From fbfdb241c196f3a9f3f009c1fbcd70909ecacf16 Mon Sep 17 00:00:00 2001 From: maniacikarus Date: Tue, 14 Aug 2007 18:10:09 +0000 Subject: [PATCH] QoS Graphen angepasst damit Bytes angezeigt werden Guardian Konfiguration in die IDS CGI eingebaut git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@766 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8 --- config/cfgroot/graphs.pl | 28 ++++++++++---------- html/cgi-bin/ids.cgi | 56 +++++++++++++++++++++++++++++++++++----- langs/de/cgi-bin/de.pl | 8 +++++- langs/en/cgi-bin/en.pl | 6 +++++ lfs/guardian | 2 ++ 5 files changed, 79 insertions(+), 21 deletions(-) diff --git a/config/cfgroot/graphs.pl b/config/cfgroot/graphs.pl index 82b8d1dfca..97c3a7a3e7 100644 --- a/config/cfgroot/graphs.pl +++ b/config/cfgroot/graphs.pl @@ -53,7 +53,7 @@ sub updatecpugraph { my $period = $_[0]; RRDs::graph ("$graphs/cpu-$period.png", - "--start", "-1$period", "-aPNG", "-i", "-z", + "--start", "-1$period", "-aPNG", "-i", "-z", "-W www.ipfire.org", "--alt-y-grid", "-w 600", "-h 100", "-l 0", "-u 100", "-r", "--color", "SHADEA".$color{"color19"}, "--color", "SHADEB".$color{"color19"}, @@ -109,7 +109,7 @@ sub updateloadgraph { RRDs::graph ("$graphs/load-$period.png", "--start", "-1$period", "-aPNG", - "-w 600", "-h 100", "-i", "-z", "-l 0", "-r", "--alt-y-grid", + "-w 600", "-h 100", "-i", "-z", "-W www.ipfire.org", "-l 0", "-r", "--alt-y-grid", "-t Load Average", "--color", "SHADEA".$color{"color19"}, "--color", "SHADEB".$color{"color19"}, @@ -133,7 +133,7 @@ sub updatememgraph { my $period = $_[0]; RRDs::graph ("$graphs/memory-$period.png", - "--start", "-1$period", "-aPNG", "-i", "-z", + "--start", "-1$period", "-aPNG", "-i", "-z", "-W www.ipfire.org", "--alt-y-grid", "-w 600", "-h 100", "-l 0", "-u 100", "-r", "--color", "SHADEA".$color{"color19"}, "--color", "SHADEB".$color{"color19"}, @@ -185,7 +185,7 @@ sub updatememgraph { print "Error in RRD::graph for mem: $ERROR\n" if $ERROR; RRDs::graph ("$graphs/swap-$period.png", - "--start", "-1$period", "-aPNG", "-i", "-z", + "--start", "-1$period", "-aPNG", "-i", "-z", "-W www.ipfire.org", "--alt-y-grid", "-w 600", "-h 100", "-l 0", "-u 100", "-r", "--color", "SHADEA".$color{"color19"}, "--color", "SHADEB".$color{"color19"}, @@ -220,7 +220,7 @@ sub updatediskgraph { my $disk = $_[1]; RRDs::graph ("$graphs/disk-$disk-$period.png", - "--start", "-1$period", "-aPNG", "-i", "-z", + "--start", "-1$period", "-aPNG", "-i", "-z", "-W www.ipfire.org", "--alt-y-grid", "-w 600", "-h 100", "-l 0", "-r", "--color", "SHADEA".$color{"color19"}, "--color", "SHADEB".$color{"color19"}, @@ -249,7 +249,7 @@ sub updateifgraph { my $period = $_[1]; RRDs::graph ("$graphs/$interface-$period.png", - "--start", "-1$period", "-aPNG", "-i", "-z", + "--start", "-1$period", "-aPNG", "-i", "-z", "-W www.ipfire.org", "--alt-y-grid", "-w 600", "-h 100", "--color", "SHADEA".