libhgfsServer.la +usr/lib/open-vm-tools/plugins/common/libhgfsServer.so +#usr/lib/open-vm-tools/plugins/common/libvix.la +usr/lib/open-vm-tools/plugins/common/libvix.so usr/lib/open-vm-tools/plugins/vmsvc +usr/lib/open-vm-tools/plugins/vmsvc/libgrabbitmqProxy.so usr/lib/open-vm-tools/plugins/vmsvc/libguestInfo.so -usr/lib/open-vm-tools/plugins/vmsvc/libhgfsServer.so usr/lib/open-vm-tools/plugins/vmsvc/libpowerOps.so usr/lib/open-vm-tools/plugins/vmsvc/libtimeSync.so -usr/lib/open-vm-tools/plugins/vmsvc/libvix.so usr/lib/open-vm-tools/plugins/vmsvc/libvmbackup.so +#usr/lib/pkgconfig/vmguestlib.pc usr/sbin/mount.vmhgfs +#usr/share/open-vm-tools +#usr/share/open-vm-tools/messages +#usr/share/open-vm-tools/messages/de +#usr/share/open-vm-tools/messages/de/toolboxcmd.vmsg +#usr/share/open-vm-tools/messages/de/vmtoolsd.vmsg +#usr/share/open-vm-tools/messages/ja +#usr/share/open-vm-tools/messages/ja/toolboxcmd.vmsg +#usr/share/open-vm-tools/messages/ja/vmtoolsd.vmsg +#usr/share/open-vm-tools/messages/ko +#usr/share/open-vm-tools/messages/ko/toolboxcmd.vmsg +#usr/share/open-vm-tools/messages/ko/vmtoolsd.vmsg +#usr/share/open-vm-tools/messages/zh_CN +#usr/share/open-vm-tools/messages/zh_CN/toolboxcmd.vmsg diff --git a/config/rootfiles/packages/tripwire b/config/rootfiles/packages/tripwire deleted file mode 100644 index b30e843..0000000 --- a/config/rootfiles/packages/tripwire +++ /dev/null @@ -1,13 +0,0 @@ -#etc/rc.d/init.d/tripwire -usr/local/bin/tripwirectrl -usr/sbin/siggen -usr/sbin/tripwire -usr/sbin/twadmin -usr/sbin/twprint -var/ipfire/tripwire -#var/ipfire/tripwire/twcfg.default -#var/ipfire/tripwire/twcfg.txt -#var/ipfire/tripwire/twpol.default -#var/ipfire/tripwire/twpol.txt -srv/web/ipfire/cgi-bin/tripwire.cgi -var/ipfire/menu.d/EX-tripwire.menu diff --git a/config/tripwire/settings b/config/tripwire/settings deleted file mode 100755 index e69de29..0000000 diff --git a/config/tripwire/twcfg.txt b/config/tripwire/twcfg.txt deleted file mode 100644 index 195819c..0000000 --- a/config/tripwire/twcfg.txt +++ /dev/null @@ -1,18 +0,0 @@ -ROOT =/usr/sbin -POLFILE =/var/ipfire/tripwire/tw.pol -DBFILE =/var/ipfire/tripwire/$(HOSTNAME).twd -REPORTFILE =/var/ipfire/tripwire/report/$(DATE).twr -SITEKEYFILE =/var/ipfire/tripwire/site.key -LOCALKEYFILE =/var/ipfire/tripwire/local.key -EDITOR =/usr/bin/vi -LATEPROMPTING =false -LOOSEDIRECTORYCHECKING =false -MAILNOVIOLATIONS =false -EMAILREPORTLEVEL =3 -REPORTLEVEL =3 -#MAILMETHOD =SENDMAIL -#MAILMETHOD =SMTP -#SMTPHOST =phoenix.e-vector.com -#SMTPPORT =25 -SYSLOGREPORTING =false -#MAILPROGRAM =/usr/sbin/sendmail -oi -t diff --git a/config/tripwire/twpol.txt b/config/tripwire/twpol.txt deleted file mode 100644 index 9cdcce8..0000000 --- a/config/tripwire/twpol.txt +++ /dev/null @@ -1,75 +0,0 @@ -@@section GLOBAL -TWROOT=/usr/sbin; -TWBIN=/usr/sbin; -TWPOL="/var/ipfire/tripwire"; -TWDB="/var/ipfire/tripwire"; -TWSKEY="/var/ipfire/tripwire"; -TWLKEY="/var/ipfire/tripwire"; -TWREPORT="/var/ipfire/tripwire/report"; -HOSTNAME=ipfire; - -@@section FS -SEC_CRIT = $(IgnoreNone)-SHa ; # Critical files that cannot change -SEC_CONFIG = $(Dynamic) ; # Config files that are changed infrequently but accessed often -SEC_LOG = $(Growing) ; # Files that grow, but that should never change ownership -SEC_INVARIANT = +tpug ; # Directories that should never change permission or ownership -SIG_LOW = 33 ; # Non-critical files that are of minimal security impact -SIG_MED = 66 ; # Non-critical files that are of significant security impact -SIG_HI = 100 ; # Critical files that are significant points of vulnerability - -# System Files - -( - rulename = "System Files", - severity = $(SIG_HI) -) -{ - $(TWDB) -> $(SEC_CRIT) ; - $(TWPOL)/tw.pol -> $(SEC_CRIT) -i ; - $(TWPOL)/tw.cfg -> $(SEC_CRIT) -i ; - $(TWLKEY)/local.key -> $(SEC_CRIT) ; - $(TWSKEY)/site.key -> $(SEC_CRIT) ; - - /bin -> $(SEC_CRIT) ; - /boot -> $(SEC_CRIT) ; - /etc -> $(SEC_CRIT) ; - /etc/snort/rules/ -> $(Dynamic) ; - /lib -> $(SEC_CRIT) ; - /root -> $(SEC_CRIT) ; - /root/.bash_history -> $(Dynamic) ; - /sbin -> $(SEC_CRIT) ; - /usr -> $(SEC_CRIT) ; - /usr/share/clamav -> $(Dynamic) ; - /etc/mtab -> $(SEC_CONFIG) -i ; # Inode number changes on any mount/unmount - - #don't scan the individual reports - $(TWREPORT) -> $(SEC_CONFIG) (recurse=0) ; -} - -# Commonly accessed directories that should remain static with regards to owner and group -( - rulename = "Invariant Directories", - severity = $(SIG_MED) -) -{ - / -> $(SEC_INVARIANT) (recurse = 0) ; - /home -> $(SEC_INVARIANT) (recurse = 0) ; - /tmp -> $(SEC_INVARIANT) ; -} - -# Critical Devices - -( - rulename = "Critical devices", - severity = $(SIG_HI), - recurse = false -) -{ - /dev/console -> $(SEC_CONFIG) -u ; # User ID may change on console login/logout. - /dev/initctl -> $(SEC_CONFIG) ; /dev/log -> $(SEC_CONFIG) ; - /proc/modules -> $(Device) ; - /proc/mounts -> $(Device) ; - /proc/filesystems -> $(Device) ; - /proc/misc -> $(Device) ; - /var/log -> $(SEC_LOG) ; -} diff --git a/doc/language_issues.de b/doc/language_issues.de index 6c47184..3660356 100644 --- a/doc/language_issues.de +++ b/doc/language_issues.de @@ -13,6 +13,7 @@ WARNING: translation string unused: Verbose WARNING: translation string unused: access allowed WARNING: translation string unused: access refused with this oinkcode WARNING: translation string unused: add a new rule +WARNING: translation string unused: add cron WARNING: translation string unused: add network WARNING: translation string unused: add new ovpn WARNING: translation string unused: add service @@ -128,6 +129,8 @@ WARNING: translation string unused: deep scan directories WARNING: translation string unused: default ip WARNING: translation string unused: default networks WARNING: translation string unused: default services +WARNING: translation string unused: defaultwarning +WARNING: translation string unused: delete cron WARNING: translation string unused: description WARNING: translation string unused: destination ip bad WARNING: translation string unused: destination ip or net @@ -170,6 +173,7 @@ WARNING: translation string unused: email server can not be empty WARNING: translation string unused: email subject WARNING: translation string unused: email success WARNING: translation string unused: email text +WARNING: translation string unused: emailreportlevel WARNING: translation string unused: enable javascript WARNING: translation string unused: enable wildcards WARNING: translation string unused: enabled on @@ -264,6 +268,10 @@ WARNING: translation string unused: fwhost reset WARNING: translation string unused: fwhost wo subnet WARNING: translation string unused: gen static key WARNING: translation string unused: generate +WARNING: translation string unused: generate tripwire keys and init +WARNING: translation string unused: generatekeys +WARNING: translation string unused: generatepolicy +WARNING: translation string unused: generatereport WARNING: translation string unused: genkey WARNING: translation string unused: geoipblock country code WARNING: translation string unused: geoipblock country name @@ -318,11 +326,14 @@ WARNING: translation string unused: javascript menu error1 WARNING: translation string unused: javascript menu error2 WARNING: translation string unused: kernel version WARNING: translation string unused: key stuff +WARNING: translation string unused: keyreset +WARNING: translation string unused: keys WARNING: translation string unused: lateprompting WARNING: translation string unused: length WARNING: translation string unused: line WARNING: translation string unused: loaded modules WARNING: translation string unused: local hard disk +WARNING: translation string unused: localkey WARNING: translation string unused: localkeyfile WARNING: translation string unused: log enabled WARNING: translation string unused: log viewer @@ -339,6 +350,8 @@ WARNING: translation string unused: ls_pam_unix WARNING: translation string unused: ls_sshd WARNING: translation string unused: ls_syslogd WARNING: translation string unused: mac address error not 00 +WARNING: translation string unused: mailmethod +WARNING: translation string unused: mailprogramm WARNING: translation string unused: manage ovpn WARNING: translation string unused: manual control and status WARNING: translation string unused: marked @@ -479,9 +492,11 @@ WARNING: translation string unused: refresh update list WARNING: translation string unused: released WARNING: translation string unused: removable device advice WARNING: translation string unused: reportfile +WARNING: translation string unused: reportlevel WARNING: translation string unused: requested data WARNING: translation string unused: reserved dst port WARNING: translation string unused: reserved src port +WARNING: translation string unused: resetpolicy WARNING: translation string unused: restore hardware settings WARNING: translation string unused: root WARNING: translation string unused: root path @@ -509,8 +524,11 @@ WARNING: translation string unused: shaping list options WARNING: translation string unused: shutdown ask WARNING: translation string unused: shutdown sure WARNING: translation string unused: shutdown2 +WARNING: translation string unused: sitekey WARNING: translation string unused: sitekeyfile WARNING: translation string unused: smbreload +WARNING: translation string unused: smtphost +WARNING: translation string unused: smtpport WARNING: translation string unused: source ip bad WARNING: translation string unused: source ip in use WARNING: translation string unused: source ip or net @@ -585,12 +603,21 @@ WARNING: translation string unused: trafficsum WARNING: translation string unused: trafficto WARNING: translation string unused: transfer limits WARNING: translation string unused: transparent on +WARNING: translation string unused: tripwire +WARNING: translation string unused: tripwire cronjob +WARNING: translation string unused: tripwire functions +WARNING: translation string unused: tripwire reports +WARNING: translation string unused: tripwireoperating +WARNING: translation string unused: tripwirewarningdatabase +WARNING: translation string unused: tripwirewarningkeys +WARNING: translation string unused: tripwirewarningpolicy WARNING: translation string unused: umount WARNING: translation string unused: umount removable media before to unplug WARNING: translation string unused: unblock WARNING: translation string unused: unblock all WARNING: translation string unused: unencrypted WARNING: translation string unused: update transcript +WARNING: translation string unused: updatedatabase WARNING: translation string unused: updates WARNING: translation string unused: updates is old1 WARNING: translation string unused: updates is old2 diff --git a/doc/language_issues.en b/doc/language_issues.en index 68e351c..a419afa 100644 --- a/doc/language_issues.en +++ b/doc/language_issues.en @@ -13,6 +13,7 @@ WARNING: translation string unused: Verbose WARNING: translation string unused: access allowed WARNING: translation string unused: access refused with this oinkcode WARNING: translation string unused: add a new rule +WARNING: translation string unused: add cron WARNING: translation string unused: add network WARNING: translation string unused: add new ovpn WARNING: translation string unused: add service @@ -147,6 +148,8 @@ WARNING: translation string unused: deep scan directories WARNING: translation string unused: default ip WARNING: translation string unused: default networks WARNING: translation string unused: default services +WARNING: translation string unused: defaultwarning +WARNING: translation string unused: delete cron WARNING: translation string unused: description WARNING: translation string unused: destination ip bad WARNING: translation string unused: destination ip or net @@ -193,6 +196,7 @@ WARNING: translation string unused: email server can not be empty WARNING: translation string unused: email subject WARNING: translation string unused: email success WARNING: translation string unused: email text +WARNING: translation string unused: emailreportlevel WARNING: translation string unused: enable javascript WARNING: translation string unused: enable wildcards WARNING: translation string unused: enabled on @@ -289,6 +293,10 @@ WARNING: translation string unused: g.dtm WARNING: translation string unused: g.lite WARNING: translation string unused: gen static key WARNING: translation string unused: generate +WARNING: translation string unused: generate tripwire keys and init +WARNING: translation string unused: generatekeys +WARNING: translation string unused: generatepolicy +WARNING: translation string unused: generatereport WARNING: translation string unused: genkey WARNING: translation string unused: geoipblock country code WARNING: translation string unused: geoipblock country name @@ -344,11 +352,14 @@ WARNING: translation string unused: javascript menu error1 WARNING: translation string unused: javascript menu error2 WARNING: translation string unused: kernel version WARNING: translation string unused: key stuff +WARNING: translation string unused: keyreset +WARNING: translation string unused: keys WARNING: translation string unused: lateprompting WARNING: translation string unused: length WARNING: translation string unused: line WARNING: translation string unused: loaded modules WARNING: translation