This will ensure that the whole IDS is configured property, if
no or an empty snort config file is present.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
The subfunction only will return something if the check fails - so the logic
of the if statement was wrong set and the downloader only was called if
this check failed and to less diskspace would be available.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This was still using the old version of OpenSSL.
Instead of linking the module (which we should have found earlier)
the module uses dlopen :(
Fixes: #12044
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This causes some i2c drivers to load and tons of error messages
being created in syslog. So we skip searching for any sensors
that do not exist.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This field is required and therefore we need to initialize it
for old connections. Right now, the CGI throws an error message
when editing an existing connection without the MTU being filled
in.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This package ships the latest BIOS for PC Engines APU boards.
With help of the firmware-update package, this can be very easily
updated when running IPFire.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
When there is a large number of leases, writing the file may
take a long time. When unbound is re-reading its configuration
in that time, the file might syntactically incorrect.
This change writes the file first and then moves it
to the right place in one transaction.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This will tie the detection threads to a certain CPU and
slightly increases throughput on my system.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Disabled 'lua' because otherwise building failed.
I didn't find any place or reason where 'lua' was used by 'rrdtool', so it
was deactivated.
Disabling had no noticeable effects by now. Running.
Please note:
'/usr/lib/collectd/rrdcached.so' and '/usr/lib/collectd/rrdtool.so' have to
be updated, too.
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
The converter requires /etc/snort/snort.conf to grab the used rule files
(categories). After all settings have been converted, we are fine to delete all
snort related files, because none of them is needed anymore.
Also the /var/ipfire/snort directory needs to be deleted. If it will be left on the
system and at any later time a backup will get restored, the converter will be
started by the backup script, because it detects that a snort settins dir exists
and would be restore the old snort settings and replaces all current IPS settings.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
