* [git.ipfire.org] IPFire 2.x development tree branch, next, updated. ab03ba10c42fb56d8cd15bda4ca16be887ade6c6
@ 2026-02-10 10:54 Michael Tremer
0 siblings, 0 replies; only message in thread
From: Michael Tremer @ 2026-02-10 10:54 UTC (permalink / raw)
To: ipfire-scm
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1: Type: text/plain, Size: 36963 bytes --]
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, next has been updated
via ab03ba10c42fb56d8cd15bda4ca16be887ade6c6 (commit)
via e433cd0e0c49fd92d588001cd586585bc2e895ea (commit)
via 6a5c0ee759e4d07da18ce7ff8f9ac159e5a2dcbd (commit)
via 8acd6d1af456cf77cb005bdc190bda41bb8e4576 (commit)
via db0a24e123b07226febd0b9889607a7858ca0aa5 (commit)
via 72d5a1c52ac770a85dfc10df78d855150c2fc869 (commit)
via c92109cb790466f8368bc1b419b6671875897ca5 (commit)
via 259ce21a1ade5866f680fe170c5bcb6080b64547 (commit)
via 91bb5a9d0979e7c1befdb62ac0ade3699c2be01e (commit)
via e79f1a2bf92fb18b041489e02f2c9770ce11af58 (commit)
from b4d0ec551ecac33487f7ec34240e46520d2941a8 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit ab03ba10c42fb56d8cd15bda4ca16be887ade6c6
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Tue Feb 10 10:54:16 2026 +0000
squid: Use iptables --wait
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit e433cd0e0c49fd92d588001cd586585bc2e895ea
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Tue Feb 10 10:51:00 2026 +0000
core201: Ship more IPS changes
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 6a5c0ee759e4d07da18ce7ff8f9ac159e5a2dcbd
Merge: 8acd6d1af 91bb5a9d0
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Tue Feb 10 10:50:24 2026 +0000
Merge remote-tracking branch 'ms/suricata-reports-alternative-addresses' into next
commit 8acd6d1af456cf77cb005bdc190bda41bb8e4576
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Tue Feb 10 10:32:49 2026 +0000
core201: Ship IPS stuff
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit db0a24e123b07226febd0b9889607a7858ca0aa5
Author: Stefan Schantl <stefan.schantl@ipfire.org>
Date: Mon Feb 9 15:23:22 2026 +0100
logs.cgi/ids.dat: Use new mechanic to obtain sid info url's
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 72d5a1c52ac770a85dfc10df78d855150c2fc869
Author: Stefan Schantl <stefan.schantl@ipfire.org>
Date: Mon Feb 9 15:23:21 2026 +0100
ids-functions.pl: Add function to get the info url for a given rule id
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit c92109cb790466f8368bc1b419b6671875897ca5
Author: Stefan Schantl <stefan.schantl@ipfire.org>
Date: Mon Feb 9 15:23:20 2026 +0100
ids-functions.pl: Add function to get the provider by a given rule id
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 259ce21a1ade5866f680fe170c5bcb6080b64547
Author: Stefan Schantl <stefan.schantl@ipfire.org>
Date: Mon Feb 9 15:23:19 2026 +0100
ruleset-sources: Add details about rule sid and info URL
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 91bb5a9d0979e7c1befdb62ac0ade3699c2be01e
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Tue Feb 3 19:01:10 2026 +0000
suricata-report-cron: Send reports to custom recipients if configured
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit e79f1a2bf92fb18b041489e02f2c9770ce11af58
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Tue Feb 3 18:37:24 2026 +0000
ids.cgi: Allow to configure alternative recipients for reports
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
-----------------------------------------------------------------------
Summary of changes:
config/cfgroot/ids-functions.pl | 105 +++++++++++++++++++++
config/rootfiles/core/201/filelists/files | 5 +
.../131 => core/201}/filelists/ids-ruleset-sources | 0
config/suricata/ruleset-sources | 19 ++++
config/suricata/suricata-report-cron | 31 +++---
doc/language_issues.en | 6 +-
doc/language_issues.es | 6 +-
doc/language_issues.fr | 6 +-
doc/language_issues.it | 6 +-
doc/language_issues.nl | 6 +-
doc/language_issues.pl | 6 +-
doc/language_issues.ru | 6 +-
doc/language_issues.tr | 6 +-
doc/language_issues.tw | 6 +-
doc/language_issues.zh | 6 +-
html/cgi-bin/ids.cgi | 100 ++++++++++++++++++--
html/cgi-bin/logs.cgi/ids.dat | 26 +++--
langs/de/cgi-bin/de.pl | 6 +-
langs/en/cgi-bin/en.pl | 6 +-
src/initscripts/system/squid | 10 +-
20 files changed, 297 insertions(+), 71 deletions(-)
copy config/rootfiles/{oldcore/131 => core/201}/filelists/ids-ruleset-sources (100%)
Difference in files:
diff --git a/config/cfgroot/ids-functions.pl b/config/cfgroot/ids-functions.pl
index bede5fca0..93d1acdee 100644
--- a/config/cfgroot/ids-functions.pl
+++ b/config/cfgroot/ids-functions.pl
@@ -1829,4 +1829,109 @@ sub generate_report_generator_config() {
close(FILE);
}
+#
+## Function to get the provider handle by a given rule sid.
