This patch adds a new CGI file which allows users to edit the
VLAN configuration as well as configuring zones as bridges.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This creates some overhead that we do not need and rules need to
be adjusted to match any direction they are supposed to match.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
The output was written to stderr before and landed in apache's
error log where we do not want it.
Fixes: #12004
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This accidientially dropped all lines that include #. That resulted
in colour codes not being loaded from file any more.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
This will allow to scan the traffic from an EXTERNAL_NET to the HOME_NET and from
the HOME_NET to the EXTERNAL_NET.
Reference: 10273
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Using this feature to fetch the size of the requested tarball is not allowed by these
servers, so skip this feature for their rulesets.
Fixes#11987
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
The sourcfire web servers does not support the HEAD request so we have to do
this with a GET here.
Fixes#11987
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
This subfunction is used to get all configured and enabled aliases
for the RED network zone. They will be returned as an array.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
This function is used to change the ownership of a given file
or directory to the user "nobody" and the group "nobody", which is
used by the WUI.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Enhanching the code to fix the lookup will rapidely slow down the lookup speed. Because using
the GeoIP2 module is no option ( the reasons have been described in the commit message which will
now reverted), we have decided to temporary switch back to the old module until a nice solution has
been found.
This reverts commit ff21ff90d2.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This function is used to get all available GeoIP locations.
The functions returns them as array, sorted in alphabetical order.
Reference #11959
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Drop the usage of the old legacy GeoIP perl module which was not able to handle the
new GeoLite2 databases.
Write some code to directly access the databases and extract the required data.
Usage of the GeoIP2 perl module would provide a lot of more functionality which is not
used/needed. Unfortunately ir requires at lot of additional perl modules which are
not available on IPFire and would only be build and shipped for this module. Buildig all
of them will slow down the entire build process, mess up the system and requires a lot
more space on disk.
Fixes#11962.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
In commit ea5c8eeb83 the taken settings
for the ruleset have been stored into an own file.
The Downloader now uses this file to read-in which ruleset should be used
and downloaded.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
I added a function to determine the number of cores.
Now the number of squid processes will be equal to the number of logical cores.
Further I removed the possibility of changing the number
of squid processes in the proxy.cgi
Signed-off-by: Daniel Weismüller <daniel.weismueller@ipfire.org>
Signed-off-by: root <root@ipfire.test>
The get_suricata_version() function is used to get the version
of the on the system installed version of suricata. You can
specify the how detailed the returned result should be "major" will
return only the major version, were "minor" will provide the major
and minor version (1.2 for example). All other calls will be answered
with the full version string (1.2.3).
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
This function is used to write the corresponding file which
tells oinkmaster to alter the whole ruleset and finally
switches suricata into an IPS or IDS.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Download the requested rules tarball into a temporay file
and if every thing is fine, replace the old by the
downloaded one.
In addition with the previously implemented file size check,
we are saved now from a corrupt rules tarball on disk.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
The downloader now requests the html header for the rulestarball
and obtain the size of the file bevore downloading it.
After success the size of the downloaded file will be compared with
the requested one before. If they do not match, an error will be gained.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
* Use a directory listing and delete the files.
* Keep files with "config" as file extension.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
This private function is used to remove any files which are stored in the
IDS rules directory and prevent from any old (unneeded or conflicting) files
after an update or complete change of the ruleset source.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
This function checks if all files located in /etc/suricata/rules are
writable by the effective user and group (nobody:nobody) and if not
calls suricatactl to fix it.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
This generic function can be used to create any kind of emtpy files -
it just requires the full path and filename to work.
If the specified file exists at calltime, the function will abort
to prevent from overwriting existing files and content.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
