diff options
45 files changed, 2775 insertions, 2450 deletions
diff --git a/config/bind/bind.inc b/config/bind/bind.inc index 1818b225..156e9eb8 100644 --- a/config/bind/bind.inc +++ b/config/bind/bind.inc @@ -43,7 +43,7 @@ $pf_version=substr(trim(file_get_contents("/etc/version")),0,3); if ($pf_version > 2.0) define('BIND_LOCALBASE', '/usr/pbi/bind-' . php_uname("m")); else - define('BIND_LOCALBASE','/usr/local'); + define('BIND_LOCALBASE','/usr/local'); define('CHROOT_LOCALBASE','/cf/named'); @@ -95,8 +95,7 @@ function bind_zone_validate($post, $input_errors){ } } - function bind_sync(){ - +function bind_sync(){ global $config; conf_mount_rw(); //create rndc @@ -164,8 +163,8 @@ EOD; } //check ips to listen on if (preg_match("/All/",$bind['listenon'])){ - $bind_listenonv6="Any;"; - $bind_listenon="Any;"; + $bind_listenonv6="any;"; + $bind_listenon="any;"; } else{ $bind_listenonv6=""; @@ -198,10 +197,10 @@ EOD; if ($bind_notify == on) $bind_conf .="\t\tnotify yes;\n"; if ($hide_version == on) - $bind_conf .="\t\tversion \"N/A\";\n"; + $bind_conf .="\t\tversion none;\n"; - $bind_conf .="\t\t$custom_options\n"; - $bind_conf .= "\t};\n\n"; + $bind_conf .= preg_replace("/^/m","\t\t",$custom_options); + $bind_conf .= "\n\t};\n\n"; if ($bind_logging == on){ //check if bind is included on syslog @@ -245,15 +244,22 @@ EOD; #Config Zone domain if(!is_array($config["installedpackages"]["bindacls"]) || !is_array($config["installedpackages"]["bindacls"]["config"])){ - $config["installedpackages"]["bindacls"]["config"][] =array("name"=>"any","description"=>"Default Access list","row" => array("value"=> "","description"=>"")); - write_config("Create Default bind acl 'Any'"); + $config["installedpackages"]["bindacls"]["config"][] = + array("name"=>"none","description"=>"BIND Built-in ACL","row"=>array("value"=>"","description"=>"")); + $config["installedpackages"]["bindacls"]["config"][] = + array("name"=>"any","description"=>"BIND Built-in ACL","row"=>array("value"=>"","description"=>"")); + $config["installedpackages"]["bindacls"]["config"][] = + array("name"=>"localhost","description"=>"BIND Built-in ACL","row"=>array("value"=>"","description"=>"")); + $config["installedpackages"]["bindacls"]["config"][] = + array("name"=>"localnets","description"=>"BIND Built-in ACL","row"=>array("value"=>"","description"=>"")); + write_config("Create BIND Built-in ACLs"); } $bindacls = $config["installedpackages"]["bindacls"]["config"]; for ($i=0; $i<sizeof($bindacls); $i++) { $aclname = $bindacls[$i]['name']; $aclhost = $bindacls[$i]['row']; - if($aclname != "any"){ + if($aclname != "none" && $aclname != "any" && $aclname != "localhost" && $aclname != "localnets"){ $bind_conf .= "acl \"$aclname\" {\n"; for ($u=0; $u<sizeof($aclhost); $u++) { diff --git a/config/bind/bind.xml b/config/bind/bind.xml index 76fdf523..2f16b966 100644 --- a/config/bind/bind.xml +++ b/config/bind/bind.xml @@ -160,7 +160,7 @@ <field> <fielddescr>Hide Version</fielddescr> <fieldname>bind_hide_version</fieldname> - <description>Hide the version of BIND, this prevents discover the version of our servers, use any exploit that exploits a vulnerability in Bind.</description> + <description>Hide the version of BIND (do not process queries to version.bind at all). This makes it more difficult to exploit the server.</description> <type>checkbox</type> </field> <field> diff --git a/config/haproxy-devel/haproxy.inc b/config/haproxy-devel/haproxy.inc index 81de89f1..8f7c2a9c 100644 --- a/config/haproxy-devel/haproxy.inc +++ b/config/haproxy-devel/haproxy.inc @@ -1137,14 +1137,6 @@ function haproxy_check_run($reload) { $a_global = &$config['installedpackages']['haproxy']; $configpath = "{$g['varetc_path']}/haproxy"; - exec("/usr/bin/limits -n 300014"); - - if(use_transparent_clientip_proxying()) { - filter_configure(); - load_ipfw_rules(); - } else - mwexec("/usr/local/sbin/ipfw_context -d haproxy", true); - if(isset($a_global['enable'])) { if (isset($a_global['carpdev'])) { $status = get_carp_interface_status($a_global['carpdev']); @@ -1163,6 +1155,12 @@ function haproxy_check_run($reload) { } else if ($reload == 0) return (0); + if(use_transparent_clientip_proxying()) { + filter_configure(); + load_ipfw_rules(); + } else + mwexec("/usr/local/sbin/ipfw_context -d haproxy", true); + if (haproxy_is_running()) { if (isset($a_global['terminate_on_reload'])) $sf_st = "-st";//terminate old process as soon as the new process is listening diff --git a/config/squid3/33/check_ip.php b/config/squid3/33/check_ip.php index 6c65ff3f..e16cee0b 100644 --- a/config/squid3/33/check_ip.php +++ b/config/squid3/33/check_ip.php @@ -49,10 +49,11 @@ if ($pf_version > 2.0){ $dbhandle = sqlite_open("$dir/$file", 0666, $error); if ($dbhandle){ $query = "select * from captiveportal"; - $result = sqlite_query($dbhandle, $query); + $result = sqlite_array_query($dbhandle, $query, SQLITE_ASSOC); if ($result){ - $row = sqlite_fetch_array($result, SQLITE_ASSOC); - $cp_db[]=implode(",",$row); + foreach ($result as $rownum => $row){ + $cp_db[$rownum]=implode(",",$row); + } sqlite_close($dbhandle); } } diff --git a/config/squid3/33/squid.inc b/config/squid3/33/squid.inc index c55160bc..e13e51d1 100755 --- a/config/squid3/33/squid.inc +++ b/config/squid3/33/squid.inc @@ -5,7 +5,7 @@ Copyright (C) 2006-2009 Scott Ullrich Copyright (C) 2006 Fernando Lemos Copyright (C) 2012 Martin Fuchs - Copyright (C) 2012-2013 Marcello Coutinho + Copyright (C) 2012-2014 Marcello Coutinho Copyright (C) 2013 Gekkenhuis All rights reserved. @@ -95,6 +95,15 @@ function squid_chown_recursive($dir, $user, $group) { } } +function squid_check_clamav_user($user) + { + exec("/usr/sbin/pw usershow {$user}",$sq_ex_output,$sq_ex_return); + $user_arg=($sq_ex_return == 0?"mod":"add"); + exec("/usr/sbin/pw user{$user_arg} {$user} -G wheel -u 9595 -s /sbin/nologin",$sq_ex_output,$sq_ex_return); + if ($sq_ex_return != 0) + log_error("Squid - Could not change clamav user settings. ".serialize($sq_ex_output)); + } + /* setup cache */ function squid_dash_z() { global $config; @@ -1310,8 +1319,27 @@ function squid_resync_antivirus(){ if (preg_match("/fr/i",$squid_config['error_language'])) $clwarn="clwarn.cgi.fr_FR"; if (preg_match("/pt_br/i",$squid_config['error_language'])) - $clwarn="clwarn.cgi.pt_BR"; - copy(SQUID_LOCALBASE."/libexec/squidclamav/{$clwarn}","/usr/local/www/clwarn.cgi"); + $clwarn="clwarn.cgi.pt_BR"; + $clwarn_file="/usr/local/www/clwarn.cgi"; + copy(SQUID_LOCALBASE."