# destination was found.
"$hostipaddr" => 1);
+&get_aliases;
+
%sshhash = ();
if ( -e $targetfile ) {
my ($source, $dest, $type) = @_;
&write_log ("$source\t$type\n");
if ($hash{$source} eq "") {
- &write_log ("Running '$blockpath $source'\n");
- system ("$blockpath $source");
+ &write_log ("Running '$blockpath $source $interface'\n");
+ system ("$blockpath $source $interface");
$hash{$source} = time() + $TimeLimit;
} else {
# We have already blocked this one, but snort detected another attack. So
}
if (/Interface\s+(.*)/) {
$interface = $1;
+ if ( $interface eq "" ) {
+ $interface = `cat /var/ipfire/ethernet/settings | grep RED_DEV | cut -d"=" -f2`;
+ }
}
if (/AlertFile\s+(.*)/) {
$alert_file = $1;
}
}
- if ($interface eq "") {
- die "Fatal! Interface is undefined.. Please define it in $opt_o with keyword Interface\n";
- }
if ($alert_file eq "") {
print "Warning! AlertFile is undefined.. Assuming /var/log/snort.alert\n";
$alert_file="/var/log/snort.alert";
}
if ($hostipaddr eq "") {
print "Warning! HostIpAddr is undefined! Attempting to guess..\n";
- $hostipaddr = &get_ip($interface);
+ $hostipaddr = `cat /var/ipfire/red/local-ipaddress`;
print "Got it.. your HostIpAddr is $hostipaddr\n";
}
if ($ignorefile eq "") {
}
}
-sub get_ip {
- my ($interface) = $_[0];
- my $ip;
- open (IFCONFIG, "/bin/netstat -iee |grep $interface -A7 |");
- while (<IFCONFIG>) {
- if ($OS eq "FreeBSD") {
- if (/inet (\d+\.\d+\.\d+\.\d+)/) {
- $ip = $1;
- }
- }
- if ($OS eq "Linux") {
- if (/inet addr:(\d+\.\d+\.\d+\.\d+)/) {
- $ip = $1;
- }
- }
- }
- close (IFCONFIG);
-
- if ($ip eq "") { die "Couldn't figure out the ip address\n"; }
- $ip;
- }
-
sub sig_handler_setup {
- $SIG{TERM} = \&clean_up_and_exit; # kill
+ $SIG{INT} = \&clean_up_and_exit; # kill -2
+ $SIG{TERM} = \&clean_up_and_exit; # kill -9
$SIG{QUIT} = \&clean_up_and_exit; # kill -3
# $SIG{HUP} = \&flush_and_reload; # kill -1
}
sub call_unblock {
my ($source, $message) = @_;
&write_log ("$message");
- system ("$unblockpath $source");
+ system ("$unblockpath $source $interface");
}
sub clean_up_and_exit {
close (TARG);
print "Loaded $count addresses from $targetfile\n";
}
+
+sub get_aliases {
+ my $ip;
+ print "Scanning for aliases on $interface and add them to the target hash...";
+
+ open (IFCONFIG, "/sbin/ip addr show $interface |");
+ my @lines = <IFCONFIG>;
+ close(IFCONFIG);
+
+ foreach $line (@lines) {
+ if ( $line =~ /inet (\d+\.\d+\.\d+\.\d+)/) {
+ $ip = $1;
+ print " got $ip on $interface ... ";
+ $targethash{'$ip'} = "1";
+ }
+ }
+
+ print "done \n";
