webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-12 20:16:49 +02:00
Code Issues Packages Projects Releases Wiki Activity
17,482 Commits 2 Branches 1 Tag
ded4348d0d1b91ddcc8acdc3bb67aa2dbacc6140
Commit Graph

17482 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stefan Schantl
ded4348d0d ids.cgi: Do not expect a space before the sid when parsing rulefiles. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:44 +01:00
Stefan Schantl
58d368d11c convert-snort: Adjust converter to work with new IDS. 
Only in case if somebody tries to import such an old backup.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:44 +01:00
Stefan Schantl
5b43f9db15 ids-functions.pl: Remove as deprecated marked variables. 
They are not needed anymore.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:44 +01:00
Stefan Schantl
1aa3dbf56d ruleset-sources: Update download URL for Talos rulesets. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:44 +01:00
Stefan Schantl
6cbed0c213 ruleset-sources: Add additional providers. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:44 +01:00
Stefan Schantl
4015d3f499 ids.cgi: Sort elements in providers dropdown menu. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:44 +01:00
Stefan Schantl
1b0e555fd3 ids-functions.pl: Only write existing provider specific used rulesfiles 
files into main include yaml file.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:44 +01:00
Stefan Schantl
69b3156f74 IDS: Move read_enabled_disabled_sids_file() function to ids-functions.pl. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:44 +01:00
Stefan Schantl
b35e27a28a backup: Adjust includes file to include new IDS files into backups. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:43 +01:00
Stefan Schantl
52071c0e9e Revert "ids-functions.pl: Remove config files on rulesdir cleanup." 
Not all config files are shipped by the rulesets. For example the
"threshold.conf" and the "referneces.conf" are not include in each
ruleset.

Therefore it is not a common way to delete all config files. It is
much safer to simple keep them and overwrite existing ones by the
generated ones.

This reverts commit a71c3c9dcc60541aa4504d0f1fb0a78c0d58ed5e.
 2021-12-19 13:23:43 +01:00
Stefan Schantl
1b5aec1b7d ids-functions.pl: Move code to handle plain rules files to 
extractruleset() function.

Now everithing which is extracting or moving stored ruleset files is
easily accessing via one function which takes care about.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:43 +01:00
Stefan Schantl
01fc880cf3 ids-functions.pl: Only read providers used rulefiles file if it exists. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:43 +01:00
Stefan Schantl
35bc92a307 ids-functions.pl: Fix accidently commited debug file path. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:43 +01:00
Stefan Schantl
6875f9ce7c update-ids-ruleset: Port script to work with multiple providers. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:43 +01:00
Stefan Schantl
71766c081c langs-de.pl: Fix grammar. 
Even as a native speaker, it seems german sometimes is a very difficult language......

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:43 +01:00
Stefan Schantl
515a694d1c ids.cgi: Add code to handle the reset of a provider to it's defaults. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:43 +01:00
Stefan Schantl
f3d421a3b1 ids.cgi: Make backend code for forced ruleset update working again. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:43 +01:00
Stefan Schantl
962e58cdd4 ids.cgi: Add section for additional provider actions. 
This section only will be displayed when an existing provider will be
edited and allows to reset a provider back to it's defaults or to force
a ruleset update.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:43 +01:00
Stefan Schantl
7e1a09f925 ids.cgi: Fix display issue with colum backgound colour in provider list. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:43 +01:00
Stefan Schantl
0c5b2f6da3 ids.cgi: Handle oinkmaster provider includes when deleting a provider. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:43 +01:00
Stefan Schantl
ce40fddefc ids.cgi: Fix function call of get_used_provider_rulesfile_file(). 
The function is locatated in the IDS module and therefore needs to be
called from there.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:43 +01:00
Stefan Schantl
eade546821 ids.cgi: Add/Remove provider file include in oinkmaster providers 
include file when toggeling a provider.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:43 +01:00
Stefan Schantl
1d860d89cb ids-functions.pl: Check if the file exists bevore adding it to the 
oinkmaster provider includes file.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:43 +01:00
Stefan Schantl
d878d9c014 ids-functions.pl: Introduce alter_oinkmaster_provider_includes_file(). 
This function can be used to directly modify the desired file.

It takes two arguments:
 * An action which could be "add" or "remove"
 * A provider handle, which should be added or removed.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:43 +01:00
Stefan Schantl
5d523e4161 ids.cgi: Use get_oinkmaster_provider_modified_sids_file() function. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:43 +01:00
Stefan Schantl
5b9d877d46 ids-functions.pl: Introduce get_oinkmaster_provider_modified_sids_file() 
function.