/libexec/squidclamav/{$clwarn}",$clwarn_file); + + #fix perl path on clwarn.cgi + $clwarn_file_new=file_get_contents($clwarn_file); + $c_pattern[]="@/usr/\S+/perl@"; + $c_replacement[]=SQUID_LOCALBASE."/bin/perl"; + /*$c_pattern[]="@redirect \S+/clwarn.cgi@"; + $gui_proto=$config['system']['webgui']['protocol']; + $gui_port=$config['system']['webgui']['port']; + if($gui_port == "") { + $gui_port($gui_proto == "http"?"80":"443"); + } + $c_replacement[]=SQUID_LOCALBASE."redirect {$gui_proto}://127.0.0.1:{$gui_port}/clwarn.cgi"; + */ + $clwarn_file_new=preg_replace($c_pattern, $c_replacement,$clwarn_file_new); + file_put_contents($clwarn_file, $clwarn_file_new,LOCK_EX); + + #fix clwarn.cgi file permission + chmod($clwarn_file,0755); $conf = <<< EOF icap_enable on @@ -1346,7 +1374,7 @@ EOF; if (!isset($clamav_clamd_enable)) $rc_file.='clamav_clamd_enable="YES"'."\n"; file_put_contents("/etc/rc.conf.local",$rc_file,LOCK_EX); - + squid_check_clamav_user('clamav'); #patch sample files to pfsense dirs #squidclamav.conf if (!file_exists(SQUID_LOCALBASE."/etc/c-icap/squidclamav.conf.sample")) @@ -1391,9 +1419,13 @@ EOF; foreach ($dirs as $dir_path => $dir_user){ if (!is_dir($dir_path)) make_dirs($dir_path); - squid_chown_recursive($dir_path, $dir_user, $dir_user); + squid_chown_recursive($dir_path, $dir_user, "wheel"); + } + #Check clamav database + if (count(glob("/var/db/clamav/*d"))==0){ + log_error("Squid - Missing /var/db/clamav/*.cvd or *.cld files. Running freshclam on background."); + mwexec_bg(SQUID_LOCALBASE."/bin/freshclam"); } - #check startup scripts on pfsense > 2.1 if (preg_match("/usr.pbi/",SQUID_LOCALBASE)){ $rcd_files = scandir(SQUID_LOCALBASE."/etc/rc.d"); @@ -1410,7 +1442,7 @@ EOF; #check antivirus daemons #check icap if (is_process_running("c-icap")){ - mwexec('/bin/echo -n "reconfigure" > /var/run/c-icap/c-icap.ctl'); + mwexec_bg('/bin/echo -n "reconfigure" > /var/run/c-icap/c-icap.ctl'); } else{ #check c-icap user on startup file @@ -1421,13 +1453,13 @@ EOF; $cicapr[0]='c_icap_user="clamav"}'; file_put_contents($c_icap_rcfile,preg_replace($cicapm,$cicapr,$sample_file),LOCK_EX); } - mwexec("/usr/local/etc/rc.d/c-icap start"); + mwexec_bg("/usr/local/etc/rc.d/c-icap start"); } #check clamav if (is_process_running("clamd")) mwexec_bg("/usr/local/etc/rc.d/clamav-clamd reload"); else - mwexec("/usr/local/etc/rc.d/clamav-clamd start"); + mwexec_bg("/usr/local/etc/rc.d/clamav-clamd start"); } return $conf; } @@ -1533,12 +1565,12 @@ include('/usr/local/pkg/squid_reverse.inc'); function squid_resync_auth() { global $config, $valid_acls; - - if (is_array($config['installedpackages']['squidauth']['config'])) - $settings = $config['installedpackages']['squidauth']['config'][0]; - else - $settings = array(); - + $write_config=0; + if (!is_array($config['installedpackages']['squidauth']['config'])){ + $config['installedpackages']['squidauth']['config'][]=array('auth_method'=> "none"); + $write_config++; + } + $settings = $config['installedpackages']['squidauth']['config'][0]; if (is_array($config['installedpackages']['squidnac']['config'])) $settingsnac = $config['installedpackages']['squidnac']['config'][0]; else @@ -1549,6 +1581,9 @@ function squid_resync_auth() { else $settingsconfig = array(); + if ($write_config > 0) + write_config(); + $conf = ''; // SSL interception acl options part 1 diff --git a/config/suricata/suricata.inc b/config/suricata/suricata.inc index b87e2f6a..1b6f5eb3 100644 --- a/config/suricata/suricata.inc +++ b/config/suricata/suricata.inc @@ -39,6 +39,10 @@ global $g, $config; if (!is_array($config['installedpackages']['suricata'])) $config['installedpackages']['suricata'] = array(); +// Define the binary and package build versions +define('SURICATA_VER', '1.4.6'); +define('SURICATA_PKG_VER', 'v0.2-BETA'); + // Create some other useful defines define('SURICATADIR', '/usr/pbi/suricata-' . php_uname("m") . '/etc/suricata/'); define('SURICATALOGDIR', '/var/log/suricata/'); @@ -76,9 +80,9 @@ function suricata_is_running($suricata_uuid, $if_real, $type = 'suricata') { global $config, $g; if (isvalidpid("{$g['varrun_path']}/{$type}_{$if_real}{$suricata_uuid}.pid")) - return 'yes'; + return true; else - return 'no'; + return false; } function suricata_barnyard_stop($suricatacfg, $if_real) { @@ -154,7 +158,7 @@ function suricata_reload_config($suricatacfg, $signal="USR2") { $suricatadir = SURICATADIR; $suricata_uuid = $suricatacfg['uuid']; - $if_real = suricata_get_real_interface($suricatacfg['interface']); + $if_real = get_real_interface($suricatacfg['interface']); /******************************************************/ /* Only send the SIGUSR2 if Suricata is running and */ @@ -183,7 +187,7 @@ function suricata_barnyard_reload_config($suricatacfg, $signal="HUP") { $suricatadir = SURICATADIR; $suricata_uuid = $suricatacfg['uuid']; - $if_real = suricata_get_real_interface($suricatacfg['interface']); + $if_real = get_real_interface($suricatacfg['interface']); /******************************************************/ /* Only send the SIGHUP if Barnyard2 is running and */ @@ -196,22 +200,6 @@ function suricata_barnyard_reload_config($suricatacfg, $signal="HUP") { } } -function suricata_get_friendly_interface($interface) { - - // Pass this directly to the system for now. - // Later, this wrapper will be removed and all - // the Suricata code changed to use the system call. - return convert_friendly_interface_to_friendly_descr($interface); -} - -function suricata_get_real_interface($interface) { - - // Pass this directly to the system for now. - // Later, this wrapper will be removed and all - // the Suricata code changed to use the system call. - return get_real_interface($interface); -} - function suricata_get_blocked_ips() { // This is a placeholder function for later use. @@ -517,7 +505,7 @@ function sync_suricata_package_config() { $suricataconf = $config['installedpackages']['suricata']['rule']; foreach ($suricataconf as $value) { - $if_real = suricata_get_real_interface($value['interface']); + $if_real = get_real_interface($value['interface']); // create a suricata.yaml file for interface suricata_generate_yaml($value); @@ -669,7 +657,7 @@ function suricata_post_delete_logs($suricata_uuid = 0) { foreach ($config['installedpackages']['suricata']['rule'] as $value) { if ($value['uuid'] != $suricata_uuid) continue; - $if_real = suricata_get_real_interface($value['interface']); + $if_real = get_real_interface($value['interface']); $suricata_log_dir = SURICATALOGDIR . "suricata_{$if_real}{$suricata_uuid}"; if ($if_real != '') { @@ -1508,7 +1496,7 @@ function suricata_prepare_rule_files($suricatacfg, $suricatacfgdir) { return; // Log