webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-12 04:05:53 +02:00
Code Issues Packages Projects Releases Wiki Activity
17,446 Commits 2 Branches 1 Tag
a2b4488ae53c92b6ffefa2abb2ee4601e4907014
Commit Graph

17446 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stefan Schantl
a2b4488ae5 ids.cgi: Finish code to handle toggeling a provider enabled/disabled. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:42 +01:00
Stefan Schantl
ddaf8ae1a8 IDS: Redesign backend for used provider rulesfiles. 
The selected rulesfiles of a provider now will be written to an own
provider exclusive yaml file, which will be included dynamically when
the provider is enabled or not.

This allows very easy handling to enable or disable a provider, in this
case the file which keeps the enabled providers rulesets only needs to
be included in the main file or even not.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:32 +01:00
Stefan Schantl
b734df0e12 ids.cgi: Add action if a new provider is added. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:00 +01:00
Stefan Schantl
50f348f681 ids-functions.pl: Introduce move_tmp_ruleset() function. 
This function is used to move an extracted temporary ruleset to
the rules location.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:00 +01:00
Stefan Schantl
e31458de4e ids-functions.pl: Fix another typo. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:00 +01:00
Stefan Schantl
6acaa5fa6f ids-functions.pl: Remove accidently commited debug code. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:00 +01:00
Stefan Schantl
0130e0d1e1 ids-functions.pl: Rework oinkmaster() to use get_enabled_providers 
function.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:00 +01:00
Stefan Schantl
5e20d6cb28 ids-functions.pl: Introduce get_enabled_providers() function. 
This function simply returns an array with all enabled ruleset
providers.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:00 +01:00
Stefan Schantl
dae33250b2 ids-functions.pl: Fix typo. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:00 +01:00
Stefan Schantl
3daa300025 ids.cgi: Use get_used_rulesfiles function from ids-functions.pl. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:00 +01:00
Stefan Schantl
6563d44997 ids-functions.pl: Introduce get_used_rulesfiles() function. 
This function simply returns an array which contains the used rulesfiles
files.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:00 +01:00
Stefan Schantl
61b9266437 ids-functions.pl: Introduce drop_dl_rulesfile(). 
This tiny function is used, to delete the stored rulesfile in case a
provider will be deleted.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:00 +01:00
Stefan Schantl
aac869c47e ids-functions.pl: Rework function for modify-sid file to be more 
generic.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:00 +01:00
Stefan Schantl
16b2d281ce ids-functions.pl: Add cleanup_tmp_directory() function. 
As the name of the function already says, it is responsible to
delete all temporary files after ruleset generation.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
09f7de9773 ids-functions.pl: Remove config files on rulesdir cleanup. 
They every time oinkmaster is called will be generated.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
b953677b0d ids-functions.pl: Rework oinkmaster() function. 
Rework the function to work with the latest changes and multiple
providers.

The function now does the following:

* Extract the stored rules tarballs for all enabled providers.
* Copy rules files for enabled providers which provide plain files.
* Still calls oinkmaster to set up the rules and modify them.
* Calls the merge functions for classification and sid to msg files.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
6c9d3eeef2 ids-functions.pl: Assign temporary rules and conf path to variables. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
8bd74e12a9 ids-functions.pl: Introduce merge_sid_msg() function. 
This function is used to merge the sid to message mapping files
from various providers.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
8335286b38 ids-functions.pl: Fix typo. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
23b560529a ids-functions.pl: Introduce merge_classifications() function. 
This function is used to merge the individual classification files
provided by the providers.

The result will be written to the classification.config which will be
used by the IDS.

Fixes #11884.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
0fbfffea91 ids-functions.pl: Introduce extraceruleset() function. 
This function is used to extract the required config and rules files
from the stored rules tarball for a given ruleset provider.

* The files will be extracted to a temporary directory layout in
  "/tmp/ids_tmp".

* Names of config files will be adjusted in case multiple providers
  offers the same config files, which is very common.

