Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

pfSense-pkg-snort-3.2.9.5 - GUI Package Update to v3.2.9.5 #397

Merged
merged 13 commits into from
Aug 23, 2017
Merged

pfSense-pkg-snort-3.2.9.5 - GUI Package Update to v3.2.9.5 #397

merged 13 commits into from
Aug 23, 2017

Conversation

bmeeks8
Copy link
Contributor

@bmeeks8 bmeeks8 commented Aug 22, 2017
edited
Loading

Snort GUI Package v3.2.9.5

This updates the pfSense-pkg-snort GUI package to version 3.2.9.5. One new feature and several reported bug fixes are included in this update.

New Features

  1. The ARP Spoofing preprocessor is now exposed in the GUI as a configurable option on the PREPROCESSORS tab. Settings are available for toggling the enabled state of the preprocessor and for enabling detection of unicast ARP requests. A multi-entry table is provided that allows for entry of MAC address-to-IP address pairs to monitor for ARP spoofing incidents. New MAC/IP address pairs can be added to the table and existing MAC/IP pairs can be edited or deleted from the table.

Bug Fixes

  1. Fix display of IPv6 addresses so they wrap correctly when displayed in the SRC IP and DST IP columns on the ALERTS tab.

  2. Fix the DOWNLOAD button on the ALERTS and BLOCKS tabs so it works. Also fix the ALERTS download so that it only includes alert logs and not all log files in the directory.

  3. Restore the installation of the attribute_table.dtd validation file to the Snort conf directory.

  4. Do not show Reverse DNS Lookup and Track-by-IP icons on the ALERTS tab for alert entries that do not contain an IP Header and thus have no IP addresses (usually from alerts generated by the ARP Spoof preprocessor).

  5. Improve package uninstall procedure by manually cleaning up files created or altered by the GUI code. The default pkg uninstall code does not remove files modified by others.

  6. Remove the shared object rules files when uninstalling the package. This should fix errors during package upgrades when older versions of these files still exist.

  7. Add a warning to the OpenAppID rules file download section on the GLOBAL SETTINGS tab about Geo-IP blocking at the volunteer hosting web site. This hosting block may impact users in some countries when they attempt to enable the OpenAppID rules download. (NOTE - this is for the rules only. The OpenAppID detectors are maintained by the Snort VRT and should always download and install. However, the detectors need the rules in order to be fully functional.)

  8. Fix deletion of multi-configuration engines for preprocessors that support them such as Frag3, Stream5, HttpInspect, FTP and ARP Spoof.

@bmeeks8
Fix display of IPv6 addresses so they wrap in table column correctly.
b804829
@bmeeks8
Fix to only download alert logs in gzip archive instead of all files.
3257477
@bmeeks8
Fix download of Blocked Hosts gzip archive so it actually works.
9eee2f2
@bmeeks8
Add support for ARP Spoof preproc and fix deletion of multi-engine co…
39e2cc6 
…nfigs.
@bmeeks8
Rename 'attribute_table.dtd' file in Snort conf dir during install.
fe5e45b
@bmeeks8
Do not show suppress by IP icons for special alerts with no IP given.
a7827db
@bmeeks8
Fix collapsed/expanded startup state of ARP Detection Preproc section.
b214fa8
@bmeeks8
Clean-up tooltip text for ARP Spoof detection address pairs table.
6452a08
@bmeeks8
Remove some files we touched post-install when removing the package.
22b1eb4
@bmeeks8
Remove the shared-object rules when uninstalling the package.
4d5811b
@bmeeks8
Add warning about Geo-IP blocking used by host site for OpenAppID rul…
a39d8b5 
…es file.
@bmeeks8
Bump pfSense-pkg-snort version to 3.2.9.5
fcbacbb
@bmeeks8
Add missing slash to start of path for /usr/local/lib/snort_dynamicru…
ffa1e00 
…les.
@bmeeks8
Copy link
Contributor Author

bmeeks8 commented Aug 22, 2017

An update to the Snort binary package is coming right behind this GUI package update, but the two pull requests are not dependent on each other. The binary package update will finally finish fixing a bug that was partially addressed in the 2.9.9.0_2 update.

Bill

@netgate-git-updates netgate-git-updates merged commit ffa1e00 into pfsense:devel Aug 23, 2017
netgate-git-updates pushed a commit that referenced this pull request Aug 23, 2017
@rbgarga
Merge pull request #397 from bmeeks8/pfSense-pkg-snort-3.2.9.5
5c42530
@bmeeks8 bmeeks8 deleted the pfSense-pkg-snort-3.2.9.5 branch August 23, 2017 21:32
netgate-git-updates pushed a commit that referenced this pull request Apr 23, 2021
@rosorio
audio/ncspot: upgrade to v0.6.0 from v0.3.0
84ec73e 
    v0.6.0  https://github.com/hrkfdn/ncspot/releases/tag/v0.6.0
            Refactorings + dependency updates
            Sort artist albums by year
            Store user state in binary CBOR format
            Improve synchronization of playback times
            Implement track preloading
            Don't save tracks AND album when saving an album (#488)
            (Re)store currently playing track + shuffle state from previous session (#448)
            Show display name owning the current library (#470)
            Add logout command (#470)
            Pagination for artist albums (#477)
            Split artist albums/singles into separate panel
            Play top tracks by artist instead of all tracks by artist
            Pagination for Podcast episodes
            Show tracks + duration of album, playlist, queue in the title bar (#475)

    v0.5.0  https://github.com/hrkfdn/ncspot/releases/tag/v0.5.0
            Fix: correct positioning of search match highlight
            Improve album loading in artist view (#446)
            Fix display of PlayNext command (#445)
            More resilient playlist track deletion (f2bcfca)
            Remove plain-text credential store (#447)
            Clear search term when ESC is pressed (#384)
            Loop mode is now editable via MPRIS (#437)
            Persist sorting orders for playlists (#436)
            Persist volume and shuffle/repeat state across app restarts (#438)
            Persist track queue across app restarts (#438)
            Add config values to override shuffle/repeat state
            Implement cover drawing as optional feature (#451)

    v0.4.0 https://github.com/hrkfdn/ncspot/releases/tag/v0.4.0
            Fix multiple tracks in queue being shown as playing (#396)
            Return to search when viewing search results (#397)
            Add support for open.spotify.com links (#392)
            Restart queue if pressing play when stopped (#399)
            Fix not handling changed event (#402)
            Don't handle FinishedTrack as Stopped (#403)
            Fix removing listview item even if not succesfully deleted (#404)
            Open search results in search screen (#413)
            CI: Publish binary artifacts on release (#393)
            Add simple debian-packaging with cargo-deb (#405)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@bmeeks8 @netgate-git-updates