bpfire

mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-11 03:25:54 +02:00

Author	SHA1	Message	Date
Stefan Schantl	5bd8940d68	ids.cgi: Improve showed messages while the IDS is working Reference #11993 Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-07 08:51:31 +01:00
Stefan Schantl	9074e3d74c	ids.cgi: Lock page while autoupdate script is running Fixes #11991 Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-07 08:24:15 +01:00
Stefan Schantl	5f2145eb59	ids.cgi: Show "Update Ruleset"-Button only if automatic updates are disabled Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-07 07:44:11 +01:00
Stefan Schantl	f6eb1a40a0	aliases.cgi: Handle suricata related actions when dealing with aliases When working with aliases (adding/modifying/removing), the file which contains the HOME_NET declarations needs to be re-generated and suricata requires a restart afterwards. Fixes #11990 Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-06 15:59:02 +01:00
Stefan Schantl	613f58fbfa	ids.cgi: Check if the selected ruleset requires an oinkcode Fixes #11983 Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-06 12:49:01 +01:00
Stefan Schantl	f644a167ab	ids.cgi: Only perform actions when saving ruleset settings, if there are no error messages Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-06 12:48:08 +01:00
Stefan Schantl	422dc4caf9	ids.cgi: Fix HTML formated spaces. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-05 14:34:44 +01:00
Stefan Schantl	9e9b477d7c	ids.cgi: Rework "Enable IPS" section Just use one language string for a maximum of flexiblity for the transloators. Fixes #11986 Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-05 14:17:19 +01:00
Stefan Schantl	cc9057c014	ids.cgi: Change lang string from "Activate IPS" to "Enable IPS" Reference #11986 Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-05 13:51:08 +01:00
Stefan Schantl	97870bf29c	ids.cgi: Stop suricata when the rulest source has been changed If the ruleset source has been changed, it has to be configured again. This happens because of different rule categories, filenames rule ID's etc. In case suricata currently is running it has to be stopped and after the configuration has been done by the user, it can be launched again. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-05 12:43:49 +01:00
Stefan Schantl	5709768b0b	ids.cgi: Fix downloading rules if source changed Fix the if statement to detect wheater the ruleset has been changed and automatically download the new one. Fixes #11984. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-05 12:36:30 +01:00
Stefan Schantl	b7a9b4edc2	ids.cgi: Update automatic download texts Update the showed texts in the dropdown box as mentioned in the bug report. Fixes #11985 Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-05 12:13:28 +01:00
Michael Tremer	1e2b257789	Add routed IPsec connections to traffic graphs section Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	38f6bdb740	ipsec: Drop delayed restart setting This is a very bad race-condition situation and is not solved by an unintuitive setting. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	517683eeb1	ipsec: Drop VPN_IP setting This is now a per-connection setting Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	ae0d069827	ipsec: Allow to select local IP address used for peer on UI Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	455fdcb17a	ipsec: Re-arrange inputs for peer addresses, subnets, etc. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	7e25093d42	ipsec: Don't allow to select VTI in transport mode Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	605c391aaf	vpnmain.cgi: Don't populate GREEN subnet when green doesn't exist Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	216bd9b389	vpnmain.cgi: Move advanced IPsec settings to connection page This is required to make the initial setup easier for GRE/VTI connections Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	f2d45a45ab	IPsec: Do not allow 0.0.0.0/0 as remote subnet This renders the whole machine inaccessible Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	90aa4f1083	IPsec: Use left/rightprotoport in GRE mode Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	b01c17e9d0	IPsec: Update ipsec.conf for GRE/VTI changes Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	55842dda69	IPsec: Add UI for set interface MTU Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	7464131706	IPsec: Add option to configure IP address for tunnel interface Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	8ebe725416	IPsec: Set default inactivity timeout to half an hour Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	1e9457ac6f	IPsec: New connections should defatul to on-demand mode Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	cae1f4a7a8	IPsec: Add dropdown to select tunnel interface mode Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	5e6fa03e1e	vpnmain.cgi: Correctly carry over INACTIVITY_TIMEOUT Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	326728d53d	IPsec: Write tunnel/transport mode to strongSwan configuration Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Michael Tremer	29f5e0e2b9	IPsec: Add selection for transport/tunnel mode Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-04 18:20:36 +00:00
Stefan Schantl	912d7472a8	ids.cgi: Automatically download ruleset if the ruleset source has been changed. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-31 08:55:05 +01:00
Stefan Schantl	e0cec9fe99	ids.cgi: Dynamically generate SHOW/HIDE for expanding or collapsing a ruleset category Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-30 10:53:17 +01:00
Stefan Schantl	cf02bf2f7d	ids.cgi: Show IDS setting area only if a ruleset is present. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-30 10:12:11 +01:00
Stefan Schantl	013274d7d8	ids.cgi: Diplay reason, why a ruleset could not be downloaded, if the system is offline. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-30 10:05:14 +01:00
Stefan Schantl	5fd2e9d64a	ids.cgi: Also download the ruleset when saving the ruleset settings Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-30 09:57:49 +01:00
Stefan Schantl	34a3843865	ids.cgi: Add dropdown option for Emergingthreats.net Pro rules. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-30 09:42:28 +01:00
Stefan Schantl	d618d67e01	ids.cgi: Only show "update ruleset" button if a ruleset is present Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-30 09:39:17 +01:00
Stefan Schantl	674912fc3a	ids.cgi: Draw daemon status and setting in the same box. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-30 09:33:47 +01:00
Stefan Schantl	029b8ed2b1	ids.cgi: Show/Hide subscription code area dynamically. Dynamically (Java Script) show/hide the area for entering the subscription code / oinkcode based on the choosen ruleset. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-30 09:27:37 +01:00
Stefan Schantl	bc4a2223cc	ids.cgi: Remove help text for obtaining an oinkcode This information is only valid for sourcefire (snort) rulesets, may confuse users and therefore should be handled in the wiki. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-30 09:25:34 +01:00
Stefan Schantl	9f9651e06a	logs.cgi/log.dat: Change search pattern from snort to suricata Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-29 09:00:26 +01:00
Stefan Schantl	39155be805	Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next-suricata	2019-01-26 12:40:04 +01:00
Michael Tremer	7ec83993e5	proxy: Show error messages in English by default Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-01-23 06:21:53 +00:00
Stefan Schantl	9283e9b9cf	ids.cgi: Move and rename GenerateIgnoreList() function to ids-functions.pl Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-22 13:25:13 +01:00
Stefan Schantl	c1a3401235	Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next-suricata	2019-01-21 13:04:13 +01:00
Matthias Fischer	e26a5c4885	Fix typo in 'html/cgi-bin/logs.cgi/log.dat' Translation string uses capital letter: 'Captive' => 'Captive Portal', Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-01-06 07:02:54 +00:00
Michael Tremer	ce1f04ee40	proxy: Allow selecting throttled bandwidth in MBit/s Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-01-08 16:10:59 +01:00
Michael Tremer	c2f1b8183c	proxy: Suggest modern defaults for cache memory and disk Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-01-08 16:02:05 +01:00
Michael Tremer	cdd4cf4094	proxy: Drop support for throttling only certain mime types Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-01-08 16:00:05 +01:00

... 10 11 12 13 14 ...

2707 Commits