Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

pfSense-pkg-suricata v4.0.3_2 #505

Merged
merged 18 commits into from
Mar 21, 2018
Merged

pfSense-pkg-suricata v4.0.3_2 #505

merged 18 commits into from
Mar 21, 2018

Conversation

bmeeks8
Copy link
Contributor

@bmeeks8 bmeeks8 commented Mar 20, 2018

pfSense-pkg-suricata-4.0.3_2

This update for the Suricata GUI package contains 2 bug fixes and 7 new features. The underlying binary is unchanged and remains at version 4.0.3.

New Features:

  1. The configuration files associated with automatic SID managment via the SID MGMT tab are deprecated in favor of storing the automatic SID management directives directly in the firewall's configuration file, config.xml. During the installation of the new package, the content of all files found in the /var/db/suricata/sidmods directory will be migrated into a list array stored in the firewall configuration file. The new list names are taken from the filenames read from the directory. Storing the automatic SID managment directives content as Base64-encoded data within the firewall configuration ensures that the automatic SID management configuration is backed up and restored along with the rest of the firewall configuration. The ability to upload and download the SID configuration data is retained, but instead of being stored as physical files on the firewall the configuration is written to config.xml.

  2. On the CATEGORIES tab, hyperlinks are now provided for opening and viewing the content of all rules categories irregardless of whether the category is enabled or not. Formerly, only "checked" (or enabled) categories could have their contents viewed in a separate window.

  3. On the INTERFACE SETTINGS tab a new configurable parameter for snaplen has been added. The default value for the new parameter is 1518 bytes. Increasing the value of this parameter can be helpful if Suricata is failing to alert on VLAN traffic. Note that due to a limitation in the Suricata binary, this value is only applicable to Legacy Mode operation. It has no effect when using Inline IPS Mode.

  4. More options are now available to the user for rule action overrides on the RULES and ALERTS tabs. Rules can be forced to ALERT, DROP or REJECT depending on the IPS operational mode of the interface. REJECT is only available when using Inline IPS Mode. Actions are hidden when they are not applicable to the current operational mode. There is also a new option of "Default" for the action. Selecting "Default" removes all user overrides and returns the rule action to the vendor's original value. This is generally "Alert".

  5. A series of new choices are availalbe in the Categories drop-down selector on the RULES tab. The new selections are filtered according to the specific operational mode of the interface. The new selections allow the user to select special filtered views as follows: "Active Rules", "User-Forced Enabled Rules", "User-Forced Disabled Rules", "User-Forced Alert Rules", "User-Forced Drop Rules" and "User-Forced Reject Rules". Display of "User-Forced Reject Rules" is only possible when using Inline IPS Mode with blocking enabled. Display of "User-Forced Drop Rules" requires the interface be using Inline IPS Mode or Legacy Mode with Block-on-Drops-Only enabled.

  6. A third rule state option of "Default" has been added to the RULES tab when displaying user override options. Choosing "Default" for the rule state will remove all user overrides and return the rule's state (enabled or disabled) to the vendor's original value.

  7. Add the ability to customize rule actions on the ALERTS tab. See feature 4 above for details. An additional icon is displayed in the GID:SID column for each alert that allows user overrides of the action. When a rule action has been overridden, a special icon is shown to flag the new action. Pop up tooltips explain the icons.

Bug Fixes:

  1. The default pass list generated during Inline IPS Mode operation was too broad. Pass Lists really have very limited usefulness with Inline IPS Mode and so the ability to select a pass list when using Inline IPS Mode has been removed. If you require pass list functionality with Inline IPS Mode, create your own custom PASS rules instead on the RULES tab. Note that pass list functionality is unchanged when using Legacy Mode operation.

  2. The new dynamic service status icons on the INTERFACES tab would sometimes not correctly indicate the Suricata service status. There was also an error in a control name for the icons associated with Barnyard2 on the INTERFACES tab.