a message for rules rebuild in progress - log_error(gettext("[Suricata] Updating rules configuration for: " . suricata_get_friendly_interface($suricatacfg['interface']) . " ...")); + log_error(gettext("[Suricata] Updating rules configuration for: " . convert_friendly_interface_to_friendly_descr($suricatacfg['interface']) . " ...")); // Only rebuild rules if some are selected or an IPS Policy is enabled if (!empty($suricatacfg['rulesets']) || $suricatacfg['ips_policy_enable'] == 'on') { @@ -1581,7 +1569,7 @@ function suricata_prepare_rule_files($suricatacfg, $suricatacfgdir) { // If auto-flowbit resolution is enabled, generate the dependent flowbits rules file. if ($suricatacfg['autoflowbitrules'] == 'on') { - log_error('[Suricata] Enabling any flowbit-required rules for: ' . suricata_get_friendly_interface($suricatacfg['interface']) . '...'); + log_error('[Suricata] Enabling any flowbit-required rules for: ' . convert_friendly_interface_to_friendly_descr($suricatacfg['interface']) . '...'); $fbits = suricata_resolve_flowbits($all_rules, $enabled_rules); // Check for and disable any flowbit-required rules the user has @@ -1606,11 +1594,11 @@ function suricata_prepare_rule_files($suricatacfg, $suricatacfgdir) { // Log a warning if the interface has no rules defined or enabled if ($no_rules_defined) - log_error(gettext("[Suricata] Warning - no text rules selected for: " . suricata_get_friendly_interface($suricatacfg['interface']) . " ...")); + log_error(gettext("[Suricata] Warning - no text rules selected for: " . convert_friendly_interface_to_friendly_descr($suricatacfg['interface']) . " ...")); // Build a new sid-msg.map file from the enabled // rules and copy it to the interface directory. - log_error(gettext("[Suricata] Building new sig-msg.map file for " . suricata_get_friendly_interface($suricatacfg['interface']) . "...")); + log_error(gettext("[Suricata] Building new sig-msg.map file for " . convert_friendly_interface_to_friendly_descr($suricatacfg['interface']) . "...")); suricata_build_sid_msg_map("{$suricatacfgdir}/rules/", "{$suricatacfgdir}/sid-msg.map"); } @@ -1695,7 +1683,7 @@ function suricata_create_rc() { // the shell script. foreach ($suricataconf as $value) { $suricata_uuid = $value['uuid']; - $if_real = suricata_get_real_interface($value['interface']); + $if_real = get_real_interface($value['interface']); $start_barnyard = <<<EOE @@ -1914,13 +1902,17 @@ function suricata_generate_barnyard2_conf($suricatacfg, $if_real) { $suricatabarnyardlog_output_plugins .= "# syslog_full: log to a syslog receiver\n"; $suricatabarnyardlog_output_plugins .= "output alert_syslog_full: sensor_name {$suricatabarnyardlog_hostname_info_chk}, "; if ($suricatacfg['barnyard_syslog_local'] == 'on') - $suricatabarnyardlog_output_plugins .= "local, log_facility LOG_AUTH, log_priority LOG_INFO\n"; + $suricatabarnyardlog_output_plugins .= "local, log_facility LOG_AUTH, log_priority LOG_INFO\n\n"; else { $suricatabarnyardlog_output_plugins .= "server {$suricatacfg['barnyard_syslog_rhost']}, protocol {$suricatacfg['barnyard_syslog_proto']}, "; $suricatabarnyardlog_output_plugins .= "port {$suricatacfg['barnyard_syslog_dport']}, operation_mode {$suricatacfg['barnyard_syslog_opmode']}, "; - $suricatabarnyardlog_output_plugins .= "log_facility {$suricatacfg['barnyard_syslog_facility']}, log_priority {$suricatacfg['barnyard_syslog_priority']}\n"; + $suricatabarnyardlog_output_plugins .= "log_facility {$suricatacfg['barnyard_syslog_facility']}, log_priority {$suricatacfg['barnyard_syslog_priority']}\n\n"; } } + if ($suricatacfg['barnyard_bro_ids_enable'] == 'on') { + $suricatabarnyardlog_output_plugins .= "# alert_bro: log to a Bro-IDS receiver\n"; + $suricatabarnyardlog_output_plugins .= "output alert_bro: {$suricatacfg['barnyard_bro_ids_rhost']}:{$suricatacfg['barnyard_bro_ids_dport']}\n"; + } // Trim leading and trailing newlines and spaces $suricatabarnyardlog_output_plugins = rtrim($suricatabarnyardlog_output_plugins, "\n"); @@ -1986,7 +1978,7 @@ function suricata_generate_yaml($suricatacfg) { $suricatalogdir = SURICATALOGDIR; $flowbit_rules_file = FLOWBITS_FILENAME; $suricata_enforcing_rules_file = ENFORCING_RULES_FILENAME; - $if_real = suricata_get_real_interface($suricatacfg['interface']); + $if_real = get_real_interface($suricatacfg['interface']); $suricata_uuid = $suricatacfg['uuid']; $suricatacfgdir = "{$suricatadir}suricata_{$suricata_uuid}_{$if_real}"; diff --git a/config/suricata/suricata.priv.inc b/config/suricata/suricata.priv.inc index 7f5f1825..a17a307b 100644 --- a/config/suricata/suricata.priv.inc +++ b/config/suricata/suricata.priv.inc @@ -41,5 +41,7 @@ $priv_list['page-services-suricata']['match'][] = "suricata/suricata.inc*"; $priv_list['page-services-suricata']['match'][] = "suricata/suricata_post_install.php*"; $priv_list['page-services-suricata']['match'][] = "suricata/suricata_uninstall.php*"; $priv_list['page-services-suricata']['match'][] = "suricata/suricata_generate_yaml.php*"; - +$priv_list['page-services-suricata']['match'][] = "widgets/javascript/suricata_alerts.js*"; +$priv_list['page-services-suricata']['match'][] = "widgets/widgets/suricata_alerts.widget.php*"; +$priv_list['page-services-suricata']['match'][] = "widgets/include/widget-suricata.inc*"; ?>
\ No newline at end of file diff --git a/config/suricata/suricata.xml b/config/suricata/suricata.xml index 4760149d..46baa50c 100644 --- a/config/suricata/suricata.xml +++ b/config/suricata/suricata.xml @@ -42,7 +42,7 @@ <description>Suricata IDS/IPS Package</description> <requirements>None</requirements> <name>suricata</name> - <version>1.4.6 pkg v0.1-BETA</version> + <version>1.4.6 pkg v0.2-BETA</version> <title>Services: Suricata IDS</title> <include_file>/usr/local/pkg/suricata/suricata.inc</include_file> <menu> @@ -153,11 +153,6 @@ <chmod>0755</chmod> </additional_files_needed> <additional_files_needed> - <item>http://www.pfsense.com/packages/config/suricata/suricata_select_alias.php</item> - <prefix>/usr/local/www/suricata/</prefix> - <chmod>0755</chmod> - </additional_files_needed> - <additional_files_needed> <item>http://www.pfsense.com/packages/config/suricata/suricata_suppress.php</item> <prefix>/usr/local/www/suricata/</prefix> <chmod>0755</chmod> @@ -212,6 +207,21 @@ <prefix>/usr/local/www/suricata/</prefix> <chmod>0755</chmod> </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/www/widgets/javascript/</prefix> + <chmod>0644</chmod> + <item>http://www.pfsense.com/packages/config/suricata/suricata_alerts.js</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/www/widgets/widgets/</prefix> + <chmod>0644</chmod> + <item>http://www.pfsense.com/packages/config/suricata/suricata_alerts.widget.php</item> + </additional_files_needed> + <additional_files_needed> + <prefix>/usr/local/www/widgets/include/</prefix> + <chmod>0644</chmod> + <item>http://www.pfsense.com/packages/config/suricata/widget-suricata.inc</item> + </additional_files_needed> <!