+#
+sub get_provider_by_sid ($) {
+ my ($sid) = @_;
+
+ # Get all known ruleset providers.
+ my @ruleset_providers = &get_ruleset_providers();
+
+ # Temporary hash to store found ranges.
+ my %tmphash = ();
+ my @tmparray;
+
+ # Loop through the array of known providers.
+ foreach my $provider (@ruleset_providers) {
+ # Skip provider if no sid range is specified.
+ next unless ($IDS::Ruleset::Providers{$provider}{"sid_range"});
+
+ # Grab and the dereference the sid range.
+ my @sid_range = @{ $IDS::Ruleset::Providers{$provider}{"sid_range"} };
+
+ # Check if the given sid is in the range of the current processed provider.
+ next unless (&is_sid_in_range($sid, \@sid_range));
+
+ # Assign some nice human-readable values.
+ my $start = $sid_range[0];
+ my $end = $sid_range[1];
+
+ # Calculate the sid range.
+ my $range = $end - $start;
+
+ # Assign the found provider and it's range to the temporary hash.
+ $tmphash{$range} = $provider;
+ }
+
+ # Sort the ranges of the found providers and store them in a temporary
+ # array - This is neccessary in case more than one range has been found.
+ @tmparray = sort (keys %tmphash);
+
+ # Return if nothing has been found.
+ return unless(@tmparray);
+
+ # The first element of the temporary array contains our smalles sid range
+ # which the given sid has to belong - grab the stored handle.
+ my $handle = $tmphash{$tmparray[0]};
+
+ # Return the obtained handle.
+ return $handle;
+}
+
+#
+## Function to check if a given single sid is in a given range.
+#
+sub is_sid_in_range($\@) {
+ my ($sid, $range_ref) = @_;
+
+ # Deref the array ref and assig to array.
+ my @range = @{ $range_ref };
+
+ # Assign some nice human-readable values.
+ my $range_start = $range[0];
+ my $range_stop = $range[1];
+
+ # Early exit in case the range has been passed the
+ # wrong way around.
+ return undef if ($range_start > $range_stop);
+
+ # Return if the given sid is lower than the start one.
+ return if ($sid < $range_start);
+
+ # Return if the given sid is higher than the max range.
+ return if ($sid > $range_stop);
+
+ # Return True if the given sid is lower or equals the max range.
+ return 1 if ($sid <= $range_stop);
+
+ # If we got here, something strange happend.
+ return undef;
+}
+
+#
+## Function to get the sid info url in case it is defined
+#
+sub get_sid_info_url($) {
+ my ($sid) = @_;
+
+ # Call function to get the provider for this rule id.
+ my $provider = &get_provider_by_sid($sid);
+
+ # Exit if no provder could be determined.
+ return unless($provider);
+
+ # Exit if no info URL is known for the provider.
+ return unless($IDS::Ruleset::Providers{$provider}{"sid_info_url"});
+
+ # Grab the URL for the given provider.
+ my $info_url = $IDS::Ruleset::Providers{$provider}{"sid_info_url"};
+
+ # Replace the <sid> placeholder with the given sid.
+ $info_url =~ s/\<sid\>/$sid/g;
+
+ # Return the URL.
+ return $info_url;
+}
+
1;
diff --git a/config/rootfiles/core/201/filelists/files b/config/rootfiles/core/201/filelists/files
index f7a8b3297..87c0cc20e 100644
--- a/config/rootfiles/core/201/filelists/files
+++ b/config/rootfiles/core/201/filelists/files
@@ -1 +1,6 @@
+etc/rc.d/init.d/squid
+srv/web/ipfire/cgi-bin/ids.cgi
+srv/web/ipfire/cgi-bin/logs.cgi/ids.dat
srv/web/ipfire/cgi-bin/ovpnmain.cgi
+usr/bin/suricata-report-cron
+var/ipfire/ids-functions.pl
diff --git a/config/rootfiles/core/201/filelists/ids-ruleset-sources b/config/rootfiles/core/201/filelists/ids-ruleset-sources
new file mode 120000
index 000000000..a226ada39
--- /dev/null
+++ b/config/rootfiles/core/201/filelists/ids-ruleset-sources
@@ -0,0 +1 @@
+../../../common/ids-ruleset-sources
\ No newline at end of file
diff --git a/config/suricata/ruleset-sources b/config/suricata/ruleset-sources
index af65648af..5b9073d85 100644
--- a/config/suricata/ruleset-sources
+++ b/config/suricata/ruleset-sources
@@ -13,6 +13,8 @@ package IDS::Ruleset;
# requires_subscription => "True/False" - If some kind of registration code is required in order to download the ruleset.
# dl_url => The download URL to grab the ruleset.
# dl_type => "archive/plain" - To specify, if the downloaded file is a packed archive or a plain text file.
+# sid_range => The sid range which the provider uses for it's rules, specified as an array. "[start sid, stop sid]"
+# sid_info_url => An URL which provides additional information about a rule based on it's sid.