$color{"color19"}, "--color", "SHADEB".$color{"color19"}, @@ -281,7 +281,7 @@ sub updatefwhitsgraph { my $period = $_[0]; RRDs::graph ("$graphs/firewallhits-$period-area.png", - "--start", "-1$period", "-aPNG", "-i", "-z", + "--start", "-1$period", "-aPNG", "-i", "-z", "-W www.ipfire.org", "--alt-y-grid", "-w 600", "-h 100", "--color", "SHADEA".$color{"color19"}, "--color", "SHADEB".$color{"color19"}, @@ -311,7 +311,7 @@ sub updatefwhitsgraph { sub updatelqgraph { my $period = $_[0]; RRDs::graph ("$graphs/lq-$period.png", - "--start", "-1$period", "-aPNG", "-i", "-z", + "--start", "-1$period", "-aPNG", "-i", "-z", "-W www.ipfire.org", "--alt-y-grid", "-w 600", "-h 100", "-l 0", "-r", "-t $Lang::tr{'linkq'} ($Lang::tr{'graph per'} $Lang::tr{$period})", "--lazy", @@ -358,7 +358,7 @@ sub updatehddgraph { my $period = $_[1]; RRDs::graph ("$graphs/hddtemp-$disk-$period.png", - "--start", "-1$period", "-aPNG", "-i", "-z", + "--start", "-1$period", "-aPNG", "-i", "-z", "-W www.ipfire.org", "--alt-y-grid", "-w 600", "-h 100", "--color", "SHADEA".$color{"color19"}, "--color", "SHADEB".$color{"color19"}, @@ -386,7 +386,7 @@ sub updatetempgraph my $count = "11"; @args = ("$graphs/mbmon-$type-$period.png", - "--start", "-1$period", "-aPNG", "-i", "-z", + "--start", "-1$period", "-aPNG", "-i", "-z", "-W www.ipfire.org", "--alt-y-grid", "-w 600", "-h 100", "--alt-autoscale", "--color", "SHADEA".$color{"color19"}, "--color", "SHADEB".$color{"color19"}, @@ -427,7 +427,7 @@ sub updatefangraph my $period = $_[0]; my $count = "11"; - @args = ("$graphs/mbmon-$type-$period.png", "--start", "-1$period", "-aPNG", "-i", "-z", + @args = ("$graphs/mbmon-$type-$period.png", "--start", "-1$period", "-aPNG", "-i", "-z", "-W www.ipfire.org", "--alt-y-grid", "-w 600", "-h 100", "--alt-autoscale", "--color", "SHADEA".$color{"color19"}, "--color", "SHADEB".$color{"color19"}, @@ -468,7 +468,7 @@ sub updatevoltgraph my $period = $_[0]; my $count = "11"; - @args = ("$graphs/mbmon-$type-$period.png", "--start", "-1$period", "-aPNG", "-i", "-z", + @args = ("$graphs/mbmon-$type-$period.png", "--start", "-1$period", "-aPNG", "-i", "-z", "-W www.ipfire.org", "--alt-y-grid", "-w 600", "-h 100", "--alt-autoscale", "--color", "SHADEA".$color{"color19"}, "--color", "SHADEB".$color{"color19"}, @@ -531,7 +531,7 @@ sub overviewgraph { my $count="1"; my $color="#000000"; my @command=("/srv/web/ipfire/html/graphs/qos-graph-$qossettings{'DEV'}-$period.png", - "--start", $periodstring, "-aPNG", "-i", "-z", + "--start", $periodstring, "-aPNG", "-i", "-z", "-W www.ipfire.org", "--alt-y-grid", "-w 600", "-h 150", "-r", "--color", "SHADEA".$color{"color19"}, "--color", "SHADEB".