bpfire

mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-10 11:05:54 +02:00

Author	SHA1	Message	Date
Stefan Schantl	5fbd7b2982	ids.cgi: Format and show date of the current ruleset again Fixes #11992 Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-07 10:33:29 +01:00
Stefan Schantl	ee7fe87ea6	ids.cgi: Change name of the button to apply the ruleset changes Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-07 09:46:01 +01:00
Stefan Schantl	dd8d6f5ee8	logs.cgi/ids.dat: Do not call the IDS snort again Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-07 09:00:35 +01:00
Stefan Schantl	5bd8940d68	ids.cgi: Improve showed messages while the IDS is working Reference #11993 Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-07 08:51:31 +01:00
Stefan Schantl	9074e3d74c	ids.cgi: Lock page while autoupdate script is running Fixes #11991 Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-07 08:24:15 +01:00
Stefan Schantl	5f2145eb59	ids.cgi: Show "Update Ruleset"-Button only if automatic updates are disabled Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-07 07:44:11 +01:00
Stefan Schantl	f6eb1a40a0	aliases.cgi: Handle suricata related actions when dealing with aliases When working with aliases (adding/modifying/removing), the file which contains the HOME_NET declarations needs to be re-generated and suricata requires a restart afterwards. Fixes #11990 Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-06 15:59:02 +01:00
Stefan Schantl	613f58fbfa	ids.cgi: Check if the selected ruleset requires an oinkcode Fixes #11983 Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-06 12:49:01 +01:00
Stefan Schantl	f644a167ab	ids.cgi: Only perform actions when saving ruleset settings, if there are no error messages Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-06 12:48:08 +01:00
Stefan Schantl	422dc4caf9	ids.cgi: Fix HTML formated spaces. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-05 14:34:44 +01:00
Stefan Schantl	9e9b477d7c	ids.cgi: Rework "Enable IPS" section Just use one language string for a maximum of flexiblity for the transloators. Fixes #11986 Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-05 14:17:19 +01:00
Stefan Schantl	cc9057c014	ids.cgi: Change lang string from "Activate IPS" to "Enable IPS" Reference #11986 Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-05 13:51:08 +01:00
Stefan Schantl	97870bf29c	ids.cgi: Stop suricata when the rulest source has been changed If the ruleset source has been changed, it has to be configured again. This happens because of different rule categories, filenames rule ID's etc. In case suricata currently is running it has to be stopped and after the configuration has been done by the user, it can be launched again. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-05 12:43:49 +01:00
Stefan Schantl	5709768b0b	ids.cgi: Fix downloading rules if source changed Fix the if statement to detect wheater the ruleset has been changed and automatically download the new one. Fixes #11984. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-05 12:36:30 +01:00
Stefan Schantl	b7a9b4edc2	ids.cgi: Update automatic download texts Update the showed texts in the dropdown box as mentioned in the bug report. Fixes #11985 Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-02-05 12:13:28 +01:00
Stefan Schantl	912d7472a8	ids.cgi: Automatically download ruleset if the ruleset source has been changed. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-31 08:55:05 +01:00
Stefan Schantl	e0cec9fe99	ids.cgi: Dynamically generate SHOW/HIDE for expanding or collapsing a ruleset category Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-30 10:53:17 +01:00
Stefan Schantl	cf02bf2f7d	ids.cgi: Show IDS setting area only if a ruleset is present. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-30 10:12:11 +01:00
Stefan Schantl	013274d7d8	ids.cgi: Diplay reason, why a ruleset could not be downloaded, if the system is offline. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-30 10:05:14 +01:00
Stefan Schantl	5fd2e9d64a	ids.cgi: Also download the ruleset when saving the ruleset settings Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-30 09:57:49 +01:00
Stefan Schantl	34a3843865	ids.cgi: Add dropdown option for Emergingthreats.net Pro rules. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-30 09:42:28 +01:00
Stefan Schantl	d618d67e01	ids.cgi: Only show "update ruleset" button if a ruleset is present Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-30 09:39:17 +01:00
Stefan Schantl	674912fc3a	ids.cgi: Draw daemon status and setting in the same box. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-30 09:33:47 +01:00
Stefan Schantl	029b8ed2b1	ids.cgi: Show/Hide subscription code area dynamically. Dynamically (Java Script) show/hide the area for entering the subscription code / oinkcode based on the choosen ruleset. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-30 09:27:37 +01:00
Stefan Schantl	bc4a2223cc	ids.cgi: Remove help text for obtaining an oinkcode This information is only valid for sourcefire (snort) rulesets, may confuse users and therefore should be handled in the wiki. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-30 09:25:34 +01:00
Stefan Schantl	9f9651e06a	logs.cgi/log.dat: Change search pattern from snort to suricata Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-29 09:00:26 +01:00
Stefan Schantl	39155be805	Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next-suricata	2019-01-26 12:40:04 +01:00
Michael Tremer	7ec83993e5	proxy: Show error messages in English by default Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-01-23 06:21:53 +00:00