# },
# Hash which contains the supported ruleset providers.
@@ -25,6 +27,8 @@ our %Providers = (
requires_subscription => "True",
dl_url => "https://www.snort.org/rules/snortrules-snapshot-29200.tar.gz?oinkcode=<subscription_code>",
dl_type => "archive",
+ sid_range => ["1", "1000000"],
+ sid_info_url => "https://www.snort.org/rule_docs/1-<sid>",
},
# Ruleset for registered sourcefire users with a valid subscription.
@@ -35,6 +39,8 @@ our %Providers = (
requires_subscription => "True",
dl_url => "https://www.snort.org/rules/snortrules-snapshot-29200.tar.gz?oinkcode=<subscription_code>",
dl_type => "archive",
+ sid_range => ["1", "1000000"],
+ sid_info_url => "https://www.snort.org/rule_docs/1-<sid>",
},
# Community rules from sourcefire.
@@ -45,6 +51,8 @@ our %Providers = (
requires_subscription => "False",
dl_url => "https://www.snort.org/downloads/community/community-rules.tar.gz",
dl_type => "archive",
+ sid_range => ["1", "1000000"],
+ sid_info_url => "https://www.snort.org/rule_docs/1-<sid>",
},
# Emerging threats community rules.
@@ -55,6 +63,8 @@ our %Providers = (
requires_subscription => "False",
dl_url => "https://rules.emergingthreats.net/open/suricata-5.0/emerging.rules.tar.gz",
dl_type => "archive",
+ sid_range => ["2000000", "2999999"],
+ sid_info_url => "https://threatintel.proofpoint.com/sid/<sid>",
},
# Emerging threats Pro rules.
@@ -65,6 +75,8 @@ our %Providers = (
requires_subscription => "True",
dl_url => "https://rules.emergingthreatspro.com/<subscription_code>/suricata-5.0/etpro.rules.tar.gz",