$color{"color19"}, @@ -547,7 +547,7 @@ sub overviewgraph { if ( $classline[0] eq $qossettings{'DEV'} ) { $color=random_hex_color(6); - push(@command, "DEF:$classline[1]=/var/log/rrd/class_$qossettings{'CLASSPRFX'}-$classline[1]_$qossettings{'DEV'}.rrd:bits:AVERAGE"); + push(@command, "DEF:$classline[1]=/var/log/rrd/class_$qossettings{'CLASSPRFX'}-$classline[1]_$qossettings{'DEV'}.rrd:bytes:AVERAGE"); if ($count eq "1") { push(@command, "AREA:$classline[1]$color:Klasse $classline[1] - $classline[8]\\j"); diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi index a0b31e5374..4e40e58352 100644 --- a/html/cgi-bin/ids.cgi +++ b/html/cgi-bin/ids.cgi @@ -44,7 +44,16 @@ $snortsettings{'ENABLE_SNORT_GREEN'} = 'off'; $snortsettings{'ENABLE_SNORT_BLUE'} = 'off'; $snortsettings{'ENABLE_SNORT_ORANGE'} = 'off'; $snortsettings{'ENABLE_GUARDIAN'} = 'off'; +$snortsettings{'GUARDIAN_INTERFACE'} = `cat /var/ipfire/red/iface`; +$snortsettings{'GUARDIAN_HOSTGATEWAYBYTE'} = '1'; +$snortsettings{'GUARDIAN_LOGFILE'} = '/var/log/guardian/guardian.log'; +$snortsettings{'GUARDIAN_ALERTFILE'} = '/var/log/snort/alert'; +$snortsettings{'GUARDIAN_IGNOREFILE'} = '/var/ipfire/guardian/guardian.ignore'; +$snortsettings{'GUARDIAN_TARGETFILE'} = '/var/ipfire/guardian/guardian.target'; +$snortsettings{'GUARDIAN_TIMELIMIT'} = '86400'; +$snortsettings{'GUARDIAN_IGNOREFILE_CONTENT'} = `cat $snortsettings{'GUARDIAN_IGNOREFILE'}`; $snortsettings{'ACTION'} = ''; +$snortsettings{'ACTION2'} = ''; $snortsettings{'RULES'} = ''; $snortsettings{'OINKCODE'} = ''; $snortsettings{'INSTALLDATE'} = ''; @@ -248,7 +257,7 @@ if ($snortsettings{'RULES'} eq 'subscripted') { $url="http://www.snort.org/pub-bin/downloads.cgi/Download/comm_rules/Community-Rules-CURRENT.tar.gz"; } -if ($snortsettings{'ACTION'} eq $Lang::tr{'save'}) +if ($snortsettings{'ACTION'} eq $Lang::tr{'save'} && $snortsettings{'ACTION2'} eq "snort" ) { $errormessage = $Lang::tr{'invalid input for oink code'} unless ( ($snortsettings{'OINKCODE'} =~ /^[a-z0-9]+$/) || @@ -288,6 +297,23 @@ if ($snortsettings{'ACTION'} eq $Lang::tr{'save'}) system('/usr/local/bin/snortctrl restart >/dev/null'); +} elsif ($snortsettings{'ACTION'} eq $Lang::tr{'save'} && $snortsettings{'ACTION2'} eq "guardian" ){ + open(IGNOREFILE, ">$snortsettings{'GUARDIAN_IGNOREFILE'}") or die "Unable to write guardian ignore file $snortsettings{'GUARDIAN_IGNOREFILE'}"; + print IGNOREFILE $snortsettings{'GUARDIAN_IGNOREFILE_CONTENT'}; + close(IGNOREFILE); + open(GUARDIAN, ">/var/ipfire/guardian/guardian.conf") or die "Unable to write guardian conf /var/ipfire/guardian/guardian.conf"; + print GUARDIAN </dev/null'); } else { # INSTALLMD5 is not in the form, so not retrieved by getcgihash &General::readhash("${General::swroot}/snort/settings", \%snortsettings); @@ -438,11 +464,7 @@ print < - - - +
  -   -
@@ -454,6 +476,28 @@ if ($results ne '') { } &Header::closebox(); + +####################### Added for guardian control #################################### +if ( -e "/var/ipfire/guardian/guardian.conf" ) { + &Header::openbox('100%', 'LEFT', $Lang::tr{'guardian configuration'}); +print < + + + + + + +
