webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-23 01:12:57 +02:00
Code Issues Packages Projects Releases Wiki Activity
10,175 Commits 2 Branches 1 Tag
80a474183e6c730da89e96a3d7719534c252a06b
Commit Graph

10175 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Tremer
80a474183e Improve wording of the Guardian translations 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-08-02 12:43:01 +01:00
Michael Tremer
f62bd2742c Update translation 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-08-02 12:18:45 +01:00
Michael Tremer
afc0f6e884 Merge remote-tracking branch 'stevee/guardian-2.0' into next 2016-08-02 12:18:29 +01:00
Matthias Fischer
de5627819b htop: Update to 2.0.2 
For details, see:
http://hisham.hm/htop/index.php?page=downloads

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2016-08-01 10:34:03 +01:00
Stefan Schantl
e73a5ce77a guardian: Update to the tagged release version. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-30 11:31:08 +02:00
Arne Fitzenreiter
65a61d88c8 Merge branch 'next' of git.ipfire.org:/pub/git/ipfire-2.x into next 2016-07-29 18:58:56 +02:00
Arne Fitzenreiter
9a300ee8b5 core104: ship screen 
old binary is linked against libshadow.0*

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
 2016-07-29 18:57:49 +02:00
Stefan Schantl
6a5b83f80d Core 104: Add for guardian changed files to core update. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 15:40:30 +02:00
Stefan Schantl
dcb6493a0c initscripts: Drop guardian related code from snort initscript. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:29:13 +02:00
Stefan Schantl
a27c40a05b ids.cgi: Drop guardian related code. 
Guardian competely will be managed by it's own CGI.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:25:28 +02:00
Stefan Schantl
3b8ad4fde9 guardian-legacy: Drop old guardian related files. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:21:08 +02:00
Stefan Schantl
dadee76d7b guardian.cgi: Fix path to snort alert file. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:19:14 +02:00
Matthias Fischer
5cbfa0140c log.dat: Added entry for 'guardian' 
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:19:14 +02:00
Stefan Schantl
a11aaa91b3 guardian: Update to 2.0. 
Update guardian to the re-written version.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:19:14 +02:00
Stefan Schantl
f617f21cc0 guardian.cgi: Prevent from using "syslog" and "debug". 
When using syslog as log facility and debug as log mode,
syslog does not log anything.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:19:14 +02:00
Stefan Schantl
efd9c5ffb4 guardian.cgi: Also generate ignore file when building the configuration. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:19:14 +02:00
Stefan Schantl
8651c94e9a Language file update. 
Add guardian related strings to the german language file.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:19:14 +02:00
Stefan Schantl
8afd763e70 perl-Net-IP: New package 
The perl-Net-IP module provides various methods for validating
and calculating IP-addresses (both IP protocols supported) and
is a runtime dependency of guardian 2.0.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:19:14 +02:00
Stefan Schantl
65c61b574f perl-common-sense: New package. 
This is a runtime dependency for perl-inotify2.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:19:14 +02:00
Stefan Schantl
7f218a58ba perl-inotify2: New package. 
This module contains inotify bindings for perl, used by the extendend guardian.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:18:51 +02:00
Stefan Schantl
06f261cfb9 Language file update. 
Add new guardian related strings.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:17:56 +02:00
Stefan Schantl
2daa1f5bb2 guardian.cgi: Show/Hide options using Java Script. 
The options for configuring the log file location and
snort alert priority level now dynamically will be
displayed or hidden if the desired options or feature
is not used.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:17:56 +02:00
Stefan Schantl
2d17c6e6b8 guardian.cgi: Add support for selecting the used firewall action. 
This will allow to choose between DROP and REJECT if guardian blocks an
attackers address.

Fixes #10xxx.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:17:56 +02:00
Stefan Schantl
1cc653239f guardian.cgi: Use new feature of ignore file inclusion. 
Add support and usage of the recently introduced feature of
including other files in the ignore file to add
the red related IP-addresses to the ignore list on IPFire
systems.

Also use reload-ignore-list feature instead of reloading the
whole configuration on ignore list modifications.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:17:56 +02:00
Stefan Schantl
c880c2cb8a guardian.cgi: Create config and ignore file if they does not exist. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:17:56 +02:00
Stefan Schantl
62fd0e6fc7 guardian.cgi: Prevent from blocking the used DNS servers. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:17:56 +02:00
Stefan Schantl
c232e3489a guardian.cgi: Use private subfunction for gateway and DNS server detection. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:17:56 +02:00
Stefan Schantl
97849142bd guardian.cgi: Add function to generate the guardian.ignore file. 
This function is responsible for collecting all required data,
like the green, blue, orange (if the interfaces are available),
red, gateway and used DNS server IP-addresses.

It will add als these addresses and the configured and enabled
user-defined ignored addresses/networks to the ignore file of
guardian to prevent from blocking any of them.

Note:

The IPFire and RED inteface related addresses also will be added
to the ignore file, even if there is no user-defined entry in the
list.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:17:56 +02:00
Stefan Schantl
7edbe06374 guardian.cgi: Use ignored config file. 
The CGI now uses an own ignored configuration file for
storing host addresses and/or subnets which should be
ignored by guardian.

This allows to add remarks for them and to enable or disable
each entry individally at any time.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:17:56 +02:00
Stefan Schantl
891ba055f2 guardian.cgi: Use "getipstat" binary. 
Rework the GetBlockedHosts() to use the "getipstat" binary
instead of the not longer available "guardianctrl" binary.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:17:56 +02:00
Stefan Schantl
af6856afc4 guardian.cgi: Send commands through socket connection. 
The guardianctrl binary does not longer exists, use
the Guardian::Socket module to send various commands
by using the provided socket client.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:17:56 +02:00
Stefan Schantl
5295899104 guardian.cgi: Adjust code for generating the config file. 
The config file format and values have been changed, so the
code to do the generation has to be adjusted.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:17:56 +02:00
Stefan Schantl
d530537998 guardian.cgi: Drop option for configure the path to the snort alertfile. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:17:56 +02:00
Stefan Schantl
723648ac92 guardian.cgi: Rename hash keys for enabled modules. 
Rename the hash key names of enabled parser modules,
(services which should be monitored by guardian) to
keep the same name sheme than in the guardian config
file.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:17:56 +02:00
Stefan Schantl
b5f7d90327 guardian.cgi: Adjust CGI to use Locale::Codes::Country. 
The module has been renamed some time ago.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:17:56 +02:00
Stefan Schantl
eff1feb8c7 guardian.cgi: Disable debugging. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:17:55 +02:00
Matthias Fischer
b1597f879c guardian.cgi: Suppress warnings for ${Header::colourgreen} variable. 
Reference #10748.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:17:55 +02:00
Matthias Fischer
6a153ecdac guardian.cgi: Fix unititalized value "GUARDIAN_ENABLE_OWNCLOUD". 
When the owncloud addon is not installed, this value was not
initialized correctly.

Reference #10748.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:17:55 +02:00
Matthias Fischer
922ddf0ef6 guardian.cgi: Use variable $pid instead of array element. 
This will prevent from a lot of perl suggestions in the
apache error log.

Reference #10748.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:17:55 +02:00
Stefan Schantl
bfb860ceb7 guardian.cgi: Fix path to meta-owncloud. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:17:55 +02:00
Stefan Schantl
28981fac68 guardian.cgi: Add configure options for owncloud. 
The related options only will be displayed when the owncloud addon
has been installed.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:17:55 +02:00
Stefan Schantl
36dbcf2e43 guardian.cgi: Allways read-in settings. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:17:55 +02:00
Stefan Schantl
c973d6da10 guardian.cgi: Some more input validation. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:17:55 +02:00
Stefan Schantl
473c725721 guardian.cgi: Correct indentation when writing out the config file. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:17:55 +02:00
Stefan Schantl
4a7fc9f634 guardian.cgi: Add dropdown for PriorityLevel selection. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:17:55 +02:00
Stefan Schantl
96655fa6b7 guardian.cgi: Fix and improve input validation. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:17:55 +02:00
Stefan Schantl
f8c3bfe050 guardian.cgi: Reload guardian if config or the ignorelist changes. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:17:55 +02:00
Stefan Schantl
a35a066845 guardian.cgi: Add option to configure the BlockCount. 
Some small code fixes.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:17:55 +02:00
Stefan Schantl
06ff7e28d7 guardian.cgi: Accidently hardcoded some descriptions. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:17:55 +02:00
Stefan Schantl
7899718f04 guardian.cgi: Add dropdown to select the used loglevel. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2016-07-29 13:17:55 +02:00