-- configpath gets expanded out automatically and config items will be stored in that location --> <configpath>['installedpackages']['suricata']</configpath> <tabs> diff --git a/config/suricata/suricata_alerts.js b/config/suricata/suricata_alerts.js new file mode 100644 index 00000000..9e5b0b29 --- /dev/null +++ b/config/suricata/suricata_alerts.js @@ -0,0 +1,83 @@ + +var suricatatimer; +var suricataisBusy = false; +var suricataisPaused = false; + +function suricata_alerts_fetch_new_rules_callback(callback_data) { + var data_split; + var new_data_to_add = Array(); + var data = callback_data; + + data_split = data.split("\n"); + + // Loop through rows and generate replacement HTML + for(var x=0; x<data_split.length-1; x++) { + row_split = data_split[x].split("||"); + var line = ''; + line = '<td width="22%" class="listMRr" nowrap>' + row_split[0] + '<br/>' + row_split[1] + '</td>'; + line += '<td width="39%" class="listMRr">' + row_split[2] + '<br/>' + row_split[3] + '</td>'; + line += '<td width="39%" class="listMRr">' + 'Pri: ' + row_split[4] + ' ' + row_split[5] + '</td>'; + new_data_to_add[new_data_to_add.length] = line; + } + suricata_alerts_update_div_rows(new_data_to_add); + suricataisBusy = false; +} +function suricata_alerts_update_div_rows(data) { + if(suricataisPaused) + return; + + var rows = jQuery('#suricata-alert-entries>tr'); + + // Number of rows to move by + var move = rows.length + data.length - suri_nentries; + if (move < 0) + move = 0; + + for (var i = rows.length - 1; i >= move; i--) { + jQuery(rows[i]).html(jQuery(rows[i - move]).html()); + } + + var tbody = jQuery('#suricata-alert-entries'); + for (var i = data.length - 1; i >= 0; i--) { + if (i < rows.length) { + jQuery(rows[i]).html(data[i]); + } else { + jQuery(tbody).prepend('<tr>' + data[i] + '</tr>'); + } + } + + // Add the even/odd class to each of the rows now + // they have all been added. + rows = jQuery('#suricata-alert-entries>tr'); + for (var i = 0; i < rows.length; i++) { + rows[i].className = i % 2 == 0 ? 'listMRodd' : 'listMReven'; + } +} + +function fetch_new_surialerts() { + if(suricataisPaused) + return; + if(suricataisBusy) + return; + + suricataisBusy = true; + + jQuery.ajax('/widgets/widgets/suricata_alerts.widget.php?getNewAlerts=' + new Date().getTime(), { + type: 'GET', + dataType: 'text', + success: function(data) { + suricata_alerts_fetch_new_rules_callback(data); + } + }); +} + +function suricata_alerts_toggle_pause() { + if(suricataisPaused) { + suricataisPaused = false; + fetch_new_surialerts(); + } else { + suricataisPaused = true; + } +} +/* start local AJAX engine */ +suricatatimer = setInterval('fetch_new_surialerts()', suricataupdateDelay); diff --git a/config/suricata/suricata_alerts.php b/config/suricata/suricata_alerts.php index c36c0dd7..3b135f32 100644 --- a/config/suricata/suricata_alerts.php +++ b/config/suricata/suricata_alerts.php @@ -121,10 +121,11 @@ function suricata_add_supplist_entry($suppress) { return false; } -if ($_GET['instance']) - $instanceid = $_GET['instance']; if ($_POST['instance']) $instanceid = $_POST['instance']; +// This is for the auto-refresh so wecan stay on the same interface +if (is_numeric($_GET['instance'])) + $instanceid = $_GET['instance']; if (empty($instanceid)) $instanceid = 0; @@ -163,63 +164,63 @@ if ($_POST['save']) { exit; } -//if ($_POST['todelete'] || $_GET['todelete']) { -// $ip = ""; -// if($_POST['todelete']) -// $ip = $_POST['todelete']; -// else if($_GET['todelete']) -// $ip = $_GET['todelete']; -// if (is_ipaddr($ip)) { -// exec("/sbin/pfctl -t snort2c -T delete {$ip}"); -// $savemsg = gettext("Host IP address {$ip} has been removed from the Blocked Table."); +//if ($_POST['unblock'] && $_POST['ip']) { +// if (is_ipaddr($_POST['ip'])) { +// exec("/sbin/pfctl -t snort2c -T delete {$_POST['ip']}"); +// $savemsg = gettext("Host IP address {$_POST['ip']} has been removed from the Blocked Table."); // } //} -if ($_GET['act'] == "addsuppress" && is_numeric($_GET['sidid']) && is_numeric($_GET['gen_id'])) { - if (empty($_GET['descr'])) - $suppress = "suppress gen_id {$_GET['gen_id']}, sig_id {$_GET['sidid']}\n"; - else - $suppress = "#{$_GET['descr']}\nsuppress gen_id {$_GET['gen_id']}, sig_id {$_GET['sidid']}\n"; - - /* Add the new entry to the Suppress List */ - if (suricata_add_supplist_entry($suppress)) - $savemsg = gettext("An entry for 'suppress gen_id {$_GET['gen_id']}, sig_id {$_GET['sidid']}' has been added to the Suppress List."); - else - $input_errors[] = gettext("Suppress List '{$a_instance[$instanceid]['suppresslistname']}' is defined for this interface, but it could not be found!"); -} - -if (($_GET['act'] == "addsuppress_srcip" || $_GET['act'] == "addsuppress_dstip") && is_numeric($_GET['sidid']) && is_numeric($_GET['gen_id'])) { - if ($_GET['act'] == "addsuppress_srcip") +if (($_POST['addsuppress_srcip'] || $_POST['addsuppress_dstip'] || $_POST['addsuppress']) && is_numeric($_POST['sidid']) && is_numeric($_POST['gen_id'])) { + if ($_POST['addsuppress_srcip']) $method = "by_src"; - else + elseif ($_POST['addsuppress_dstip']) $method = "by_dst"; - - /* Check for valid IP addresses, exit if not valid */ - if (is_ipaddr($_GET['ip']) || is_ipaddrv6($_GET['ip'])) { - if (empty($_GET['descr'])) - $suppress = "suppress gen_id {$_GET['gen_id']}, sig_id {$_GET['sidid']}, track {$method}, ip {$_GET['ip']}\n"; - else - $suppress = "#{$_GET['descr']}\nsuppress gen_id {$_GET['gen_id']}, sig_id {$_GET['sidid']}, track {$method}, ip {$_GET['ip']}\n"; - } - else { - header("Location: /suricata/suricata_alerts.php?instance={$instanceid}"); - exit; + else + $method ="all"; + + // See which kind of Suppress Entry to create + switch ($method) { + case "all": + if (empty($_POST['descr'])) + $suppress = "suppress gen_id {$_POST['gen_id']}, sig_id {$_POST['sidid']}\n"; + else + $suppress = "#{$_POST['descr']}\nsuppress gen_id {$_POST['gen_id']}, sig_id {$_POST['sidid']}\n"; + $success = gettext("An entry for 'suppress gen_id {$_GET['gen_id']}, sig_id {$_GET['sidid']}' has been added to the Suppress List."); + break; + case "by_src": + case "by_dst": + // Check for