string unused: local hard disk +WARNING: translation string unused: localkey WARNING: translation string unused: localkeyfile WARNING: translation string unused: log enabled WARNING: translation string unused: log viewer @@ -365,6 +376,8 @@ WARNING: translation string unused: ls_pam_unix WARNING: translation string unused: ls_sshd WARNING: translation string unused: ls_syslogd WARNING: translation string unused: mac address error not 00 +WARNING: translation string unused: mailmethod +WARNING: translation string unused: mailprogramm WARNING: translation string unused: manage ovpn WARNING: translation string unused: manual control and status WARNING: translation string unused: marked @@ -506,9 +519,11 @@ WARNING: translation string unused: refresh update list WARNING: translation string unused: released WARNING: translation string unused: removable device advice WARNING: translation string unused: reportfile +WARNING: translation string unused: reportlevel WARNING: translation string unused: requested data WARNING: translation string unused: reserved dst port WARNING: translation string unused: reserved src port +WARNING: translation string unused: resetpolicy WARNING: translation string unused: restore hardware settings WARNING: translation string unused: root WARNING: translation string unused: root path @@ -539,8 +554,11 @@ WARNING: translation string unused: show lines WARNING: translation string unused: shutdown ask WARNING: translation string unused: shutdown sure WARNING: translation string unused: shutdown2 +WARNING: translation string unused: sitekey WARNING: translation string unused: sitekeyfile WARNING: translation string unused: smbreload +WARNING: translation string unused: smtphost +WARNING: translation string unused: smtpport WARNING: translation string unused: source ip bad WARNING: translation string unused: source ip in use WARNING: translation string unused: source ip or net @@ -618,12 +636,21 @@ WARNING: translation string unused: trafficsum WARNING: translation string unused: trafficto WARNING: translation string unused: transfer limits WARNING: translation string unused: transparent on +WARNING: translation string unused: tripwire +WARNING: translation string unused: tripwire cronjob +WARNING: translation string unused: tripwire functions +WARNING: translation string unused: tripwire reports +WARNING: translation string unused: tripwireoperating +WARNING: translation string unused: tripwirewarningdatabase +WARNING: translation string unused: tripwirewarningkeys +WARNING: translation string unused: tripwirewarningpolicy WARNING: translation string unused: umount WARNING: translation string unused: umount removable media before to unplug WARNING: translation string unused: unblock WARNING: translation string unused: unblock all WARNING: translation string unused: unencrypted WARNING: translation string unused: update transcript +WARNING: translation string unused: updatedatabase WARNING: translation string unused: updates WARNING: translation string unused: updates is old1 WARNING: translation string unused: updates is old2 diff --git a/doc/language_issues.es b/doc/language_issues.es index 02aaca6..d375f69 100644 --- a/doc/language_issues.es +++ b/doc/language_issues.es @@ -14,6 +14,7 @@ WARNING: translation string unused: Verbose WARNING: translation string unused: access allowed WARNING: translation string unused: access refused with this oinkcode WARNING: translation string unused: add a new rule +WARNING: translation string unused: add cron WARNING: translation string unused: add network WARNING: translation string unused: add new ovpn WARNING: translation string unused: add service @@ -139,6 +140,8 @@ WARNING: translation string unused: debugme WARNING: translation string unused: deep scan directories WARNING: translation string unused: default networks WARNING: translation string unused: default services +WARNING: translation string unused: defaultwarning +WARNING: translation string unused: delete cron WARNING: translation string unused: description WARNING: translation string unused: destination ip bad WARNING: translation string unused: destination ip or net @@ -180,6 +183,7 @@ WARNING: translation string unused: edit service WARNING: translation string unused: editor WARNING: translation string unused: eg WARNING: translation string unused: email server can not be empty +WARNING: translation string unused: emailreportlevel WARNING: translation string unused: enable javascript WARNING: translation string unused: enable wildcards WARNING: translation string unused: enabled on @@ -233,6 +237,10 @@ WARNING: translation string unused: g.dtm WARNING: translation string unused: g.lite WARNING: translation string unused: gen static key WARNING: translation string unused: generate +WARNING: translation string unused: generate tripwire keys and init +WARNING: translation string unused: generatekeys +WARNING: translation string unused: generatepolicy +WARNING: translation string unused: generatereport WARNING: translation string unused: genkey WARNING: translation string unused: geoipblock country code WARNING: translation string unused: geoipblock country name @@ -287,11 +295,14 @@ WARNING: translation string unused: javascript menu error1 WARNING: translation string unused: javascript menu error2 WARNING: translation string unused: kernel version WARNING: translation string unused: key stuff +WARNING: translation string unused: keyreset +WARNING: translation string unused: keys WARNING: translation string unused: lateprompting WARNING: translation string unused: length WARNING: translation string unused: line WARNING: translation string unused: loaded modules WARNING: translation string unused: local hard disk +WARNING: translation string unused: localkey WARNING: translation string unused: localkeyfile WARNING: translation string unused: log enabled WARNING: translation string unused: log viewer @@ -308,6 +319,8 @@ WARNING: translation string unused: ls_pam_unix WARNING: translation string unused: ls_sshd WARNING: translation string unused: ls_syslogd WARNING: translation string unused: mac address error not 00 +WARNING: translation string unused: mailmethod +WARNING: translation string unused: mailprogramm WARNING: translation string unused: manage ovpn WARNING: translation string unused: manual control and status WARNING: translation string unused: marked @@ -433,9 +446,11 @@ WARNING: translation string unused: refresh update list WARNING: translation string unused: released WARNING: translation string unused: removable device advice WARNING: translation string unused: reportfile +WARNING: translation string unused: reportlevel WARNING: translation string unused: requested data WARNING: translation string unused: reserved dst port WARNING: translation string unused: reserved src port +WARNING: translation string unused: resetpolicy WARNING: translation string unused: restore hardware settings WARNING: translation string unused: root WARNING: translation string unused: root path @@ -466,8 +481,11 @@ WARNING: translation string unused: show lines WARNING: translation string unused: shutdown ask WARNING: translation string unused: shutdown sure WARNING: translation string unused: shutdown2 +WARNING: translation string unused: sitekey WARNING: translation string unused: sitekeyfile WARNING: translation string unused: smbreload +WARNING: translation string unused: smtphost +WARNING: translation string unused: smtpport WARNING: translation string unused: source ip bad WARNING: translation string unused: source ip in use WARNING: translation string unused: source ip or net @@ -537,10 +555,19 @@ WARNING: translation string unused: trafficsum WARNING: translation string unused: trafficto WARNING: translation string unused: transfer limits WARNING: translation string unused: transparent on +WARNING: translation string unused: tripwire +WARNING: translation string unused: tripwire cronjob +WARNING: translation string unused: tripwire functions +WARNING: translation string unused: tripwire reports +WARNING: translation string unused: tripwireoperating +WARNING: translation string unused: tripwirewarningdatabase +WARNING: translation string unused: tripwirewarningkeys +WARNING: translation string unused: tripwirewarningpolicy WARNING: translation string unused: umount WARNING: translation string unused: umount removable media before to unplug WARNING: translation string unused: unencrypted WARNING: translation string unused: update transcript +WARNING: translation string unused: updatedatabase WARNING: translation string unused: updates WARNING: translation string unused: updates is old1 WARNING: translation string unused: updates is old2 diff --git a/doc/language_issues.fr b/doc/language_issues.fr index c201dd9..f0f5ec4 100644 --- a/doc/language_issues.fr +++ b/doc/language_issues.fr @@ -14,6 +14,7 @@ WARNING: translation string unused: Verbose WARNING: translation string unused: access allowed WARNING: translation string unused: access refused with this oinkcode WARNING: translation string unused: add a new rule +WARNING: translation string unused: add cron WARNING: translation string unused: add network WARNING: translation string unused: add new ovpn WARNING: translation string unused: add service @@ -139,6 +140,8 @@ WARNING: translation string unused: debugme WARNING: translation string unused: deep scan directories WARNING: translation string unused: default networks WARNING: translation string unused: default services +WARNING: translation string unused: defaultwarning +WARNING: translation string unused: delete cron WARNING: translation string unused: description WARNING: translation string unused: destination ip bad WARNING: translation string unused: destination ip or net @@ -180,6 +183,7 @@ WARNING: translation string unused: edit service WARNING: translation string unused: editor WARNING: translation string unused: eg WARNING: translation string unused: email server can not be empty +WARNING: translation string unused: emailreportlevel WARNING: translation string unused: enable javascript WARNING: translation string unused: enable wildcards WARNING: translation string unused: enabled on @@ -233,6 +237,10 @@ WARNING: translation string unused: g.dtm WARNING: translation string unused: g.lite WARNING: translation string unused: gen static key WARNING: translation string unused: generate +WARNING: translation string unused: generate tripwire keys and init +WARNING: translation string unused: generatekeys +WARNING: translation string unused: generatepolicy +WARNING: translation string unused: generatereport WARNING: translation string unused: genkey WARNING: translation string unused: green interface WARNING: translation string unused: gz with key @@ -284,11 +292,14 @@ WARNING: translation string unused: javascript menu error1 WARNING: translation string unused: javascript menu error2 WARNING: translation string unused: kernel version WARNING: translation string unused: key stuff +WARNING: translation string unused: keyreset +WARNING: translation string unused: keys WARNING: translation string unused: lateprompting WARNING: translation string unused: length WARNING: translation string unused: line WARNING: translation string unused: loaded modules WARNING: translation string unused: local hard disk +WARNING: translation string unused: localkey WARNING: translation string unused: localkeyfile WARNING: translation string unused: log enabled WARNING: translation string unused: log viewer @@ -305,6 +316,8 @@ WARNING: translation string unused: ls_pam_unix WARNING: translation string unused: ls_sshd WARNING: translation string unused: ls_syslogd WARNING: translation string unused: mac address error not 00 +WARNING: translation string unused: mailmethod +WARNING: translation string unused: mailprogramm WARNING: translation string unused: manage ovpn WARNING: translation string unused: manual control and status WARNING: translation string unused: marked @@ -441,9 +454,11 @@ WARNING: translation string unused: refresh update list WARNING: translation string unused: released WARNING: translation string unused: removable device advice WARNING: translation string unused: reportfile +WARNING: translation string unused: reportlevel WARNING: translation string unused: requested data WARNING: translation string unused: reserved dst port WARNING: translation string unused: reserved src port +WARNING: translation string unused: resetpolicy WARNING: translation string unused: restore hardware settings WARNING: translation string unused: root WARNING: translation string unused: root path @@ -474,8 +489,11 @@ WARNING: translation string unused: show lines WARNING: translation string unused: shutdown ask WARNING: translation string unused: shutdown sure WARNING: translation string unused: shutdown2 +WARNING: translation string unused: sitekey WARNING: translation string unused: sitekeyfile WARNING: translation string unused: smbreload +WARNING: translation string unused: smtphost +WARNING: translation string unused: smtpport WARNING: translation string unused: source ip bad WARNING: translation string unused: source ip in use WARNING: translation string unused: source ip or net @@ -545,10 +563,19 @@ WARNING: translation string unused: trafficsum WARNING: translation string unused: trafficto WARNING: translation string unused: transfer limits WARNING: translation string unused: transparent on +WARNING: translation string unused: tripwire +WARNING: translation string unused: tripwire cronjob +WARNING: translation string unused: tripwire functions +WARNING: translation string unused: tripwire reports +WARNING: translation string unused: tripwireoperating +WARNING: translation string unused: tripwirewarningdatabase +WARNING: translation string unused: tripwirewarningkeys +WARNING: translation string unused: tripwirewarningpolicy WARNING: translation string unused: umount WARNING: translation string unused: umount removable media before to unplug WARNING: translation string unused: unencrypted WARNING: translation string unused: update transcript +WARNING: translation string unused: updatedatabase WARNING: translation string unused: updates WARNING: translation string unused: updates is old1 WARNING: translation string unused: updates is old2 diff --git a/doc/language_issues.it b/doc/language_issues.it index 156a359..65643e8 100644 --- a/doc/language_issues.it +++ b/doc/language_issues.it @@ -14,6 +14,7 @@ WARNING: translation string unused: Verbose WARNING: translation string unused: access allowed WARNING: translation string unused: access refused with this oinkcode WARNING: translation string unused: add a new rule +WARNING: translation string unused: add cron WARNING: translation string unused: add network WARNING: translation string unused: add new ovpn WARNING: translation string unused: add service @@ -146,6 +147,8 @@ WARNING: translation string unused: deep scan directories WARNING: translation string unused: default ip WARNING: translation string unused: default networks WARNING: translation string unused: default services +WARNING: translation string unused: defaultwarning +WARNING: translation string unused: delete cron WARNING: translation string unused: description WARNING: translation string unused: destination ip bad WARNING: translation string unused: destination ip or net @@ -188,6 +191,7 @@ WARNING: translation string unused: edit service WARNING: translation string unused: editor WARNING: translation string unused: eg WARNING: translation string unused: email server can not be empty +WARNING: translation string unused: emailreportlevel WARNING: translation string unused: enable javascript WARNING: translation string unused: enable wildcards WARNING: translation string unused: enabled on @@ -283,6 +287,10 @@ WARNING: translation string unused: g.dtm WARNING: translation string unused: g.lite WARNING: translation string unused: gen static key WARNING: translation string unused: generate +WARNING: translation string unused: generate tripwire keys and init +WARNING: translation string unused: generatekeys +WARNING: translation string unused: generatepolicy +WARNING: translation string unused: generatereport WARNING: translation string unused: genkey WARNING: translation string unused: green interface WARNING: translation string unused: gz with key @@ -335,11 +343,14 @@ WARNING: translation string unused: javascript menu error1 WARNING: translation string unused: javascript menu error2 WARNING: translation string unused: kernel version WARNING: translation string unused: key stuff +WARNING: translation string unused: keyreset +WARNING: translation string unused: keys WARNING: translation string unused: lateprompting WARNING: translation string unused: length WARNING: translation string unused: line WARNING: translation string unused: loaded modules WARNING: translation string unused: local hard disk +WARNING: translation string unused: localkey WARNING: translation string unused: localkeyfile WARNING: translation string unused: log enabled WARNING: translation string unused: log viewer @@ -356,6 +367,8 @@ WARNING: translation string unused: ls_pam_unix WARNING: translation string unused: ls_sshd WARNING: translation string unused: ls_syslogd WARNING: translation string unused: mac address error not 00 +WARNING: translation string unused: mailmethod +WARNING: translation string unused: mailprogramm WARNING: translation string unused: manage ovpn WARNING: translation string unused: manual control and status WARNING: translation string unused: marked @@ -497,9 +510,11 @@ WARNING: translation string unused: refresh update list WARNING: translation string unused: released WARNING: translation string unused: removable device advice WARNING: translation string unused: reportfile +WARNING: translation string unused: reportlevel WARNING: translation string unused: requested data WARNING: translation string unused: reserved dst port WARNING: translation string unused: reserved src port +WARNING: translation string unused: resetpolicy WARNING: translation string unused: restore hardware settings WARNING: translation string unused: root WARNING: translation string unused: root path @@ -530,8 +545,11 @@ WARNING: translation string unused: show lines WARNING: translation string unused: shutdown ask WARNING: translation string unused: shutdown sure WARNING: translation string unused: shutdown2 +WARNING: translation string unused: sitekey WARNING: translation string unused: sitekeyfile WARNING: translation string unused: smbreload +WARNING: translation string unused: smtphost +WARNING: translation string unused: smtpport WARNING: translation string unused: source ip bad WARNING: translation string unused: source ip in use WARNING: translation string unused: source ip or net @@ -609,10 +627,19 @@ WARNING: translation string unused: trafficsum WARNING: translation string unused: trafficto WARNING: translation string unused: transfer limits WARNING: translation string unused: transparent on +WARNING: translation string unused: tripwire +WARNING: translation string unused: tripwire cronjob +WARNING: translation string unused: tripwire functions +WARNING: translation string unused: tripwire reports +WARNING: translation string unused: tripwireoperating +WARNING: translation string unused: tripwirewarningdatabase +WARNING: translation string unused: tripwirewarningkeys +WARNING: translation string unused: tripwirewarningpolicy WARNING: translation string unused: umount WARNING: translation string unused: umount removable media before to unplug WARNING: translation string unused: unencrypted WARNING: translation string unused: update transcript +WARNING: translation string unused: updatedatabase WARNING: translation string unused: updates WARNING: translation string unused: updates is old1 WARNING: translation string unused: updates is old2 diff --git a/doc/language_issues.nl b/doc/language_issues.nl index 201d3e4..3b57bdf 100644 --- a/doc/language_issues.nl +++ b/doc/language_issues.nl @@ -14,6 +14,7 @@ WARNING: translation string unused: Verbose WARNING: translation string unused: access allowed WARNING: translation string unused: access refused with this oinkcode WARNING: translation string unused: add a new rule +WARNING: translation string unused: add cron WARNING: translation string unused: add network WARNING: translation string unused: add new ovpn WARNING: translation string unused: add service @@ -146,6 +147,8 @@ WARNING: translation string unused: deep scan directories WARNING: translation string unused: default ip WARNING: translation string unused: default networks WARNING: translation string unused: default services +WARNING: translation string unused: defaultwarning +WARNING: translation string unused: delete cron WARNING: translation string unused: description WARNING: translation string unused: destination ip bad WARNING: translation string unused: destination ip or net @@ -187,6 +190,7 @@ WARNING: translation string unused: edit service WARNING: translation string unused: editor WARNING: translation string unused: eg WARNING: translation string unused: email server can not be empty +WARNING: translation string unused: emailreportlevel WARNING: translation string unused: enable javascript WARNING: translation string unused: enable wildcards WARNING: translation string unused: enabled on @@ -282,6 +286,10 @@ WARNING: translation string unused: g.dtm WARNING: translation string unused: g.lite WARNING: translation string unused: gen static key WARNING: translation string unused: generate +WARNING: translation string unused: generate tripwire keys and init +WARNING: translation string unused: generatekeys +WARNING: translation string unused: generatepolicy +WARNING: translation string unused: generatereport WARNING: translation string unused: genkey WARNING: translation string unused: green interface WARNING: translation string unused: gz with key @@ -334,11 +342,14 @@ WARNING: translation string unused: javascript menu error1 WARNING: translation string unused: javascript menu error2 WARNING: translation string unused: kernel version WARNING: translation string unused: key stuff +WARNING: translation string unused: keyreset +WARNING: translation string unused: keys WARNING: translation string unused: lateprompting WARNING: translation string unused: length WARNING: translation string unused: line WARNING: translation string unused: loaded modules WARNING: translation string unused: local hard disk +WARNING: translation string unused: localkey WARNING: translation string unused: localkeyfile WARNING: translation string unused: log enabled WARNING: translation string unused: log viewer @@ -355,6 +366,8 @@ WARNING: translation string unused: ls_pam_unix WARNING: translation string unused: ls_sshd WARNING: translation string unused: ls_syslogd WARNING: translation string unused: mac address error not 00 +WARNING: translation string unused: mailmethod +WARNING: translation string unused: mailprogramm WARNING: translation string unused: manage ovpn WARNING: translation string unused: manual control and status WARNING: translation string unused: marked @@ -494,9 +507,11 @@ WARNING: translation string unused: refresh update list WARNING: translation string unused: released WARNING: translation string unused: removable device advice WARNING: translation string unused: reportfile +WARNING: translation string unused: reportlevel WARNING: translation string unused: requested data WARNING: translation string unused: reserved dst port WARNING: translation string unused: reserved src port +WARNING: translation string unused: resetpolicy WARNING: translation string unused: restore hardware settings WARNING: translation string unused: root WARNING: translation string unused: root path @@ -527,8 +542,11 @@ WARNING: translation string unused: show lines WARNING: translation string unused: shutdown ask WARNING: translation string unused: shutdown sure WARNING: translation string unused: shutdown2 +WARNING: translation string unused: sitekey WARNING: translation string unused: sitekeyfile WARNING: translation string unused: smbreload +WARNING: translation string unused: smtphost +WARNING: translation string unused: smtpport WARNING: translation string unused: source ip bad WARNING: translation string unused: source ip in use WARNING: translation string unused: source ip or net @@ -605,10 +623,19 @@ WARNING: translation string unused: trafficsum WARNING: translation string unused: trafficto WARNING: translation string unused: transfer limits WARNING: translation string unused: transparent on +WARNING: translation string unused: tripwire +WARNING: translation string unused: tripwire cronjob +WARNING: translation string unused: tripwire functions +WARNING: translation string unused: tripwire reports +WARNING: translation string unused: tripwireoperating +WARNING: translation string unused: tripwirewarningdatabase +WARNING: translation string unused: tripwirewarningkeys +WARNING: translation string unused: tripwirewarningpolicy WARNING: translation string unused: umount WARNING: translation string unused: umount removable media before to unplug WARNING: translation string unused: unencrypted WARNING: translation string unused: update transcript +WARNING: translation string unused: updatedatabase WARNING: translation string unused: updates WARNING: translation string unused: updates is old1 WARNING: translation string unused: updates is old2 diff --git a/doc/language_issues.pl b/doc/language_issues.pl index 02aaca6..d375f69 100644 --- a/doc/language_issues.pl +++ b/doc/language_issues.pl @@ -14,6 +14,7 @@ WARNING: translation string unused: Verbose WARNING: translation string unused: access allowed WARNING: translation string unused: access refused with this oinkcode WARNING: translation string unused: add a new rule +WARNING: translation string unused: add cron WARNING: translation string unused: add network WARNING: translation string unused: add new ovpn WARNING: translation string unused: add service @@ -139,6 +140,8 @@ WARNING: translation string unused: debugme WARNING: translation string unused: deep scan directories WARNING: translation string unused: default networks WARNING: translation string unused: default services +WARNING: translation string unused: defaultwarning +WARNING: translation string unused: delete cron WARNING: translation string unused: description WARNING: translation string unused: destination ip bad WARNING: translation string unused: destination ip or net @@ -180,6 +183,7 @@ WARNING: translation string unused: edit service WARNING: translation string unused: editor WARNING: translation string unused: eg WARNING: translation string unused: email server can not be empty +WARNING: translation string unused: emailreportlevel WARNING: translation string unused: enable javascript WARNING: translation string unused: enable wildcards WARNING: translation string unused: enabled on @@ -233,6 +237,10 @@ WARNING: translation string unused: g.dtm WARNING: translation string unused: g.lite WARNING: translation string unused: gen static key WARNING: translation string unused: generate +WARNING: translation string unused: generate tripwire keys and init +WARNING: translation string unused: generatekeys +WARNING: translation string unused: generatepolicy +WARNING: translation string unused: generatereport WARNING: translation string unused: genkey WARNING: translation string unused: geoipblock country code WARNING: translation string unused: geoipblock country name @@ -287,11 +295,14 @@ WARNING: translation string unused: javascript menu error1 WARNING: translation string unused: javascript menu error2 WARNING: translation string unused: kernel version WARNING: translation string unused: key stuff +WARNING: translation string unused: keyreset +WARNING: translation string unused: keys WARNING: translation string unused: lateprompting WARNING: translation string unused: length WARNING: translation string unused: line WARNING: translation string unused: loaded modules WARNING: translation string unused: local hard disk +WARNING: translation string unused: localkey WARNING: translation string unused: localkeyfile WARNING: translation string unused: log enabled WARNING: translation string unused: log viewer @@ -308,6 +319,8 @@ WARNING: translation string unused: ls_pam_unix WARNING: translation string unused: ls_sshd WARNING: translation string unused: ls_syslogd WARNING: translation string unused: mac address error not 00 +WARNING: translation string unused: mailmethod +WARNING: translation string unused: mailprogramm WARNING: translation string unused: manage ovpn WARNING: translation string unused: manual control and status WARNING: translation string unused: marked @@ -433,9 +446,11 @@ WARNING: translation string unused: refresh update list WARNING: translation string unused: released WARNING: translation string unused: removable device advice WARNING: translation string unused: reportfile +WARNING: translation string unused: reportlevel WARNING: translation string unused: requested data WARNING: translation string unused: reserved dst port WARNING: translation string unused: reserved src port +WARNING: translation string unused: resetpolicy WARNING: translation string unused: restore hardware settings WARNING: translation string unused: root WARNING: translation string unused: root path @@ -466,8 +481,11 @@ WARNING: translation string unused: show lines WARNING: translation string unused: shutdown ask WARNING: translation string unused: shutdown sure WARNING: translation string unused: shutdown2 +WARNING: translation string unused: sitekey WARNING: translation string unused: sitekeyfile WARNING: translation string unused: smbreload +WARNING: translation string unused: smtphost +WARNING: translation string unused: smtpport WARNING: translation string unused: source ip bad WARNING: translation string unused: source ip in use WARNING: translation string unused: source ip or net @@ -537,10 +555,19 @@ WARNING: translation string unused: trafficsum WARNING: translation string unused: trafficto WARNING: translation string unused: transfer limits WARNING: translation string unused: transparent on +WARNING: translation string unused: tripwire +WARNING: translation string unused: tripwire cronjob +WARNING: translation string unused: tripwire functions +WARNING: translation string unused: tripwire reports +WARNING: translation string unused: tripwireoperating +WARNING: translation string unused: tripwirewarningdatabase +WARNING: translation string unused: tripwirewarningkeys +WARNING: translation string unused: tripwirewarningpolicy WARNING: translation string unused: umount WARNING: translation string unused: umount removable media before to unplug WARNING: translation string unused: unencrypted WARNING: translation string unused: update transcript +WARNING: translation string unused: updatedatabase WARNING: translation string unused: updates WARNING: translation string unused: updates is old1 WARNING: translation string unused: updates is old2 diff --git a/doc/language_issues.ru b/doc/language_issues.ru index 305fc60..05d9e91 100644 --- a/doc/language_issues.ru +++ b/doc/language_issues.ru @@ -14,6 +14,7 @@ WARNING: translation string unused: Verbose WARNING: translation string unused: access allowed WARNING: translation string unused: access refused with this oinkcode WARNING: translation string unused: add a new rule +WARNING: translation string unused: add cron WARNING: translation string unused: add network WARNING: translation string unused: add new ovpn WARNING: translation string unused: add service @@ -138,6 +139,8 @@ WARNING: translation string unused: debugme WARNING: translation string unused: deep scan directories WARNING: translation string unused: default networks WARNING: translation string unused: default services +WARNING: translation string unused: defaultwarning +WARNING: translation string unused: delete cron WARNING: translation string unused: description WARNING: translation string unused: destination ip bad WARNING: translation string unused: destination ip or net @@ -179,6 +182,7 @@ WARNING: translation string unused: edit service WARNING: translation string unused: editor WARNING: translation string unused: eg WARNING: translation string unused: email server can not be empty +WARNING: translation string unused: emailreportlevel WARNING: translation string unused: enable javascript WARNING: translation string unused: enable wildcards WARNING: translation string unused: enabled on @@ -229,6 +233,10 @@ WARNING: translation string unused: g.dtm WARNING: translation string unused: g.lite WARNING: translation string unused: gen static key WARNING: translation string unused: generate +WARNING: translation string unused: generate tripwire keys and init +WARNING: translation string unused: generatekeys +WARNING: translation string unused: generatepolicy +WARNING: translation string unused: generatereport WARNING: translation string unused: genkey WARNING: translation string unused: green interface WARNING: translation string unused: gz with key @@ -279,11 +287,14 @@ WARNING: translation string unused: javascript menu error1 WARNING: translation string unused: javascript menu error2 WARNING: translation string unused: kernel version WARNING: translation string unused: key stuff +WARNING: translation string unused: keyreset +WARNING: translation string unused: keys WARNING: translation string unused: lateprompting WARNING: translation string unused: length WARNING: translation string unused: line WARNING: translation string unused: loaded modules WARNING: translation string unused: local hard disk +WARNING: translation string unused: localkey WARNING: translation string unused: localkeyfile WARNING: translation string unused: log enabled WARNING: translation string unused: log viewer @@ -300,6 +311,8 @@ WARNING: translation string unused: ls_pam_unix WARNING: translation string unused: ls_sshd WARNING: translation string unused: ls_syslogd WARNING: translation string unused: mac address error not 00 +WARNING: translation string unused: mailmethod +WARNING: translation string unused: mailprogramm WARNING: translation string unused: manage ovpn WARNING: translation string unused: manual control and status WARNING: translation string unused: marked @@ -435,9 +448,11 @@ WARNING: translation string unused: refresh update list WARNING: translation string unused: released WARNING: translation string unused: removable device advice WARNING: translation string unused: reportfile +WARNING: translation string unused: reportlevel WARNING: translation string unused: requested data WARNING: translation string unused: reserved dst port WARNING: translation string unused: reserved src port +WARNING: translation string unused: resetpolicy WARNING: translation string unused: restore hardware settings WARNING: translation string unused: root WARNING: translation string unused: root path @@ -468,8 +483,11 @@ WARNING: translation string unused: show lines WARNING: translation string unused: shutdown ask WARNING: translation string unused: shutdown sure WARNING: translation string unused: shutdown2 +WARNING: translation string unused: sitekey WARNING: translation string unused: sitekeyfile WARNING: translation string unused: smbreload +WARNING: translation string unused: smtphost +WARNING: translation string unused: smtpport WARNING: translation string unused: source ip bad WARNING: translation string unused: source ip in use WARNING: translation string unused: source ip or net @@ -539,10 +557,19 @@ WARNING: translation string unused: trafficsum WARNING: translation string unused: trafficto WARNING: translation string unused: transfer limits WARNING: translation string unused: transparent on +WARNING: translation string unused: tripwire +WARNING: translation string unused: tripwire cronjob +WARNING: translation string unused: tripwire functions +WARNING: translation string unused: tripwire reports +WARNING: translation string unused: tripwireoperating +WARNING: translation string unused: tripwirewarningdatabase +WARNING: translation string unused: tripwirewarningkeys +WARNING: translation string unused: tripwirewarningpolicy WARNING: translation string unused: umount WARNING: translation string unused: umount removable media before to unplug WARNING: translation string unused: unencrypted WARNING: translation string unused: update transcript +WARNING: translation string unused: updatedatabase WARNING: translation string unused: updates WARNING: translation string unused: updates is old1 WARNING: translation string unused: updates is old2 diff --git a/doc/language_issues.tr b/doc/language_issues.tr index 68e351c..a419afa 100644 --- a/doc/language_issues.tr +++ b/doc/language_issues.tr @@ -13,6 +13,7 @@ WARNING: translation string unused: Verbose WARNING: translation string unused: access allowed WARNING: translation string unused: access refused with this oinkcode WARNING: translation string unused: add a new rule +WARNING: translation string unused: add cron WARNING: translation string unused: add network WARNING: translation string unused: add new ovpn WARNING: translation string unused: add service @@ -147,6 +148,8 @@ WARNING: translation string unused: deep scan directories WARNING: translation string unused: default ip WARNING: translation string unused: default networks WARNING: translation string unused: default services +WARNING: translation string unused: defaultwarning +WARNING: translation string unused: delete cron WARNING: translation string unused: description WARNING: translation string unused: destination ip bad WARNING: translation string unused: destination ip or net @@ -193,6 +196,7 @@ WARNING: translation string unused: email server can not be empty WARNING: translation string unused: email subject WARNING: translation string unused: email success WARNING: translation string unused: email text +WARNING: translation string unused: emailreportlevel WARNING: translation string unused: enable javascript WARNING: translation string unused: enable wildcards WARNING: translation string unused: enabled on @@ -289,6 +293,10 @@ WARNING: translation string unused: g.dtm WARNING: translation string unused: g.lite WARNING: translation string unused: gen static key WARNING: translation string unused: generate +WARNING: translation string unused: generate tripwire keys and init +WARNING: translation string unused: generatekeys +WARNING: translation string unused: generatepolicy +WARNING: translation string unused: generatereport WARNING: translation string unused: genkey WARNING: translation string unused: geoipblock country code WARNING: translation string unused: geoipblock country name @@ -344,11 +352,14 @@ WARNING: translation string unused: javascript menu error1 WARNING: translation string unused: javascript menu error2 WARNING: translation string unused: kernel version WARNING: translation string unused: key stuff +WARNING: translation string unused: keyreset +WARNING: translation string unused: keys WARNING: translation string unused: lateprompting WARNING: translation string unused: length WARNING: translation string unused: line WARNING: translation string unused: loaded modules WARNING: translation string unused: local hard disk +WARNING: translation string unused: localkey WARNING: translation string unused: localkeyfile WARNING: translation string unused: log enabled WARNING: translation string unused: log viewer @@ -365,6 +376,8 @@ WARNING: translation string unused: ls_pam_unix WARNING: translation string unused: ls_sshd WARNING: translation string unused: ls_syslogd WARNING: translation string unused: mac address error not 00 +WARNING: translation string unused: mailmethod +WARNING: translation string unused: mailprogramm WARNING: translation string unused: manage ovpn WARNING: translation string unused: manual control and status WARNING: translation string unused: marked @@ -506,9 +519,11 @@ WARNING: translation string unused: refresh update list WARNING: translation string unused: released WARNING: translation string unused: removable device advice WARNING: translation string unused: reportfile +WARNING: translation string unused: reportlevel WARNING: translation string unused: requested data WARNING: translation string unused: reserved dst port WARNING: translation string unused: reserved src port +WARNING: translation string unused: resetpolicy WARNING: translation string unused: restore hardware settings WARNING: translation string unused: root WARNING: translation string unused: root path @@ -539,8 +554,11 @@ WARNING: translation string unused: show lines WARNING: translation string unused: shutdown ask WARNING: translation string unused: shutdown sure WARNING: translation string unused: shutdown2 +WARNING: translation string unused: sitekey WARNING: translation string unused: sitekeyfile WARNING: translation string unused: smbreload +WARNING: translation string unused: smtphost +WARNING: translation string unused: smtpport WARNING: translation string unused: source ip bad WARNING: translation string unused: source ip in use WARNING: translation string unused: source ip or net @@ -618,12 +636,21 @@ WARNING: translation string unused: trafficsum WARNING: translation string unused: trafficto WARNING: translation string unused: transfer limits WARNING: translation string unused: transparent on +WARNING: translation string unused: tripwire +WARNING: translation string unused: tripwire cronjob +WARNING: translation string unused: tripwire functions +WARNING: translation string unused: tripwire reports +WARNING: translation string unused: tripwireoperating +WARNING: translation string unused: tripwirewarningdatabase +WARNING: translation string unused: tripwirewarningkeys +WARNING: translation string unused: tripwirewarningpolicy WARNING: translation string unused: umount WARNING: translation string unused: umount removable media before to unplug WARNING: translation string unused: unblock WARNING: translation string unused: unblock all WARNING: translation string unused: unencrypted WARNING: translation string unused: update transcript +WARNING: translation string unused: updatedatabase WARNING: translation string unused: updates WARNING: translation string unused: updates is old1 WARNING: translation string unused: updates is old2 diff --git a/html/cgi-bin/tripwire.cgi b/html/cgi-bin/tripwire.cgi deleted file mode 100644 index fb48a27..0000000 --- a/html/cgi-bin/tripwire.cgi +++ /dev/null @@ -1,540 +0,0 @@ -#!/usr/bin/perl -############################################################################### -# # -# IPFire.org - A linux based firewall # -# Copyright (C) 2007 Michael Tremer & Christian Schmidt # -# # -# This program is free software: you can redistribute it and/or modify # -# it under the terms of the GNU General Public License as published by # -# the Free Software Foundation, either version 3 of the License, or # -# (at your option) any later version. # -# # -# This program is distributed in the hope that it will be useful, # -# but WITHOUT ANY WARRANTY; without even the implied warranty of # -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # -# GNU General Public License for more details. # -# # -# You should have received a copy of the GNU General Public License # -# along with this program. If not, see http://www.gnu.org/licenses/. # -# # -############################################################################### - -use strict; -# enable only the following on debugging purpose -#use warnings; -#use CGI::Carp 'fatalsToBrowser'; - -require '/var/ipfire/general-functions.pl'; -require "${General::swroot}/lang.pl"; -require "${General::swroot}/header.pl"; - -my %tripwiresettings = (); -my %checked = (); -my %netsettings = (); -my $message = ""; -my $errormessage = ""; -my @Logs = `ls -r /var/ipfire/tripwire/report/ 2>/dev/null`; -my $file = `ls -tr /var/ipfire/tripwire/report/ | tail -1 2>/dev/null`; -my @cronjobs = `ls /etc/fcron.daily/tripwire* 2>/dev/null`; -my $Log =$Lang::tr{'no log selected'}; - -my %color = (); -my %mainsettings = (); -&General::readhash("${General::swroot}/main/settings", %mainsettings); -&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", %color); - -############################################################################################################################ -################################################# Tripwire Default Variablen ################################################ - -$tripwiresettings{'ROOT'} = '/usr/sbin'; -$tripwiresettings{'POLFILE'} = '/var/ipfire/tripwire/tw.pol'; -$tripwiresettings{'DBFILE'} = '/var/ipfire/tripwire/$(HOSTNAME).twd'; -$tripwiresettings{'REPORTFILE'} = '/var/ipfire/tripwire/report/$(DATE).twr'; -$tripwiresettings{'SITEKEYFILE'} = '/var/ipfire/tripwire/site.key'; -$tripwiresettings{'LOCALKEYFILE'} = '/var/ipfire/tripwire/local.key'; -$tripwiresettings{'EDITOR'} = '/usr/bin/vi'; -$tripwiresettings{'LATEPROMPTING'} = 'false'; -$tripwiresettings{'LOOSEDIRECTORYCHECKING'} = 'false'; -$tripwiresettings{'MAILNOVIOLATIONS'} = 'false'; -$tripwiresettings{'EMAILREPORTLEVEL'} = '3'; -$tripwiresettings{'REPORTLEVEL'} = '3'; -$tripwiresettings{'MAILMETHOD'} = 'SENDMAIL'; -$tripwiresettings{'SMTPHOST'} = 'ipfire.myipfire.de'; -$tripwiresettings{'SMTPPORT'} = '25'; -$tripwiresettings{'SYSLOGREPORTING'} = 'false'; -$tripwiresettings{'MAILPROGRAM'} = '/usr/sbin/sendmail -oi -t'; -$tripwiresettings{'SITEKEY'} = 'ipfire'; -$tripwiresettings{'LOCALKEY'} = 'ipfire'; -$tripwiresettings{'ACTION'} = ''; - -&General::readhash("${General::swroot}/tripwire/settings", %tripwiresettings); - -############################################################################################################################ -######################################################### Tripwire HTML Part ############################################### - -&Header::showhttpheaders(); - -&Header::getcgihash(%tripwiresettings); -&Header::openpage('Tripwire', 1,); -&Header::openbigbox('100%', 'left', '', $errormessage); - -############################################################################################################################ -############################################### Tripwire Config Datei erstellen ############################################ - -if ($tripwiresettings{'ACTION'} eq $Lang::tr{'save'}) -{ -system("/usr/local/bin/tripwirectrl readconfig >/dev/null 2>&1"); -open (FILE, ">${General::swroot}/tripwire/twcfg.txt") or die "Can't save tripwire config: $!"; -flock (FILE, 2); - -print FILE <<END - -ROOT =$tripwiresettings{'ROOT'} -POLFILE =$tripwiresettings{'POLFILE'} -DBFILE =$tripwiresettings{'DBFILE'} -REPORTFILE =$tripwiresettings{'REPORTFILE'} -SITEKEYFILE =$tripwiresettings{'SITEKEYFILE'} -LOCALKEYFILE =$tripwiresettings{'LOCALKEYFILE'} -EDITOR =$tripwiresettings{'EDITOR'} -LATEPROMPTING =$tripwiresettings{'LATEPROMPTING'} -LOOSEDIRECTORYCHECKING =$tripwiresettings{'LOOSEDIRECTORYCHECKING'} -MAILNOVIOLATIONS =$tripwiresettings{'MAILNOVIOLATIONS'} -EMAILREPORTLEVEL =$tripwiresettings{'EMAILREPORTLEVEL'} -REPORTLEVEL =$tripwiresettings{'REPORTLEVEL'} -MAILMETHOD =$tripwiresettings{'MAILMETHOD'} -SMTPHOST =$tripwiresettings{'SMTPHOST'} -SMTPPORT =$tripwiresettings{'SMTPPORT'} -SYSLOGREPORTING =$tripwiresettings{'SYSLOGREPORTING'} -MAILPROGRAM =$tripwiresettings{'MAILPROGRAM'} - -END -; -close FILE; - -&General::writehash("${General::swroot}/tripwire/settings", %tripwiresettings); -system("/usr/local/bin/tripwirectrl lockconfig >/dev/null 2>&1"); -} - -############################################################################################################################ -################################################## Sicherheitsabfrage für CGI ############################################## - -if ($tripwiresettings{'ACTION'} eq 'addcron') - { - print <<END - <br /> - <table width='95%' cellspacing='0'> - <tr><td bgcolor='$color{'color20'}' colspan='2' align='center'><b>$Lang::tr{'add cron'}</b> - <form method='post' action='$ENV{'SCRIPT_NAME'}'> - <tr><td align='center' colspan='2'>HH<input type='text' size='2' name='HOUR' value='08'/>MM<input type='text' size='2' name='MINUTE' value='00'/><br /><br /></td></tr> - <tr><td align='right' width='50%'> - $Lang::tr{'ok'} <input type='image' alt='$Lang::tr{'ok'}' title='$Lang::tr{'ok'}' src='/images/edit-redo.png' /> - <input type='hidden' name='ACTION' value='addcronyes' /></form></td> - <td align='left' width='50%'><form method='post' action='$ENV{'SCRIPT_NAME'}'> - <input type='image' alt='$Lang::tr{'cancel'}' title='$Lang::tr{'cancel'}' src='/images/dialog-error.png' /> $Lang::tr{'cancel'} - <input type='hidden' name='ACTION' value='cancel' /></form></td> - </tr> - </table> -END -; -} - -if ($tripwiresettings{'ACTION'} eq 'globalreset') - { - print <<END - <br /> - <table width='95%' cellspacing='0'> - <tr><td bgcolor='$color{'color20'}' colspan='2' align='center'><b>$Lang::tr{'resetglobals'}</b> - <tr><td colspan='2' align='center'><font color=red>$Lang::tr{'defaultwarning'}<br /><br /></font></td></tr> - <tr><td align='right' width='50%'><form method='post' action='$ENV{'SCRIPT_NAME'}'> - $Lang::tr{'ok'} <input type='image' alt='$Lang::tr{'ok'}' title='$Lang::tr{'ok'}' src='/images/edit-redo.png' /> - <input type='hidden' name='ACTION' value='globalresetyes' /></form></td> - <td align='left' width='50%'><form method='post' action='$ENV{'SCRIPT_NAME'}'> - <input type='image' alt='$Lang::tr{'cancel'}' title='$Lang::tr{'cancel'}' src='/images/dialog-error.png' /> $Lang::tr{'cancel'} - <input type='hidden' name='ACTION' value='cancel' /></form></td> - </tr> - </table> -END -; -} - -if ($tripwiresettings{'ACTION'} eq 'generatepolicypw') - { - print <<END - <br /> - <table width='95%' cellspacing='0'> - <tr><td bgcolor='$color{'color20'}' colspan='2' align='center'><b>$Lang::tr{'generatepolicy'}</b> - <tr><td colspan='2' align='center'><font color=red>$Lang::tr{'tripwirewarningpolicy'}<br /><br /></font></td></tr> - <tr><td align='left' width='40%'><form method='post' action='$ENV{'SCRIPT_NAME'}'>$Lang::tr{'sitekey'}</td><td align='left'><input type='password' name='SITEKEY' value='$tripwiresettings{'SITEKEY'}' size="30" /></td></tr> - <tr><td align='left' width='40%'><form method='post' action='$ENV{'SCRIPT_NAME'}'>$Lang::tr{'localkey'}</td><td align='left'><input type='password' name='LOCALKEY' value='$tripwiresettings{'LOCALKEY'}' size="30" /><br /><br /></td></tr> - <tr><td align='right' width='50%'> - $Lang::tr{'ok'} <input type='image' alt='$Lang::tr{'ok'}' title='$Lang::tr{'ok'}' src='/images/edit-redo.png' /> - <input type='hidden' name='ACTION' value='generatepolicyyes' /></form></td> - <td align='left' width='50%'><form method='post' action='$ENV{'SCRIPT_NAME'}'> - <input type='image' alt='$Lang::tr{'cancel'}' title='$Lang::tr{'cancel'}' src='/images/dialog-error.png' /> $Lang::tr{'cancel'} - <input type='hidden' name='ACTION' value='cancel' /></form></td> - </tr> - </table> -END -; -} - -if ($tripwiresettings{'ACTION'} eq 'policyresetpw') - { - print <<END - <br /> - <table width='95%' cellspacing='0'> - <tr><td bgcolor='$color{'color20'}' colspan='2' align='center'><b>$Lang::tr{'resetpolicy'}</b> - <tr><td colspan='2' align='center'><font color=red>$Lang::tr{'tripwirewarningpolicy'}<br /><br /></font></td></tr> - <tr><td align='left' width='40%'><form method='post' action='$ENV{'SCRIPT_NAME'}'>$Lang::tr{'sitekey'}</td><td align='left'><input type='password' name='SITEKEY' value='$tripwiresettings{'SITEKEY'}' size="30" /></td></tr> - <tr><td align='left' width='40%'><form method='post' action='$ENV{'SCRIPT_NAME'}'>$Lang::tr{'localkey'}</td><td align='left'><input type='password' name='LOCALKEY' value='$tripwiresettings{'LOCALKEY'}' size="30" /><br /><br /></td></tr> - <tr><td align='right' width='50%'> - $Lang::tr{'ok'} <input type='image' alt='$Lang::tr{'ok'}' title='$Lang::tr{'ok'}' src='/images/edit-redo.png' /> - <input type='hidden' name='ACTION' value='resetpolicyyes' /></form></td> - <td align='left' width='50%'><form method='post' action='$ENV{'SCRIPT_NAME'}'> - <input type='image' alt='$Lang::tr{'cancel'}' title='$Lang::tr{'cancel'}' src='/images/dialog-error.png' /> $Lang::tr{'cancel'} - <input type='hidden' name='ACTION' value='cancel' /></form></td> - </tr> - </table> -END -; -} - -if ($tripwiresettings{'ACTION'} eq 'updatedatabasepw') - { - print <<END - <br /> - <table width='95%' cellspacing='0'> - <tr><td bgcolor='$color{'color20'}' colspan='2' align='center'><b>$Lang::tr{'updatedatabase'}</b> - <tr><td colspan='2' align='center'><font color=red>$Lang::tr{'tripwirewarningdatabase'}<br /><br /></font></td></tr> - <tr><td align='left' width='40%'><form method='post' action='$ENV{'SCRIPT_NAME'}'>$Lang::tr{'localkey'}</td><td align='left'><input type='password' name='LOCALKEY' value='$tripwiresettings{'LOCALKEY'}' size="30" /><br /><br /></td></tr> - <tr><td align='right' width='50%'><form method='post' action='$ENV{'SCRIPT_NAME'}'> - $Lang::tr{'ok'} <input type='image' alt='$Lang::tr{'ok'}' title='$Lang::tr{'ok'}' src='/images/edit-redo.png' /> - <input type='hidden' name='ACTION' value='updatedatabaseyes' /></form></td> - <td align='left' width='50%'><form method='post' action='$ENV{'SCRIPT_NAME'}'> - <input type='image' alt='$Lang::tr{'cancel'}' title='$Lang::tr{'cancel'}' src='/images/dialog-error.png' /> $Lang::tr{'cancel'} - <input