dl_type => "archive",
+ sid_range => ["2000000", "2999999"],
+ sid_info_url => "https://threatintel.proofpoint.com/sid/<sid>",
},
# Abuse.ch SSLBL Blacklist rules.
@@ -72,6 +84,7 @@ our %Providers = (
summary => "Abuse.ch SSLBL Blacklist Rules",
website => "https://sslbl.abuse.ch/",
tr_string => "sslbl blacklist rules",
+ sid_range => ["902200000", "902299999"],
},
# Etnetera Aggressive Blacklist.
@@ -82,6 +95,7 @@ our %Providers = (
requires_subscription => "False",
dl_url => "https://security.etnetera.cz/feeds/etn_aggressive.rules",
dl_type => "plain",
+ sid_range => ["500000", "599999"],
},
# OISF Traffic ID rules.
@@ -92,6 +106,7 @@ our %Providers = (
requires_subscription => "False",
dl_url => "https://openinfosecfoundation.org/rules/trafficid/trafficid.rules",
dl_type => "plain",
+ sid_range => ["300000000", "301000000"],
},
# Positive Technologies Attack Detection Team rules.
@@ -99,6 +114,7 @@ our %Providers = (
summary => "PT Attack Detection Team Rules",
website => "https://github.com/ptresearch/AttackDetection",
tr_string => "attack detection team rules",
+ sid_range => ["10000000", "11999999"],
},
# Secureworks Security rules.
@@ -130,6 +146,7 @@ our %Providers = (
requires_subscription => "False",
dl_url => "https://threatfox.abuse.ch/downloads/threatfox_suricata.rules",
dl_type => "plain",
+ sid_range => ["91000000", "91999999"],
},
# Travis B. Green hunting rules.
@@ -140,6 +157,7 @@ our %Providers = (
requires_subscription => "False",
dl_url => "https://raw.githubusercontent.com/travisbgreen/hunting-rules/master/hunting.rules",
dl_type => "plain",
+ sid_range => ["2610000", "2619999"],
},
ipfire_dbl => {
@@ -149,5 +167,6 @@ our %Providers = (
requires_subscription => "False",
dl_url => "https://dbl.ipfire.org/lists/suricata.tar.gz",
dl_type => "archive",
+ sid_range => ["406000000", "406999999"],
},
);
diff --git a/config/suricata/suricata-report-cron b/config/suricata/suricata-report-cron
index 3aa4cc8f8..eb802a8cb 100644
--- a/config/suricata/suricata-report-cron
+++ b/config/suricata/suricata-report-cron
@@ -27,7 +27,6 @@ readhash CONFIG "/var/ipfire/suricata/settings"
send_report() {
local args=( "$@" )
- local address
# Add the email sender
if [ -n "${CONFIG[EMAIL_SENDER]}" ]; then
@@ -39,13 +38,6 @@ send_report() {
return 2
fi
- local IFS=','
-
- # Append the email recipients
- for address in ${CONFIG[EMAIL_RECIPIENTS]}; do
- args+=( "--email-recipient=${address}" )
- done
-
# Generate the report
if ! suricata-report-generator "${args[@]}"; then
return 1
@@ -69,7 +61,7 @@ send_monthly_report() {
local m="$(date --date="last month" +"%m")"
# Send the report
- send_report --year="${y}" --month="${m}"
+ send_report --year="${y}" --month="${m}" $(fetch_recipients monthly)
}
send_weekly_report() {
@@ -87,7 +79,7 @@ send_weekly_report() {
local w="$(date --date="last week" +"%V")"
# Send the report
- send_report --year="${y}" --week="${w}"
+ send_report --year="${y}" --week="${w}" $(fetch_recipients weekly)
}
# Sends a daily report for "yesterday"
@@ -107,7 +99,24 @@ send_daily_report() {
local d="$(date --date="yesterday" +"%d")"
# Send the report
- send_report --year="${y}" --month="${m}" --day="${d}"
+ send_report --year="${y}" --month="${m}" --day="${d}" $(fetch_recipients daily)
+}
+
+fetch_recipients() {
+ local interval="${1}"
+
+ local recipients="${CONFIG[EMAIL_RECIPIENTS_REPORT_${interval^^}]:-${CONFIG[EMAIL_RECIPIENTS]}}"
+
+ # Parse this as an array
+ read -ra recipients <<< "${recipients//,/ }"
+
+ # Return all recipients
+ local recipient
+ for recipient in ${recipients[@]}; do
+ echo "--email-recipient=${recipient}"
+ done
+
+ return 0
}
main() {
diff --git a/doc/language_issues.en b/doc/language_issues.en
index c53843b37..0a8931879 100644
--- a/doc/language_issues.en
+++ b/doc/language_issues.en
@@ -1071,9 +1071,9 @@ WARNING: untranslated string: ids provider = Provider
WARNING: untranslated string: ids provider eol = (EOL)
WARNING: untranslated string: ids provider settings = Provider settings
WARNING: untranslated string: ids remove rule structures = Remove old rule structures...
-WARNING: untranslated string: ids reports daily = Send a daily report
-WARNING: untranslated string: ids reports monthly = Send a monthly report
-WARNING: untranslated string: ids reports weekly = Send a weekly report
+WARNING: untranslated string: ids reports daily = Daily Report
+WARNING: untranslated string: ids reports monthly = Monthly Report
+WARNING: untranslated string: ids reports weekly = Weekly Report
WARNING: untranslated string: ids reset provider = Reset provider
WARNING: untranslated string: ids ruleset autoupdate in progress = Ruleset update in progress. Please wait until all operations have completed successfully...
WARNING: untranslated string: ids ruleset is up to date = No update required - The ruleset is up to date.
diff --git a/doc/language_issues.es b/doc/language_issues.es
index 980d27874..172f6056f 100644
--- a/doc/language_issues.es
+++ b/doc/language_issues.es
@@ -1069,9 +1069,9 @@ WARNING: untranslated string: ids invalid mail address = Is or contains an inval
WARNING: untranslated string: ids no email recipients = No email recipients given
WARNING: untranslated string: ids no email sender = No sender email address specified
WARNING: untranslated string: ids provider eol = (EOL)
-WARNING: untranslated string: ids reports daily = Send a daily report
-WARNING: untranslated string: ids reports monthly = Send a monthly report
-WARNING: untranslated string: ids reports weekly = Send a weekly report
+WARNING: untranslated string: ids reports daily = Daily Report
+WARNING: untranslated string: ids reports monthly = Monthly Report
+WARNING: untranslated string: ids reports weekly = Weekly Report
WARNING: untranslated string: ids send email on alert = Send email on alert
WARNING: untranslated string: indirect target selection = Indirect target selection
WARNING: untranslated string: info messages = unknown string
diff --git a/doc/language_issues.fr b/doc/language_issues.fr
index a7c31beaf..ab6596c76 100644
--- a/doc/language_issues.fr
+++ b/doc/language_issues.fr
@@ -1057,9 +1057,9 @@ WARNING: untranslated string: ids invalid mail address = Is or contains an inval
WARNING: untranslated string: ids no email recipients = No email recipients given
WARNING: untranslated string: ids no email sender = No sender email address specified
WARNING: untranslated string: ids provider eol = (EOL)
-WARNING: untranslated string: ids reports daily = Send a daily report
-WARNING: untranslated string: ids reports monthly = Send a monthly report
-WARNING: untranslated string: ids reports weekly = Send a weekly report
+WARNING: untranslated string: ids reports daily = Daily Report
+WARNING: untranslated string: ids reports monthly = Monthly Report
+WARNING: untranslated string: ids reports weekly = Weekly Report
WARNING: untranslated string: ids rulesets = Rulesets
WARNING: untranslated string: ids send email on alert = Send email on alert
WARNING: untranslated string: import connection = Import a Connection
diff --git a/doc/language_issues.it b/doc/language_issues.it
index 2e5110092..488cab63e 100644
--- a/doc/language_issues.it
+++ b/doc/language_issues.it
@@ -1193,9 +1193,9 @@ WARNING: untranslated string: ids provider = Provider
WARNING: untranslated string: ids provider eol = (EOL)
WARNING: untranslated string: ids provider settings = Provider settings
WARNING: untranslated string: ids remove rule structures = Remove old rule structures...
