Message ID | 20171119180410.4d2727aa.peter.mueller@link38.eu |
---|---|
State | Superseded |
Headers |
Return-Path: <development-bounces@lists.ipfire.org> Received: from mail01.ipfire.org (unknown [172.28.1.200]) by web02.ipfire.org (Postfix) with ESMTP id 3F4F660971 for <patchwork@ipfire.org>; Sun, 19 Nov 2017 18:04:21 +0100 (CET) Received: from mail01.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id 70EAC34DB; Sun, 19 Nov 2017 18:04:20 +0100 (CET) Received: from mx.link38.eu (mx.link38.eu [188.68.43.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mx.link38.eu", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id E401134D9 for <development@lists.ipfire.org>; Sun, 19 Nov 2017 18:04:16 +0100 (CET) X-Virus-Scanned: ClamAV at mx.link38.eu Received: from mx-fra.brokers.link38.eu (mx-fra.brokers.link38.eu [10.141.75.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx.link38.eu (Postfix) with ESMTPS id 32D9F40123 for <development@lists.ipfire.org>; Sun, 19 Nov 2017 18:04:11 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx-fra.brokers.link38.eu (Postfix) with ESMTPSA id 9704F9F340 for <development@lists.ipfire.org>; Sun, 19 Nov 2017 18:04:10 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=link38.eu; s=201711; t=1511111050; bh=qtr+7HmPpNgtWUtlAJ/Q+XJrBo5NRj8quE6iYPlW+/k=; h=Date:From:To:Subject:Message-ID:Content-Type:From:To:Subject:Date: Cc; b=SlHPHv36WqZgaQp0s6oumOIS6XqBQWvZtwb+HUsZ+3hQOBT+aE1OlJWU3rqhxfeRj n0oCqmFIzDHQkYfU+tjTtdPvxxobuW4rdCJMiToom4h00d73Lq+kK3KGBIEoIpTk60 LscV1DVVh2QGODiBWLJD2bbpzrkd7FMWRpKs2e9OanyaIS/uBuDuIaK2Qhn1GzRIBx NA0qwjHsUvuQloDMe+mL7bUCsFcWExEImBlFOLbwDn+qoZ0fXWHxG4LKT18U/VGkuD HcCWXyyOGQyGPfoifyrzw+14kwJwUhtPqCLVSkHGLKG3GarHFlt0ySXbT3hbYp2iVr QU2Avty86C4ug== Date: Sun, 19 Nov 2017 18:04:10 +0100 From: Peter =?utf-8?q?M=C3=BCller?= <peter.mueller@link38.eu> To: "development@lists.ipfire.org" <development@lists.ipfire.org> Subject: [PATCH] show IDS rule names correctly in WebUI log Message-ID: <20171119180410.4d2727aa.peter.mueller@link38.eu> Organization: Link38 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: IPFire development talk <development.lists.ipfire.org> List-Unsubscribe: <https://lists.ipfire.org/mailman/options/development>, <mailto:development-request@lists.ipfire.org?subject=unsubscribe> List-Archive: <https://lists.ipfire.org/pipermail/development/> List-Post: <mailto:development@lists.ipfire.org> List-Help: <mailto:development-request@lists.ipfire.org?subject=help> List-Subscribe: <https://lists.ipfire.org/mailman/listinfo/development>, <mailto:development-request@lists.ipfire.org?subject=subscribe> Errors-To: development-bounces@lists.ipfire.org Sender: "Development" <development-bounces@lists.ipfire.org> |
Series |
show IDS rule names correctly in WebUI log
|
|
Commit Message
Peter Müller
Nov. 20, 2017, 4:04 a.m. UTC
Fixes #11519.
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
---
html/cgi-bin/logs.cgi/ids.dat | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Comments
Hello, can you explain what this patch is supposed to change? -Michael On Sun, 2017-11-19 at 18:04 +0100, Peter Müller wrote: > Fixes #11519. > > Signed-off-by: Peter Müller <peter.mueller@link38.eu> > --- > html/cgi-bin/logs.cgi/ids.dat | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/html/cgi-bin/logs.cgi/ids.dat b/html/cgi-bin/logs.cgi/ids.dat > index 44b3abdac..98176d690 100644 > --- a/html/cgi-bin/logs.cgi/ids.dat > +++ b/html/cgi-bin/logs.cgi/ids.dat > @@ -387,7 +387,7 @@ sub processevent > } > ($title,$classification,$priority,$date,$time > ,$srcip,$srcport,$destip,$destport, $sid) = > ("n/a","n/a","n/a","n/a","n/a","n/a","n/a","n/a","n/a", "n/a"); > @refs = (); > - $_ =~ m/:([0-9]{1,4})\] (.*) \[\*\*\]/; > + $_ =~ m/:([0-9]{1,5})\] (.*) \[\*\*\]/; > $title = &Header::cleanhtml($2,"y"); > } > if ($_ =~ m/Classification: (.*)\] \[Priority: > (\d)\]/) {
Hello Michael, Emerging Threats changed some snort signature IDs to 5 digits a while, which were not displayed in the WebUI since "([0-9]{1,4})" did not match on it. This patch adjusts the regular expression so they are displayed correctly now. Should I send in a second version with this description? Thought the bug ID would be enough... Best regards, Peter Müller > Hello, > > can you explain what this patch is supposed to change? > > -Michael > > On Sun, 2017-11-19 at 18:04 +0100, Peter Müller wrote: > > Fixes #11519. > > > > Signed-off-by: Peter Müller <peter.mueller@link38.eu> > > --- > > html/cgi-bin/logs.cgi/ids.dat | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/html/cgi-bin/logs.cgi/ids.dat b/html/cgi-bin/logs.cgi/ids.dat > > index 44b3abdac..98176d690 100644 > > --- a/html/cgi-bin/logs.cgi/ids.dat > > +++ b/html/cgi-bin/logs.cgi/ids.dat > > @@ -387,7 +387,7 @@ sub processevent > > } > > ($title,$classification,$priority,$date,$time > > ,$srcip,$srcport,$destip,$destport, $sid) = > > ("n/a","n/a","n/a","n/a","n/a","n/a","n/a","n/a","n/a", "n/a"); > > @refs = (); > > - $_ =~ m/:([0-9]{1,4})\] (.*) \[\*\*\]/; > > + $_ =~ m/:([0-9]{1,5})\] (.*) \[\*\*\]/; > > $title = &Header::cleanhtml($2,"y"); > > } > > if ($_ =~ m/Classification: (.*)\] \[Priority: > > (\d)\]/) {
Hi, the bug ID is good, but it didn't have a precise explanation either. I just wanted this on the record so that we know what this patch was supposed to be doing. Yes, please send again. Best, -Michael On Mon, 2017-11-20 at 19:13 +0100, Peter Müller wrote: > Hello Michael, > > Emerging Threats changed some snort signature IDs to 5 digits > a while, which were not displayed in the WebUI since "([0-9]{1,4})" > did not match on it. > > This patch adjusts the regular expression so they are displayed > correctly now. > > Should I send in a second version with this description? Thought > the bug ID would be enough... > > Best regards, > Peter Müller > > > Hello, > > > > can you explain what this patch is supposed to change? > > > > -Michael > > > > On Sun, 2017-11-19 at 18:04 +0100, Peter Müller wrote: > > > Fixes #11519. > > > > > > Signed-off-by: Peter Müller <peter.mueller@link38.eu> > > > --- > > > html/cgi-bin/logs.cgi/ids.dat | 2 +- > > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > > > diff --git a/html/cgi-bin/logs.cgi/ids.dat b/html/cgi-bin/logs.cgi/ids.dat > > > index 44b3abdac..98176d690 100644 > > > --- a/html/cgi-bin/logs.cgi/ids.dat > > > +++ b/html/cgi-bin/logs.cgi/ids.dat > > > @@ -387,7 +387,7 @@ sub processevent > > > } > > > ($title,$classification,$priority,$date,$ > > > time > > > ,$srcip,$srcport,$destip,$destport, $sid) = > > > ("n/a","n/a","n/a","n/a","n/a","n/a","n/a","n/a","n/a", "n/a"); > > > @refs = (); > > > - $_ =~ m/:([0-9]{1,4})\] (.*) \[\*\*\]/; > > > + $_ =~ m/:([0-9]{1,5})\] (.*) \[\*\*\]/; > > > $title = &Header::cleanhtml($2,"y"); > > > } > > > if ($_ =~ m/Classification: (.*)\] \[Priority: > > > (\d)\]/) { > >
diff --git a/html/cgi-bin/logs.cgi/ids.dat b/html/cgi-bin/logs.cgi/ids.dat index 44b3abdac..98176d690 100644 --- a/html/cgi-bin/logs.cgi/ids.dat +++ b/html/cgi-bin/logs.cgi/ids.dat @@ -387,7 +387,7 @@ sub processevent } ($title,$classification,$priority,$date,$time,$srcip,$srcport,$destip,$destport, $sid) = ("n/a","n/a","n/a","n/a","n/a","n/a","n/a","n/a","n/a", "n/a"); @refs = (); - $_ =~ m/:([0-9]{1,4})\] (.*) \[\*\*\]/; + $_ =~ m/:([0-9]{1,5})\] (.*) \[\*\*\]/; $title = &Header::cleanhtml($2,"y"); } if ($_ =~ m/Classification: (.*)\] \[Priority: (\d)\]/) {