$Lang::tr{'guardian interface'}
$Lang::tr{'guardian timelimit'}
$Lang::tr{'guardian logfile'}
$Lang::tr{'guardian alertfile'}
$Lang::tr{'guardian ignorefile'}
+ +END +; + &Header::closebox(); +} + + + + ####################### Added for snort rules control ################################# if ( -e "${General::swroot}/snort/enable" || -e "${General::swroot}/snort/enable_green" || -e "${General::swroot}/snort/enable_blue" || -e "${General::swroot}/snort/enable_orange" ) { &Header::openbox('100%', 'LEFT', $Lang::tr{'intrusion detection system rules'}); diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index 15e562c175..6ea5211456 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -773,6 +773,12 @@ 'green' => 'GRÜN', 'green interface' => 'Grünes Interface', 'guaranteed bandwith' => 'Garantierte Bandbreite', +'guardian alertfile' => 'Alertfile', +'guardian configuration' => 'Guardian Konfiguration', +'guardian ignorefile' => 'Ignorefile', +'guardian interface' => 'Interface', +'guardian logfile' => 'Logfile', +'guardian timelimit' => 'Timelimit', 'guest ok' => 'Gastzugang gewähren', 'gui settings' => 'Benutzeroberfläche', 'gz with key' => 'Nur ein verschlüsseltes Archiv kann auf dieser Maschine wiederhergestellt werden.', @@ -951,7 +957,7 @@ 'legend' => 'Legende', 'length' => 'Länge', 'line' => 'Leitung', -'linkq' => 'Verbindungsqualität', +'linkq' => 'Antwortzeit', 'load printer' => 'Load Printer', 'loaded modules' => 'Geladene Module:', 'local hard disk' => 'Festplatte', diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index 04e42bbfc5..9728d9b1bb 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -799,6 +799,12 @@ 'green' => 'GREEN', 'green interface' => 'Green Interface', 'guaranteed bandwith' => 'Guaranteed bandwith', +'guardian alertfile' => 'Alertfile', +'guardian configuration' => 'Guardian Configuration', +'guardian ignorefile' => 'Ignorefile', +'guardian interface' => 'Interface', +'guardian logfile' => 'Logfile', +'guardian timelimit' => 'Timelimit', 'guest ok' => 'allow guests to access', 'gui settings' => 'GUI Settings', 'gz with key' => 'Only an encrypted archive can be restored on this machine.', diff --git a/lfs/guardian b/lfs/guardian index 30ddca0004..f0dacd0fde 100644 --- a/lfs/guardian +++ b/lfs/guardian @@ -62,8 +62,10 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) -mkdir -p /var/ipfire/guardian /var/log/guardian touch /var/log/guardian/guardian.log + touch /var/ipfire/guardian/guardian.ignore install -v -m 644 $(DIR_SRC)/config/guardian/guardian.conf /var/ipfire/guardian/ install -v -m 755 $(DIR_SRC)/config/guardian/guardian.pl /usr/local/bin/ install -v -m 755 $(DIR_SRC)/config/guardian/guardian_block.sh /usr/local/bin/ install -v -m 755 $(DIR_SRC)/config/guardian/guardian_unblock.sh /usr/local/bin/ + chown nobody.nobody /var/ipfire/guardian/{guardian.conf,guardian.ignore} @$(POSTBUILD) -- 2.39.2