Search found 78 matches

by TimF
June 9th, 2019, 7:02 pm
Forum: IPFire in General
Topic: Ipfstatusmail (Status emails for IPFire)
Replies: 75
Views: 4018

Re: Ipfstatusmail (Status emails for IPFire)

It'll take a few days, but you should just be able to run the installer again to overwrite the old version. Unless, of course, you have other reasons to uninstall.
by TimF
June 7th, 2019, 7:43 pm
Forum: IPFire in General
Topic: DNS ?
Replies: 7
Views: 296

Re: DNS ?

IPFire often doesn't use the files in /etc; try under /var/ipfire. In this case /var/ipfire/ethernet/settings, but also /etc/ppp/resolv.conf . I'm not sure which file is used when.
by TimF
June 7th, 2019, 7:20 pm
Forum: IPFire in General
Topic: Ipfstatusmail (Status emails for IPFire)
Replies: 75
Views: 4018

Re: Ipfstatusmail (Status emails for IPFire)

I've uploaded an new version which can see imported keys that don't have an expiry data. it's also got a little bit more information when things go wrong. Just download and run the installer to get it. If you don't receive any emails the chain of evidence should be as follows: The link /etc/fcron.ho...
by TimF
June 6th, 2019, 8:07 pm
Forum: IPFire in General
Topic: Ipfstatusmail (Status emails for IPFire)
Replies: 75
Views: 4018

Re: Ipfstatusmail (Status emails for IPFire)

I don't know why it's stopped working for you, but I think I've identified why it's not seeing the key (no expiry date). I'll come up with a fix for it.
by TimF
June 6th, 2019, 7:45 pm
Forum: IPFire in General
Topic: Update Accelerator Cache Maintenance
Replies: 6
Views: 671

Re: Update Accelerator Cache Maintenance

There's a script here which may help:

viewtopic.php?f=50&t=12984&p=114556#p112760
by TimF
June 5th, 2019, 8:49 pm
Forum: IPFire in General
Topic: Ipfstatusmail (Status emails for IPFire)
Replies: 75
Views: 4018

Re: Ipfstatusmail (Status emails for IPFire)

Two answers. First , the PGP key expected is an ASCII armoured public key. It should look like: -----BEGIN PGP PUBLIC KEY BLOCK----- mQENBFz4J/YBCAC/wzMkadGIDWctazpRLhNXBvQugAbsnBGJOy86rmibv1uP+Nwp txfXDxw19XDFouuhJTKjtQ+zjhP0a6dpN/QxfVlWjIsG0NQyckarxql0JylCN6UM MSOBwsjw0uvaja2vw5kOD59SVpF+rneJbmrvz...
by TimF
June 1st, 2019, 12:07 am
Forum: IPFire in General
Topic: apt-get update error with IPS Suricata
Replies: 3
Views: 222

Re: apt-get update error with IPS Suricata

I'm improving my understanding as well... The main category for the 'basic' rules is ET INFO, however there are some in ET POLICY as well, and there may well be a few elsewhere. I think that the difference is that the rules in ET INFO are really only useful as 'basic' rules - for setting flowbits us...
by TimF
May 31st, 2019, 7:42 pm
Forum: IPFire in General
Topic: apt-get update error with IPS Suricata
Replies: 3
Views: 222

Re: apt-get update error with IPS Suricata

I would suggest being very careful of rules in the 'Policy' category The rules here are for stopping applications that are not necessarily unsafe but which are not allowed by a company's policy, for example Facebook. While some rules are distributed as enabled by default, you need to go through the ...
by TimF
May 26th, 2019, 7:46 pm
Forum: IPFire in General
Topic: [Solved] timfprogs/ipfblocklist -- Safe, Pkts, Bytes
Replies: 5
Views: 235

Re: timfprogs/ipfblocklist -- Safe, Pkts, Bytes

It looks like they've changed the URLs. I've updated the sources file; you can re-install or just download the one file. It should work correctly at the next update without any further action. Note that the FEODO_BAD_IP list has gone and there's a new FEODO_AGGRESIVE list (which is a superset of the...
by TimF
May 24th, 2019, 3:18 pm
Forum: IPFire in General
Topic: [Solved] timfprogs/ipfblocklist -- Safe, Pkts, Bytes
Replies: 5
Views: 235

Re: timfprogs/ipfblocklist -- Safe, Pkts, Bytes

Pkts and Bytes are the number of Packets and Bytes dropped due to the blacklist. The higher the number, the more the blacklist is protecting you. Note that for the BOGON and TOR lists it's quite normal not to see any dropped packets - seeing dropped packets here may be an indication that you've got ...
by TimF
May 22nd, 2019, 7:26 pm
Forum: IPFire in General
Topic: Whitelisted Host Stops Getting White Listed
Replies: 4
Views: 163

Re: Whitelisted Host Stops Getting White Listed

It looks like this is a genuine error - I suggest you raze a ticket in Bugzilla.
by TimF
May 22nd, 2019, 7:25 pm
Forum: IPFire in General
Topic: Intrusion Prevention System - core 131
Replies: 38
Views: 2473

Re: Intrusion Prevention System - core 131

This has been mentioned somewhere (unfortunately I can't find the reference at the moment) - Suricata doesn't understand all of the rule syntax that Snort does (at least at the moment). Since Snort defined the rule syntax, it's possible that Suricata will support the additions in the future. In the ...
by TimF
May 20th, 2019, 8:45 pm
Forum: IPFire in General
Topic: [Solved] IPS alert on Traffic Originating/Src IPFire Red0
Replies: 3
Views: 189

Re: [Solved] IPS alert on Traffic Originating/Src IPFire Red0

It does appear to be the facility that hosts cinsscore.com, and that blocklist is downloaded with libwww-perl.

it should be harmless to disable this rule.
by TimF
May 17th, 2019, 4:28 pm
Forum: IPFire in General
Topic: Intrusion Prevention System - core 131
Replies: 38
Views: 2473

Re: Intrusion Prevention System - core 131

You can also look in "Logs/System Logs/Intrusion Prevention". This shows messages related to the running of Suricata, whereas "Logs/IPS Logs" shows alerts due to traffic. If you don't see anything immediately, try going back a couple of days. You can also look in "Logs/System Logs/Oinkmaster" which ...
by TimF
May 17th, 2019, 4:23 pm
Forum: IPFire in General
Topic: Ipfstatusmail (Status emails for IPFire)
Replies: 75
Views: 4018

Re: Ipfstatusmail (Status emails for IPFire)

Hi Roberto,

I've made another attempt.

Tim