+}
\ No newline at end of file
# this is a sample block script for guardian. This should work with ipchains.
# This command gets called by guardian as such:
-# guardian_block.sh <source_ip>
+# guardian_block.sh <source_ip> <interface>
# and the script will issue a command to block all traffic from that source ip
# address. The logic of weither or not it is safe to block that address is
# done inside guardian itself.
source=$1
+interface=$2
-/sbin/iptables -I GUARDIANINPUT -s $source -j DROP
+/sbin/iptables -I GUARDIAN -s $source -i $interface -j DROP
# this is a sample unblock script for guardian. This should work with ipchains.
# This command gets called by guardian as such:
-# unblock.sh <source_ip>
+# unblock.sh <source_ip> <interface>
# and the script will issue a command to remove the block that was created with # block.sh address.
source=$1
+interface=$2
-/sbin/iptables -D GUARDIANINPUT -s $source -j DROP
+/sbin/iptables -D GUARDIAN -s $source -i $interface -j DROP
* igb-2.3.4-kmod-2.6.32.24-ipfire-xen
* igmpproxy-0.1
* imspector-0.9
+* imspector-20101008
* inetutils-1.4.2
* ipaddr-1.2
* iperf-2.0.4
* rsync-3.0.7
* rtorrent-0.8.6
* samba-3.5.5
+* samba-3.5.6
* sane-1.0.19
* screen-4.0.3
* sdparm-1.01
* spandsp-0.0.6pre12
* splix-2.0.0-rc2
* sqlite-3.6.10
-* squid-2.7.STABLE9
+* squid-3.1.8
* squidGuard-1.4.1
* squidclamav-5.4
* sshfs-fuse-2.2
* vnstat-1.6
* vnstati-beta3
* vsftpd-2.1.2
+* vsftpd-2.2.2
* w_scan-20080105
* watchdog-5.9
* wget-1.10.2
&Header::openbox('100%', 'center', $Lang::tr{'outgoing firewall ip groups'});
print <<END
-<a name="outgoing showipgroup"</a>
+<a name="outgoing showipgroup"></a>
<br />
<form method='post' action='$ENV{'SCRIPT_NAME'}#outgoing showipgroup'>
<table width='95%' cellspacing='0'>
&Header::openbox('100%', 'center', $Lang::tr{'outgoing firewall mac groups'});
print <<END
-<a name="outgoing showmacgroup"</a>
+<a name="outgoing showmacgroup"></a>
<br />
<form method='post' action='$ENV{'SCRIPT_NAME'}#outgoing showmacgroup'>
<table width='95%' cellspacing='0'>
<td colspan='2'>$Lang::tr{'urlfilter blocked domains'} <img src='/blob.gif' alt='*' /></td>
<td colspan='2'>$Lang::tr{'urlfilter blocked urls'} <img src='/blob.gif' alt='*' /></td>
</tr>
+<tr>
+ <td colspan='2'>$Lang::tr{'urlfilter example'}</td>
+ <td colspan='2'>$Lang::tr{'urlfilter example ads'}</td>
+</tr>
<tr>
<td colspan='2' width='50%'><textarea name='CUSTOM_BLACK_DOMAINS' cols='32' rows='6' wrap='off'>
END
<td colspan='2'>$Lang::tr{'urlfilter allowed domains'} <img src='/blob.gif' alt='*' /></td>
<td colspan='2'>$Lang::tr{'urlfilter allowed urls'} <img src='/blob.gif' alt='*' /></td>
</tr>
+<tr>
+ <td colspan='2'>$Lang::tr{'urlfilter example'}</td>
+ <td colspan='2'>$Lang::tr{'urlfilter example ads'}</td>
+</tr>
<tr>
<td colspan='2' width='50%'><textarea name='CUSTOM_WHITE_DOMAINS' cols='32' rows='6' wrap='off'>
END
print <<END
<table width='100%' cellpadding='0' cellspacing='5' border='0'>
<tr><td class='base' width='50%'>$Lang::tr{'use a pre-shared key'}</td>
- <td class='base' width='50%'><input type='text' name='PSK' size='30' value='$cgiparams{'PSK'}' /></td>
+ <td class='base' width='50%'><input type='password' name='PSK' size='30' value='$cgiparams{'PSK'}' /></td>
</tr>
</table>
END
<table width='100%' cellpadding='0' cellspacing='5' border='0'>
<tr><td width='5%'><input type='radio' name='AUTH' value='psk' $checked{'AUTH'}{'psk'} $pskdisabled/></td>
<td class='base' width='55%'>$Lang::tr{'use a pre-shared key'}</td>
- <td class='base' width='40%'><input type='text' name='PSK' size='30' value='$cgiparams{'PSK'}' $pskdisabled/></td></tr>
+ <td class='base' width='40%'><input type='password' name='PSK' size='30' value='$cgiparams{'PSK'}' $pskdisabled/></td></tr>
<tr><td colspan='3' bgcolor='#000000'></td></tr>
<tr><td><input type='radio' name='AUTH' value='certreq' $checked{'AUTH'}{'certreq'} $cakeydisabled /></td>
<td class='base'><hr />$Lang::tr{'upload a certificate request'}</td>
'urlfilter enable log' => 'Aktiviere Protokoll',
'urlfilter enable rewrite rules' => 'Aktiviere lokale Dateiumleitung',
'urlfilter enabled' => 'Aktiviert:',
+'urlfilter example' => 'Beispiel: www.domain.com',