type='hidden' name='ACTION' value='cancel' /></form></td> - </tr> - </table> -END -; -} -if ($tripwiresettings{'ACTION'} eq 'keyreset') - { - print <<END - <br /> - <table width='95%' cellspacing='0'> - <tr><td bgcolor='$color{'color20'}' colspan='2' align='center'><b>$Lang::tr{'keyreset'}</b> - <tr><td colspan='2' align='center'><font color=red>$Lang::tr{'tripwirewarningkeys'}<br /><br /></font></td></tr> - <tr><td align='right' width='50%'><form method='post' action='$ENV{'SCRIPT_NAME'}'> - $Lang::tr{'ok'} <input type='image' alt='$Lang::tr{'ok'}' title='$Lang::tr{'ok'}' src='/images/edit-redo.png' /> - <input type='hidden' name='ACTION' value='keyresetyes' /></form></td> - <td align='left' width='50%'><form method='post' action='$ENV{'SCRIPT_NAME'}'> - <input type='image' alt='$Lang::tr{'cancel'}' title='$Lang::tr{'cancel'}' src='/images/dialog-error.png' /> $Lang::tr{'cancel'} - <input type='hidden' name='ACTION' value='cancel' /></form></td> - </tr> - </table> -END -; -} - -if ($tripwiresettings{'ACTION'} eq 'generatekeys') - { - print <<END - <br /> - <table width='95%' cellspacing='0'> - <tr><td bgcolor='$color{'color20'}' colspan='2' align='center'><b>$Lang::tr{'generatekeys'}</b> - <tr><td colspan='2' align='center'><font color=red>$Lang::tr{'tripwirewarningkeys'}<br /><br /></font></td></tr> - <tr><td align='right' width='50%'><form method='post' action='$ENV{'SCRIPT_NAME'}'> - $Lang::tr{'ok'} <input type='image' alt='$Lang::tr{'ok'}' title='$Lang::tr{'ok'}' src='/images/edit-redo.png' /> - <input type='hidden' name='ACTION' value='generatekeysyes' /></form></td> - <td align='left' width='50%'><form method='post' action='$ENV{'SCRIPT_NAME'}'> - <input type='image' alt='$Lang::tr{'cancel'}' title='$Lang::tr{'cancel'}' src='/images/dialog-error.png' /> $Lang::tr{'cancel'} - <input type='hidden' name='ACTION' value='cancel' /></form></td> - </tr> - </table> -END -; -} - -############################################################################################################################ -######################################################## Tripwire Funktionen ############################################### - -if ($tripwiresettings{'ACTION'} eq 'globalresetyes') -{ -&Header::openbox( 'Waiting', 1, "<meta http-equiv='refresh' content='1;'>" );print "<center><img src='/images/clock.gif' alt='' /><br/><font color='red'>$Lang::tr{'tripwireoperating'}</font></center>";&Header::closebox(); -$tripwiresettings{'ROOT'} = '/usr/sbin'; -$tripwiresettings{'POLFILE'} = '/var/ipfire/tripwire/tw.pol'; -$tripwiresettings{'DBFILE'} = '/var/ipfire/tripwire/$(HOSTNAME).twd'; -$tripwiresettings{'REPORTFILE'} = '/var/ipfire/tripwire/report/$(DATE).twr'; -$tripwiresettings{'SITEKEYFILE'} = '/var/ipfire/tripwire/site.key'; -$tripwiresettings{'LOCALKEYFILE'} = '/var/ipfire/tripwire/local.key'; -$tripwiresettings{'EDITOR'} = '/usr/bin/vi'; -$tripwiresettings{'LATEPROMPTING'} = 'false'; -$tripwiresettings{'LOOSEDIRECTORYCHECKING'} = 'false'; -$tripwiresettings{'MAILNOVIOLATIONS'} = 'false'; -$tripwiresettings{'EMAILREPORTLEVEL'} = '3'; -$tripwiresettings{'REPORTLEVEL'} = '3'; -$tripwiresettings{'MAILMETHOD'} = 'SENDMAIL'; -$tripwiresettings{'SMTPHOST'} = 'ipfire.myipfire.de'; -$tripwiresettings{'SMTPPORT'} = '25'; -$tripwiresettings{'SYSLOGREPORTING'} = 'false'; -$tripwiresettings{'MAILPROGRAM'} = '/usr/sbin/sendmail -oi -t'; -$tripwiresettings{'SITEKEY'} = 'ipfire'; -$tripwiresettings{'LOCALKEY'} = 'ipfire'; -$tripwiresettings{'ACTION'} = ''; -system("/usr/local/bin/tripwirectrl readconfig >/dev/null 2>&1"); -open (FILE, ">${General::swroot}/tripwire/twcfg.txt") or die "Can't save tripwire config: $!"; -flock (FILE, 2); -print FILE <<END - -ROOT =$tripwiresettings{'ROOT'} -POLFILE =$tripwiresettings{'POLFILE'} -DBFILE =$tripwiresettings{'DBFILE'} -REPORTFILE =$tripwiresettings{'REPORTFILE'} -SITEKEYFILE =$tripwiresettings{'SITEKEYFILE'} -LOCALKEYFILE =$tripwiresettings{'LOCALKEYFILE'} -EDITOR =$tripwiresettings{'EDITOR'} -LATEPROMPTING =$tripwiresettings{'LATEPROMPTING'} -LOOSEDIRECTORYCHECKING =$tripwiresettings{'LOOSEDIRECTORYCHECKING'} -MAILNOVIOLATIONS =$tripwiresettings{'MAILNOVIOLATIONS'} -EMAILREPORTLEVEL =$tripwiresettings{'EMAILREPORTLEVEL'} -REPORTLEVEL =$tripwiresettings{'REPORTLEVEL'} -MAILMETHOD =$tripwiresettings{'MAILMETHOD'} -SMTPHOST =$tripwiresettings{'SMTPHOST'} -SMTPPORT =$tripwiresettings{'SMTPPORT'} -SYSLOGREPORTING =$tripwiresettings{'SYSLOGREPORTING'} -MAILPROGRAM =$tripwiresettings{'MAILPROGRAM'} - -END -; -close FILE; -&General::writehash("${General::swroot}/tripwire/settings", %tripwiresettings); -system("/usr/local/bin/tripwirectrl lockconfig >/dev/null 2>&1l"); -system("/usr/local/bin/tripwirectrl keys ipfire ipfire >/dev/null 2>&1");$tripwiresettings{'SITEKEY'} = 'ipfire';$tripwiresettings{'LOCALKEY'} = 'ipfire'; -} -if ($tripwiresettings{'ACTION'} eq 'generatekeysyes'){&Header::openbox( 'Waiting', 1, "<meta http-equiv='refresh' content='1;'>" );print "<center><img src='/images/clock.gif' alt='' /><br/><font color='red'>$Lang::tr{'tripwireoperating'}</font></center>";system("/usr/local/bin/tripwirectrl keys $tripwiresettings{'SITEKEY'} $tripwiresettings{'LOCALKEY'} >/dev/null 2>&1");$tripwiresettings{'SITEKEY'} = 'ipfire';$tripwiresettings{'LOCALKEY'} = 'ipfire';} -if ($tripwiresettings{'ACTION'} eq 'keyresetyes'){&Header::openbox( 'Waiting', 1, "<meta http-equiv='refresh' content='1;'>" );print "<center><img src='/images/clock.gif' alt='' /><br/><font color='red'>$Lang::tr{'tripwireoperating'}</font></center>";system("/usr/local/bin/tripwirectrl keys ipfire ipfire >/dev/null 2>&1");$tripwiresettings{'SITEKEY'} = 'ipfire';$tripwiresettings{'LOCALKEY'} = 'ipfire';} -if ($tripwiresettings{'ACTION'} eq 'resetpolicyyes'){&Header::openbox( 'Waiting', 1, "<meta http-equiv='refresh' content='1;'>" );print "<center><img src='/images/clock.gif' alt='' /><br/><font color='red'>$Lang::tr{'tripwireoperating'}</font></center>";system("/usr/local/bin/tripwirectrl resetpolicy tripwiresettings{'SITEKEY'} $tripwiresettings{'LOCALKEY'} >/dev/null 2>&1");$tripwiresettings{'SITEKEY'} = 'ipfire';$tripwiresettings{'LOCALKEY'} = 'ipfire';} -if ($tripwiresettings{'ACTION'} eq 'generatepolicyyes'){&Header::openbox( 'Waiting', 1, "<meta http-equiv='refresh' content='1;'>" );print "<center><img src='/images/clock.gif' alt='' /><br/><font color='red'>$Lang::tr{'tripwireoperating'}</font></center>";system("/usr/local/bin/tripwirectrl generatepolicy $tripwiresettings{'SITEKEY'} $tripwiresettings{'LOCALKEY'} >/dev/null 2>&1");$tripwiresettings{'SITEKEY'} = 'ipfire';$tripwiresettings{'LOCALKEY'} = 'ipfire';} -if ($tripwiresettings{'ACTION'} eq 'updatedatabaseyes'){&Header::openbox( 'Waiting', 1, "<meta http-equiv='refresh' content='1;'>" );print "<center><img src='/images/clock.gif' alt='' /><br/><font color='red'>$Lang::tr{'tripwireoperating'}</font></center>";system("/usr/local/bin/tripwirectrl updatedatabase $tripwiresettings{'LOCALKEY'} /var/ipfire/tripwire/report/$file >/dev/null 2>&1");$tripwiresettings{'LOCALKEY'} = 'ipfire';} -if ($tripwiresettings{'ACTION'} eq 'generatereport'){&Header::openbox( 'Waiting', 1, "<meta http-equiv='refresh' content='1;'>" );print "<center><img src='/images/clock.gif' alt='' /><br/><font color='red'>$Lang::tr{'tripwireoperating'}</font></center>";system("/usr/local/bin/tripwirectrl generatereport >/dev/null 2>&1");} -if ($tripwiresettings{'ACTION'} eq 'addcronyes'){system("/usr/local/bin/tripwirectrl addcron $tripwiresettings{'HOUR'} $tripwiresettings{'MINUTE'} >/dev/null 2>&1");} -if ($tripwiresettings{'ACTION'} eq 'deletecron'){system("/usr/local/bin/tripwirectrl disablecron $tripwiresettings{'CRON'} >/dev/null 2>&1");@cronjobs = `ls /etc/fcron.daily/tripwire* 2>/dev/null`;} - -############################################################################################################################ -##################################################### Tripwire globale Optionen ############################################ - -&Header::openbox('100%', 'center', 'Tripwire'); -print <<END -<br /> - -<form method='post' action='$ENV{'SCRIPT_NAME'}'> -<table width='95%' cellspacing='0'> -<tr bgcolor='$color{'color20'}'><td colspan='2' align='left'><b>$Lang::tr{'basic options'}</b></td></tr> -<tr><td align='left' width='40%'>$Lang::tr{'emailreportlevel'}</td><td align='left'><input type='text' name='EMAILREPORTLEVEL' value='$tripwiresettings{'EMAILREPORTLEVEL'}' size="30" /></td></tr> -<tr><td align='left' width='40%'>$Lang::tr{'reportlevel'}</td><td align='left'><input type='text' name='REPORTLEVEL' value='$tripwiresettings{'REPORTLEVEL'}' size="30" /></td></tr> -<tr><td align='left' width='40%'>$Lang::tr{'mailmethod'}</td><td align='left'><input type='text' name='MAILMETHOD' value='$tripwiresettings{'MAILMETHOD'}' size="30" /></td></tr> -<tr><td align='left' width='40%'>$Lang::tr{'smtphost'}</td><td align='left'><input type='text' name='SMTPHOST' value='$tripwiresettings{'SMTPHOST'}' size="30" /></td></tr> -<tr><td align='left' width='40%'>$Lang::tr{'smtpport'}</td><td align='left'><input type='text' name='SMTPPORT' value='$tripwiresettings{'SMTPPORT'}' size="30" /></td></tr> -<tr><td align='left' width='40%'>$Lang::tr{'mailprogramm'}</td><td align='left'><input type='text' name='MAILPROGRAM' value='$tripwiresettings{'MAILPROGRAM'}' size="30" /></td></tr> -</table> -<br /> -<table width='10%' cellspacing='0'> -<tr><td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'> - <input type='hidden' name='ACTION' value=$Lang::tr{'save'} /> - <input type='image' alt='$Lang::tr{'save'}' title='$Lang::tr{'save'}' src='/images/media-floppy.png' /></form></td> -<td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'> - <input type='hidden' name='ACTION' value='globalreset' /> - <input type='image' alt='$Lang::tr{'reset'}' title='$Lang::tr{'reset'}' src='/images/reload.gif' /></form></td> -<td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'> - <input type='hidden' name='ACTION' value='globalcaption' /> - <input type='image' alt='$Lang::tr{'caption'}' title='$Lang::tr{'caption'}' src='/images/help-browser.png' /></form></td></tr> -</table> -</from> -END -; -if ($tripwiresettings{'ACTION'} eq 'globalcaption') -{ -print <<END -<br /> -<table width='95%' cellspacing='0'> -<tr><td align='center' colspan='2'><b>$Lang::tr{'caption'}</b></td></tr> -<tr><td align='right' width='33%'><img src='/images/media-floppy.png' alt='$Lang::tr{'save settings'}' /></td><td align='left'>$Lang::tr{'save settings'}</td></tr> -<tr><td align='right' width='33%'><img src='/images/reload.gif' alt='$Lang::tr{'restore settings'}' /></td><td align='left'>$Lang::tr{'restore settings'}</td></tr> -</table> -END -; - -} - -&Header::closebox(); - -############################################################################################################################ -################################################### Tripwire Init Policy and keygen ######################################## - -&Header::openbox('100%', 'center', $Lang::tr{'generate tripwire keys and init'}); -print <<END -<br /> - -<form method='post' action='$ENV{'SCRIPT_NAME'}'> -<table width='95%' cellspacing='0'> -<tr bgcolor='$color{'color20'}'><td colspan='2' align='left'><b>$Lang::tr{'keys'}</b></td></tr> -<tr><td align='left' width='40%'>$Lang::tr{'sitekey'}</td><td align='left'><input type='password' name='SITEKEY' value='$tripwiresettings{'SITEKEY'}' size="30" /></td></tr> -<tr><td align='left' width='40%'>$Lang::tr{'localkey'}</td><td align='left'><input type='password' name='LOCALKEY' value='$tripwiresettings{'LOCALKEY'}' size="30" /></td></tr> -</table> -<br /> -<table width='10%' cellspacing='0'> -<tr><td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'> - <input type='hidden' name='ACTION' value='generatekeys'/> - <input type='image' alt='$Lang::tr{'generatekeys'}' title='$Lang::tr{'generatekeys'}' src='/images/system-lock-screen.png' /></form></td> -<td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'> - <input type='hidden' name='ACTION' value='keyreset' /> - <input type='image' alt='$Lang::tr{'reset'}' title='$Lang::tr{'reset'}' src='/images/reload.gif' /></form></td> -<td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'> - <input type='hidden' name='ACTION' value='keycaption' /> - <input type='image' alt='$Lang::tr{'caption'}' title='$Lang::tr{'caption'}' src='/images/help-browser.png' /></form></td></tr> -</table> -</from> -END -; -if ($tripwiresettings{'ACTION'} eq 'keycaption') -{ -print <<END -<br /> -<table width='95%' cellspacing='0'> -<tr><td align='center' colspan='2'><b>$Lang::tr{'caption'}</b></td></tr> -<tr><td align='right' width='33%'><img src='/images/system-lock-screen.png' alt='$Lang::tr{'generatekeys'}' /></td><td align='left'>$Lang::tr{'generatekeys'}</td></tr> -<tr><td align='right' width='33%'><img src='/images/reload.gif' alt='$Lang::tr{'keyreset'}' /></td><td align='left'>$Lang::tr{'keyreset'}</td></tr> -</table> -END -; - -} - -&Header::closebox(); - -############################################################################################################################ -################################################# Tripwire general functions ############################################### - -&Header::openbox('100%', 'center', $Lang::tr{'tripwire