diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi
index e41d3517c..efd79b58c 100644
--- a/html/cgi-bin/ids.cgi
+++ b/html/cgi-bin/ids.cgi
@@ -56,6 +56,7 @@ $snortsettings{'ENABLE_SNORT'} = 'off';
$snortsettings{'ENABLE_SNORT_GREEN'} = 'off';
$snortsettings{'ENABLE_SNORT_BLUE'} = 'off';
$snortsettings{'ENABLE_SNORT_ORANGE'} = 'off';
+$snortsettings{'ENABLE_PREPROCESSOR_HTTP_INSPECT'} = 'off';
$snortsettings{'ENABLE_GUARDIAN'} = 'off';
$snortsettings{'GUARDIAN_INTERFACE'} = `cat /var/ipfire/red/iface`;
$snortsettings{'GUARDIAN_HOSTGATEWAYBYTE'} = '1';
@@ -108,9 +109,20 @@ if (-e "/etc/snort/snort.conf") {
# Loop over each line
foreach my $line (@snortconfig) {
- # Trim the line
+ # Trim the line
chomp $line;
+ if ($snortsettings{'ACTION'} eq $Lang::tr{'save'}) {
+ # Check for preprocessor settings
+ if ($line =~ /preprocessor http_inspect:/) {
+ # Strip out leading # from rule line
+ $line =~ s/\# ?//i;
+ if (($snortsettings{'ENABLE_PREPROCESSOR_HTTP_INSPECT'} eq 'off')) {
+ $line = "# $line";
+ }
+ }
+ }
+
# Check for a line with .rules
if ($line =~ /\.rules$/) {
# Parse out rule file name
@@ -226,6 +238,7 @@ if (-e "/etc/snort/snort.conf") {
if (!exists $snortsettings{"SNORT_RULE_$rule"}) {
$line = "# $line";
}
+
}
# Check for rule state
@@ -301,6 +314,12 @@ if ($snortsettings{'ACTION'} eq $Lang::tr{'save'} && $snortsettings{'ACTION2'} e
} else {
unlink "${General::swroot}/snort/enable_orange";
}
+ if ($snortsettings{'ENABLE_PREPROCESSOR_HTTP_INSPECT'} eq 'on')
+ {
+ system ('/usr/bin/touch', "${General::swroot}/snort/enable_preprocessor_http_inspect");
+ } else {
+ unlink "${General::swroot}/snort/enable_preprocessor_http_inspect";
+ }
if ($snortsettings{'ENABLE_GUARDIAN'} eq 'on')
{
system ('/usr/bin/touch', "${General::swroot}/guardian/enable");
@@ -308,7 +327,7 @@ if ($snortsettings{'ACTION'} eq $Lang::tr{'save'} && $snortsettings{'ACTION2'} e
unlink "${General::swroot}/guardian/enable";
}
- system('/usr/local/bin/snortctrl restart >/dev/null');
+ system('/usr/local/bin/snortctrl restart >/dev/null');
} elsif ($snortsettings{'ACTION'} eq $Lang::tr{'save'} && $snortsettings{'ACTION2'} eq "guardian" ){
open(IGNOREFILE, ">$snortsettings{'GUARDIAN_IGNOREFILE'}") or die "Unable to write guardian ignore file $snortsettings{'GUARDIAN_IGNOREFILE'}";
@@ -365,6 +384,9 @@ $checked{'ENABLE_SNORT_BLUE'}{$snortsettings{'ENABLE_SNORT_BLUE'}} = "checked='c
$checked{'ENABLE_SNORT_ORANGE'}{'off'} = '';
$checked{'ENABLE_SNORT_ORANGE'}{'on'} = '';
$checked{'ENABLE_SNORT_ORANGE'}{$snortsettings{'ENABLE_SNORT_ORANGE'}} = "checked='checked'";
+$checked{'ENABLE_PREPROCESSOR_HTTP_INSPECT'}{'off'} = '';
+$checked{'ENABLE_PREPROCESSOR_HTTP_INSPECT'}{'on'} = '';
+$checked{'ENABLE_PREPROCESSOR_HTTP_INSPECT'}{$snortsettings{'ENABLE_PREPROCESSOR_HTTP_INSPECT'}} = "checked='checked'";
$checked{'ENABLE_GUARDIAN'}{'off'} = '';
$checked{'ENABLE_GUARDIAN'}{'on'} = '';
$checked{'ENABLE_GUARDIAN'}{$snortsettings{'ENABLE_GUARDIAN'}} = "checked='checked'";
@@ -433,6 +455,14 @@ print <
+
+
$Lang::tr{'ids preprocessor'}
+
+
+
http_inspect
+
+
+
$Lang::tr{'ids rules update'}
diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl
index b47f5ba91..132137ea1 100644
--- a/langs/de/cgi-bin/de.pl
+++ b/langs/de/cgi-bin/de.pl
@@ -852,6 +852,7 @@
'ids rules license2' => 'Bestätigen Sie die Lizenz, empfangen Sie Ihr Passwort per email und gehen Sie auf die Website. Gehen Sie zu',
'ids rules license3' => 'klicken Sie den \'Get Code\' Knopf am Fuß und kopieren den 40-Zeichen Oink Code in das untere Feld.',
'ids rules update' => 'Snort Regeln Update',
+'ids preprocessor' => 'Snort Präprozessor',
'iface' => 'Iface',
'ignore filter' => '"Ignorieren"-Filter',
'ike encryption' => 'IKE Verschlüsselung:',
diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
index fd0579358..174e26aae 100644
--- a/langs/en/cgi-bin/en.pl
+++ b/langs/en/cgi-bin/en.pl
@@ -881,6 +881,7 @@
'ids rules license2' => 'Acknowledge the license, receive your password by email, and connect to the site. Go to',
'ids rules license3' => 'press the \'Get Code\' button at the bottom and copy the 40 character Oink Code into the field below.',