@bmeeks8
Change use of "VRT" text to "Snort Rules" or "Snort Subscriber Rules".
71bc323
@bmeeks8
Fix-up variable name typo and improve logic in dynamic status updates…
c19c16c 
… code.
@bmeeks8
Add support for interface snaplen parameter in GUI for IDS and Legacy…
586040a 
… IPS modes.
@bmeeks8
Set interface snaplen to default value for newly added interfaces.
394d00a
@bmeeks8
Provide hyperlinks on CATEGORIES tab for enabled and not enabled rule…
acb16b7 
… categories.
@bmeeks8
Move SID Mgmt conf to config.xml instead of local files for portabili…
87bdfc1 
…lity.
@bmeeks8
Improve default pass list when using Inline IPS Mode, update associat…
da1f9c4 
…ed help text.
@bmeeks8
Fix typo in section title and add additional help text to a pair of c…
f1191a1 
…ontrols.
@bmeeks8
Add capability to show and manage "User Forced" rule categories on RU…
ac75c49 
…LES tab.
@bmeeks8
Remove option to use a Passlist with Inline IPS Mode operation.
b1ffdbe
@bmeeks8
Fix-up help text to remove references to iusing pass lists with Inlin…
57dbcd5 
…e IPS Mode.
@bmeeks8
Stop checking for passlist.rules file since we don't create it anymore.
ce6392c
@bmeeks8
Add new enhanced features for customizing rule actions on RULES tab.
5658b30
@bmeeks8
Correct PHP function name to lowercase form.
16d37b8
@bmeeks8
Add "Return to Default" as user-forced rule state option on RULES tab.
83af7f9
@bmeeks8
Filter display of Forced DROP rules option according to mode on RULES…
826b723 
… tab.
@bmeeks8
Add ability to customize rule actions on ALERTS tab to user-forced va…
1469f6f 
…lues.
@bmeeks8
Bump Suricata GUI package to version 4.0.3_2.
18e5795
@netgate-git-updates netgate-git-updates merged commit 18e5795 into pfsense:devel Mar 21, 2018
netgate-git-updates pushed a commit that referenced this pull request Mar 21, 2018
@rbgarga
Merge pull request #505 from bmeeks8/pfSense-pkg-suricata-4.0.3_2
17ed643
@bmeeks8 bmeeks8 deleted the pfSense-pkg-suricata-4.0.3_2 branch March 21, 2018 12:42
netgate-git-updates pushed a commit that referenced this pull request Feb 4, 2023
@fraggerfox
www/jira-cli: Update to 1.3.0
7cafb03 
Changes since 1.1.0:

v1.3.0

This release contains some features and enhancements + upgrades all
dependencies.

- feat: Allow to set reporter on issue create by @ankitpokhrel in #539
- feat: Use single char ellipsis instead of triple dot by @ankitpokhrel in #540
- ehc: Make assignee operation atomic on create by @ankitpokhrel in #531
- ehc: Auto fallback to plain output on notty by @ankitpokhrel in #538
- ehc: Add warning for invalid custom field by @ankitpokhrel in #528 (Original work by @martinpovolny on #525)
- fix(build): Invalid commit hash in docker image by @ankitpokhrel in #535

- dep: Upgrade all packages by @ankitpokhrel in #532
- dep: Upgrade golang to v1.19 by @ankitpokhrel in #534
- ci: Upgrade golangci-lint to v1.50.1 by @ankitpokhrel in #536

Full Changelog: ankitpokhrel/jira-cli@v1.2.0...v1.3.0

v1.2.0

This release adds support for Jira v9, a serverinfo command to quickly check
your Jira server build info, lets you set resolution, assignee and comment on
issue move, and many more.

- feat: Add serverinfo command by @ankitpokhrel in #440
- feat: Support for Jira v9 by @ankitpokhrel in #447
- feat: Allow to set start datetime on worklog add by @ankitpokhrel in #453
- feat: Make date time input in worklog flexible by @ankitpokhrel in #465
- feat: Add support for project datatype in custom fields by @oveaurs in #482
- feat: Add weblink to issue (#446) by @Syd7 in #483
- feat: Resolution, assignee & comment on issue move by @ankitpokhrel in #492
- feat: Filter issues by the absence of label(s) by @martinpovolny in #505
- feat: Add labels to the issue listing by @martinpovolny in #506
- feat: Allow setting of fixed columns in the list of issues, epics and sprints
  by @martinpovolny in #509

- fix: Option to show issues from all projects in sprint list by @ankitpokhrel
  in #475
- fix: Discrepancy in --insecure flag by @ankitpokhrel in #507
- fix: Make board selection optional by @ankitpokhrel in #502
- fix: Improve support for pager by @ankitpokhrel in #503
- fix: Respect editor env vars in Windows by @ankitpokhrel in #524

- ci: Multi-arch docker image by @ankitpokhrel in #508
- doc: Add link to project in help by @ankitpokhrel in #456
- doc: Add Nix package by @bryanasdev000 in #458
- doc: Update help for completion cmd by @ankitpokhrel in #491
- doc: Add scoop installation process by @alkuzad in #497

- @bryanasdev000 made their first contribution in #458
- @oveaurs made their first contribution in #482
- @Syd7 made their first contribution in #483
- @alkuzad made their first contribution in #497
- @martinpovolny made their first contribution in #505

Full Changelog: ankitpokhrel/jira-cli@v1.1.0...v1.2.0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@bmeeks8 @netgate-git-updates