This function simply returns the gernerated path and filename for the
provider specific modified sids file.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:43 +01:00
Stefan Schantl
15832b10c2 IDS: Redesign backend for enabled/disabled sids in rulefiles. 
The enabled or disabled sids now will be written to an own
provider exclusive configuration file which dynamically will
be included by oinkmaster if needed.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:43 +01:00
Stefan Schantl
88eb5626b3 ids-functions.pl: Bring back usage of whitelist.rules and local.rules 
files.

They now automatically will be included as static includes if the files
are present.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:42 +01:00
Stefan Schantl
593abb3510 ids.cgi: Use get_ruleset_date() from ids-functions.pl. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:42 +01:00
Stefan Schantl
f580aa8caa ids-functions.pl: Introduce get_ruleset_date() function. 
This function is used to get the creation date of the stored rules files
of a given provider.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:42 +01:00
Stefan Schantl
02fee15e0e ids.cgi: Prevent from chainging the provider when editing an existing 
one.

This commit locks the dropdown menu for selecting a provider, in case
an existing one should be edited.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:42 +01:00
Stefan Schantl
1fa187335b ids.cgi: Add hardcoded error message to language files. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:42 +01:00
Stefan Schantl
4b6cf2a54a ids.cgi: Fix check and message when trying to enable suricata without 
any enabled or no provider.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:42 +01:00
Stefan Schantl
106f00bdbb ids.cgi: Lock the CGI when a provder will be deleted. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:42 +01:00
Stefan Schantl
0943ad8c3f ids.cgi: Drop old code to handle the settings of the ruleset section. 
This entirely has been replaced by the providers section and the code to
handle the actions of this section.

Therefore this code is not longer needed.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:42 +01:00
Stefan Schantl
2fded6d2ad ids.cgi: Finish code to handle the removal of a provider from the list. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:42 +01:00
Stefan Schantl
a2b4488ae5 ids.cgi: Finish code to handle toggeling a provider enabled/disabled. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:42 +01:00
Stefan Schantl
ddaf8ae1a8 IDS: Redesign backend for used provider rulesfiles. 
The selected rulesfiles of a provider now will be written to an own
provider exclusive yaml file, which will be included dynamically when
the provider is enabled or not.

This allows very easy handling to enable or disable a provider, in this
case the file which keeps the enabled providers rulesets only needs to
be included in the main file or even not.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:32 +01:00
Stefan Schantl
b734df0e12 ids.cgi: Add action if a new provider is added. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:00 +01:00
Stefan Schantl
50f348f681 ids-functions.pl: Introduce move_tmp_ruleset() function. 
This function is used to move an extracted temporary ruleset to
the rules location.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:00 +01:00
Stefan Schantl
e31458de4e ids-functions.pl: Fix another typo. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:00 +01:00
Stefan Schantl
6acaa5fa6f ids-functions.pl: Remove accidently commited debug code. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:00 +01:00
Stefan Schantl
0130e0d1e1 ids-functions.pl: Rework oinkmaster() to use get_enabled_providers 
function.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:00 +01:00
Stefan Schantl
5e20d6cb28 ids-functions.pl: Introduce get_enabled_providers() function. 
This function simply returns an array with all enabled ruleset
providers.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:00 +01:00
Stefan Schantl
dae33250b2 ids-functions.pl: Fix typo. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:00 +01:00
Stefan Schantl
3daa300025 ids.cgi: Use get_used_rulesfiles function from ids-functions.pl. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:00 +01:00
Stefan Schantl
6563d44997 ids-functions.pl: Introduce get_used_rulesfiles() function. 
This function simply returns an array which contains the used rulesfiles
files.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:00 +01:00
Stefan Schantl
61b9266437 ids-functions.pl: Introduce drop_dl_rulesfile(). 
This tiny function is used, to delete the stored rulesfile in case a
provider will be deleted.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:00 +01:00
Stefan Schantl
aac869c47e ids-functions.pl: Rework function for modify-sid file to be more 
generic.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:23:00 +01:00
Stefan Schantl
16b2d281ce ids-functions.pl: Add cleanup_tmp_directory() function. 
As the name of the function already says, it is responsible to
delete all temporary files after ruleset generation.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 2021-12-19 13:22:59 +01:00