+'urlfilter example ads' => 'Beispiel: www.domain.com/ads/',
'urlfilter export blacklist' => 'Blacklist exportieren',
'urlfilter export error' => 'Kann Exportdatei nicht erstellen',
'urlfilter expressions' => 'Ausdrücke (einen pro Zeile)',
'urlfilter enable log' => 'Enable log',
'urlfilter enable rewrite rules' => 'Enable local file redirection',
'urlfilter enabled' => 'Enabled:',
+'urlfilter example' => 'Example: www.domain.com',
+'urlfilter example ads' => 'Example: www.domain.com/ads/',
'urlfilter export blacklist' => 'Export blacklist',
'urlfilter export error' => 'Unable to create export file',
'urlfilter expressions' => 'Expressions (one per line)',
'urlfilter enable log' => 'Activar registro',
'urlfilter enable rewrite rules' => 'Activar redirección de archivos locales',
'urlfilter enabled' => 'Activado:',
+'urlfilter example' => 'Ejemplo: www.domain.com',
+'urlfilter example ads' => 'Ejemplo: www.domain.com/ads/',
'urlfilter export blacklist' => 'Exportar lista negra',
'urlfilter export error' => 'Imposible crear archivo de exportación',
'urlfilter expressions' => 'Frases (una por línea)',
'urlfilter enable log' => 'Activer log',
'urlfilter enable rewrite rules' => 'Activer fichier local de redirection',
'urlfilter enabled' => 'Activé:',
+'urlfilter example' => 'Exemple: www.domain.com',
+'urlfilter example ads' => 'Exemple: www.domain.com/ads/',
'urlfilter export blacklist' => 'Exporter Blackliste',
'urlfilter export error' => 'Impossible de créer fichier d\'exportation',
'urlfilter expressions' => 'Expressions (une par ligne)',
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = guardian
-PAK_VER = 6
+PAK_VER = 7
DEPS = ""
include Config
-VER = 0.9
+VER = 20101008
THISAPP = imspector-$(VER)
DL_FILE = $(THISAPP).tar.gz
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = imspector
-PAK_VER = 1
+PAK_VER = 2
DEPS = ""
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 626abf7c2b8f15d56df679ad66624575
+$(DL_FILE)_MD5 = 032407bb13ccddb77328f83eded102ee
install : $(TARGET)
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && make install
+ cd $(DIR_SRC)/imspector && make install
-mv /usr/etc/imspector /etc/imspector
- install -v -m 755 $(DIR_CONF)/imspector/imspector.conf /etc/imspector.conf
+ -mv /etc/imspector/imspector /etc/imspector
+ install -v -m 755 $(DIR_CONF)/imspector/imspector.conf /etc/imspector.conf
install -v -m 644 $(DIR_SRC)/config/backup/includes/imspector /var/ipfire/backup/addons/includes/imspector
chmod 755 /srv/web/ipfire/cgi-bin/imspector.cgi
chown nobody:nobody -R /var/log/imspector
include Config
-VER = 3.5.5
+VER = 3.5.6
THISAPP = samba-$(VER)
DL_FILE = $(THISAPP).tar.gz
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = samba
-PAK_VER = 30
+PAK_VER = 31
DEPS = "cups"
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 278728aeeef9db7e27fa6a2ce5b43509
+$(DL_FILE)_MD5 = bf6c09ea497a166df8bd672db1d8da8f
install : $(TARGET)
include Config
-VER = 2.1.2
+VER = 2.2.2
THISAPP = vsftpd-$(VER)
DL_FILE = $(THISAPP).tar.gz
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = vsftpd
-PAK_VER = 5
+PAK_VER = 6
DEPS = ""
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 6a8c8579d50adf0d0fc07226c03bfb52
+$(DL_FILE)_MD5 = 6d6bc136af14c23f8fef6f1a51f55418
install : $(TARGET)
# CUSTOM chains, can be used by the users themselves
/sbin/iptables -N CUSTOMINPUT
/sbin/iptables -A INPUT -j CUSTOMINPUT
- /sbin/iptables -N GUARDIANINPUT
- /sbin/iptables -A INPUT -j GUARDIANINPUT
+ /sbin/iptables -N GUARDIAN
+ /sbin/iptables -A INPUT -j GUARDIAN
+ /sbin/iptables -A FORWARD -j GUARDIAN
/sbin/iptables -N CUSTOMFORWARD
/sbin/iptables -A FORWARD -j CUSTOMFORWARD
/sbin/iptables -N CUSTOMOUTPUT
#
# Description : init-script for open-vm-tools
#
-# Authors : earl
+# Authors : Jan Paul Tuecking (earl@ipfire.org)
#
-# Version : 00.01
+# Version : 1.00
#
# Notes :
#
#
# Version : 01.00
#
-# Notes :
+# Notes : Changes in 01.01
+# : v.2.6.7 needs /var/run/vdradmin dir (earl@ipfire.org)
#
########################################################################
case "${1}" in
start)
boot_mesg "Starting VDR Webadministration Tool..."
+ mkdir /var/run/vdradmin -p
loadproc /usr/bin/vdradmind > /dev/null
evaluate_retval
;;