This function is used to merge the individual classification files
provided by the providers.
The result will be written to the classification.config which will be
used by the IDS.
Fixes#11884.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
This function is used to extract the required config and rules files
from the stored rules tarball for a given ruleset provider.
* The files will be extracted to a temporary directory layout in
"/tmp/ids_tmp".
* Names of config files will be adjusted in case multiple providers
offers the same config files, which is very common.
* The name of the single rulefiles will be adjusted to start with
the vendors name to allow assigning them very easily to a single
ruleset provider.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
multiple ruleset providers.
When calling the function now a single ruleset provider handle
can be specified to only download this ruleset or by adding "all" or
leaving the handle blank a download of all configured rulesets can be
triggered.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
This function can be used to generate/get the absolute file and path
for a given ruleset provider.
The files will be stored in the usual "/var/tmp" folder with a new
file format based on the dl_file type and the provider.
Examples could be:
* /var/ipfire/idsrules-emerging.tar.gz
* /var/ipfire/idsrules-registered.tar.gz
* /var/ipfire/idsrules-somprovider.rules
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
* The page and section now supports multiple ruleset providers at once.
* Adding / Editing a ruleset provider has been moved to a own sub-page.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
The file now contains a lot more of data and easily can be extended
to provide more and new providers.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Full changelog as per https://gitweb.torproject.org/tor.git/plain/ChangeLog:
Changes in version 0.4.6.9 - 2021-12-15
This version fixes several bugs from earlier versions of Tor. One important
piece is the removal of DNS timeout metric from the overload general signal.
See below for more details.
o Major bugfixes (relay, overload):
- Don't make Tor DNS timeout trigger an overload general state.
These timeouts are different from DNS server timeout. They have to
be seen as timeout related to UX and not because of a network
problem. Fixes bug 40527; bugfix on 0.4.6.1-alpha.
o Minor feature (reproducible build):
- The repository can now build reproducible tarballs which adds the
build command "make dist-reprod" for that purpose. Closes
ticket 26299.
o Minor features (compilation):
- Give an error message if trying to build with a version of
LibreSSL known not to work with Tor. (There's an incompatibility
with LibreSSL versions 3.2.1 through 3.4.0 inclusive because of
their incompatibility with OpenSSL 1.1.1's TLSv1.3 APIs.) Closes
ticket 40511.
o Minor features (fallbackdir):
- Regenerate fallback directories generated on December 15, 2021.
o Minor features (geoip data):
- Update the geoip files to match the IPFire Location Database, as
retrieved on 2021/12/15.
o Minor bugfixes (compilation):
- Fix our configuration logic to detect whether we had OpenSSL 3:
previously, our logic was reversed. This has no other effect than
to change whether we suppress deprecated API warnings. Fixes bug
40429; bugfix on 0.3.5.13.
o Minor bugfixes (relay):
- Reject IPv6-only DirPorts. Our reachability self-test forces
DirPorts to be IPv4, but our configuration parser allowed them to
be IPv6-only, which led to an assertion failure. Fixes bug 40494;
bugfix on 0.4.5.1-alpha.
o Documentation (man, relay):
- Missing "OverloadStatistics" in tor.1 manpage. Fixes bug 40504;
bugfix on 0.4.6.1-alpha.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
The parsers for those are disabled in the suricata config so
the rules are not needed, on the contrary they massively will spam
warnings when launching suricate because of the disabled parsers.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
The parsers for those are disabled in the suricata config so
the rules are not needed, on the contrary they massively will spam
warnings when launching suricate because of the disabled parsers.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
In order to be able to run the ISO command on command line it is helpful
that the script does not go into background halfway through the process.
We should rather start it as a background job straight from the CGI
script.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This patch is changing the behaviour of the backup script so that it
creates one tarball and compresses it in one go.
This will save storing the original tarball on disk before compressing
it which on my test system requires significant disk space.
This patch also solves a bug where the backup file included with the ISO
image could not be extracted because it was not gzip-compressed when it
was expected to be.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
