From patchwork Wed May 8 03:17:16 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Stefan Schantl X-Patchwork-Id: 2242 Return-Path: Received: from mail01.ipfire.org (unknown [172.28.1.200]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail01.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by web07.i.ipfire.org (Postfix) with ESMTPS id 5954C85D3EB for ; Tue, 7 May 2019 18:17:23 +0100 (BST) Received: from mail01.i.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id 44z5rf3GjRz5KK8Q; Tue, 7 May 2019 18:17:22 +0100 (BST) Received: from tuxedo.stevee (212095005133.public.telering.at [212.95.5.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPSA id 44z5rb3dFcz5KK8Q; Tue, 7 May 2019 18:17:19 +0100 (BST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201904rsa; t=1557249439; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:in-reply-to: references:openpgp:autocrypt; bh=eQaRakCKN5yxaqNxt/cBFUcxZ4m6FZ5NlN2WU8p8hQo=; b=HEVv1wDygKg4z6tm2DPLs/4brrZyoV1MR8atOIuAhw3EklVk7LoutkkJAsHupeRuOTu6op tOKxJcRFfSGf9folRaio7nF72zCwQCTyoBb/ma4bInu6YroWjDG4UsN4RURlcQuVY8a3SD BWiwrVwZ7Vl3AkCnj1Nag4kqn2ggDV675tX1Ajii4D5/omhvBIVDBoWC8Oq+9uaqj2+FWH 0hALrH8phe9fIu3A+22HHIEzA/oNAF8hkO3kphA2vYGINCFA01nfFRDP7wbCQSQf9dU+Oa 0uaQJRDOAwZ7bCEPDi3kBOj2xE1Kg7LJIAY+XfO34mHRQigkqwPZmDw7wf83Fw== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=201904ed25519; t=1557249439; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:in-reply-to: references:openpgp:autocrypt; bh=eQaRakCKN5yxaqNxt/cBFUcxZ4m6FZ5NlN2WU8p8hQo=; b=q1pXb0iPwh9aEBl4OeioAKcmEn5LV8RfDR7futAw5Q/NYViAwY41nNyiz3CwbATIX8joka VzDTWAOVm3V2fBAA== From: Stefan Schantl To: development@lists.ipfire.org Subject: [PATCH] guardian: Remove snort related options. Date: Tue, 7 May 2019 19:17:16 +0200 Message-Id: <20190507171716.5631-1-stefan.schantl@ipfire.org> X-Mailer: git-send-email 2.20.1 MIME-Version: 1.0 Authentication-Results: mail01.ipfire.org; auth=pass smtp.auth=stevee smtp.mailfrom=stefan.schantl@ipfire.org X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" IPFire has moved to suricata as IDS/IPS system, therefore all snort related options has become obsolete. Signed-off-by: Stefan Schantl --- config/guardian/guardian.de.pl | 4 +-- config/guardian/guardian.en.pl | 4 +-- config/guardian/guardian.tr.pl | 4 +-- html/cgi-bin/guardian.cgi | 51 ++++------------------------------ lfs/guardian | 2 +- 5 files changed, 10 insertions(+), 55 deletions(-) diff --git a/config/guardian/guardian.de.pl b/config/guardian/guardian.de.pl index 344d04543..c03c98525 100644 --- a/config/guardian/guardian.de.pl +++ b/config/guardian/guardian.de.pl @@ -6,7 +6,7 @@ 'guardian block httpd brute-force' => 'httpd-Brute-Force-Erkennung', 'guardian block owncloud brute-force' => 'Owncloud-Brute-Force-Erkennung', 'guardian block ssh brute-force' => 'SSH-Brute-Force-Erkennung', -'guardian blockcount' => 'Trefferschwelle (Snort)', +'guardian blockcount' => 'Trefferschwelle', 'guardian blocked hosts' => 'Aktuell geblockte Hosts', 'guardian blocking of this address is not allowed' => 'Diese Addresse darf nicht geblockt werden.', 'guardian blocktime' => 'Blockzeit (Sekunden)', @@ -36,9 +36,7 @@ 'guardian priolevel_medium' => '2 - Mittel', 'guardian priolevel_low' => '3 - Niedrig', 'guardian priolevel_very_low' => '4 - Sehr niedrig', -'guardian priority level' => 'Prioritätslevel (Snort)', 'guardian service' => 'Guardian-Dienst', -'guardian watch snort alertfile' => 'Snort-Alarme auswerten', ); diff --git a/config/guardian/guardian.en.pl b/config/guardian/guardian.en.pl index f6be8654d..c94484f7e 100644 --- a/config/guardian/guardian.en.pl +++ b/config/guardian/guardian.en.pl @@ -6,7 +6,7 @@ 'guardian block httpd brute-force' => 'httpd Brute Force Detection', 'guardian block owncloud brute-force' => 'Owncloud Brute Force detection', 'guardian block ssh brute-force' => 'SSH Brute Force Detection', -'guardian blockcount' => 'Strike Threshold (Snort)', +'guardian blockcount' => 'Strike Threshold', 'guardian blocked hosts' => 'Currently blocked hosts', 'guardian blocking of this address is not allowed' => 'Blocking of the given address is not allowed.', 'guardian blocktime' => 'Block Time (seconds)', @@ -36,9 +36,7 @@ 'guardian priolevel_medium' => '2 - Medium', 'guardian priolevel_low' => '3 - Low', 'guardian priolevel_very_low' => '4 - Very low', -'guardian priority level' => 'Priority Level (Snort)', 'guardian service' => 'Guardian Service', -'guardian watch snort alertfile' => 'Monitor Snort Alert File', ); diff --git a/config/guardian/guardian.tr.pl b/config/guardian/guardian.tr.pl index cb64a358d..c4d9c5aab 100644 --- a/config/guardian/guardian.tr.pl +++ b/config/guardian/guardian.tr.pl @@ -6,7 +6,7 @@ 'guardian block httpd brute-force' => 'httpd kaba kuvvet algılama', 'guardian block owncloud brute-force' => 'Owncloud kaba kuvvet algılama', 'guardian block ssh brute-force' => 'SSH kaba kuvvet algılama', -'guardian blockcount' => 'Vurgu eşiği (Snort)', +'guardian blockcount' => 'Vurgu eşiği', 'guardian blocked hosts' => 'Şu anda engellenen ana makineler', 'guardian blocking of this address is not allowed' => 'Verilen adresin engellenmesine izin verilmiyor.', 'guardian blocktime' => 'Engelleme zamanı (saniye)', @@ -36,9 +36,7 @@ 'guardian priolevel_medium' => '2 - Orta', 'guardian priolevel_low' => '3 - Düşük', 'guardian priolevel_very_low' => '4 - Çok düşük', -'guardian priority level' => 'Öncelik seviyesi (Snort)', 'guardian service' => 'Koruyucu servisi', -'guardian watch snort alertfile' => 'Snort uyarı dosyası', ); diff --git a/html/cgi-bin/guardian.cgi b/html/cgi-bin/guardian.cgi index 6144aca02..36d84bb5b 100644 --- a/html/cgi-bin/guardian.cgi +++ b/html/cgi-bin/guardian.cgi @@ -52,7 +52,6 @@ my $ignorefile ='/var/ipfire/guardian/guardian.ignore'; # file locations on IPFire systems. my %module_file_locations = ( "HTTPD" => "/var/log/httpd/error_log", - "SNORT" => "/var/log/snort/alert", "SSH" => "/var/log/messages", ); @@ -78,7 +77,6 @@ our %ignored = (); $settings{'ACTION'} = ''; $settings{'GUARDIAN_ENABLED'} = 'off'; -$settings{'GUARDIAN_MONITOR_SNORT'} = 'on'; $settings{'GUARDIAN_MONITOR_SSH'} = 'on'; $settings{'GUARDIAN_MONITOR_HTTPD'} = 'on'; $settings{'GUARDIAN_MONITOR_OWNCLOUD'} = ''; @@ -88,7 +86,6 @@ $settings{'GUARDIAN_BLOCKCOUNT'} = '3'; $settings{'GUARDIAN_BLOCKTIME'} = '86400'; $settings{'GUARDIAN_FIREWALL_ACTION'} = 'DROP'; $settings{'GUARDIAN_LOGFILE'} = '/var/log/guardian/guardian.log'; -$settings{'GUARDIAN_SNORT_PRIORITY_LEVEL'} = '3'; my $errormessage = ''; @@ -379,9 +376,6 @@ sub showMainBox() { $checked{'GUARDIAN_ENABLED'}{'on'} = ''; $checked{'GUARDIAN_ENABLED'}{'off'} = ''; $checked{'GUARDIAN_ENABLED'}{$settings{'GUARDIAN_ENABLED'}} = 'checked'; - $checked{'GUARDIAN_MONITOR_SNORT'}{'off'} = ''; - $checked{'GUARDIAN_MONITOR_SNORT'}{'on'} = ''; - $checked{'GUARDIAN_MONITOR_SNORT'}{$settings{'GUARDIAN_MONITOR_SNORT'}} = "checked='checked'"; $checked{'GUARDIAN_MONITOR_SSH'}{'off'} = ''; $checked{'GUARDIAN_MONITOR_SSH'}{'on'} = ''; $checked{'GUARDIAN_MONITOR_SSH'}{$settings{'GUARDIAN_MONITOR_SSH'}} = "checked='checked'"; @@ -394,7 +388,6 @@ sub showMainBox() { $selected{'GUARDIAN_LOG_FACILITY'}{$settings{'GUARDIAN_LOG_FACILITY'}} = 'selected'; $selected{'GUARDIAN_LOGLEVEL'}{$settings{'GUARDIAN_LOGLEVEL'}} = 'selected'; - $selected{'GUARDIAN_SNORT_PRIORITY_LEVEL'}{$settings{'GUARDIAN_SNORT_PRIORITY_LEVEL'}} = 'selected'; $selected{'GUARDIAN_FIREWALL_ACTION'}{$settings{'GUARDIAN_FIREWALL_ACTION'}} = 'selected'; &Header::openpage($Lang::tr{'guardian configuration'}, 1, ''); @@ -447,19 +440,6 @@ sub showMainBox() { \$("#GUARDIAN_LOG_FACILITY").change(update_options); \$("#GUARDIAN_LOGLEVEL").change(update_options); update_options(); - - // Show / Hide snort priority level option, based if - // snort is enabled / disabled. - if (\$('input[name=GUARDIAN_MONITOR_SNORT]:checked').val() == 'on') { - \$('.GUARDIAN_SNORT_PRIORITY_LEVEL').show(); - } else { - \$('.GUARDIAN_SNORT_PRIORITY_LEVEL').hide(); - } - - // Show/Hide snort priority level when GUARDIAN_MONITOR_SNORT get changed. - \$('input[name=GUARDIAN_MONITOR_SNORT]').change(function() { - \$('.GUARDIAN_SNORT_PRIORITY_LEVEL').toggle(); - }); }); END @@ -533,12 +513,6 @@ END
- - $Lang::tr{'guardian watch snort alertfile'} - on / - off - - $Lang::tr{'guardian block ssh brute-force'} on / @@ -580,17 +554,15 @@ END - +
- - $Lang::tr{'guardian priority level'}: - + + $Lang::tr{'guardian blockcount'}: @@ -602,12 +574,6 @@ END - $Lang::tr{'guardian firewallaction'}: - - $Lang::tr{'guardian blocktime'}: @@ -977,11 +943,6 @@ sub BuildConfiguration() { # Module settings. print FILE "\n# Module settings.\n"; - # Check if SNORT is enabled and add snort priority. - if ($settings{'GUARDIAN_MONITOR_SNORT'} eq "on") { - print FILE "SnortPriorityLevel = $settings{'GUARDIAN_SNORT_PRIORITY_LEVEL'}\n"; - } - close(FILE); # Generate ignore file. diff --git a/lfs/guardian b/lfs/guardian index 2eaf77212..d84ca64f3 100644 --- a/lfs/guardian +++ b/lfs/guardian @@ -33,7 +33,7 @@ DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = guardian -PAK_VER = 15 +PAK_VER = 16 DEPS = "perl-inotify2 perl-Net-IP"