'ids rules update' => 'Snort rules update',
+'ids preprocessor' => 'Snort preprocessor',
'iface' => 'Iface',
'ignore filter' => 'Ignore filter',
'ike encryption' => 'IKE Encryption:',
diff --git a/lfs/iperf b/lfs/iperf
new file mode 100644
index 000000000..8b58e198c
--- /dev/null
+++ b/lfs/iperf
@@ -0,0 +1,84 @@
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see . #
+# #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER = 2.0.4
+
+THISAPP = iperf-$(VER)
+DL_FILE = $(THISAPP).tar.gz
+DL_FROM = $(URL_IPFIRE)
+DIR_APP = $(DIR_SRC)/$(THISAPP)
+TARGET = $(DIR_INFO)/$(THISAPP)
+PROG = iperf
+PAK_VER = 1
+
+DEPS = ""
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_MD5 = 8c5bc14cc2ea55f18f22afe3c23e3dcb
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+md5 : $(subst %,%_MD5,$(objects))
+
+dist:
+ @$(PAK)
+
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+ @$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+ @$(LOAD)
+
+$(subst %,%_MD5,$(objects)) :
+ @$(MD5)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+ @$(PREBUILD)
+ @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
+ cd $(DIR_APP) && ./configure --prefix=/usr
+ cd $(DIR_APP) && make $(MAKETUNING)
+ cd $(DIR_APP) && make install
+ @rm -rf $(DIR_APP)
+ @$(POSTBUILD)
diff --git a/lfs/netcat b/lfs/netcat
new file mode 100644
index 000000000..d07669b6d
--- /dev/null
+++ b/lfs/netcat
@@ -0,0 +1,84 @@
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see . #
+# #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER = 0.7.1
+
+THISAPP = netcat-$(VER)
+DL_FILE = $(THISAPP).tar.gz
+DL_FROM = $(URL_IPFIRE)
+DIR_APP = $(DIR_SRC)/$(THISAPP)
+TARGET = $(DIR_INFO)/$(THISAPP)
+PROG = netcat
+PAK_VER = 1
+
+DEPS = ""
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_MD5 = 088def25efe04dcdd1f8369d8926ab34
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+md5 : $(subst %,%_MD5,$(objects))
+
+dist:
+ @$(PAK)
+
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+ @$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+ @$(LOAD)
+
+$(subst %,%_MD5,$(objects)) :
+ @$(MD5)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+ @$(PREBUILD)
+ @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
+ cd $(DIR_APP) && ./configure --prefix=/usr
+ cd $(DIR_APP) && make $(MAKETUNING)
+ cd $(DIR_APP) && make install
+ @rm -rf $(DIR_APP)
+ @$(POSTBUILD)
diff --git a/make.sh b/make.sh
index 09a9d0041..7f62482ec 100755
--- a/make.sh
+++ b/make.sh
@@ -589,6 +589,8 @@ buildipfire() {
ipfiremake bluetooth
ipfiremake gutenprint
ipfiremake apcupsd
+ ipfiremake iperf
+ ipfiremake netcat
echo Build on $HOSTNAME > $BASEDIR/build/var/ipfire/firebuild
cat /proc/version >> $BASEDIR/build/var/ipfire/firebuild
echo >> $BASEDIR/build/var/ipfire/firebuild
diff --git a/src/install+setup/install/unattended.c b/src/install+setup/install/unattended.c
index 0606b3d93..b771b6fd9 100644
--- a/src/install+setup/install/unattended.c
+++ b/src/install+setup/install/unattended.c
@@ -41,6 +41,7 @@ int unattended_setup(struct keyvalue *unattendedkv) {
char green_broadcast[STRING_SIZE];
char root_password[STRING_SIZE];
char admin_password[STRING_SIZE];
+ char restore_file[STRING_SIZE];
findkey(unattendedkv, "DOMAINNAME", domainname);
findkey(unattendedkv, "HOSTNAME", hostname);
@@ -54,6 +55,7 @@ int unattended_setup(struct keyvalue *unattendedkv) {
findkey(unattendedkv, "GREEN_BROADCAST", green_broadcast);
findkey(unattendedkv, "ROOT_PASSWORD", root_password);
findkey(unattendedkv, "ADMIN_PASSWORD", admin_password);
+ findkey(unattendedkv, "RESTORE_FILE", restore_file);
/* write main/settings. */
replacekeyvalue(mainsettings, "DOMAINNAME", domainname);
@@ -144,6 +146,16 @@ int unattended_setup(struct keyvalue *unattendedkv) {
return 0;
}
+ /* restore backup */
+ if (restore_file != "") {
+ fprintf(flog, "unattended: Restoring Backup\n");
+ snprintf(commandstring, STRING_SIZE,
+ "cd /harddisk && /bin/tar -xvz --preserve -f /cdrom/%s", restore_file);
+ if (mysystem(commandstring)) {
+ errorbox("unattended: ERROR setting admin password");
+ return 0;
+ }
+
fprintf(flog, "unattended: Setup ended\n");
return 1;
}