guardian: Remove snort related options.
authorStefan Schantl <stefan.schantl@ipfire.org>
Tue, 7 May 2019 17:17:16 +0000 (19:17 +0200)
committerArne Fitzenreiter <arne_f@ipfire.org>
Wed, 8 May 2019 17:20:08 +0000 (19:20 +0200)
IPFire has moved to suricata as IDS/IPS system, therefore all snort related
options has become obsolete.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
config/guardian/guardian.de.pl
config/guardian/guardian.en.pl
config/guardian/guardian.tr.pl
html/cgi-bin/guardian.cgi
lfs/guardian

index 344d045..c03c985 100644 (file)
@@ -6,7 +6,7 @@
 'guardian block httpd brute-force' => 'httpd-Brute-Force-Erkennung',
 'guardian block owncloud brute-force' => 'Owncloud-Brute-Force-Erkennung',
 'guardian block ssh brute-force' => 'SSH-Brute-Force-Erkennung',
-'guardian blockcount' => 'Trefferschwelle (Snort)',
+'guardian blockcount' => 'Trefferschwelle',
 'guardian blocked hosts' => 'Aktuell geblockte Hosts',
 'guardian blocking of this address is not allowed' => 'Diese Addresse darf nicht geblockt werden.',
 'guardian blocktime' => 'Blockzeit (Sekunden)',
@@ -36,9 +36,7 @@
 'guardian priolevel_medium' => '2 - Mittel',
 'guardian priolevel_low' => '3 - Niedrig',
 'guardian priolevel_very_low' => '4 - Sehr niedrig',
-'guardian priority level' => 'Prioritätslevel (Snort)',
 'guardian service' => 'Guardian-Dienst',
-'guardian watch snort alertfile' => 'Snort-Alarme auswerten',
 
 );
 
index f6be865..c94484f 100644 (file)
@@ -6,7 +6,7 @@
 'guardian block httpd brute-force' => 'httpd Brute Force Detection',
 'guardian block owncloud brute-force' => 'Owncloud Brute Force detection',
 'guardian block ssh brute-force' => 'SSH Brute Force Detection',
-'guardian blockcount' => 'Strike Threshold (Snort)',
+'guardian blockcount' => 'Strike Threshold',
 'guardian blocked hosts' => 'Currently blocked hosts',
 'guardian blocking of this address is not allowed' => 'Blocking of the given address is not allowed.',
 'guardian blocktime' => 'Block Time (seconds)',
@@ -36,9 +36,7 @@
 'guardian priolevel_medium' => '2 - Medium',
 'guardian priolevel_low' => '3 - Low',
 'guardian priolevel_very_low' => '4 - Very low',
-'guardian priority level' => 'Priority Level (Snort)',
 'guardian service' => 'Guardian Service',
-'guardian watch snort alertfile' => 'Monitor Snort Alert File',
 
 );
 
index cb64a35..c4d9c5a 100644 (file)
@@ -6,7 +6,7 @@
 'guardian block httpd brute-force' => 'httpd kaba kuvvet algılama',
 'guardian block owncloud brute-force' => 'Owncloud kaba kuvvet algılama',
 'guardian block ssh brute-force' => 'SSH kaba kuvvet algılama',
-'guardian blockcount' => 'Vurgu eşiği (Snort)',
+'guardian blockcount' => 'Vurgu eşiği',
 'guardian blocked hosts' => 'Şu anda engellenen ana makineler',
 'guardian blocking of this address is not allowed' => 'Verilen adresin engellenmesine izin verilmiyor.',
 'guardian blocktime' => 'Engelleme zamanı (saniye)',
@@ -36,9 +36,7 @@
 'guardian priolevel_medium' => '2 - Orta',
 'guardian priolevel_low' => '3 - Düşük',
 'guardian priolevel_very_low' => '4 - Çok düşük',
-'guardian priority level' => 'Öncelik seviyesi (Snort)',
 'guardian service' => 'Koruyucu servisi',
-'guardian watch snort alertfile' => 'Snort uyarı dosyası',
 
 );
 
index 6144aca..36d84bb 100644 (file)
@@ -52,7 +52,6 @@ my $ignorefile ='/var/ipfire/guardian/guardian.ignore';
 # file locations on IPFire systems.
 my %module_file_locations = (
        "HTTPD" => "/var/log/httpd/error_log",
-       "SNORT" => "/var/log/snort/alert",
        "SSH" => "/var/log/messages",
 );
 