* The name of the single rulefiles will be adjusted to start with
  the vendors name to allow assigning them very easily to a single
  ruleset provider.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
ae22613224 ids-functions.pl: Always delete temporary file. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
2c02c93607 ids-functions.pl: Fix typo. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
caae0cf5e3 ruleset-sources: Rename file to plain. 
This is used if a provider offers a plain rulefile instead an archive.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
b3c2c3364d ids-functions.pl: Allow downloadruleset() function to deal with 
multiple ruleset providers.

When calling the function now a single ruleset provider handle
can be specified to only download this ruleset or by adding "all" or
leaving the handle blank a download of all configured rulesets can be
triggered.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
788a71f51e ids-functions.pl: Introduce private _get_dl_rulesfile() function. 
This function can be used to generate/get the absolute file and path
for a given ruleset provider.

The files will be stored in the usual "/var/tmp" folder with a new
file format based on the dl_file type and the provider.

Examples could be:
	* /var/ipfire/idsrules-emerging.tar.gz
	* /var/ipfire/idsrules-registered.tar.gz
	* /var/ipfire/idsrules-somprovider.rules

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
e55fa2f745 ids-functions.pl: Run in perl strict mode. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
b5350c4d6e ruleset-sources: Fix website url for community ruleset. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
923a644107 ruleset-sources: Replace subscription code placeholder. 
Replace the <oinkcode> placeholder by the more generic
<subscription_code>.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
73eb03a333 ids.cgi: Add code to handle enable/disable a provider. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
9bf260ded2 ids.cgi: Add code to handle enable/disable autoupdate for a provider. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
7323c72d03 ids.cgi: Fix type in method. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
2acb3c8d00 ids.cgi: Remove accidently commited commented code snipped. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
bb4c30c653 ids.cgi: Correctly use "enabled" for checked checkboxes. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00
Stefan Schantl
aba3cbe5bc ids.cgi: Read-in providers settings file when neccessary. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:58 +01:00
Stefan Schantl
4c067847c5 ids.cgi: Add code to add/edit a ruleset provider. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:58 +01:00
Stefan Schantl
18fb2dbd5c Update language files. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:58 +01:00
Stefan Schantl
a8d36d3e1f ids-functions.pl: Introduce providers_settings_file. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:58 +01:00
Stefan Schantl
2f252efa0d ids.cgi: Rework rulesetsettings section. 
* The page and section now supports multiple ruleset providers at once.
* Adding / Editing a ruleset provider has been moved to a own sub-page.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:58 +01:00
Stefan Schantl
a49a30d1ba ruleset-sources: Fix website details for emergingthreats provider. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:58 +01:00
Stefan Schantl
77351a6b76 ids.cgi: Move configuration of ruleset autoupdate intervall to IDS main 
section.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:58 +01:00
Stefan Schantl
87df37da7a ids.cgi: Stop showing ruleset date on customize rulest sub-page. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:47 +01:00
Stefan Schantl
4efc8ccd8a ids.cgi: Add "Back" button to customize ruleset sub-page. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:21:51 +01:00
Stefan Schantl
2bbe6ede23 ids.cgi: Move / Splitt main page and customize ruleset subpage. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:21:51 +01:00
Stefan Schantl
a468b62b62 ids.cgi: Only read-in ruleset if neccessary. 
This process takes some time, especially on huge rulesets.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:21:51 +01:00
Stefan Schantl
dd2ce333f7 ids.cgi: Add button to customize the ruleset. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:21:51 +01:00
Stefan Schantl
019e5e9baf ids.cgi: Introduce and use get_provider_name() function. 
This function is used to grab the name of a provider by the given
handle.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:21:51 +01:00
Stefan Schantl
fed57fe7f0 ids.cgi: Move the section to customize the IDS ruleset to a function. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:21:51 +01:00
Stefan Schantl
1033cf2d0a ids.cgi: Remove unused rulesetsources hashes. 
They have been superseeded by the new ruleset sources file.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:21:51 +01:00
Stefan Schantl
4e4c3f1459 ids-functions.pl: Require ruleset-sources file for provider details. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:21:51 +01:00