-WARNING: untranslated string: ids reports daily = Send a daily report
-WARNING: untranslated string: ids reports monthly = Send a monthly report
-WARNING: untranslated string: ids reports weekly = Send a weekly report
+WARNING: untranslated string: ids reports daily = Daily Report
+WARNING: untranslated string: ids reports monthly = Monthly Report
+WARNING: untranslated string: ids reports weekly = Weekly Report
WARNING: untranslated string: ids reset provider = Reset provider
WARNING: untranslated string: ids ruleset autoupdate in progress = Ruleset update in progress. Please wait until all operations have completed successfully...
WARNING: untranslated string: ids ruleset is up to date = No update required - The ruleset is up to date.
diff --git a/doc/language_issues.nl b/doc/language_issues.nl
index 68dfe7332..54fd4c439 100644
--- a/doc/language_issues.nl
+++ b/doc/language_issues.nl
@@ -1198,9 +1198,9 @@ WARNING: untranslated string: ids provider = Provider
WARNING: untranslated string: ids provider eol = (EOL)
WARNING: untranslated string: ids provider settings = Provider settings
WARNING: untranslated string: ids remove rule structures = Remove old rule structures...
-WARNING: untranslated string: ids reports daily = Send a daily report
-WARNING: untranslated string: ids reports monthly = Send a monthly report
-WARNING: untranslated string: ids reports weekly = Send a weekly report
+WARNING: untranslated string: ids reports daily = Daily Report
+WARNING: untranslated string: ids reports monthly = Monthly Report
+WARNING: untranslated string: ids reports weekly = Weekly Report
WARNING: untranslated string: ids reset provider = Reset provider
WARNING: untranslated string: ids ruleset autoupdate in progress = Ruleset update in progress. Please wait until all operations have completed successfully...
WARNING: untranslated string: ids ruleset is up to date = No update required - The ruleset is up to date.
diff --git a/doc/language_issues.pl b/doc/language_issues.pl
index c9816a3a4..03be7d822 100644
--- a/doc/language_issues.pl
+++ b/doc/language_issues.pl
@@ -1318,9 +1318,9 @@ WARNING: untranslated string: ids provider = Provider
WARNING: untranslated string: ids provider eol = (EOL)
WARNING: untranslated string: ids provider settings = Provider settings
WARNING: untranslated string: ids remove rule structures = Remove old rule structures...
-WARNING: untranslated string: ids reports daily = Send a daily report
-WARNING: untranslated string: ids reports monthly = Send a monthly report
-WARNING: untranslated string: ids reports weekly = Send a weekly report
+WARNING: untranslated string: ids reports daily = Daily Report
+WARNING: untranslated string: ids reports monthly = Monthly Report
+WARNING: untranslated string: ids reports weekly = Weekly Report
WARNING: untranslated string: ids reset provider = Reset provider
WARNING: untranslated string: ids ruleset autoupdate in progress = Ruleset update in progress. Please wait until all operations have completed successfully...
WARNING: untranslated string: ids ruleset is up to date = No update required - The ruleset is up to date.
diff --git a/doc/language_issues.ru b/doc/language_issues.ru
index 2c372b409..ae6ebe14b 100644
--- a/doc/language_issues.ru
+++ b/doc/language_issues.ru
@@ -1316,9 +1316,9 @@ WARNING: untranslated string: ids provider = Provider
WARNING: untranslated string: ids provider eol = (EOL)
WARNING: untranslated string: ids provider settings = Provider settings
WARNING: untranslated string: ids remove rule structures = Remove old rule structures...
-WARNING: untranslated string: ids reports daily = Send a daily report
-WARNING: untranslated string: ids reports monthly = Send a monthly report
-WARNING: untranslated string: ids reports weekly = Send a weekly report
+WARNING: untranslated string: ids reports daily = Daily Report
+WARNING: untranslated string: ids reports monthly = Monthly Report
+WARNING: untranslated string: ids reports weekly = Weekly Report
WARNING: untranslated string: ids reset provider = Reset provider
WARNING: untranslated string: ids ruleset autoupdate in progress = Ruleset update in progress. Please wait until all operations have completed successfully...
WARNING: untranslated string: ids ruleset is up to date = No update required - The ruleset is up to date.
diff --git a/doc/language_issues.tr b/doc/language_issues.tr
index 44ddc016d..cd996bd04 100644
--- a/doc/language_issues.tr
+++ b/doc/language_issues.tr
@@ -1136,9 +1136,9 @@ WARNING: untranslated string: ids provider = Provider
WARNING: untranslated string: ids provider eol = (EOL)
WARNING: untranslated string: ids provider settings = Provider settings
WARNING: untranslated string: ids remove rule structures = Remove old rule structures...
-WARNING: untranslated string: ids reports daily = Send a daily report
-WARNING: untranslated string: ids reports monthly = Send a monthly report
-WARNING: untranslated string: ids reports weekly = Send a weekly report
+WARNING: untranslated string: ids reports daily = Daily Report
+WARNING: untranslated string: ids reports monthly = Monthly Report
+WARNING: untranslated string: ids reports weekly = Weekly Report
WARNING: untranslated string: ids reset provider = Reset provider
WARNING: untranslated string: ids ruleset autoupdate in progress = Ruleset update in progress. Please wait until all operations have completed successfully...
