bpfire

mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-10 11:05:54 +02:00

Author	SHA1	Message	Date
Stefan Schantl	4434236e00	ruleset-sources: Update sourcefire rulesets to latest snapshot version Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-08 09:55:46 +01:00
Peter Müller	ad99f959e2	Suricata: detect DNS events on port 853, too As DNS over TLS popularity is increasing, port 853 becomes more interesting for an attacker as a bypass method. Enabling this port for DNS monitoring makes sense in order to avoid unusual activity (non-DNS traffic) as well as "normal" DNS attacks. Partially fixes #11808 Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Cc: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-07 21:26:50 +01:00
Peter Müller	8723bb91ae	Suricata: enable full detection for missing protocols These are IMAP and MSN, which can be safely enabled. Partially fixes #11808 Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Cc: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-07 21:26:46 +01:00
Peter Müller	05a635ec04	Suricata: detect TLS traffic on IMAPS/POP3S/SSMTP ports as, well Partially fixes #11808 Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Cc: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-07 21:26:43 +01:00
Stefan Schantl	5fbd7b2982	ids.cgi: Format and show date of the current ruleset again Fixes #11992 Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-07 10:33:29 +01:00
Stefan Schantl	ee7fe87ea6	ids.cgi: Change name of the button to apply the ruleset changes Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-07 09:46:01 +01:00
Stefan Schantl	e8ae413a79	langs: Remove snort related and unused strings Fixes #11993. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-07 09:02:32 +01:00
Stefan Schantl	dd8d6f5ee8	logs.cgi/ids.dat: Do not call the IDS snort again Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-07 09:00:35 +01:00
Stefan Schantl	5bd8940d68	ids.cgi: Improve showed messages while the IDS is working Reference #11993 Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-07 08:51:31 +01:00
Stefan Schantl	e566e977f7	Add german translation for "system is offline" Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-07 08:28:29 +01:00
Stefan Schantl	9074e3d74c	ids.cgi: Lock page while autoupdate script is running Fixes #11991 Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-07 08:24:15 +01:00
Stefan Schantl	5206a3358d	update-ids-ruleset: Lock and Unlock the IDS page during runtime Reference #11991 Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-07 08:06:49 +01:00
Stefan Schantl	8076deba79	ids-functions.pl: Add code to lock/unlock ids page while autoupdating the ruleset Reference #11991 Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-07 07:59:20 +01:00
Stefan Schantl	5f2145eb59	ids.cgi: Show "Update Ruleset"-Button only if automatic updates are disabled Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-07 07:44:11 +01:00
Stefan Schantl	f6eb1a40a0	aliases.cgi: Handle suricata related actions when dealing with aliases When working with aliases (adding/modifying/removing), the file which contains the HOME_NET declarations needs to be re-generated and suricata requires a restart afterwards. Fixes #11990 Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-06 15:59:02 +01:00
Stefan Schantl	8117fff863	IDS: Call helper script when red interface gets up The helper script will be automatically called when the red interface gets up and will re-generate the HOME_NET file, to take care if the IP-address of this interface has changed. Fixes #11989 Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-06 15:40:19 +01:00
Stefan Schantl	d8f19ebb5a	IDS: Edit german translation for "ids oinkcode required". Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-06 13:12:50 +01:00
Stefan Schantl	613f58fbfa	ids.cgi: Check if the selected ruleset requires an oinkcode Fixes #11983 Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-06 12:49:01 +01:00
Stefan Schantl	f644a167ab	ids.cgi: Only perform actions when saving ruleset settings, if there are no error messages Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-06 12:48:08 +01:00
Stefan Schantl	155b3b56a8	ids-functions.pl: Do not send HEAD requests to sourcefire (snort.org) servers Using this feature to fetch the size of the requested tarball is not allowed by these servers, so skip this feature for their rulesets. Fixes #11987 Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-06 10:58:59 +01:00
Stefan Schantl	c17a9778d6	Revert "ids-functions.pl: Use GET method to fetch Header data of a file" Using the GET method will download the file twice and does not provide the desired mechanism here. This reverts commit `81592314eb`.	2019-02-06 10:00:17 +01:00
Stefan Schantl	422dc4caf9	ids.cgi: Fix HTML formated spaces. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-05 14:34:44 +01:00
Stefan Schantl	9e9b477d7c	ids.cgi: Rework "Enable IPS" section Just use one language string for a maximum of flexiblity for the transloators. Fixes #11986 Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-05 14:17:19 +01:00
Stefan Schantl	af0065691c	suricata: Do not display messages when starting up Fixes #11979. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-05 13:57:40 +01:00
Stefan Schantl	cc9057c014	ids.cgi: Change lang string from "Activate IPS" to "Enable IPS" Reference #11986 Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-05 13:51:08 +01:00
Stefan Schantl	318e7137e7	IDS: Rename IDS strings to IPS Reference: #11986 Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-05 13:25:27 +01:00
Stefan Schantl	97870bf29c	ids.cgi: Stop suricata when the rulest source has been changed If the ruleset source has been changed, it has to be configured again. This happens because of different rule categories, filenames rule ID's etc. In case suricata currently is running it has to be stopped and after the configuration has been done by the user, it can be launched again. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-05 12:43:49 +01:00
Stefan Schantl	5709768b0b	ids.cgi: Fix downloading rules if source changed Fix the if statement to detect wheater the ruleset has been changed and automatically download the new one. Fixes #11984. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-05 12:36:30 +01:00
Stefan Schantl	b7a9b4edc2	ids.cgi: Update automatic download texts Update the showed texts in the dropdown box as mentioned in the bug report. Fixes #11985 Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-05 12:13:28 +01:00
Stefan Schantl	81592314eb	ids-functions.pl: Use GET method to fetch Header data of a file The sourcfire web servers does not support the HEAD request so we have to do this with a GET here. Fixes #11987 Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-05 12:01:43 +01:00
Stefan Schantl	4924cfdc73	ids-functions.pl: Fix show HTTP error code and message Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-05 11:55:37 +01:00
Stefan Schantl	067e1847dc	suricata.yaml: Add port 222 to list of SSH Ports The SSH-server listened on port "222" as default on IPFire in the past. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-01 14:34:25 +01:00
Stefan Schantl	bcbc9897e3	ids-functions.pl: Grab address for RED by using get_red_address() function. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-31 09:50:47 +01:00
Stefan Schantl	de8e1e5b6c	ids-functions.pl: Add function to the the current assigned IP-address of RED. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-31 09:41:35 +01:00
Stefan Schantl	912d7472a8	ids.cgi: Automatically download ruleset if the ruleset source has been changed. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-31 08:55:05 +01:00
Stefan Schantl	c9b07d6a0c	initscripts/suricata: Generate firewall rules on start and reload Fixes #11978 Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-30 13:47:07 +01:00
Stefan Schantl	23c0347ac5	ids-functions.pl: Add RED address and aliases to the HOME_NET Reference: #11981 Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-30 12:51:51 +01:00
Stefan Schantl	77c3130174	ids-functions.pl: Add get_aliases() This subfunction is used to get all configured and enabled aliases for the RED network zone. They will be returned as an array. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-30 11:57:49 +01:00
Stefan Schantl	d6f725e185	update-ids-ruleset: Improve error reporting if the system is offline Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-30 10:57:31 +01:00
Stefan Schantl	e0cec9fe99	ids.cgi: Dynamically generate SHOW/HIDE for expanding or collapsing a ruleset category Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-30 10:53:17 +01:00
Stefan Schantl	cf02bf2f7d	ids.cgi: Show IDS setting area only if a ruleset is present. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-30 10:12:11 +01:00
Stefan Schantl	013274d7d8	ids.cgi: Diplay reason, why a ruleset could not be downloaded, if the system is offline. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-30 10:05:14 +01:00
Stefan Schantl	5fd2e9d64a	ids.cgi: Also download the ruleset when saving the ruleset settings Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-30 09:57:49 +01:00
Stefan Schantl	34a3843865	ids.cgi: Add dropdown option for Emergingthreats.net Pro rules. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-30 09:42:28 +01:00
Stefan Schantl	d618d67e01	ids.cgi: Only show "update ruleset" button if a ruleset is present Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-30 09:39:17 +01:00
Stefan Schantl	674912fc3a	ids.cgi: Draw daemon status and setting in the same box. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-30 09:33:47 +01:00
Stefan Schantl	029b8ed2b1	ids.cgi: Show/Hide subscription code area dynamically. Dynamically (Java Script) show/hide the area for entering the subscription code / oinkcode based on the choosen ruleset. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-30 09:27:37 +01:00
Stefan Schantl	bc4a2223cc	ids.cgi: Remove help text for obtaining an oinkcode This information is only valid for sourcefire (snort) rulesets, may confuse users and therefore should be handled in the wiki. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-30 09:25:34 +01:00
Michael Tremer	17c2c09bcc	suricata: Scan outgoing traffic, too Connections from the firewall and through the proxy must be filtered, too Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-29 14:08:51 +01:00
Peter Müller	8059239661	Suricata: drop unused cuda HW acceleration As stated in https://bugzilla.ipfire.org/show_bug.cgi?id=11808#c5 , Cuda hardware acceleration is unused and so the configuration file section can be removed. This partially addresses #11808. Signed-off-by: Peter Müller <peter.mueller@link38.eu> Cc: Stefan Schantl <stefan.schantl@ipfire.org> Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-29 14:07:43 +01:00

1 2 3 4 5 ...

12876 Commits