@@ -78,7 +77,6 @@ our %ignored  = ();
 $settings{'ACTION'} = '';
 
 $settings{'GUARDIAN_ENABLED'} = 'off';
-$settings{'GUARDIAN_MONITOR_SNORT'} = 'on';
 $settings{'GUARDIAN_MONITOR_SSH'} = 'on';
 $settings{'GUARDIAN_MONITOR_HTTPD'} = 'on';
 $settings{'GUARDIAN_MONITOR_OWNCLOUD'} = '';
@@ -88,7 +86,6 @@ $settings{'GUARDIAN_BLOCKCOUNT'} = '3';
 $settings{'GUARDIAN_BLOCKTIME'} = '86400';
 $settings{'GUARDIAN_FIREWALL_ACTION'} = 'DROP';
 $settings{'GUARDIAN_LOGFILE'} = '/var/log/guardian/guardian.log';
-$settings{'GUARDIAN_SNORT_PRIORITY_LEVEL'} = '3';
 
 my $errormessage = '';
 
@@ -379,9 +376,6 @@ sub showMainBox() {
        $checked{'GUARDIAN_ENABLED'}{'on'} = '';
        $checked{'GUARDIAN_ENABLED'}{'off'} = '';
        $checked{'GUARDIAN_ENABLED'}{$settings{'GUARDIAN_ENABLED'}} = 'checked';
-       $checked{'GUARDIAN_MONITOR_SNORT'}{'off'} = '';
-       $checked{'GUARDIAN_MONITOR_SNORT'}{'on'} = '';
-       $checked{'GUARDIAN_MONITOR_SNORT'}{$settings{'GUARDIAN_MONITOR_SNORT'}} = "checked='checked'";
        $checked{'GUARDIAN_MONITOR_SSH'}{'off'} = '';
        $checked{'GUARDIAN_MONITOR_SSH'}{'on'} = '';
        $checked{'GUARDIAN_MONITOR_SSH'}{$settings{'GUARDIAN_MONITOR_SSH'}} = "checked='checked'";
@@ -394,7 +388,6 @@ sub showMainBox() {
 
        $selected{'GUARDIAN_LOG_FACILITY'}{$settings{'GUARDIAN_LOG_FACILITY'}} = 'selected';
        $selected{'GUARDIAN_LOGLEVEL'}{$settings{'GUARDIAN_LOGLEVEL'}} = 'selected';
-       $selected{'GUARDIAN_SNORT_PRIORITY_LEVEL'}{$settings{'GUARDIAN_SNORT_PRIORITY_LEVEL'}} = 'selected';
        $selected{'GUARDIAN_FIREWALL_ACTION'}{$settings{'GUARDIAN_FIREWALL_ACTION'}} = 'selected';
 
        &Header::openpage($Lang::tr{'guardian configuration'}, 1, '');
@@ -447,19 +440,6 @@ sub showMainBox() {
                        \$("#GUARDIAN_LOG_FACILITY").change(update_options);
                        \$("#GUARDIAN_LOGLEVEL").change(update_options);
                        update_options();
-
-                       // Show / Hide snort priority level option, based if
-                       // snort is enabled / disabled.
-                       if (\$('input[name=GUARDIAN_MONITOR_SNORT]:checked').val() == 'on') {
-                               \$('.GUARDIAN_SNORT_PRIORITY_LEVEL').show();
-                       } else {
-                               \$('.GUARDIAN_SNORT_PRIORITY_LEVEL').hide();
-                       }
-
-                       // Show/Hide snort priority level when GUARDIAN_MONITOR_SNORT get changed.
-                       \$('input[name=GUARDIAN_MONITOR_SNORT]').change(function() {
-                               \$('.GUARDIAN_SNORT_PRIORITY_LEVEL').toggle();
-                       });
                });
        </script>
 END
@@ -533,12 +513,6 @@ END
                                <td colspan='2'><br></td>
                        </tr>
 
