webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-16 22:13:01 +02:00
Code Issues Packages Projects Releases Wiki Activity
17,441 Commits 2 Branches 1 Tag
6acaa5fa6f6fb4546f058eebc774914e5706ceb3
Commit Graph

17441 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stefan Schantl
6acaa5fa6f ids-functions.pl: Remove accidently commited debug code. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:00 +01:00
Stefan Schantl
0130e0d1e1 ids-functions.pl: Rework oinkmaster() to use get_enabled_providers 
function.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:00 +01:00
Stefan Schantl
5e20d6cb28 ids-functions.pl: Introduce get_enabled_providers() function. 
This function simply returns an array with all enabled ruleset
providers.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:00 +01:00
Stefan Schantl
dae33250b2 ids-functions.pl: Fix typo. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:00 +01:00
Stefan Schantl
3daa300025 ids.cgi: Use get_used_rulesfiles function from ids-functions.pl. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:00 +01:00
Stefan Schantl
6563d44997 ids-functions.pl: Introduce get_used_rulesfiles() function. 
This function simply returns an array which contains the used rulesfiles
files.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:00 +01:00
Stefan Schantl
61b9266437 ids-functions.pl: Introduce drop_dl_rulesfile(). 
This tiny function is used, to delete the stored rulesfile in case a
provider will be deleted.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:00 +01:00
Stefan Schantl
aac869c47e ids-functions.pl: Rework function for modify-sid file to be more 
generic.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:00 +01:00
Stefan Schantl
16b2d281ce ids-functions.pl: Add cleanup_tmp_directory() function. 
As the name of the function already says, it is responsible to
delete all temporary files after ruleset generation.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
09f7de9773 ids-functions.pl: Remove config files on rulesdir cleanup. 
They every time oinkmaster is called will be generated.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
b953677b0d ids-functions.pl: Rework oinkmaster() function. 
Rework the function to work with the latest changes and multiple
providers.

The function now does the following:

* Extract the stored rules tarballs for all enabled providers.
* Copy rules files for enabled providers which provide plain files.
* Still calls oinkmaster to set up the rules and modify them.
* Calls the merge functions for classification and sid to msg files.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
6c9d3eeef2 ids-functions.pl: Assign temporary rules and conf path to variables. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
8bd74e12a9 ids-functions.pl: Introduce merge_sid_msg() function. 
This function is used to merge the sid to message mapping files
from various providers.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
8335286b38 ids-functions.pl: Fix typo. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
23b560529a ids-functions.pl: Introduce merge_classifications() function. 
This function is used to merge the individual classification files
provided by the providers.

The result will be written to the classification.config which will be
used by the IDS.

Fixes #11884.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
0fbfffea91 ids-functions.pl: Introduce extraceruleset() function. 
This function is used to extract the required config and rules files
from the stored rules tarball for a given ruleset provider.

* The files will be extracted to a temporary directory layout in
  "/tmp/ids_tmp".

* Names of config files will be adjusted in case multiple providers
  offers the same config files, which is very common.

* The name of the single rulefiles will be adjusted to start with
  the vendors name to allow assigning them very easily to a single
  ruleset provider.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
ae22613224 ids-functions.pl: Always delete temporary file. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
2c02c93607 ids-functions.pl: Fix typo. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
caae0cf5e3 ruleset-sources: Rename file to plain. 
This is used if a provider offers a plain rulefile instead an archive.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
b3c2c3364d ids-functions.pl: Allow downloadruleset() function to deal with 
multiple ruleset providers.

When calling the function now a single ruleset provider handle
can be specified to only download this ruleset or by adding "all" or
leaving the handle blank a download of all configured rulesets can be
triggered.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
788a71f51e ids-functions.pl: Introduce private _get_dl_rulesfile() function. 
This function can be used to generate/get the absolute file and path
for a given ruleset provider.

The files will be stored in the usual "/var/tmp" folder with a new
file format based on the dl_file type and the provider.