valid IP addresses, exit if not valid + if (is_ipaddr($_POST['ip']) || is_ipaddrv6($_POST['ip'])) { + if (empty($_POST['descr'])) + $suppress = "suppress gen_id {$_POST['gen_id']}, sig_id {$_POST['sidid']}, track {$method}, ip {$_POST['ip']}\n"; + else + $suppress = "#{$_POST['descr']}\nsuppress gen_id {$_POST['gen_id']}, sig_id {$_POST['sidid']}, track {$method}, ip {$_POST['ip']}\n"; + $success = gettext("An entry for 'suppress gen_id {$_POST['gen_id']}, sig_id {$_POST['sidid']}, track {$method}, ip {$_POST['ip']}' has been added to the Suppress List."); + } + else { + header("Location: /suricata/suricata_alerts.php"); + exit; + } + break; + default: + header("Location: /suricata/suricata_alerts.php"); + exit; } - /* Add the new entry to the Suppress List */ - if (suricata_add_supplist_entry($suppress)) - $savemsg = gettext("An entry for 'suppress gen_id {$_GET['gen_id']}, sig_id {$_GET['sidid']}, track {$method}, ip {$_GET['ip']}' has been added to the Suppress List."); + /* Add the new entry to the Suppress List and signal Suricata to reload config */ + if (suricata_add_supplist_entry($suppress)) { + suricata_reload_config($a_instance[$instanceid]); + $savemsg = $success; + } else - /* We did not find the defined list, so notify the user with an error */ $input_errors[] = gettext("Suppress List '{$a_instance[$instanceid]['suppresslistname']}' is defined for this interface, but it could not be found!"); } -if ($_GET['act'] == "togglesid" && is_numeric($_GET['sidid']) && is_numeric($_GET['gen_id'])) { - // Get the GID tag embedded in the clicked rule icon. - $gid = $_GET['gen_id']; - - // Get the SID tag embedded in the clicked rule icon. - $sid= $_GET['sidid']; +if ($_POST['togglesid'] && is_numeric($_POST['sidid']) && is_numeric($_POST['gen_id'])) { + // Get the GID and SID tags embedded in the clicked rule icon. + $gid = $_POST['gen_id']; + $sid= $_POST['sidid']; // See if the target SID is in our list of modified SIDs, // and toggle it if present. @@ -272,17 +273,13 @@ if ($_GET['act'] == "togglesid" && is_numeric($_GET['sidid']) && is_numeric($_GE $savemsg = gettext("The state for rule {$gid}:{$sid} has been modified. Suricata is 'live-reloading' the new rules list. Please wait at least 30 secs for the process to complete before toggling additional rules."); } -if ($_GET['action'] == "clear" || $_POST['delete']) { - conf_mount_rw(); +if ($_POST['delete']) { suricata_post_delete_logs($suricata_uuid); $fd = @fopen("{$suricatalogdir}suricata_{$if_real}{$suricata_uuid}/alerts.log", "w+"); if ($fd) fclose($fd); - conf_mount_ro(); /* XXX: This is needed if suricata is run as suricata user */ mwexec('/bin/chmod 660 {$suricatalogdir}*', true); - if (file_exists("{$g['varrun_path']}/suricata_{$if_real}{$suricata_uuid}.pid")) - mwexec("/bin/pkill -HUP -F {$g['varrun_path']}/suricata_{$if_real}{$suricata_uuid}.pid -a"); header("Location: /suricata/suricata_alerts.php?instance={$instanceid}"); exit; } @@ -332,16 +329,21 @@ if ($pconfig['arefresh'] == 'on') echo "<meta http-equiv=\"refresh\" content=\"60;url=/suricata/suricata_alerts.php?instance={$instanceid}\" />\n"; ?> -<?php if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';} - /* Display Alert message */ - if ($input_errors) { - print_input_errors($input_errors); // TODO: add checks - } - if ($savemsg) { - print_info_box($savemsg); - } +<?php +/* Display Alert message */ +if ($input_errors) { + print_input_errors($input_errors); // TODO: add checks +} +if ($savemsg) { + print_info_box($savemsg); +} ?> <form action="/suricata/suricata_alerts.php" method="post" id="formalert"> +<input type="hidden" name="sidid" id="sidid" value=""/> +<input type="hidden" name="gen_id" id="gen_id" value=""/> +<input type="hidden" name="ip" id="ip" value=""/> +<input type="hidden" name="descr" id="descr" value=""/> + <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr><td> <?php @@ -349,7 +351,7 @@ if ($pconfig['arefresh'] == 'on') $tab_array[] = array(gettext("Suricata Interfaces"), false, "/suricata/suricata_interfaces.php"); $tab_array[] = array(gettext("Global Settings"), false, "/suricata/suricata_global.php"); $tab_array[] = array(gettext("Update Rules"), false, "/suricata/suricata_download_updates.php"); - $tab_array[] = array(gettext("Alerts"), true, "/suricata/suricata_alerts.php?instance={$instanceid}"); + $tab_array[] = array(gettext("Alerts"), true, "/suricata/suricata_alerts.php"); $tab_array[] = array(gettext("Suppress"), false, "/suricata/suricata_suppress.php"); $tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php"); display_top_tabs($tab_array); @@ -364,13 +366,13 @@ if ($pconfig['arefresh'] == 'on') <tr> <td width="22%" class="vncell"><?php echo gettext('Instance to Inspect'); ?></td> <td width="78%" class="vtable"> - <select name="instance" id="instance" class="formselect" onChange="document.getElementById('formalert').method='get';document.getElementById('formalert').submit()"> + <select name="instance" id="instance" class="formselect" onChange="document.getElementById('formalert').method='post';document.getElementById('formalert').submit()"> <?php foreach ($a_instance as $id => $instance) { $selected = ""; if ($id == $instanceid) $selected = "selected"; - echo "<option value='{$id}' {$selected}> (" . suricata_get_friendly_interface($instance['interface']) . "){$instance['descr']}</option>\n"; + echo "<option value='{$id}' {$selected}> (" . convert_friendly_interface_to_friendly_descr($instance['interface']) . "){$instance['descr']}</option>\n"; } ?> </select> <?php echo gettext('Choose which instance alerts you want to inspect.'); ?> @@ -379,9 +381,9 @@ if ($pconfig['arefresh'] == 'on') <td width="22%" class="vncell"><?php echo gettext('Save or Remove Logs'); ?></td> <td width="78%" class="vtable"> <input name="download" type="submit" class="formbtns" value="Download"> <?php echo gettext('All ' . - 'log files will be saved.'); ?> <a href="/suricata/suricata_alerts.php?action=clear&instance=<?=$instanceid;?>"> + 'log files will be saved.'); ?> <input name="delete" type="submit" class="formbtns" value="Clear" - onclick="return confirm('Do you really want to remove all instance logs?')"></a> + onclick="return confirm('Do you really want to remove all instance logs?');"> <span class="red"><strong><?php echo gettext('Warning:'); ?></strong></span> <?php echo ' ' . gettext('all log files will be deleted.'); ?