-                       <tr>
-                               <td width='25%' class='base'>$Lang::tr{'guardian watch snort alertfile'}</td>
-                               <td align='left'>on <input type='radio' name='GUARDIAN_MONITOR_SNORT' value='on' $checked{'GUARDIAN_MONITOR_SNORT'}{'on'} /> /
-                               <input type='radio' name='GUARDIAN_MONITOR_SNORT' value='off' $checked{'GUARDIAN_MONITOR_SNORT'}{'off'} /> off</td>
-                       </tr>
-
                        <tr>
                                <td width='25%' class='base'>$Lang::tr{'guardian block ssh brute-force'}</td>
                                <td align='left'>on <input type='radio' name='GUARDIAN_MONITOR_SSH' value='on' $checked{'GUARDIAN_MONITOR_SSH'}{'on'} /> /
@@ -580,17 +554,15 @@ END
                                <td><input type='text' name='GUARDIAN_LOGFILE' value='$settings{'GUARDIAN_LOGFILE'}' size='30' /></td>
                        </tr>
 
-                       <tr class="GUARDIAN_SNORT_PRIORITY_LEVEL">
+                       <tr>
                                <td colspan='2'><br></td>
                        </tr>
 
-                       <tr class="GUARDIAN_SNORT_PRIORITY_LEVEL">
-                               <td align='left' width='20%'>$Lang::tr{'guardian priority level'}:</td>
-                               <td><select name='GUARDIAN_SNORT_PRIORITY_LEVEL'>
-                                       <option value='1' $selected{'GUARDIAN_SNORT_PRIORITY_LEVEL'}{'1'}>$Lang::tr{'guardian priolevel_high'}</option>
-                                       <option value='2' $selected{'GUARDIAN_SNORT_PRIORITY_LEVEL'}{'2'}>$Lang::tr{'guardian priolevel_medium'}</option>
-                                       <option value='3' $selected{'GUARDIAN_SNORT_PRIORITY_LEVEL'}{'3'}>$Lang::tr{'guardian priolevel_low'}</option>
-                                       <option value='4' $selected{'GUARDIAN_SNORT_PRIORITY_LEVEL'}{'4'}>$Lang::tr{'guardian priolevel_very_low'}</option>
+                       <tr>
+                               <td width='25%' class='base'>$Lang::tr{'guardian firewallaction'}:</td>
+                               <td><select name='GUARDIAN_FIREWALL_ACTION'>
+                                       <option value='DROP' $selected{'GUARDIAN_FIREWALL_ACTION'}{'DROP'}>Drop</option>
+                                       <option value='REJECT' $selected{'GUARDIAN_FIREWALL_ACTION'}{'REJECT'}>Reject</option>
                                </select></td>
 
                                <td width='25%' class='base'>$Lang::tr{'guardian blockcount'}:</td>
@@ -602,12 +574,6 @@ END
                        </tr>
 
                        <tr>
-                               <td width='25%' class='base'>$Lang::tr{'guardian firewallaction'}:</td>
-                               <td><select name='GUARDIAN_FIREWALL_ACTION'>
-                                       <option value='DROP' $selected{'GUARDIAN_FIREWALL_ACTION'}{'DROP'}>Drop</option>
-                                       <option value='REJECT' $selected{'GUARDIAN_FIREWALL_ACTION'}{'REJECT'}>Reject</option>
-                               </select></td>
-
                                <td width='25%' class='base'>$Lang::tr{'guardian blocktime'}:</td>
                                <td><input type='text' name='GUARDIAN_BLOCKTIME' value='$settings{'GUARDIAN_BLOCKTIME'}' size='10' /></td>
                        </tr>
@@ -977,11 +943,6 @@ sub BuildConfiguration() {
 
        # Module settings.
        print FILE "\n# Module settings.\n";
-       # Check if SNORT is enabled and add snort priority.
-       if ($settings{'GUARDIAN_MONITOR_SNORT'} eq "on") {
-               print FILE "SnortPriorityLevel = $settings{'GUARDIAN_SNORT_PRIORITY_LEVEL'}\n";
-       }
-
        close(FILE);
 
        # Generate ignore file.
index 2eaf772..d84ca64 100644 (file)
@@ -33,7 +33,7 @@ DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 
 PROG       = guardian
-PAK_VER    = 15
+PAK_VER    = 16
 
 DEPS       = "perl-inotify2 perl-Net-IP"