# Path to the guardian.ignore file.
my $ignorefile ='/var/ipfire/guardian/guardian.ignore';
+# Hash which contains the supported modules and the
+# file locations on IPFire systems.
+my %module_file_locations = (
+ "HTTPD" => "/var/log/httpd/error_log",
+ "OWNCLOUD" => "/var/owncloud/data/owncloud.log",
+ "SNORT" => "/var/log/snort.alert",
+ "SSH" => "/var/log/messages",
+);
+
our %netsettings = ();
&General::readhash("${General::swroot}/ethernet/settings", \%netsettings);
$settings{'GUARDIAN_MONITOR_SSH'} = 'on';
$settings{'GUARDIAN_MONITOR_HTTPD'} = 'on';
$settings{'GUARDIAN_MONITOR_OWNCLOUD'} = '';
+$settings{'GUARDIAN_LOG_FACILITY'} = 'syslog';
$settings{'GUARDIAN_LOGLEVEL'} = 'info';
$settings{'GUARDIAN_BLOCKCOUNT'} = '3';
$settings{'GUARDIAN_BLOCKTIME'} = '86400';
$settings{'GUARDIAN_LOGFILE'} = '/var/log/guardian/guardian.log';
-$settings{'GUARDIAN_PRIORITY_LEVEL'} = '3';
+$settings{'GUARDIAN_SNORT_PRIORITY_LEVEL'} = '3';
# Default settings for owncloud if installed.
if ( -e "$owncloud_meta") {
$checked{'GUARDIAN_MONITOR_OWNCLOUD'}{'on'} = '';
$checked{'GUARDIAN_MONITOR_OWNCLOUD'}{$settings{'GUARDIAN_MONITOR_OWNCLOUD'}} = "checked='checked'";
+ $selected{'GUARDIAN_LOG_FACILITY'}{$settings{'GUARDIAN_LOG_FACILITY'}} = 'selected';
$selected{'GUARDIAN_LOGLEVEL'}{$settings{'GUARDIAN_LOGLEVEL'}} = 'selected';
- $selected{'GUARDIAN_PRIORITY_LEVEL'}{$settings{'GUARDIAN_PRIORITY_LEVEL'}} = 'selected';
+ $selected{'GUARDIAN_SNORT_PRIORITY_LEVEL'}{$settings{'GUARDIAN_SNORT_PRIORITY_LEVEL'}} = 'selected';
&Header::openpage($Lang::tr{'guardian configuration'}, 1, '');
&Header::openbigbox('100%', 'left', '', $errormessage);
print"</tr>\n";
}
print <<END;
+ <tr>
+ <td colspan='2'><br></td>
+ </tr>
+ <tr>
+ <td align='left' width='20%'>$Lang::tr{'guardian logfacility'}:</td>
+ <td><select name='GUARDIAN_LOG_FACILITY'>
+ <option value='syslog' $selected{'GUARDIAN_LOG_FACILITY'}{'syslog'}>syslog</option>
+ <option value='file' $selected{'GUARDIAN_LOG_FACILITY'}{'file'}>file</option>
+ <option value='console' $selected{'GUARDIAN_LOG_FACILITY'}{'console'}>console</option>
+ </select></td>
+ </tr>
<tr>
<td colspan='2'><br></td>
</tr>
</tr>
<tr>
<td align='left' width='20%'>$Lang::tr{'guardian priority level'}:</td>
- <td><select name='GUARDIAN_PRIORITY_LEVEL'>
- <option value='1' $selected{'GUARDIAN_PRIORITY_LEVEL'}{'1'}>1</option>
- <option value='2' $selected{'GUARDIAN_PRIORITY_LEVEL'}{'2'}>2</option>
- <option value='3' $selected{'GUARDIAN_PRIORITY_LEVEL'}{'3'}>3</option>
- <option value='4' $selected{'GUARDIAN_PRIORITY_LEVEL'}{'4'}>4</option>
+ <td><select name='GUARDIAN_SNORT_PRIORITY_LEVEL'>
+ <option value='1' $selected{'GUARDIAN_SNORT_PRIORITY_LEVEL'}{'1'}>1</option>
+ <option value='2' $selected{'GUARDIAN_SNORT_PRIORITY_LEVEL'}{'2'}>2</option>
+ <option value='3' $selected{'GUARDIAN_SNORT_PRIORITY_LEVEL'}{'3'}>3</option>
+ <option value='4' $selected{'GUARDIAN_SNORT_PRIORITY_LEVEL'}{'4'}>4</option>
</select></td>
</tr>
<tr>
my $configfile = "${General::swroot}/guardian/guardian.conf";
- # We set this to 1 (enabled) to prevent guardian from blocking the ISP gateway.
- my $HostGatewayByte = "1";
-
# Open configfile for writing.
open(FILE, ">$configfile");
- print FILE "EnableSnortMonitoring\t\t$settings{'GUARDIAN_ENABLE_SNORT'}\n";
- print FILE "EnableSSHMonitoring\t\t$settings{'GUARDIAN_ENABLE_SSH'}\n";
- print FILE "EnableHTTPDMonitoring\t\t$settings{'GUARDIAN_ENABLE_HTTPD'}\n";
+ # Config file header.
+ print FILE "# Autogenerated configuration file.\n";
+ print FILE "# All user modifications will be overwritten.\n\n";
- # Check if owncloud settings should be written.
- if (exists $settings{'GUARDIAN_ENABLE_OWNCLOUD'}) {
- print FILE "EnableOwncloudMonitoring\t$settings{'GUARDIAN_ENABLE_OWNCLOUD'}\n";
+ # Settings for the logging mechanism.
+ print FILE "# Log settings.\n";
+ print FILE "LogFacility = $settings{'GUARDIAN_LOG_FACILITY'}\n";
+
+ if ($settings{'GUARDIAN_LOG_FACILITY'} eq "file") {
+ print FILE "LogFile = $settings{'GUARDIAN_LOGFILE'}\n";
}
- print FILE "LogLevel\t\t\t$settings{'GUARDIAN_LOGLEVEL'}\n";
- print FILE "BlockCount\t\t\t$settings{'GUARDIAN_BLOCKCOUNT'}\n";
- print FILE "HostGatewayByte\t\t\t$HostGatewayByte\n";
- print FILE "LogFile\t\t\t\t$settings{'GUARDIAN_LOGFILE'}\n";
- print FILE "IgnoreFile\t\t\t$ignorefile\n";
- print FILE "TimeLimit\t\t\t$settings{'GUARDIAN_BLOCKTIME'}\n";
- print FILE "PriorityLevel\t\t\t$settings{'GUARDIAN_PRIORITY_LEVEL'}\n";
+ print FILE "LogLevel = $settings{'GUARDIAN_LOGLEVEL'}\n\n";
+
+ # IPFire related static settings.
+ print FILE "# IPFire related settings.\n";
+ print FILE "FirewallEngine = IPtables\n";
+ print FILE "SocketOwner = nobody:nobody\n";
+ print FILE "IgnoreFile = $ignorefile\n\n";
+
+ # Configured block values.
+ print FILE "# Configured block values.\n";
+ print FILE "BlockCount = $settings{'GUARDIAN_BLOCKCOUNT'}\n";
+ print FILE "BlockTime = $settings{'GUARDIAN_BLOCKTIME'}\n\n";
+
+ # Enabled modules.
+ # Loop through whole settings hash.
+ print FILE "# Enabled modules.\n";
+ foreach my $option (keys %settings) {
+ # Search for enabled modules.
+ if ($option =~ /GUARDIAN_MONITOR_(.*)/) {
+ # Skip if module is not enabled.
+ next unless($settings{$option} eq "on");
+
+ # Skip module if no file location is available.
+ next unless(exists($module_file_locations{$1}));
+
+ # Add enabled module and defined path to the config file.
+ print FILE "Monitor_$1 = $module_file_locations{$1}\n";
+ }
+ }
+
+ # Module settings.
+ print FILE "\n# Module settings.\n";
+ # Check if SNORT is enabled and add snort priority.
+ if ($settings{'GUARDIAN_MONITOR_SNORT'} eq "on") {
+ print FILE "SnortPriorityLevel = $settings{'GUARDIAN_SNORT_PRIORITY_LEVEL'}\n";
+ }
close(FILE);