> </td> </tr> @@ -434,21 +436,30 @@ if ($pconfig['arefresh'] == 'on') /* make sure alert file exists */ if (file_exists("/var/log/suricata/suricata_{$if_real}{$suricata_uuid}/alerts.log")) { - exec("tail -{$anentries} -r /var/log/suricata/suricata_{$if_real}{$suricata_uuid}/alerts.log > /tmp/alerts_{$suricata_uuid}"); - if (file_exists("/tmp/alerts_{$suricata_uuid}")) { + exec("tail -{$anentries} -r /var/log/suricata/suricata_{$if_real}{$suricata_uuid}/alerts.log > /tmp/alerts_suricata{$suricata_uuid}"); + if (file_exists("/tmp/alerts_suricata{$suricata_uuid}")) { $tmpblocked = array_flip(suricata_get_blocked_ips()); $counter = 0; /* 0 1 2 3 4 5 6 7 8 9 10 11 12 */ /* File format timestamp,action,sig_generator,sig_id,sig_rev,msg,classification,priority,proto,src,srcport,dst,dstport */ - $fd = fopen("/tmp/alerts_{$suricata_uuid}", "r"); + $fd = fopen("/tmp/alerts_suricata{$suricata_uuid}", "r"); while (($fields = fgetcsv($fd, 1000, ',', '"')) !== FALSE) { if(count($fields) < 12) continue; + // Create a DateTime object from the event timestamp that + // we can use to easily manipulate output formats. + $event_tm = date_create_from_format("m/d/Y-H:i:s.u", $fields[0]); + + // Check the 'CATEGORY' field for the text "(null)" and + // substitute "Not Assigned". + if ($fields[6] == "(null)") + $fields[6] = "Not Assigned"; + /* Time */ - $alert_time = substr($fields[0], strpos($fields[0], '-')+1, -7); + $alert_time = date_format($event_tm, "H:i:s"); /* Date */ - $alert_date = trim(substr($fields[0], 0, strpos($fields[0], '-'))); + $alert_date = date_format($event_tm, "m/d/Y"); /* Description */ $alert_descr = $fields[5]; $alert_descr_url = urlencode($fields[5]); @@ -457,7 +468,7 @@ if (file_exists("/var/log/suricata/suricata_{$if_real}{$suricata_uuid}/alerts.lo /* Protocol */ $alert_proto = $fields[8]; /* IP SRC */ - $alert_ip_src = $fields[9]; + $alert_ip_src = inet_ntop(inet_pton($fields[9])); /* Add zero-width space as soft-break opportunity after each colon if we have an IPv6 address */ $alert_ip_src = str_replace(":", ":​", $alert_ip_src); /* Add Reverse DNS lookup icons */ @@ -470,24 +481,23 @@ if (file_exists("/var/log/suricata/suricata_{$if_real}{$suricata_uuid}/alerts.lo /* Add icons for auto-adding to Suppress List if appropriate */ if (!suricata_is_alert_globally_suppressed($supplist, $fields[2], $fields[3]) && !isset($supplist[$fields[2]][$fields[3]]['by_src'][$fields[9]])) { - $alert_ip_src .= " <a href='?instance={$instanceid}&act=addsuppress_srcip&sidid={$fields[3]}&gen_id={$fields[2]}&descr={$alert_descr_url}&ip=" . trim(urlencode($fields[9])) . "'>"; - $alert_ip_src .= "<img src='../themes/{$g['theme']}/images/icons/icon_plus.gif' width='12' height='12' border='0' "; - $alert_ip_src .= "title='" . gettext("Add this alert to the Suppress List and track by_src IP") . "'></a>"; + $alert_ip_src .= " <input type='image' name='addsuppress_srcip[]' onClick=\"encRuleSig('{$fields[2]}','{$fields[3]}','{$fields[9]}','{$alert_descr}');\" "; + $alert_ip_src .= "src='../themes/{$g['theme']}/images/icons/icon_plus.gif' width='12' height='12' border='0' "; + $alert_ip_src .= "title='" . gettext("Add this alert to the Suppress List and track by_src IP") . "'/>"; } elseif (isset($supplist[$fields[2]][$fields[3]]['by_src'][$fields[9]])) { $alert_ip_src .= " <img src='../themes/{$g['theme']}/images/icons/icon_plus_d.gif' width='12' height='12' border='0' "; $alert_ip_src .= "title='" . gettext("This alert track by_src IP is already in the Suppress List") . "'/>"; } /* Add icon for auto-removing from Blocked Table if required */ - if (isset($tmpblocked[$fields[9]])) { - $alert_ip_src .= " "; - $alert_ip_src .= "<a href='?instance={$instanceid}&todelete=" . trim(urlencode($fields[9])) . "'> - <img title=\"" . gettext("Remove host from Blocked Table") . "\" border=\"0\" width='12' height='12' name='todelete' id='todelete' alt=\"Remove from Blocked Hosts\" src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\"></a>"; - } +// if (isset($tmpblocked[$fields[9]])) { +// $alert_ip_src .= " <input type='image' name='unblock[]' onClick=\"document.getElementById('ip').value='{$fields[9]}';\" "; +// $alert_ip_src .= "title='" . gettext("Remove host from Blocked Table") . "' border='0' width='12' height='12' src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\"/>"; +// } /* IP SRC Port */ $alert_src_p = $fields[10]; /* IP Destination */ - $alert_ip_dst = $fields[11]; + $alert_ip_dst = inet_ntop(inet_pton($fields[11])); /* Add zero-width space as soft-break opportunity after each colon if we have an IPv6 address */ $alert_ip_dst = str_replace(":", ":​", $alert_ip_dst); /* Add Reverse DNS lookup icons */ @@ -499,29 +509,28 @@ if (file_exists("/var/log/suricata/suricata_{$if_real}{$suricata_uuid}/alerts.lo $alert_ip_dst .= "title='" . gettext("Resolve host via reverse DNS lookup") . "'></a>"; /* Add icons for auto-adding to Suppress List if appropriate */ if (!suricata_is_alert_globally_suppressed($supplist, $fields[2], $fields[3]) && - !isset($supplist[$fields[2]][$fields[3]]['by_dst'][$fields[1]])) { - $alert_ip_dst .= " <a href='?instance={$instanceid}&act=addsuppress_dstip&sidid={$fields[3]}&gen_id={$fields[2]}&descr={$alert_descr_url}&ip=" . trim(urlencode($fields[11])) . "'>"; - $alert_ip_dst .= "<img src='../themes/{$g['theme']}/images/icons/icon_plus.gif' width='12' height='12' border='0' "; - $alert_ip_dst .= "title='" . gettext("Add this alert to the Suppress List and track by_dst IP") . "'></a>"; + !isset($supplist[$fields[2]][$fields[3]]['by_dst'][$fields[11]])) { + $alert_ip_dst .= " <input type='image' name='addsuppress_dstip[]' onClick=\"encRuleSig('{$fields[2]}','{$fields[3]}','{$fields[11]}','{$alert_descr}');\" "; + $alert_ip_dst .= "src='../themes/{$g['theme']}/images/icons/icon_plus.gif' width='12' height='12' border='0' "; + $alert_ip_dst .= "title='" . gettext("Add this alert to the Suppress List and track by_dst IP") . "'/>"; } elseif (isset($supplist[$fields[2]][$fields[3]]['by_dst'][$fields[11]])) { $alert_ip_dst .= " <img src='../themes/{$g['theme']}/images/icons/icon_plus_d.gif' width='12' height='12' border='0' "; $alert_ip_dst .= "title='" . gettext("This alert track by_dst IP is already in the Suppress List") . "'/>"; } /* Add icon for auto-removing from Blocked Table if required */ - if (isset($tmpblocked[$fields[11]])) { - $alert_ip_dst .= " "; - $alert_ip_dst .= "<a href='?instance={$instanceid}&todelete=" . trim(urlencode($fields[11])) . "'> - <img title=\"" . gettext("Remove host from Blocked Table") . "\" border=\"0\" width='12' height='12' name='todelete' id='todelete' alt=\"Remove from Blocked Hosts\" src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\"></a>"; - } +// if (isset($tmpblocked[$fields[11]])) { +// $alert_ip_src .