Examples could be:
	* /var/ipfire/idsrules-emerging.tar.gz
	* /var/ipfire/idsrules-registered.tar.gz
	* /var/ipfire/idsrules-somprovider.rules

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
e55fa2f745 ids-functions.pl: Run in perl strict mode. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
b5350c4d6e ruleset-sources: Fix website url for community ruleset. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
923a644107 ruleset-sources: Replace subscription code placeholder. 
Replace the <oinkcode> placeholder by the more generic
<subscription_code>.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
73eb03a333 ids.cgi: Add code to handle enable/disable a provider. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
9bf260ded2 ids.cgi: Add code to handle enable/disable autoupdate for a provider. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
7323c72d03 ids.cgi: Fix type in method. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
2acb3c8d00 ids.cgi: Remove accidently commited commented code snipped. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
bb4c30c653 ids.cgi: Correctly use "enabled" for checked checkboxes. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
aba3cbe5bc ids.cgi: Read-in providers settings file when neccessary. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:58 +01:00
Stefan Schantl
4c067847c5 ids.cgi: Add code to add/edit a ruleset provider. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:58 +01:00
Stefan Schantl
18fb2dbd5c Update language files. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:58 +01:00
Stefan Schantl
a8d36d3e1f ids-functions.pl: Introduce providers_settings_file. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:58 +01:00
Stefan Schantl
2f252efa0d ids.cgi: Rework rulesetsettings section. 
* The page and section now supports multiple ruleset providers at once.
* Adding / Editing a ruleset provider has been moved to a own sub-page.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:58 +01:00
Stefan Schantl
a49a30d1ba ruleset-sources: Fix website details for emergingthreats provider. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:58 +01:00
Stefan Schantl
77351a6b76 ids.cgi: Move configuration of ruleset autoupdate intervall to IDS main 
section.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:58 +01:00
Stefan Schantl
87df37da7a ids.cgi: Stop showing ruleset date on customize rulest sub-page. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:47 +01:00
Stefan Schantl
4efc8ccd8a ids.cgi: Add "Back" button to customize ruleset sub-page. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:21:51 +01:00
Stefan Schantl
2bbe6ede23 ids.cgi: Move / Splitt main page and customize ruleset subpage. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:21:51 +01:00
Stefan Schantl
a468b62b62 ids.cgi: Only read-in ruleset if neccessary. 
This process takes some time, especially on huge rulesets.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:21:51 +01:00
Stefan Schantl
dd2ce333f7 ids.cgi: Add button to customize the ruleset. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:21:51 +01:00
Stefan Schantl
019e5e9baf ids.cgi: Introduce and use get_provider_name() function. 
This function is used to grab the name of a provider by the given
handle.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:21:51 +01:00
Stefan Schantl
fed57fe7f0 ids.cgi: Move the section to customize the IDS ruleset to a function. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:21:51 +01:00
Stefan Schantl
1033cf2d0a ids.cgi: Remove unused rulesetsources hashes. 
They have been superseeded by the new ruleset sources file.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:21:51 +01:00
Stefan Schantl
4e4c3f1459 ids-functions.pl: Require ruleset-sources file for provider details. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:21:51 +01:00
Stefan Schantl
3e12c6e688 ids.cgi: Make CGI work with new ruleset-sources file. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:21:51 +01:00
Stefan Schantl
70cc13158d ids-functions.pl: Add get_ruleset_providers() function. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:21:51 +01:00
Stefan Schantl
179b75107e ids-functions.pl: Make downloader work with new ruleset-sources file 
format.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:21:51 +01:00
Stefan Schantl
5e891296f0 ruleset-sources: Rework file format and data. 
The file now contains a lot more of data and easily can be extended
to provide more and new providers.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:21:51 +01:00
Stefan Schantl
41b52755b8 Merge branch 'master' of ssh://git.ipfire.org/pub/git/ipfire-2.x 2021-12-19 13:19:03 +01:00