functions'}); -print <<END -<br /> - -<table width='95%' cellspacing='0'> -<tr><td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'> - <input type='hidden' name='ACTION' value='generatepolicypw'/> - <input type='image' alt='$Lang::tr{'generatepolicy'}' title='$Lang::tr{'generatepolicy'}' src='/images/document-new.png' /></form></td> -<td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'> - <input type='hidden' name='ACTION' value='policyresetpw' /> - <input type='image' alt='$Lang::tr{'resetpolicy'}' title='$Lang::tr{'resetpolicy'}' src='/images/reload.gif' /></form></td> -<td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'> - <input type='hidden' name='ACTION' value='generatereport' /> - <input type='image' alt='$Lang::tr{'generatereport'}' title='$Lang::tr{'generatereport'}' src='/images/document-properties.png' /></form></td> -<td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'> - <input type='hidden' name='ACTION' value='updatedatabasepw' /> - <input type='image' alt='$Lang::tr{'updatedatabase'}' title='$Lang::tr{'updatedatabase'}' src='/images/network-server.png' /></form></td> -<td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'> - <input type='hidden' name='ACTION' value='policycaption' /> - <input type='image' alt='$Lang::tr{'caption'}' title='$Lang::tr{'caption'}' src='/images/help-browser.png' /></form></td></tr> -</table> -END -; -if ($tripwiresettings{'ACTION'} eq 'policycaption') -{ -print <<END -<br /> -<table width='95%' cellspacing='0'> -<tr><td align='center' colspan='2'><b>$Lang::tr{'caption'}</b></td></tr> -<tr><td align='right' width='33%'><img src='/images/document-new.png' alt='$Lang::tr{'generatepolicy'}' /></td><td align='left'>$Lang::tr{'generatepolicy'}</td></tr> -<tr><td align='right' width='33%'><img src='/images/reload.gif' alt='$Lang::tr{'resetpolicy'}' /></td><td align='left'>$Lang::tr{'resetpolicy'}</td></tr> -<tr><td align='right' width='33%'><img src='/images/document-properties.png' alt='$Lang::tr{'generatereport'}' /></td><td align='left'>$Lang::tr{'generatereport'}</td></tr> -<tr><td align='right' width='33%'><img src='/images/network-server.png' alt='$Lang::tr{'updatedatabase'}' /></td><td align='left'>$Lang::tr{'updatedatabase'}</td></tr> -</table> -END -; - -} -&Header::closebox(); - -############################################################################################################################ -####################################################### Tripwire Log View ################################################## - -&Header::openbox('100%', 'center', $Lang::tr{'tripwire reports'}); -print <<END -<a name="$Lang::tr{'log view'}"</a> -<br /> -<form method='post' action='$ENV{'SCRIPT_NAME'}#$Lang::tr{'log view'}'> -<table width='95%' cellspacing='0'> -<tr><td bgcolor='$color{'color20'}' colspan='3' align='left'><b>$Lang::tr{'log view'}</b></td></tr> -<tr><td colspan='3' align='left'><br /></td></tr> -<tr><td align='left'><select name='LOG' style="width: 500px"> -END -; -foreach my $log (@Logs) {chomp $log;print"<option value='$log'>$log</option>";} -print <<END - -</select></td><td align='left'><input type='hidden' name='ACTION' value='showlog' /><input type='image' alt='view Log' title='view log' src='/images/format-justify-fill.png' /></td></tr> -</table> -</form> -END -; -if ($tripwiresettings{'ACTION'} eq 'showlog') -{ -$Log = qx(/usr/local/bin/tripwirectrl tripwirelog $tripwiresettings{'LOG'}); -$Log=~s/--cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol//g; -print <<END -<table width='95%' cellspacing='0'> -<tr><td><br /></td></tr> -<tr><td><pre>$Log</pre></td></tr> -<tr><td><br /></td></tr> -<tr><td align='center'>$tripwiresettings{'LOG'}</td></tr> -</table> -END -; - -} - -&Header::closebox(); - -############################################################################################################################ -####################################################### Tripwire Cronjob ################################################## -# -#&Header::openbox('100%', 'center', $Lang::tr{'tripwire cronjob'}); -#print <<END -#<br /> -#<table width='95%' cellspacing='0'> -#<tr><td colspan='3' align='left'><br /></td></tr> -#END -#; -#foreach my $cronjob (@cronjobs) {chomp $cronjob;my $time=$cronjob; $time=~s//etc/fcron.daily/tripwire//g;print"<form method='post' action='$ENV{'SCRIPT_NAME'}'><tr><td align='left' colspan='2'>$cronjob at $time daily</td><td><input type='hidden' name='ACTION' value='deletecron' /><input type='hidden' name='CRON' value='$time' /><input type='image' alt='delete cron' title='delete cron' src='/images/user-trash.png' /></td></tr></form>";} -#print <<END -#</table> -#<br /> -#<table width='10%' cellspacing='0'> -#<tr><td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'> -# <input type='hidden' name='ACTION' value='addcron'/> -# <input type='image' alt='$Lang::tr{'add cron'}' title='$Lang::tr{'add cron'}' src='/images/appointment-new.png' /></form></td> -#<td align='center'><form method='post' action='$ENV{'SCRIPT_NAME'}'> -# <input type='hidden' name='ACTION' value='croncaption' /> -# <input type='image' alt='$Lang::tr{'caption'}' title='$Lang::tr{'caption'}' src='/images/help-browser.png' /></form></td></tr> -#</table> -#END -#; - -#if ($tripwiresettings{'ACTION'} eq 'croncaption') -#{ -#print <<END -#<br /> -#<table width='95%' cellspacing='0'> -#<tr><td align='center' colspan='2'><b>$Lang::tr{'caption'}</b></td></tr> -#<tr><td align='right' width='33%'><img src='/images/appointment-new.png' /></td><td align='left'>$Lang::tr{'add cron'}</td></tr> -#<tr><td align='right' width='33%'><img src='/images/user-trash.png' /></td><td align='left'>$Lang::tr{'delete cron'}</td></tr> -#</table> -#END -#; -#} -# -#&Header::closebox(); - -&Header::closebigbox(); -&Header::closepage(); diff --git a/lfs/configroot b/lfs/configroot index 601cdf6..cb74996 100644 --- a/lfs/configroot +++ b/lfs/configroot @@ -54,7 +54,7 @@ $(TARGET) : ethernet extrahd/bin fwlogs fwhosts firewall isdn key langs logging mac main \ menu.d modem net-traffic net-traffic/templates nfs optionsfw \ ovpn patches pakfire portfw ppp private proxy/advanced/cre \ - proxy/calamaris/bin qos/bin red remote sensors snort time tripwire/report \ + proxy/calamaris/bin qos/bin red remote sensors snort time \ updatexlrator/bin updatexlrator/autocheck urlfilter/autoupdate urlfilter/bin upnp vpn \ wakeonlan wireless ; do \ mkdir -p $(CONFIG_ROOT)/$$i; \ @@ -69,7 +69,7 @@ $(TARGET) : isdn/settings mac/settings main/disable_nf_sip main/hosts main/routing main/settings net-traffic/settings optionsfw/settings \ ovpn/ccd.conf ovpn/ccdroute ovpn/ccdroute2 pakfire/settings portfw/config ppp/settings-1 ppp/settings-2 ppp/settings-3 ppp/settings-4 \ ppp/settings-5 ppp/settings proxy/settings proxy/squid.conf proxy/advanced/settings proxy/advanced/cre/enable remote/settings qos/settings qos/classes qos/subclasses qos/level7config qos/portconfig \ - qos/tosconfig snort/settings tripwire/settings upnp/settings vpn/config vpn/settings vpn/ipsec.conf \ + qos/tosconfig snort/settings upnp/settings vpn/config vpn/settings vpn/ipsec.conf \ vpn/ipsec.secrets vpn/caconfig wakeonlan/clients.conf wireless/config wireless/settings; do \ touch $(CONFIG_ROOT)/$$i; \ done diff --git a/lfs/cryptodev b/lfs/cryptodev deleted file mode 100644 index 00e83e7..0000000 --- a/lfs/cryptodev +++ /dev/null @@ -1,89 +0,0 @@ -############################################################################### -# # -# IPFire.org - A linux based firewall # -# Copyright (C) 2007-2011 IPFire Team info@ipfire.org # -# # -# This program is free software: you can redistribute it and/or modify # -# it under the terms of the GNU General Public License as published by # -# the Free Software Foundation, either version 3 of the License, or # -# (at your option) any later version. # -# # -# This program is distributed in the hope that it will be useful, # -# but WITHOUT ANY WARRANTY; without even the implied warranty of # -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # -# GNU General Public License for more details. # -# # -# You should have received a copy of the GNU General Public License # -# along with this program. If not, see http://www.gnu.org/licenses/. # -# # -############################################################################### - -############################################################################### -# Definitions -############################################################################### - -include Config - -ifeq "$(KCFG)" "-xen" - KVER = 2.6.32.61 -endif - -VERSUFIX=ipfire$(KCFG) - -VER = 6aa62a2c320b04f55fdfe0ed015c3d9b48997239 - -THISAPP = cryptodev-linux-$(VER) -DL_FILE = $(THISAPP).tar.gz -DL_FROM = $(URL_IPFIRE) -DIR_APP = $(DIR_SRC)/$(THISAPP) -TARGET = $(DIR_INFO)/$(THISAPP)-kmod-$(KVER)-$(VERSUFIX) - -############################################################################### -# Top-level Rules -############################################################################### - -objects = $(DL_FILE) - -$(DL_FILE) = $(DL_FROM)/$(DL_FILE) - -$(DL_FILE)_MD5 = ddf7876487c876f6676ef0e050e9d204 - -install : $(TARGET) - -check : $(patsubst %,$(DIR_CHK)/%,$(objects)) - -download :$(patsubst %,$(DIR_DL)/%,$(objects)) - -md5 : $(subst %,%_MD5,$(objects)) - -dist: - $(PAK) - -############################################################################### -# Downloading, checking, md5sum -############################################################################### - -$(patsubst %,$(DIR_CHK)/%,$(objects)) : - @$(CHECK) - -$(patsubst %,$(DIR_DL)/%,$(objects)) : - @$(LOAD) - -$(subst %,%_MD5,$(objects)) : - @$(MD5) - -############################################################################### -# Installation Details -############################################################################### - -$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) - @$(PREBUILD) - @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && make build \ - KERNEL_DIR=/lib/modules/$(KVER)-$(VERSUFIX)/build - - -mkdir -pv /usr/include/crypto - cd $(DIR_APP) && make install \ - KERNEL_DIR=/lib/modules/$(KVER)-$(VERSUFIX)/build - @rm -rf $(DIR_APP) - @$(POSTBUILD) diff --git a/lfs/ebtables b/lfs/ebtables index a7da349..0c55a21 100644 --- a/lfs/ebtables +++ b/lfs/ebtables @@ -77,7 +77,7 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && make $(MAKETUNING) + cd $(DIR_APP) && make $(MAKETUNING) CFLAGS="$(CFLAGS)" cd $(DIR_APP) && make install @rm -rf $(DIR_APP) @$(POSTBUILD) diff --git a/lfs/liboping b/lfs/liboping index cfe985c..2437959 100644 --- a/lfs/liboping +++ b/lfs/liboping @@ -70,6 +70,7 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE) + cd $(DIR_APP) && sed -e "s/-Werror//g" -i src/Makefile.* cd $(DIR_APP) && ./configure --prefix=/usr cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install diff --git a/lfs/libpri b/lfs/libpri index 4e1f2e5..60c9498 100644 --- a/lfs/libpri +++ b/lfs/libpri @@ -77,7 +77,8 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && make $(MAKETUNING) clean all KVERS=$(KVER) + cd $(DIR_APP) && make $(MAKETUNING) clean all KVERS=$(KVER) \ + CFLAGS="$(CFLAGS)" cd $(DIR_APP) && make install KVERS=$(KVER) @rm -rf $(DIR_APP) @$(POSTBUILD) diff --git a/lfs/mISDNuser b/lfs/mISDNuser index c471c76..923696a 100644 --- a/lfs/mISDNuser +++ b/lfs/mISDNuser @@ -70,6 +70,7 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_SRC)/mISDNuser && cd $(DIR_SRC) && tar Jxf $(DIR_DL)/$(DL_FILE) + cd $(DIR_SRC)/mISDNuser && sed -e "s/-Werror//g" -i */Makefile.* cd $(DIR_SRC)/mISDNuser && make cd $(DIR_SRC)/mISDNuser && ./configure --prefix=/usr --with-AF_ISDN=34 cd $(DIR_SRC)/mISDNuser && make MISDNDIR=/usr/src/linux diff --git a/lfs/mdadm b/lfs/mdadm index 29d495d..de97034 100644 --- a/lfs/mdadm +++ b/lfs/mdadm @@ -24,7 +24,7 @@
include Config
-VER = 3.3.2 +VER = 3.3.4
THISAPP = mdadm-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 44698d351501cac6a89072dc877eb220 +$(DL_FILE)_MD5 = 7ca8b114710f98f53f20c5787b674a09
install : $(TARGET)
diff --git a/lfs/openvmtools b/lfs/openvmtools index d12a63c..72101d5 100644 --- a/lfs/openvmtools +++ b/lfs/openvmtools @@ -24,7 +24,7 @@
include Config
-VER = 8.4.2-261024 +VER = 10.0.5-3227872
THISAPP = open-vm-tools-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -33,11 +33,11 @@ DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) SUP_ARCH = x86_64 i586 PROG = openvmtools -PAK_VER = 1 +PAK_VER = 2
DEPS = ""
-CFLAGS += -fno-PIC +#CFLAGS += -fno-PIC
############################################################################### # Top-level Rules @@ -47,7 +47,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 4d9ddc865b42fc6982c3078031500486 +$(DL_FILE)_MD5 = 734eccf6e9e007cb37dc4eb3ed6707b5
install : $(TARGET)