WARNING: untranslated string: ids ruleset is up to date = No update required - The ruleset is up to date.
diff --git a/doc/language_issues.tw b/doc/language_issues.tw
index b8e378859..a26c0478f 100644
--- a/doc/language_issues.tw
+++ b/doc/language_issues.tw
@@ -1077,9 +1077,9 @@ WARNING: untranslated string: ids high, medium and low severity = High, Medium,
WARNING: untranslated string: ids invalid mail address = Is or contains an invalid mail address.
WARNING: untranslated string: ids no email recipients = No email recipients given
WARNING: untranslated string: ids no email sender = No sender email address specified
-WARNING: untranslated string: ids reports daily = Send a daily report
-WARNING: untranslated string: ids reports monthly = Send a monthly report
-WARNING: untranslated string: ids reports weekly = Send a weekly report
+WARNING: untranslated string: ids reports daily = Daily Report
+WARNING: untranslated string: ids reports monthly = Monthly Report
+WARNING: untranslated string: ids reports weekly = Weekly Report
WARNING: untranslated string: ids send email on alert = Send email on alert
WARNING: untranslated string: indirect target selection = Indirect target selection
WARNING: untranslated string: info messages = unknown string
diff --git a/doc/language_issues.zh b/doc/language_issues.zh
index b8e378859..a26c0478f 100644
--- a/doc/language_issues.zh
+++ b/doc/language_issues.zh
@@ -1077,9 +1077,9 @@ WARNING: untranslated string: ids high, medium and low severity = High, Medium,
WARNING: untranslated string: ids invalid mail address = Is or contains an invalid mail address.
WARNING: untranslated string: ids no email recipients = No email recipients given
WARNING: untranslated string: ids no email sender = No sender email address specified
-WARNING: untranslated string: ids reports daily = Send a daily report
-WARNING: untranslated string: ids reports monthly = Send a monthly report
-WARNING: untranslated string: ids reports weekly = Send a weekly report
+WARNING: untranslated string: ids reports daily = Daily Report
+WARNING: untranslated string: ids reports monthly = Monthly Report
+WARNING: untranslated string: ids reports weekly = Weekly Report
WARNING: untranslated string: ids send email on alert = Send email on alert
WARNING: untranslated string: indirect target selection = Indirect target selection
WARNING: untranslated string: info messages = unknown string
diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi
index 9685b37d0..d615b8db2 100644
--- a/html/cgi-bin/ids.cgi
+++ b/html/cgi-bin/ids.cgi
@@ -596,6 +596,18 @@ if ($cgiparams{'RULESET'} eq $Lang::tr{'ids apply'}) {
if (&_validate_mail_address($cgiparams{'EMAIL_RECIPIENTS'})) {
$errormessage = "$cgiparams{'EMAIL_RECIPIENTS'} - $Lang::tr{'ids invalid mail address'}";
}
+
+ if (&_validate_mail_address($cgiparams{'EMAIL_RECIPIENTS_REPORT_DAILY'})) {
+ $errormessage = "$Lang::tr{'ids invalid mail address'}: $cgiparams{'EMAIL_RECIPIENTS_REPORT_DAILY'}";
+ }
+
+ if (&_validate_mail_address($cgiparams{'EMAIL_RECIPIENTS_REPORT_WEEKLY'})) {
+ $errormessage = "$Lang::tr{'ids invalid mail address'}: $cgiparams{'EMAIL_RECIPIENTS_REPORT_WEEKLY'}";
+ }
+
+ if (&_validate_mail_address($cgiparams{'EMAIL_RECIPIENTS_REPORT_MONTHLY'})) {
+ $errormessage = "$Lang::tr{'ids invalid mail address'}: $cgiparams{'EMAIL_RECIPIENTS_REPORT_MONTHLY'}";
+ }
}
# Go on if there are no error messages.
@@ -1053,6 +1065,12 @@ sub show_mainpage() {
my $email_sender = $idssettings{'EMAIL_SENDER'};
my $email_recipients = $idssettings{'EMAIL_RECIPIENTS'};
+ my %email_recipients_reports = (
+ "DAILY" => $idssettings{'EMAIL_RECIPIENTS_REPORT_DAILY'},
+ "WEEKLY" => $idssettings{'EMAIL_RECIPIENTS_REPORT_WEEKLY'},
+ "MONTHLY" => $idssettings{'EMAIL_RECIPIENTS_REPORT_MONTHLY'},
+ );
