Extend Suricata support #8372
Closed
Extend Suricata support #8372
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This reverts commit f32b64f.
…ense#8230 (cherry picked from commit e14cb5c)
(cherry picked from commit 2862db6)
While here simplify the unlock code and correct the comment. (cherry picked from commit 814e983)
…closes opnsense#8232 (cherry picked from commit 9b40922)
(cherry picked from commit ed7a901)
…sense#8228) The NetworkValidator fails on IPv4-mapped addresses[1], for example ::ffff:198.51.100.0/120. Inferring IPv4 from the presence of a period (.) fails as these IPv6 address forms contain periods. Inferring IPv6 from the presence of a colon (:) should be more robust. 1. https://www.rfc-editor.org/rfc/rfc4291#section-2.2 (cherry picked from commit c375cc5)
By ignoring invalid UTF-8 we can get the bulk of the data. It's not likely we are ever going to get unencoded binary data through JSON, especially in pluginctl. PR: https://forum.opnsense.org/index.php?topic=45194.0 (cherry picked from commit 60f297f) (cherry picked from commit dcc457b)
- split up the logic into class collection and status collection so that out of scope objects don't need to check their status. - with the previous, status dismissal doesn't need a status check either anymore - remove the UI delay from head.inc as well - scale up the disk space status thresholds a bit for systems with lower assigned disk space - non-persistent status objects without a location had their pointer-events removed, making it non-dismissable (cherry picked from commit cfdd274)
(cherry picked from commit 23fd657)
…ge on login, closes opnsense#8222 (cherry picked from commit 5a9a551)
https://github.com/hagezi/dns-blocklists closes opnsense#8224 Deprecated (but can still be downloaded for compatibility reasons): * NoCoin List * All Porn List * PornTop1M List * Simple Ad List * Simple Tracker List * WindowsSpyBlocker (*) (cherry picked from commit 4f12007)
…closes opnsense#8093 (cherry picked from commit 5d59660)
PR: opnsense/installer#20 (cherry picked from commit c8871da) (cherry picked from commit c38dbab) (cherry picked from commit 7335db7)
…e#8237) Fixes: opnsense#8235 (cherry picked from commit a05c231)
…me requires a token lifetime.". closes opnsense#8203 (cherry picked from commit 526d747)
(cherry picked from commit 7c3048e)
(cherry picked from commit b7ba536)
(cherry picked from commit 9900d91)
…rules fix, closes opnsense#8242 (cherry picked from commit 6765a6b)
* aliases: add optional authorization for URL type aliases * aliases: missing break statement * aliases: update helptext and link to proper id * aliases: merge token and password fields and shorten code * Firewall: Aliases - minor modifications for opnsense#8238 o re-add selectpicker, title on select killed the default bevaior o change token to password as the default use-case is username+password, bearer is less common / functional * aliases: validation should be adjusted as such --------- Co-authored-by: Ad Schellevis <[email protected]> (cherry picked from commit 8d26447)
…nse.org/manual/monit.html#advanced-configurations) (cherry picked from commit 18fc1f0) (cherry picked from commit f372569)
…arses json payloads and extracts addresses, closes opnsense#8107 While here, also fix a minor issue in opnsense#8238 to calculate a proper alias has value when auth properties are specified. (cherry picked from commit 03a8812)
(cherry picked from commit f66d639)
…mented for legacy in opnsense@cfb84fe, closes opnsense#8409 (cherry picked from commit b7ed45d)
(cherry picked from commit 1d59146)
(cherry picked from commit 13b68dd)
(cherry picked from commit d68d48f)
…y_button (opnsense#8253) (cherry picked from commit 855bd7a) (cherry picked from commit 24a6142) (cherry picked from commit 8a9fe28) (cherry picked from commit bac5dfe)
(cherry picked from commit 8591b00)
(cherry picked from commit 83723fd)
(cherry picked from commit d7d45dc)
Monviech
requested changes
Mar 14, 2025
src/opnsense/mvc/app/controllers/OPNsense/IDS/forms/generalSettings.xml
Outdated
Show resolved
Hide resolved
src/opnsense/mvc/app/controllers/OPNsense/IDS/forms/generalSettings.xml
Outdated
Show resolved
Hide resolved
…e stats instead of dumping them. This commit changes PF.list_tables() to yield both the name of the aliases as well as (limited) stats, in places where we only check for totals, these are faster to collect than counting them in python. There should be no functional impact. (cherry picked from commit 81ec980)
(cherry picked from commit f8b35d0)
… to unbound plugin in stead of the existing prefiltering option. closes opnsense#8415 The previous handling "skimmed" the blocklist using regular expressions, but when these lists include wildcards, you need to filter the exact item to exclude it (e.g. *.org.domain in a blocklist will still block a.org.domain in a passlist). By moving the evaluation to the place where requests are evaluated, we can pass the likely intended domains by their provided regex. Although there is a performance penalty, it should be limited since we only compile the regex once. (cherry picked from commit aa2cff3)
…n "(de)select all" button on the same row. (cherry picked from commit 676dbb9)
…tion (cherry picked from commit adc37c2)
… empty node, just changes how these are being created for the first time. (cherry picked from commit f569ead)
…pnsense#8432 (cherry picked from commit e702d4e)
|
Will create a new PR once this has been fixed. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Extend Suricata support in OPNsense to increase the monitoring capabilities (e.g., integrate with Malcolm)
Features:
Subsequent changes:
ja4).stats.log(stats can be enabled in EVE).