= " <input type='image' name='unblock[]' onClick=\"document.getElementById('ip').value='{$fields[11]}';\" "; +// $alert_ip_src .= "title='" . gettext("Remove host from Blocked Table") . "' border='0' width='12' height='12' src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\"/>"; +// } /* IP DST Port */ $alert_dst_p = $fields[12]; /* SID */ $alert_sid_str = "{$fields[2]}:{$fields[3]}"; if (!suricata_is_alert_globally_suppressed($supplist, $fields[2], $fields[3])) { - $sidsupplink = "<a href='?instance={$instanceid}&act=addsuppress&sidid={$fields[3]}&gen_id={$fields[2]}&descr={$alert_descr_url}'>"; - $sidsupplink .= "<img src='../themes/{$g['theme']}/images/icons/icon_plus.gif' width='12' height='12' border='0' "; - $sidsupplink .= "title='" . gettext("Add this alert to the Suppress List") . "'></a>"; + $sidsupplink = "<input type='image' name='addsuppress[]' onClick=\"encRuleSig('{$fields[2]}','{$fields[3]}','','{$alert_descr}');\" "; + $sidsupplink .= "src='../themes/{$g['theme']}/images/icons/icon_plus.gif' width='12' height='12' border='0' "; + $sidsupplink .= "title='" . gettext("Add this alert to the Suppress List") . "'/>"; } else { $sidsupplink = "<img src='../themes/{$g['theme']}/images/icons/icon_plus_d.gif' width='12' height='12' border='0' "; @@ -529,14 +538,14 @@ if (file_exists("/var/log/suricata/suricata_{$if_real}{$suricata_uuid}/alerts.lo } /* Add icon for toggling rule state */ if (isset($disablesid[$fields[2]][$fields[3]])) { - $sid_dsbl_link = "<a href='?instance={$instanceid}&act=togglesid&sidid={$fields[3]}&gen_id={$fields[2]}'>"; - $sid_dsbl_link .= "<img src='../themes/{$g['theme']}/images/icons/icon_reject.gif' width='11' height='11' border='0' "; - $sid_dsbl_link .= "title='" . gettext("Rule is forced to a disabled state. Click to remove the force-disable action from this rule.") . "'></a>"; + $sid_dsbl_link = "<input type='image' name='togglesid[]' onClick=\"encRuleSig('{$fields[2]}','{$fields[3]}','','');\" "; + $sid_dsbl_link .= "src='../themes/{$g['theme']}/images/icons/icon_reject.gif' width='11' height='11' border='0' "; + $sid_dsbl_link .= "title='" . gettext("Rule is forced to a disabled state. Click to remove the force-disable action from this rule.") . "'/>"; } else { - $sid_dsbl_link = "<a href='?instance={$instanceid}&act=togglesid&sidid={$fields[3]}&gen_id={$fields[2]}'>"; - $sid_dsbl_link .= "<img src='../themes/{$g['theme']}/images/icons/icon_block.gif' width='11' height='11' border='0' "; - $sid_dsbl_link .= "title='" . gettext("Force-disable this rule and remove it from current rules set.") . "'></a>"; + $sid_dsbl_link = "<input type='image' name='togglesid[]' onClick=\"encRuleSig('{$fields[2]}','{$fields[3]}','','');\" "; + $sid_dsbl_link .= "src='../themes/{$g['theme']}/images/icons/icon_block.gif' width='11' height='11' border='0' "; + $sid_dsbl_link .= "title='" . gettext("Force-disable this rule and remove it from current rules set.") . "'/>"; } /* DESCRIPTION */ $alert_class = $fields[6]; @@ -546,18 +555,18 @@ if (file_exists("/var/log/suricata/suricata_{$if_real}{$suricata_uuid}/alerts.lo <td class='listr' align='center'>{$alert_priority}</td> <td class='listr' align='center'>{$alert_proto}</td> <td class='listr' style=\"word-wrap:break-word;\">{$alert_class}</td> - <td class='listr' align='center'>{$alert_ip_src}</td> + <td class='listr' align='center' sorttable_customkey='{$fields[9]}'>{$alert_ip_src}</td> <td class='listr' align='center'>{$alert_src_p}</td> - <td class='listr' align='center'>{$alert_ip_dst}</td> + <td class='listr' align='center' sorttable_customkey='{$fields[11]}'>{$alert_ip_dst}</td> <td class='listr' align='center'>{$alert_dst_p}</td> - <td class='listr' align='center'>{$alert_sid_str}<br/>{$sidsupplink} {$sid_dsbl_link}</td> + <td class='listr' align='center' sorttable_customkey='{$fields[3]}'>{$alert_sid_str}<br/>{$sidsupplink} {$sid_dsbl_link}</td> <td class='listr' style=\"word-wrap:break-word;\">{$alert_descr}</td> </tr>\n"; $counter++; } fclose($fd); - @unlink("/tmp/alerts_{$suricata_uuid}"); + @unlink("/tmp/alerts_suricata{$suricata_uuid}"); } } ?> @@ -573,6 +582,21 @@ if (file_exists("/var/log/suricata/suricata_{$if_real}{$suricata_uuid}/alerts.lo <?php include("fend.inc"); ?> - +<script type="text/javascript"> +function encRuleSig(rulegid,rulesid,srcip,ruledescr) { + + // This function stuffs the passed GID, SID + // and other values into hidden Form Fields + // for postback. + if (typeof srcipip == "undefined") + var srcipip = ""; + if (typeof ruledescr == "undefined") + var ruledescr = ""; + document.getElementById("sidid").value = rulesid; + document.getElementById("gen_id").value = rulegid; + document.getElementById("ip").value = srcip; + document.getElementById("descr").value = ruledescr; +} +</script> </body> </html> diff --git a/config/suricata/suricata_alerts.widget.php b/config/suricata/suricata_alerts.widget.php new file mode 100644 index 00000000..370c6e96 --- /dev/null +++ b/config/suricata/suricata_alerts.widget.php @@ -0,0 +1,220 @@ +<?php +/* + suricata_alerts.widget.php + Copyright (C) 2009 Jim Pingle + mod 24-07-2012 + + Copyright (C) 2014 Bill Meeks + mod 03-Mar-2014 adapted for use with Suricata by Bill Meeks + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INClUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +$nocsrf = true; + +require_once("guiconfig.inc"); +require_once("/usr/local/www/widgets/include/widget-suricata.inc"); + +global $config, $g; + +/* Retrieve Suricata configuration */ +if (!is_array($config['installedpackages']['suricata']['rule'])) + $config['installedpackages']['suricata']['rule'] = array(); +$a_instance = &$config['installedpackages']['suricata']['rule']; + +/* array sorting */ +function sksort(&$array, $subkey="id", $sort_ascending=false) { + /* an empty array causes sksort to fail - this test alleviates the error */ + if(empty($array)) + return false; + if (count($array)){ + $temp_array[key($array)] = array_shift($array); + }; + foreach ($array as $key => $val){ + $offset = 0; + $found = false; + foreach ($temp_array as $tmp_key => $tmp_val) { + if (!$found and strtolower($val[$subkey]) > strtolower($tmp_val[$subkey])) { + $temp_array = array_merge((array)array_slice($temp_array,0,$offset), array($key => $val), array_slice($temp_array,$offset)); + $found = true; + }; + $offset++; + }; + if (!