@@ -79,12 +79,15 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) + cd $(DIR_APP) && sed -e "s/-Werror//g" -i configure.ac + cd $(DIR_APP) && autoreconf -vfi cd $(DIR_APP) && ./configure --prefix=/usr \ --with-kernel-release=$(KVER)-ipfire --without-pam \ --disable-unity --without-gtk2 --without-gtkmm \ - --without-procps --without-dnet --without-icu \ + --without-procps --without-icu \ --without-x --with-linuxdir=/usr/src/linux \ - --without-kernel-modules + --without-kernel-modules --disable-deploypkg \ + --without-xerces-c --without-xerces cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install ln -sf ../init.d/openvmtools /etc/rc.d/rc3.d/S60openvmtools diff --git a/lfs/tripwire b/lfs/tripwire deleted file mode 100644 index 9942441..0000000 --- a/lfs/tripwire +++ /dev/null @@ -1,98 +0,0 @@ -############################################################################### -# # -# IPFire.org - A linux based firewall # -# Copyright (C) 2007 Michael Tremer & Christian Schmidt # -# # -# This program is free software: you can redistribute it and/or modify # -# it under the terms of the GNU General Public License as published by # -# the Free Software Foundation, either version 3 of the License, or # -# (at your option) any later version. # -# # -# This program is distributed in the hope that it will be useful, # -# but WITHOUT ANY WARRANTY; without even the implied warranty of # -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # -# GNU General Public License for more details. # -# # -# You should have received a copy of the GNU General Public License # -# along with this program. If not, see http://www.gnu.org/licenses/. # -# # -############################################################################### - -############################################################################### -# Definitions -############################################################################### - -include Config - -VER = 2.4.1.2 - -THISAPP = tripwire-$(VER) -DL_FILE = $(THISAPP)-src.tar.bz2 -DL_FROM = $(URL_IPFIRE) -DIR_APP = $(DIR_SRC)/$(THISAPP) -TARGET = $(DIR_INFO)/$(THISAPP) -PROG = tripwire -PAK_VER = 1 -CFLAGS = -CXXFLAGS = - -DEPS = "" - -############################################################################### -# Top-level Rules -############################################################################### - -objects = $(DL_FILE) - -$(DL_FILE) = $(DL_FROM)/$(DL_FILE) - -$(DL_FILE)_MD5 = 8a1147c278b528ed593023912c4b649a - -install : $(TARGET) - -check : $(patsubst %,$(DIR_CHK)/%,$(objects)) - -download :$(patsubst %,$(DIR_DL)/%,$(objects)) - -md5 : $(subst %,%_MD5,$(objects)) - -dist: - $(PAK) - -############################################################################### -# Downloading, checking, md5sum -############################################################################### - -$(patsubst %,$(DIR_CHK)/%,$(objects)) : - @$(CHECK) - -$(patsubst %,$(DIR_DL)/%,$(objects)) : - @$(LOAD) - -$(subst %,%_MD5,$(objects)) : - @$(MD5) - -############################################################################### -# Installation Details -############################################################################### - -$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) - @$(PREBUILD) - @rm -rf $(DIR_APP)* && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP)-src && ln -fs contrib install - cd $(DIR_APP)-src && sed -i -e 's@TWDB="$${prefix}@TWDB="/var@' \ - -e 's@^CLOBBER="false"@CLOBBER="true"@' install/install.cfg - cd $(DIR_APP)-src && sed -i -e 's@^PROMPT="true"@PROMPT="false"@' \ - -e 's@^TW_SITE_PASS=""@TW_SITE_PASS="ipfire"@' \ - -e 's@^TW_LOCAL_PASS=""@TW_LOCAL_PASS="ipfire"@' \ - install/install.sh - cd $(DIR_APP)-src && ./configure --prefix=/usr --sysconfdir=/var/ipfire/tripwire - cd $(DIR_APP)-src && make $(MAKETUNING) $(EXTRA_MAKE) - cd $(DIR_APP)-src && for i in siggen tripwire twadmin twprint; do \ - cp -vf $(DIR_APP)-src/bin/$$i /usr/sbin; \ - done - cp -vrf $(DIR_SRC)/config/tripwire/* /var/ipfire/tripwire/ - cp -vfp /var/ipfire/tripwire/twcfg.txt /var/ipfire/tripwire/twcfg.default - cp -vfp /var/ipfire/tripwire/twpol.txt /var/ipfire/tripwire/twpol.default - @rm -rf $(DIR_APP)* - @$(POSTBUILD) diff --git a/lfs/xtables-addons b/lfs/xtables-addons index 1848dc9..e2d9c6f 100644 --- a/lfs/xtables-addons +++ b/lfs/xtables-addons @@ -102,6 +102,7 @@ else
# Install the built kernel modules. cd $(DIR_APP) && for f in $$(ls extensions/*.ko); do \ + mkdir -p $(MODPATH); \ install -m 644 $$f $(MODPATH); \ done endif diff --git a/make.sh b/make.sh index 0a74a21..3be2182 100755 --- a/make.sh +++ b/make.sh @@ -422,7 +422,6 @@ buildipfire() { x86_64) ipfiremake linux KCFG="" ipfiremake backports KCFG="" - ipfiremake cryptodev KCFG="" ipfiremake e1000e KCFG="" ipfiremake igb KCFG="" ipfiremake ixgbe KCFG="" @@ -433,7 +432,6 @@ buildipfire() { # x86-pae (Native and new XEN) kernel build ipfiremake linux KCFG="-pae" ipfiremake backports KCFG="-pae" - ipfiremake cryptodev KCFG="-pae" ipfiremake e1000e KCFG="-pae" ipfiremake igb KCFG="-pae" ipfiremake ixgbe KCFG="-pae" @@ -443,7 +441,6 @@ buildipfire() { # x86 kernel build ipfiremake linux KCFG="" ipfiremake backports KCFG="" - ipfiremake cryptodev KCFG="" ipfiremake e1000e KCFG="" ipfiremake igb KCFG="" ipfiremake ixgbe KCFG="" @@ -455,14 +452,12 @@ buildipfire() { # arm-rpi (Raspberry Pi) kernel build ipfiremake linux KCFG="-rpi" ipfiremake backports KCFG="-rpi" - ipfiremake cryptodev KCFG="-rpi" ipfiremake xtables-addons KCFG="-rpi" ipfiremake linux-initrd KCFG="-rpi"
# arm multi platform (Panda, Wandboard ...) kernel build ipfiremake linux KCFG="-multi" ipfiremake backports KCFG="-multi" - ipfiremake cryptodev KCFG="-multi" ipfiremake e1000e KCFG="-multi" ipfiremake igb KCFG="-multi" ipfiremake ixgbe KCFG="-multi" @@ -472,7 +467,6 @@ buildipfire() { # arm-kirkwood (Dreamplug, ICY-Box ...) kernel build ipfiremake linux KCFG="-kirkwood" ipfiremake backports KCFG="-kirkwood" - ipfiremake cryptodev KCFG="-kirkwood" ipfiremake e1000e KCFG="-kirkwood" ipfiremake igb KCFG="-kirkwood" ipfiremake ixgbe KCFG="-kirkwood" @@ -685,7 +679,6 @@ buildipfire() { ipfiremake ncftp ipfiremake etherwake ipfiremake bwm-ng - ipfiremake tripwire ipfiremake sysstat ipfiremake vsftpd ipfiremake strongswan diff --git a/src/initscripts/sysconfig/modules b/src/initscripts/sysconfig/modules index cdbcca4..5f8a77d 100644 --- a/src/initscripts/sysconfig/modules +++ b/src/initscripts/sysconfig/modules @@ -33,8 +33,4 @@ lp ### fusion # fusion
-### cryptodev -# -cryptodev - # End /etc/sysconfig/modules diff --git a/src/misc-progs/Makefile b/src/misc-progs/Makefile index e4bf049..ff775da 100644 --- a/src/misc-progs/Makefile +++ b/src/misc-progs/Makefile @@ -28,7 +28,7 @@ SUID_PROGS = squidctrl sshctrl ipfirereboot \ applejuicectrl rebuildhosts backupctrl collectdctrl \ logwatch openvpnctrl firewallctrl \ wirelessctrl getipstat qosctrl launch-ether-wake \ - redctrl syslogdctrl extrahdctrl sambactrl upnpctrl tripwirectrl \ + redctrl syslogdctrl extrahdctrl sambactrl upnpctrl \ smartctrl clamavctrl addonctrl pakfire mpfirectrl wlanapctrl \ setaliases urlfilterctrl updxlratorctrl fireinfoctrl rebuildroutes \ getconntracktable wirelessclient dnsmasqctrl torctrl ddnsctrl diff --git a/src/misc-progs/tripwirectrl.c b/src/misc-progs/tripwirectrl.c deleted file mode 100644 index 8f02d0d..0000000 --- a/src/misc-progs/tripwirectrl.c +++ /dev/null @@ -1,142 +0,0 @@ -#include <stdio.h> -#include <string.h> -#include <stdlib.h> -#include <unistd.h> -#include <sys/types.h> -#include <fcntl.h> -#include "setuid.h" - -#define BUFFER_SIZE 1024 - -char command[BUFFER_SIZE]; - -int main(int argc, char *argv[]) -{ - -if (!(initsetuid())) - exit(1); - -// Check what command is asked -if (argc==1) -{ -fprintf (stderr, "Missing tripwirectrl command!\n"); -return 1; -} - -if (strcmp(argv[1], "tripwirelog")==0) -{ -snprintf(command, BUFFER_SIZE-1, "/usr/sbin/twprint -m r --cfgfile /var/ipfire/tripwire/tw.cfg --twrfile /var/ipfire/tripwire/report/%s", argv[2]); -safe_system(command); -return 0; -} - -if (strcmp(argv[1], "generatereport")==0) -{ -safe_system("/usr/sbin/tripwire --check --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol"); -return 0; -} - -if (strcmp(argv[1], "deletereport")==0) -{ -sprintf(command, "rm -f /var/ipfire/tripwire/report/%s", argv[2]); -safe_system(command); -return 0; -} - -if (strcmp(argv[1], "updatedatabase")==0) -{ -snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --update --accept-all --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol --local-passphrase %s --twrfile %s", argv[2], argv[3]); -safe_system(command); -return 0; -} - -if (strcmp(argv[1], "keys")==0) -{ -snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/site.key && /usr/sbin/twadmin --generate-keys --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s && chmod 640 /var/ipfire/tripwire/site.key", argv[2]); -safe_system(command); -snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/local.key && /usr/sbin/twadmin --generate-keys --local-keyfile /var/ipfire/tripwire/local.key --local-passphrase %s && chmod 640 /var/ipfire/tripwire/local.key", argv[3]); -safe_system(command); -snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/tw.cfg && /usr/sbin/twadmin --create-cfgfile --cfgfile /var/ipfire/tripwire/tw.cfg --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s /var/ipfire/tripwire/twcfg.txt && chmod 640 /var/ipfire/tripwire/tw.cfg", argv[2]); -safe_system(command); -snprintf(command, BUFFER_SIZE-1, "rm -rf /var/ipfire/tripwire/tw.pol && /usr/sbin/twadmin --create-polfile --cfgfile /var/ipfire/tripwire/tw.cfg --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s /var/ipfire/tripwire/twpol.txt && chmod 640 /var/ipfire/tripwire/tw.pol", argv[2]); -safe_system(command); -snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --init --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol --local-passphrase %s", argv[3]); -safe_system(command); -return 0; -} - -if (strcmp(argv[1], "generatepolicy")==0) -{ -snprintf(command, BUFFER_SIZE-1, "/usr/sbin/twadmin --create-polfile --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s --polfile /var/ipfire/tripwire/tw.pol --cfgfile /var/ipfire/tripwire/tw.cfg /var/ipfire/tripwire/twpol.txt", argv[2]); -safe_system(command); -snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --init --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol --local-passphrase %s", argv[3]); -safe_system(command); -return 0; -} - -if (strcmp(argv[1], "resetpolicy")==0) -{ -snprintf(command, BUFFER_SIZE-1, "/usr/sbin/twadmin --create-polfile --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase %s --polfile /var/ipfire/tripwire/tw.pol --cfgfile /var/ipfire/tripwire/tw.cfg /var/ipfire/tripwire/twpol.default", argv[2]); -safe_system(command); -snprintf(command, BUFFER_SIZE-1, "/usr/sbin/tripwire --init --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol --local-passphrase %s", argv[3]); -safe_system(command); -return 0; -} - -if (strcmp(argv[1], "readconfig")==0) -{ -safe_system("/bin/chown nobody:nobody /var/ipfire/tripwire/twcfg.txt"); -return 0; -} - -if (strcmp(argv[1], "lockconfig")==0) -{ -safe_system("/bin/chown root:root /var/ipfire/tripwire/twcfg.txt"); -return 0; -} - -if (strcmp(argv[1], "enable")==0) -{ -safe_system("touch /var/ipfire/tripwire/enable"); -safe_system("rm -rf /var/ipfire/tripwire/site.key && /usr/sbin/twadmin --generate-keys --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase ipfire && chmod 640 /var/ipfire/tripwire/site.key"); -safe_system("rm -rf /var/ipfire/tripwire/local.key && /usr/sbin/twadmin --generate-keys --local-keyfile /var/ipfire/tripwire/local.key --local-passphrase ipfire && chmod 640 /var/ipfire/tripwire/local.key"); -safe_system("rm -rf /var/ipfire/tripwire/tw.cfg && /usr/sbin/twadmin --create-cfgfile --cfgfile /var/ipfire/tripwire/tw.cfg --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase ipfire /var/ipfire/tripwire/twcfg.txt && chmod 640 /var/ipfire/tripwire/tw.cfg"); -safe_system("rm -rf /var/ipfire/tripwire/tw.pol && /usr/sbin/twadmin --create-polfile --cfgfile /var/ipfire/tripwire/tw.cfg --site-keyfile /var/ipfire/tripwire/site.key --site-passphrase ipfire /var/ipfire/tripwire/twpol.txt && chmod 640 /var/ipfire/tripwire/tw.pol"); -safe_system("/usr/sbin/tripwire --init --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol --local-passphrase ipfire"); -safe_system("cat /usr/sbin/tripwire --check --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol > /etc/fcron.daily/tripwire0600"); -safe_system("chmod 755 /etc/fcron.daily/tripwire0600"); -safe_system("touch -t 01010600 /etc/fcron.daily/tripwire0600"); -return 0; -} - -if (strcmp(argv[1], "disable")==0) -{ -safe_system("unlink /var/ipfire/tripwire/enable"); -safe_system("unlink /etc/fcron.daily/tripwire*"); -safe_system("rm -rf /var/ipfire/tripwire/site.key"); -safe_system("rm -rf /var/ipfire/tripwire/local.key"); -safe_system("rm -rf /var/ipfire/tripwire/tw.cfg*"); -safe_system("rm -rf /var/ipfire/tripwire/tw.pol*"); -safe_system("rm -rf /var/ipfire/tripwire/*.twd*"); -safe_system("rm -rf /var/ipfire/tripwire/report/*"); -return 0; -} - -if (strcmp(argv[1], "addcron")==0) -{ -snprintf(command, BUFFER_SIZE-1, "echo "/usr/sbin/tripwire --check --cfgfile /var/ipfire/tripwire/tw.cfg --polfile /var/ipfire/tripwire/tw.pol" > /etc/fcron.daily/tripwire%s%s", argv[2], argv[3]); -safe_system(command); -snprintf(command, BUFFER_SIZE-1, "chmod 755 /etc/fcron.daily/tripwire%s%s", argv[2], argv[3]); -safe_system(command); -snprintf(command, BUFFER_SIZE-1, "touch -t 0101%s%s /etc/fcron.daily/tripwire%s%s", argv[2], argv[3], argv[2], argv[3]); -safe_system(command); -return 0; -} -if (strcmp(argv[1], "disablecron")==0) -{ -snprintf(command, BUFFER_SIZE-1, "unlink /etc/fcron.daily/tripwire%s", argv[2]); -safe_system(command); -return 0; -} -return 0; -}
hooks/post-receive -- IPFire 2.x development tree
-
git@ipfire.org