+
# Set form values to cgiparams state in error case.
if ($errormessage) {
$checked{'ENABLE_IDS'}{$cgiparams{'ENABLE_IDS'}} = "checked='checked'";
@@ -1063,6 +1081,12 @@ sub show_mainpage() {
$email_sender = $cgiparams{'EMAIL_SENDER'};
$email_recipients = $cgiparams{'EMAIL_RECIPIENTS'};
+
+ %email_recipients_reports = (
+ "DAILY" => $cgiparams{'EMAIL_RECIPIENTS_REPORT_DAILY'},
+ "WEEKLY" => $cgiparams{'EMAIL_RECIPIENTS_REPORT_WEEKLY'},
+ "MONTHLY" => $cgiparams{'EMAIL_RECIPIENTS_REPORT_MONTHLY'},
+ );
}
# Draw current state of the IDS
@@ -1209,49 +1233,107 @@ print <<END
</select>
</td>
</tr>
+ </table>
+ <h6>
+ $Lang::tr{'ids reports daily'}
+ </h6>
+
+ <table class="form">
<tr>
- <td colspan="2"> </td>
+ <td>
+ <label for="ENABLE_REPORT_DAILY">
+ $Lang::tr{'enable'}
+ </label>
+ </td>
+
+ <td>
+ <input type='checkbox' name='ENABLE_REPORT_DAILY'
+ id="ENABLE_REPORT_DAILY" $checked{'ENABLE_REPORT_DAILY'}{'on'}>
+ </td>
</tr>
<tr>
<td>
- <label for="ENABLE_REPORT_DAILY">
- $Lang::tr{'ids reports daily'}
+ <label for="EMAIL_RECIPIENTS_REPORT_DAILY">
+ $Lang::tr{'ids email recipients'}
</label>
</td>
<td>
- <input type='checkbox' name='ENABLE_REPORT_DAILY' id="ENABLE_REPORT_DAILY" $checked{'ENABLE_REPORT_DAILY'}{'on'}>
+ <input type="text" name="EMAIL_RECIPIENTS_REPORT_DAILY"
+ value="$email_recipients_reports{'DAILY'}">
</td>
</tr>
+ </table>
+
+ <h6>
+ $Lang::tr{'ids reports weekly'}
+ </h6>
+ <table class="form">
<tr>
<td>
<label for="ENABLE_REPORT_WEEKLY">
- $Lang::tr{'ids reports weekly'}
+ $Lang::tr{'enable'}
</label>
</td>
<td>
- <input type='checkbox' name='ENABLE_REPORT_WEEKLY' id="ENABLE_REPORT_WEEKLY" $checked{'ENABLE_REPORT_WEEKLY'}{'on'}>
+ <input type='checkbox' name='ENABLE_REPORT_WEEKLY'
+ id="ENABLE_REPORT_WEEKLY" $checked{'ENABLE_REPORT_WEEKLY'}{'on'}>
</td>
</tr>
+ <tr>
+ <td>
+ <label for="EMAIL_RECIPIENTS_REPORT_WEEKLY">
+ $Lang::tr{'ids email recipients'}
+ </label>
+ </td>
+
+ <td>
+ <input type="text" name="EMAIL_RECIPIENTS_REPORT_WEEKLY"
+ value="$email_recipients_reports{'WEEKLY'}">
+ </td>
+ </tr>
+ </table>
+
+ <h6>
+ $Lang::tr{'ids reports monthly'}
+ </h6>
+
+ <table class="form">
<tr>
<td>
<label for="ENABLE_REPORT_MONTHLY">
- $Lang::tr{'ids reports monthly'}
+ $Lang::tr{'enable'}
</label>
</td>
<td>
- <input type='checkbox' name='ENABLE_REPORT_MONTHLY' id="ENABLE_REPORT_MONTHLY" $checked{'ENABLE_REPORT_MONTHLY'}{'on'}>
+ <input type='checkbox' name='ENABLE_REPORT_MONTHLY'
+ id="ENABLE_REPORT_MONTHLY" $checked{'ENABLE_REPORT_MONTHLY'}{'on'}>
</td>
</tr>
+ <tr>
+ <td>
+ <label for="EMAIL_RECIPIENTS_REPORT_MONTHLY">
+ $Lang::tr{'ids email recipients'}
+ </label>
+ </td>
+
+ <td>
+ <input type="text" name="EMAIL_RECIPIENTS_REPORT_MONTHLY"
+ value="$email_recipients_reports{'MONTHLY'}">
+ </td>
+ </tr>
+ </table>
+
+ <table class="form">
<tr class="action">
- <td colspan="2">
+ <td>
<input type='submit' name='IDS' value='$Lang::tr{'save'}' />
</td>
</tr>
diff --git a/html/cgi-bin/logs.cgi/ids.dat b/html/cgi-bin/logs.cgi/ids.dat
index deebced21..ef224e3e6 100644
--- a/html/cgi-bin/logs.cgi/ids.dat
+++ b/html/cgi-bin/logs.cgi/ids.dat
@@ -22,6 +22,7 @@ use strict;
my $report_generator_binary = "/usr/bin/suricata-report-generator";
require '/var/ipfire/general-functions.pl';
+require "${General::swroot}/ids-functions.pl";
require "${General::swroot}/lang.pl";
require "${General::swroot}/header.pl";
@@ -389,21 +390,26 @@ print <<END
<td valign='top'>
END
;
- if ($sid eq "n/a") {
- print $sid;
- } elsif ($sid < 1000000) {
- # Link to sourcefire if the the rule sid is less than 1000000.
