Verified Commit 65b56c8f authored by Josef Schlehofer's avatar Josef Schlehofer 💬
Browse files

Merge branch 'stable' into test

parents 2664879f 67ed7ef9
......@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=foris-controller-netboot-module
PKG_VERSION:=0.4
PKG_RELEASE:=3
PKG_RELEASE:=5
PKG_SOURCE_SUBDIR:=$(PKG_NAME)
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://gitlab.nic.cz/turris/foris-controller/foris-controller-netboot-module.git
......@@ -47,12 +47,13 @@ $(eval $(call ForisControllerModule,$(PKG_NAME)))
define Package/$(PKG_NAME)/postinst
#!/bin/sh
set -x
[ -n "$$$${IPKG_INSTROOT}" ] || {
[ -n "$${IPKG_INSTROOT}" ] || {
uci set foris-ws.main.bus=mqtt
uci set foris-controller.main.bus=mqtt
uci commit
/etc/init.d/foris-controller restart
/etc/init.d/foris-ws restart
/etc/init.d/lighttpd restart
/etc/init.d/foris-netboot-observer enable
/etc/init.d/foris-netboot-observer start
......@@ -62,8 +63,10 @@ endef
define Package/$(PKG_NAME)/prerm
#!/bin/sh
set -x
[ -n "$${IPKG_INSTROOT}" ] || {
/etc/init.d/foris-netboot-observer stop
/etc/init.d/foris-netboot-observer disable
}
endef
# redefine install
......
......@@ -8,7 +8,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=oneshot
PKG_VERSION:=30
PKG_VERSION:=27
PKG_MAINTAINER:=CZ.NIC <packaging@turris.cz>
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)
......
......@@ -15,7 +15,6 @@ PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://gitlab.nic.cz/turris/sentinel/certgen.git
PKG_SOURCE_VERSION:=v$(PKG_VERSION)
PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_VERSION).tar.gz
PKG_BUILD_DEPENDS:=python3-setuptools
PKG_MAINTAINER:=CZ.NIC <packaging@turris.cz>
PKG_LICENSE:=GPL-3.0-or-later
......
......@@ -14,7 +14,7 @@ BB_VERSION:=1.29.3
PKG_BB_SOURCE:=busybox-$(BB_VERSION).tar.bz2
PKG_BB_SOURCE_URL:=https://www.busybox.net/downloads \
http://sources.buildroot.net
PKG_BB_HASH:=0a367e19cdfd157e8258d87f893ee516
PKG_BB_HASH:=2f321fa72d539128a3a6f9f35a422656756b7283
PKG_MAINTAINER:=Michal Hrusecky <michal.hrusecky@nic.cz>
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)
PKG_BUILD_DEPENDS:=opkg/host
......
......@@ -8,13 +8,13 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=ludus
PKG_VERSION:=0.9
PKG_RELEASE:=1
PKG_VERSION:=0.8
PKG_RELEASE:=3
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/stratosphereips/Ludus.git
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
PKG_SOURCE_VERSION:=a68f5a86bda1b0deffe79459c6f46a0501e65791
PKG_SOURCE_VERSION:=20ab147a4f112a331d786cb22f3deeef5e12382d
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
......@@ -79,7 +79,6 @@ define Package/ludus/install
$(INSTALL_BIN) $(PKG_BUILD_DIR)/{ludus.py,install.py} $(1)/usr/share/ludus/
$(INSTALL_DIR) $(1)/etc/ludus
$(CP) ./files/ludus_template.conf $(1)/etc/ludus/
$(CP) $(PKG_BUILD_DIR)/ludus-public-key.asc $(1)/etc/ludus/
$(INSTALL_DIR) $(1)/etc/ludus/strategy
$(CP) $(PKG_BUILD_DIR)/Strategizer/strategies/* $(1)/etc/ludus/strategy/
$(INSTALL_DIR) $(1)/etc/init.d
......
......@@ -9,7 +9,6 @@ local_stats = /tmp/ludus_local_data.pkl
[strategy]
strategy_dir = /etc/ludus/strategy
filename = secConfDefAtt_1516886661989_-1HPsalgzerosum-bayes-relevant-NE-partial-att-strategy_Ports25
strategy_url = http://ludus.aic.fel.cvut.cz/newest.gpg
[suricata]
interface = eth1
......
Index: ludus-0.9/ludus.py
Index: ludus-0.6/ludus.py
===================================================================
--- ludus-0.9.orig/ludus.py
+++ ludus-0.9/ludus.py
@@ -39,6 +39,7 @@ import Suricata_Extractor.suricata_extra
from multiprocessing import Process
from argparse import ArgumentParser
from configparser import ConfigParser,NoOptionError
--- ludus-0.6.orig/ludus.py
+++ ludus-0.6/ludus.py
@@ -1,4 +1,4 @@
-#!/usr/bin/env python3
+#!/usr/bin/python3
# Copyright (C) 2017 Sebastian Garcia, Ondrej Lukas
#
# This program is free software; you can redistribute it and/or modify
@@ -24,6 +24,7 @@
#TODO:
# changes in suricata.yaml!
# check if sentinel is running !
+import configparser
@@ -86,7 +87,7 @@ class Logger():
def log_event(self, msg):
with open(self._target_file, "a") as out_file:
print(f"[{datetime.datetime.now().strftime('%Y/%m/%d %H:%M:%S.%f')}]\t{msg}", file=out_file)
-
+
def update_target_file(self, filename):
self._target_file = filename
@@ -165,7 +166,7 @@ class Ludus(object):
if r.status_code == 200:
last_modified_url = r.headers["Last-Modified"].strip('\"')
last_modified_url_dt = datetime.datetime.utcfromtimestamp(datetime.datetime.strptime(last_modified_url, "%a, %d %b %Y %H:%M:%S %Z").replace(tzinfo=datetime.timezone.utc).timestamp())
-
+
current_strategy_dt = datetime.datetime.utcfromtimestamp(self.strategy_timestamp.replace(tzinfo=datetime.timezone.utc).timestamp())
#compare the timestamps
if current_strategy_dt < last_modified_url_dt:
@@ -227,7 +228,7 @@ class Ludus(object):
self.tw_length = 600
except ValueError:
self.tw_length = 600
- #get router ip
+ #get router ip
try:
self.router_ip = self.config_parser.get('settings', 'router_ip')
if not valid_ip4(self.router_ip):
@@ -270,7 +271,7 @@ class Ludus(object):
self.strategy_url = self.config_parser.get("strategy","strategy_url")
except (ValueError, NoOptionError) as e:
self.strategy_url = "http://ludus.aic.fel.cvut.cz:443/newest.gpg"
-
+
def apply_strategy(self, suggested_honeypots,known_honeypots=['22', '23', '8080', '2323', '80', '3128', '8123']):
#close previously opened HP which we do not want anymore
try:
@@ -395,8 +396,8 @@ class Ludus(object):
self.suricata_pid = suricata_process.pid
if not self.suricata_pid:
self.logger.log_event(f"Error while starting suricata: {proc.stderr.read()}")
- self.terminate(-1)
-
+ self.terminate(-1)
+
#start
self.logger.log_event("Ludus system started.")
#analyze the production ports
@@ -426,14 +427,14 @@ class Ludus(object):
else:
self.logger.log_event("Terminating Ludus.")
sys.exit(status)
-
+
if __name__ == '__main__':
# Parse the parameters
parser = ArgumentParser()
parser.add_argument('-c', '--config', help='Path to config file', action='store', required=False, type=str, default="/etc/ludus/ludus.config")
parser.add_argument('--pidfile', help='Path to create pid file', action='store', required=False, type=str)
args = parser.parse_args()
-
+
if args.pidfile:
write_pid_file(args.pidfile)
#start the tool
@@ -441,4 +442,4 @@ if __name__ == '__main__':
try:
ludus.start()
except KeyboardInterrupt:
- ludus.terminate(0)
\ No newline at end of file
+ ludus.terminate(0)
import time,datetime
import sys
import subprocess
......@@ -8,8 +8,8 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=mwan3
PKG_VERSION:=2.7.12
PKG_RELEASE:=2
PKG_VERSION:=2.7.6
PKG_RELEASE:=1
PKG_MAINTAINER:=Florian Eckert <fe@dev.tdt.de>
PKG_LICENSE:=GPLv2
......@@ -20,7 +20,7 @@ define Package/mwan3
CATEGORY:=Network
SUBMENU:=Routing and Redirection
DEPENDS:= \
+ip-full \
+ip \
+ipset \
+iptables \
+iptables-mod-conntrack-extra \
......
#!/bin/sh
IP4="/usr/sbin/ip -4"
IP6="/usr/sbin/ip -6"
IP4="ip -4"
IP6="ip -6"
IPS="ipset"
IPT4="iptables -t mangle -w"
IPT6="ip6tables -t mangle -w"
......
......@@ -135,23 +135,23 @@ start()
uci_toggle_state mwan3 globals enabled "1"
#config_get local_source globals local_source 'none'
#[ "${local_source}" = "none" ] || {
# src_ip=$(uci_get_state mwan3 globals src_ip)
# [ "${src_ip}" != "" ] && {
# ip route del default via "${src_ip}" dev lo 1>/dev/null 2>&1
# ip addr del "${src_ip}/32" dev lo 1>/dev/null 2>&1
# }
#
# network_get_ipaddr src_ip "${local_source}"
# if [ "${src_ip}" = "" ]; then
# $LOG warn "Unable to set source ip for own initiated traffic (${local_source})"
# else
# ip addr add "${src_ip}/32" dev lo
# ip route add default via "${src_ip}" dev lo
# uci_toggle_state mwan3 globals src_ip "${src_ip}"
# fi
#}
config_get local_source globals local_source 'none'
[ "${local_source}" = "none" ] || {
src_ip=$(uci_get_state mwan3 globals src_ip)
[ "${src_ip}" != "" ] && {
ip route del default via "${src_ip}" dev lo 1>/dev/null 2>&1
ip addr del "${src_ip}/32" dev lo 1>/dev/null 2>&1
}
network_get_ipaddr src_ip "${local_source}"
if [ "${src_ip}" = "" ]; then
$LOG warn "Unable to set source ip for own initiated traffic (${local_source})"
else
ip addr add "${src_ip}/32" dev lo
ip route add default via "${src_ip}" dev lo
uci_toggle_state mwan3 globals src_ip "${src_ip}"
fi
}
config_foreach ifup interface
}
......@@ -215,11 +215,11 @@ stop()
mwan3_lock_clean
rm -rf $MWAN3_STATUS_DIR $MWAN3TRACK_STATUS_DIR
#src_ip=$(uci_get_state mwan3 globals src_ip)
#[ "${src_ip}" = "" ] || {
# ip route del default via "${src_ip}" dev lo 1>/dev/null 2>&1
# ip addr del "${src_ip}/32" dev lo 1>/dev/null 2>&1
#}
src_ip=$(uci_get_state mwan3 globals src_ip)
[ "${src_ip}" = "" ] || {
ip route del default via "${src_ip}" dev lo 1>/dev/null 2>&1
ip addr del "${src_ip}/32" dev lo 1>/dev/null 2>&1
}
uci_toggle_state mwan3 globals enabled "0"
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment