WUI not showing Guardian blocked hosts

General questions.
Post Reply
TimF
Posts: 83
Joined: June 10th, 2017, 7:27 pm

WUI not showing Guardian blocked hosts

Post by TimF » June 17th, 2017, 7:15 pm

Hi,

Since upgrading to core update 111, the WUI no longer shows the any nodes in the list of blocked IP addresses for guardian.

If I look at the iptable for guardian it shows blocked addresses, and the guardian log also shows nodes being blocked and the blocks expiring.

Any ideas?

User avatar
Deepcuts
Posts: 461
Joined: March 1st, 2016, 3:18 pm
Location: Romania

Re: WUI not showing Guardian blocked hosts

Post by Deepcuts » June 18th, 2017, 4:15 am

Guardian showing blocks on my home IPFire 111. Updated from 110.
So I guess it is something specific to your machine.
What exactly, I cannot say.
Image
Image

swerobert
Posts: 1
Joined: June 18th, 2017, 5:06 pm
Location: Sweden

Re: WUI not showing Guardian blocked hosts

Post by swerobert » June 18th, 2017, 5:08 pm

I have the same problem, both with an upgraded machine from 110 and on machine with a fresh installed version.

User avatar
Roberto Peña
Posts: 761
Joined: July 16th, 2014, 3:56 pm
Location: Bilbao (España)
Contact:

Re: WUI not showing Guardian blocked hosts

Post by Roberto Peña » June 25th, 2017, 2:17 pm

Hi.

I have done a clean installation of Core Update 111 and I do not see the hosts locked in the Guardian addon:
Guardian Issue 01.jpg
The IDS module works fine:
Guardian Issue 02.jpg
And in IPTABLES the blocked hosts appear:
Guardian Issue 03.jpg
But the problem is that they do not appear in the GUI.

I have tried to install the addon without results.

How could it be solved ?.
Image
Image

╔════════════════════════════════════════════════╗
Donate to improve IPFire: https://www.ipfire.org/donate
╚════════════════════════════════════════════════╝

5p9
Mentor
Mentor
Posts: 1860
Joined: May 1st, 2011, 3:27 pm

Re: WUI not showing Guardian blocked hosts

Post by 5p9 » June 27th, 2017, 8:29 am

Hello,

yes i can say it, too!

i cant see in the log:

less /var/log/messages | grep 136.186.1.76

Code: Select all

Jun 26 08:01:55 MYFIRE guardian[8865]: <info> Blocking 136.186.1.76 for 86400 seconds...
but there was nothings to see in the Gardian-WUI he was blocked.

I think it is coming from this site:

Code: Select all

-rw-r--r-- 1 root root 0 Feb 19 13:37 /var/log/guardian/guardian.log


Guardian dont write any information in this logfile?!

EDIT: Is this normal?

Code: Select all

/usr/bin/perl /usr/local/bin/guardian.pl -h
Can't open perl script "/usr/local/bin/guardian.pl": No such file or directory

5p9
Mail Gateway: mail proxy

Image

Image

Flash1232
Posts: 30
Joined: April 29th, 2012, 2:50 pm

Re: WUI not showing Guardian blocked hosts

Post by Flash1232 » June 27th, 2017, 9:13 pm

Can confirm that blocked hosts are not showing up in WUI, but are logged and applied correctly.

I guess something needs to be fixed in 112 ;D

5p9
Mentor
Mentor
Posts: 1860
Joined: May 1st, 2011, 3:27 pm

Re: WUI not showing Guardian blocked hosts

Post by 5p9 » June 28th, 2017, 6:49 am

Mail Gateway: mail proxy

Image

Image

User avatar
Roberto Peña
Posts: 761
Joined: July 16th, 2014, 3:56 pm
Location: Bilbao (España)
Contact:

Re: WUI not showing Guardian blocked hosts

Post by Roberto Peña » June 28th, 2017, 4:11 pm

Good afternoon 5p9.

I was going to create it myself, but you were faster. :o

Greetings.
Image
Image

╔════════════════════════════════════════════════╗
Donate to improve IPFire: https://www.ipfire.org/donate
╚════════════════════════════════════════════════╝

bloater99
Posts: 482
Joined: October 13th, 2014, 3:47 pm

Re: WUI not showing Guardian blocked hosts

Post by bloater99 » June 28th, 2017, 4:41 pm

I noticed an update for Guardian in Pakfire this morning. I wonder if it's for this issue. Have not seen any news on what the update does.
Image

Image

User avatar
H&M
Posts: 471
Joined: May 29th, 2014, 9:38 pm
Location: Europe

Re: WUI not showing Guardian blocked hosts

Post by H&M » June 28th, 2017, 4:53 pm

Hi,

I applied the update 2.0.14 - problem is solved.

Code: Select all

 pakfire upgrade
CORE ERROR: No new upgrades available. You are on release 111.
Update: guardian
Version: 2.0 -> 2.0
Release: 13 -> 14

PAKFIRE RESV: guardian: Resolving dependencies...
PAKFIRE RESV: guardian: Dependency is already installed: perl-inotify2
PAKFIRE RESV: guardian: Dependency is already installed: perl-Net-IP

PAKFIRE UPGR: We are going to install all packages listed above.
PAKFIRE INFO: Is this okay? [y/N]
y
guardian-2.0-14.i... 100.00% |=============================>|   30.89 KB
PAKFIRE UPGR: guardian: Decrypting...
PAKFIRE UPGR: guardian: Upgrading files and running post-upgrading scripts...
PAKFIRE UPGR: guardian: Finished.

Best regards,
H&M

User avatar
Roberto Peña
Posts: 761
Joined: July 16th, 2014, 3:56 pm
Location: Bilbao (España)
Contact:

Re: WUI not showing Guardian blocked hosts

Post by Roberto Peña » June 28th, 2017, 7:14 pm

Hello everyone.

It works. But ....... does not improve the flags and colours:
Con flags.jpg
To me, in particular, I find it very comfortable at a glance to know the provenances of blocked IPs.

But ...... I already have the solution. I have already corrected/modified the file "guardian.cgi" to make it work.

Here it is.
guardian_w_enhancements.7z
(12.34 KiB) Downloaded 89 times
The procedure is very easy.

1. It is to copy the files "guardian.cgi" and "ipinfo.cgi" to "/srv/web/ipfire/cgi-bin", previously renaming the originals as "cg_".

2. Change the permissions to "guardian.cgi" and "ipinfo.cgi" files:
Permisos.jpg
3. Copy the icons "domaintools.ico, ipvoid.ico, rbl.ico and virustotal.ico" to "/srv/web/ipfire/html/images". For when you click on an IP, on the "ipinfo.cgi" page, the icons to consult information about these IPs.

4. Enjoy

Greetings.
Image
Image

╔════════════════════════════════════════════════╗
Donate to improve IPFire: https://www.ipfire.org/donate
╚════════════════════════════════════════════════╝

Flash1232
Posts: 30
Joined: April 29th, 2012, 2:50 pm

Re: WUI not showing Guardian blocked hosts

Post by Flash1232 » May 1st, 2018, 9:25 am

5p9 wrote:
June 28th, 2017, 6:49 am
FYI has been created: https://bugzilla.ipfire.org/show_bug.cgi?id=11410
Thanks for submitting the bug request. I totally missed the notifications from the post here. I was glad to see the bug has been fixed meanwhile!

Kind Regards,
Flash1232

Post Reply