- print "<a href='https://www.snort.org/rule_docs/1-$sid' ";
- print "target='_blank'>$sid</a></td>\n";
- } elsif ($sid >= 2000000 and $sid < 3000000) {
- # Link to emergingthreats if the rule sid is between 2000000 and 3000000.
- print "<a href='https://threatintel.proofpoint.com/sid/$sid' ";
- print "target='_blank'>$sid</a></td>\n";
+
+ # Check if an valid sid has been found.
+ if ($sid ne "n/a") {
+ # Try to get the info url for the sid.
+ my $info_url = &IDS::get_sid_info_url($sid);
+
+ # Check if an url has been obtained.
+ if ($info_url) {
+ print "<a href='$info_url' ";
+ print "target='_blank'>$sid</a>\n";
+ } else {
+ # No external link available.
+ print $sid;
+ }
} else {
# No external link for user defined rules
print $sid;
}
print <<END
+</td>
</tr>
</table><br>
</td></tr>
diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl
index 7d74b0079..6ef4404a1 100644
--- a/langs/de/cgi-bin/de.pl
+++ b/langs/de/cgi-bin/de.pl
@@ -1421,9 +1421,9 @@
'ids provider' => 'Regelset-Anbieter',
'ids provider settings' => 'Regelset-Anbieter-Einstellungen',
'ids remove rule structures' => 'Entferne alte Regelstrukturen...',
-'ids reports daily' => 'Einen täglichen Bericht schicken',
-'ids reports monthly' => 'Einen monatlichen Bericht schicken',
-'ids reports weekly' => 'Einen wöchentlichen Bericht schicken',
+'ids reports daily' => 'Täglicher Bericht',
+'ids reports monthly' => 'Monatlicher Bericht',
+'ids reports weekly' => 'Wöchentlicher Bericht',
'ids reset provider' => 'Providereinstellungen zurücksetzen',
'ids rules update' => 'Regelsatz',
'ids ruleset autoupdate in progress' => 'Der Regelsatz wird gerade aktualisiert. Bitte warten Sie, bis dieser Vorgang erfolgreich beendet wurde...',
diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
index 890624796..010473af9 100644
--- a/langs/en/cgi-bin/en.pl
+++ b/langs/en/cgi-bin/en.pl
@@ -1482,9 +1482,9 @@
'ids provider eol' => '(EOL)',
'ids provider settings' => 'Provider settings',
'ids remove rule structures' => 'Remove old rule structures...',
-'ids reports daily' => 'Send a daily report',
-'ids reports monthly' => 'Send a monthly report',
-'ids reports weekly' => 'Send a weekly report',
+'ids reports daily' => 'Daily Report',
+'ids reports monthly' => 'Monthly Report',
+'ids reports weekly' => 'Weekly Report',
'ids reset provider' => 'Reset provider',
'ids rules update' => 'Ruleset',
'ids ruleset autoupdate in progress' => 'Ruleset update in progress. Please wait until all operations have completed successfully...',
diff --git a/src/initscripts/system/squid b/src/initscripts/system/squid
index 075f160c4..fcc673295 100644
--- a/src/initscripts/system/squid
+++ b/src/initscripts/system/squid
@@ -52,16 +52,16 @@ transparent() {
if [ "$CONN_TYPE" != "net" ]; then
continue
fi
- iptables -t nat -A SQUID -i $1 -p tcp -d `echo "$LINE" | awk -F, '{ print $13 }'` --dport 80 -j RETURN
+ iptables --wait -t nat -A SQUID -i $1 -p tcp -d `echo "$LINE" | awk -F, '{ print $13 }'` --dport 80 -j RETURN
done < $FILE
if [ "$RED_TYPE" == "STATIC" ]; then
- iptables -t nat -A SQUID -i $1 -p tcp -d $RED_NETADDRESS/$RED_NETMASK --dport 80 -j RETURN
+ iptables --wait -t nat -A SQUID -i $1 -p tcp -d $RED_NETADDRESS/$RED_NETMASK --dport 80 -j RETURN
fi
- iptables -t nat -A SQUID -i $1 -p tcp -d $LOCALIP --dport 80 -j RETURN
+ iptables --wait -t nat -A SQUID -i $1 -p tcp -d $LOCALIP --dport 80 -j RETURN
- iptables -t nat -A SQUID -i $1 -p tcp --dport 80 -j REDIRECT --to-port "${TRANSPARENT_PORT}"
+ iptables --wait -t nat -A SQUID -i $1 -p tcp --dport 80 -j REDIRECT --to-port "${TRANSPARENT_PORT}"
}
case "$1" in
@@ -111,7 +111,7 @@ case "$1" in
;;
stop)
- iptables -t nat -F SQUID
+ iptables --wait -t nat -F SQUID
if [ -e /var/run/squid.pid ]; then
boot_mesg -n "Stopping Squid Proxy Server (this may take up to a few minutes)..."
hooks/post-receive
--
IPFire 2.x development tree
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2026-02-10 10:54 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2026-02-10 10:54 [git.ipfire.org] IPFire 2.x development tree branch, next, updated. ab03ba10c42fb56d8cd15bda4ca16be887ade6c6 Michael Tremer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox