From 68725035744de0253f19e0b3550799799a44f80d Mon Sep 17 00:00:00 2001 From: =?utf8?q?Peter=20M=C3=BCller?= Date: Thu, 5 May 2022 16:21:23 +0000 Subject: [PATCH] Core Update 168: Ship and apply IDSv4 changes MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Signed-off-by: Peter Müller --- config/rootfiles/core/168/filelists/backup | 1 + config/rootfiles/core/168/filelists/files | 5 +++++ config/rootfiles/core/168/update.sh | 10 ++++++++++ 3 files changed, 16 insertions(+) create mode 120000 config/rootfiles/core/168/filelists/backup diff --git a/config/rootfiles/core/168/filelists/backup b/config/rootfiles/core/168/filelists/backup new file mode 120000 index 000000000..38e28a8b4 --- /dev/null +++ b/config/rootfiles/core/168/filelists/backup @@ -0,0 +1 @@ +../../../common/backup \ No newline at end of file diff --git a/config/rootfiles/core/168/filelists/files b/config/rootfiles/core/168/filelists/files index e0883a7db..c0030ebb5 100644 --- a/config/rootfiles/core/168/filelists/files +++ b/config/rootfiles/core/168/filelists/files @@ -391,10 +391,15 @@ lib/firmware/rtw88/rtw8821c_fw.bin lib/firmware/rtw88/rtw8822c_fw.bin lib/firmware/rtw89/rtw8852a_fw.bin lib/firmware/wfx/wfm_wf200_C0.sec +usr/bin/fcrontab usr/lib/firewall/rules.pl +usr/local/bin/update-ids-ruleset +usr/sbin/convert-ids-backend-files +srv/web/ipfire/cgi-bin/ids.cgi srv/web/ipfire/cgi-bin/media.cgi srv/web/ipfire/cgi-bin/wakeonlan.cgi srv/web/ipfire/html/themes/ipfire/include/functions.pl var/ipfire/header.pl +var/ipfire/ids-functions.pl var/ipfire/menu.d/20-status.menu var/ipfire/menu.d/30-network.menu diff --git a/config/rootfiles/core/168/update.sh b/config/rootfiles/core/168/update.sh index 45b530c90..4b525170b 100644 --- a/config/rootfiles/core/168/update.sh +++ b/config/rootfiles/core/168/update.sh @@ -78,12 +78,21 @@ extract_files # update linker config ldconfig +# Run IDSv4 converter +convert-ids-backend-files + # Update Language cache /usr/local/bin/update-lang-cache # Filesytem cleanup /usr/local/bin/filesystem-cleanup +# Delete orphaned Oinkmaster and Suricata default ruleset +rm -vf \ + /usr/local/bin/oinkmaster.pl \ + /var/ipfire/suricata/oinkmaster.conf \ + /var/ipfire/suricata/suricata-default-rules.yaml + # Apply local configuration to sshd_config /usr/local/bin/sshctrl @@ -95,6 +104,7 @@ chmod -v 750 /etc/sudoers.d chmod -v 640 /etc/sudoers.d/* # Start services +/etc/init.d/fcron restart /etc/init.d/sshd restart /etc/init.d/vnstatd restart /etc/init.d/squid start -- 2.39.5