Stefan Schantl	9283e9b9cf	ids.cgi: Move and rename GenerateIgnoreList() function to ids-functions.pl Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2019-01-22 13:25:13 +01:00
Stefan Schantl	c1a3401235	Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next-suricata	2019-01-21 13:04:13 +01:00
Matthias Fischer	e26a5c4885	Fix typo in 'html/cgi-bin/logs.cgi/log.dat' Translation string uses capital letter: 'Captive' => 'Captive Portal', Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-01-06 07:02:54 +00:00
Michael Tremer	ce1f04ee40	proxy: Allow selecting throttled bandwidth in MBit/s Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-01-08 16:10:59 +01:00
Michael Tremer	c2f1b8183c	proxy: Suggest modern defaults for cache memory and disk Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-01-08 16:02:05 +01:00
Michael Tremer	cdd4cf4094	proxy: Drop support for throttling only certain mime types Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-01-08 16:00:05 +01:00
Michael Tremer	d68e150e86	proxy: Drop web browser check This is neither reliable nor up to date and is therefore removed Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-01-08 15:54:56 +01:00
Michael Tremer	a1018d86ae	proxy: Set authentication TTL for NTLM authentication also Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-01-08 15:49:18 +01:00
Michael Tremer	6df2d52887	proxy: Use correct authentication cache TTL for AD Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-01-08 15:48:32 +01:00
Michael Tremer	fa286b1330	proxy: Use entered setting for auth children for AD Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-01-08 15:46:20 +01:00
Michael Tremer	5c2a76f7b3	proxy: Use correct realm for AD authentication Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-01-08 15:44:19 +01:00
Michael Tremer	dc637f087f	proxy: Remove AUTH_IPCACHE_TTL This is potentially dangerous to set larger than zero. Authentication is perfomed on basis of IP addresses which is not a good idea at all. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-01-08 15:39:36 +01:00
Michael Tremer	ea72700a3b	proxy: Drop NTLM authentication This is the authentication againt NT 4.0 style domain controllers. squid has dropped support for this in the 4.5 release and nobody should be using these old domain controllers any more. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-01-08 15:28:46 +01:00
Michael Tremer	eedca6e36c	squid: Run as many redirectors as we have CPU cores This makes sure that we use the optimal ratio of memory and CPU usage. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Tested-by: Daniel Weismüller <daniel.weismueller@ipfire.org> Tested-by: Matthias Fischer <matthias.fischer@ipfire.org>	2019-01-08 03:33:37 +01:00
Daniel Weismüller	1a3323f2e6	BUG 11786 - squid: Remove setting for filter processes the number of Squid processes I added a function to determine the number of cores. Now the number of squid processes will be equal to the number of logical cores. Further I removed the possibility of changing the number of squid processes in the proxy.cgi Signed-off-by: Daniel Weismüller <daniel.weismueller@ipfire.org> Signed-off-by: root <root@ipfire.test>	2019-01-08 02:02:05 +01:00
Matthias Fischer	d01b31914a	snort: Update to 2.9.12 For details see: Release notes: https://snort.org/downloads/snort/release_notes_2.9.12.txt Changelog: https://snort.org/downloads/snort/changelog_2.9.12.txt Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-01-05 15:42:34 +00:00
Matthias Fischer	0a12cd7039	dnsforward.cgi: fix for language string Hi, In https://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff;h=1a26564e95b5694337e51860544e7775d35055f3 the language string 'dnsforward forward_server' => 'DNS-Server', was deleted and replaced by 'dnsforward forward_servers' => 'DNS-Server', IMHO this leads to an empty string in 'dnsforward.cgi', line 223: ... <td width='20%' class='base'>$Lang::tr{'dnsforward forward_server'}: <img src='/blob.gif' alt='*' /></td> ... I changed this line... Best, Matthias Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-01-03 14:58:26 +00:00
Erik Kapfer	e6f7f8e7ba	database_attribute: Deliver/create index.txt.attr Fixes #11904 Since OpenSSL-1.1.0x the database attribute file for IPSec and OpenVPN wasn´t created while initial PKI generation. OpenVPN delivered an error message but IPSec did crashed within the first attempt. This problem persists also after X509 deletion and new generation. index.txt.attr will now be delivered by the system but also deleted and recreated while setting up a new x509. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-01-03 14:52:53 +00:00
Stefan Schantl	7b6f8596ed	Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next-suricata	2018-12-28 07:36:59 +01:00
Stefan Schantl	74cc8f5a3d	ids-functions.pl: Introduce function write_modify_sids_file() This function is used to write the corresponding file which tells oinkmaster to alter the whole ruleset and finally switches suricata into an IPS or IDS. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2018-12-25 18:49:57 +01:00
Stefan Schantl	b02e30fd81	ids.cgi: Move variable declaration to ids-functions.pl Also move some functions from the cgi file to the library file. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2018-12-25 18:26:21 +01:00
Stefan Schantl	53817b89c0	ids.cgi: Hack to use the correct language string for red network zone. This hack is needed because "red" is used as "internet" in the language files and "red1" contains the correct "red" translations. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>	2018-12-24 13:19:06 +01:00

1 2 3 4 5 ...

2141 Commits