$found) $temp_array = array_merge($temp_array, array($key => $val)); + }; + + if ($sort_ascending) { + $array = array_reverse($temp_array); + } else $array = $temp_array; + /* below is the complement for empty array test */ + return true; +}; + +/* check if suricata widget variable is set */ +$suri_nentries = $config['widgets']['widget_suricata_display_lines']; +if (!isset($suri_nentries) || $suri_nentries < 0) + $suri_nentries = 5; + +// Called by Ajax to update alerts table contents +if (isset($_GET['getNewAlerts'])) { + $response = ""; + $suri_alerts = suricata_widget_get_alerts(); + $counter = 0; + foreach ($suri_alerts as $a) { + $response .= $a['instanceid'] . " " . $a['dateonly'] . "||" . $a['timeonly'] . "||" . $a['src'] . ":" . $a['srcport'] . "||"; + $response .= $a['dst'] . ":" . $a['dstport'] . "||" . $a['priority'] . "||" . $a['category'] . "\n"; + $counter++; + if($counter >= $suri_nentries) + break; + } + echo $response; + return; +} + +if(isset($_POST['widget_suricata_display_lines'])) { + $config['widgets']['widget_suricata_display_lines'] = $_POST['widget_suricata_display_lines']; + write_config("Saved Suricata Alerts Widget Displayed Lines Parameter via Dashboard"); + header("Location: ../../index.php"); +} + +// Read "$suri_nentries" worth of alerts from the top of the alerts.log file +function suricata_widget_get_alerts() { + + global $config, $a_instance, $suri_nentries; + $suricata_alerts = array(); + + /* read log file(s) */ + $counter=0; + foreach ($a_instance as $instanceid => $instance) { + $suricata_uuid = $a_instance[$instanceid]['uuid']; + $if_real = get_real_interface($a_instance[$instanceid]['interface']); + + // make sure alert file exists, then grab the most recent {$suri_nentries} from it + // and write them to a temp file. + if (file_exists("/var/log/suricata/suricata_{$if_real}{$suricata_uuid}/alerts.log")) { + exec("tail -{$suri_nentries} -r /var/log/suricata/suricata_{$if_real}{$suricata_uuid}/alerts.log > /tmp/surialerts_{$suricata_uuid}"); + if (file_exists("/tmp/surialerts_{$suricata_uuid}")) { + + /* 0 1 2 3 4 5 6 7 8 9 10 11 12 */ + /* File format: timestamp,action,sig_generator,sig_id,sig_rev,msg,classification,priority,proto,src,srcport,dst,dstport */ + $fd = fopen("/tmp/surialerts_{$suricata_uuid}", "r"); + while (($fields = fgetcsv($fd, 1000, ',', '"')) !== FALSE) { + if(count($fields) < 13) + continue; + + // Create a DateTime object from the event timestamp that + // we can use to easily manipulate output formats. + $event_tm = date_create_from_format("m/d/Y-H:i:s.u", $fields[0]); + + // Check the 'CATEGORY' field for the text "(null)" and + // substitute "No classtype defined". + if ($fields[6] == "(null)") + $fields[6] = "No classtype assigned"; + + $suricata_alerts[$counter]['instanceid'] = strtoupper($a_instance[$instanceid]['interface']); + $suricata_alerts[$counter]['timestamp'] = strval(date_timestamp_get($event_tm)); + $suricata_alerts[$counter]['timeonly'] = date_format($event_tm, "H:i:s"); + $suricata_alerts[$counter]['dateonly'] = date_format($event_tm, "M d"); + $suricata_alerts[$counter]['src'] = $fields[9]; + $suricata_alerts[$counter]['srcport'] = $fields[10]; + $suricata_alerts[$counter]['dst'] = $fields[11]; + $suricata_alerts[$counter]['dstport'] = $fields[12]; + $suricata_alerts[$counter]['priority'] = $fields[7]; + $suricata_alerts[$counter]['category'] = $fields[6]; + $counter++; + }; + fclose($fd); + @unlink("/tmp/surialerts_{$suricata_uuid}"); + }; + }; + }; + + // Sort the alerts array + if (isset($config['syslog']['reverse'])) { + sksort($suricata_alerts, 'timestamp', false); + } else { + sksort($suricata_alerts, 'timestamp', true); + } + + return $suricata_alerts; +} + +/* display the result */ +?> + +<script type="text/javascript"> +//<![CDATA[ +var suricataupdateDelay = 10000; // update every 10 second +var suri_nentries = <?php echo $suri_nentries; ?>; +//]]> +</script> + +<input type="hidden" id="suricata_alerts-config" name="suricata_alerts-config" value=""/> +<div id="suricata_alerts-settings" class="widgetconfigdiv" style="display:none;"> + <form action="/widgets/widgets/suricata_alerts.widget.php" method="post" name="iformd"> + Enter number of recent alerts to display (default is 5)<br/> + <input type="text" size="5" name="widget_suricata_display_lines" class="formfld unknown" id="widget_suricata_display_lines" value="<?= $config['widgets']['widget_suricata_display_lines'] ?>" /> + <input id="submitd" name="submitd" type="submit" class="formbtn" value="Save" /> + </form> +</div> + +<table width="100%" border="0" cellspacing="0" cellpadding="0"> + <thead> + <tr class="suricata-alert-header"> + <td width="22%" class="widgetsubheader" align="center">IF/Date</td> + <td width="39%" class="widgetsubheader" align="center">Src/Dst</td> + <td width="39%" class="widgetsubheader" align="center">Details</td> + </tr> + </thead> + <tbody id="suricata-alert-entries"> + <?php + $suricata_alerts = suricata_widget_get_alerts($suri_nentries); + $counter=0; + if (is_array($suricata_alerts)) { + foreach ($suricata_alerts as $alert) { + $evenRowClass = $counter % 2 ? " listMReven" : " listMRodd"; + echo(" <tr class='" . $evenRowClass . "'> + <td width='22%' class='listMRr' nowrap>" . $alert['instanceid'] . " " . $alert['dateonly'] . "<br/>" . $alert['timeonly'] . "</td> + <td width='39%' class='listMRr'>" . $alert['src'] . ":" . $alert['srcport'] . "<br>" . $alert['dst'] . ":" . $alert['dstport'] . "</td> + <td width='39%' class='listMRr'>Pri: " . $alert['priority'] . " " . $alert['category'] . "</td></tr>"); + $counter++; + if($counter >= $suri_nentries) + break; + } + } + ?> + </tbody> +</table> + +<script type="text/javascript"> +//<![CDATA[ + var suricataupdateDelay = 10000; // update every 10 seconds + var suri_nentries = <?php echo $suri_nentries; ?>; // default is 5 + +<!-- needed to display the widget settings menu --> +//<![CDATA[ + selectIntLink = "suricata_alerts-configure"; + textlink = document.getElementById(selectIntLink); + textlink.style.display = "inline"; +//]]> +</script> + diff --git a/config/suricata/suricata_app_parsers.php b/config/suricata/suricata_app_parsers.php index 0be45c32..e8f20226 100644 --- a/config/suricata/suricata_app_parsers.php +++ b/config/suricata/suricata_app_parsers.php @@ -28,7 +28,6 @@ * POSSIBILITY OF SUCH DAMAGE. */ - require_once("guiconfig.inc"); require_once("/usr/local/pkg/suricata/suricata.inc"); @@ -37,10 +36,8 @@ global $g, $rebuild_rules; $id = $_GET['id']; if (isset($_POST['id'])) $id = $_POST['id']; -if (is_null($id)) { - header("Location: /suricata/suricata_interfaces.php"); - exit; -} +if (is_null($id)) + $id = 0; if (!is_array($config['installedpackages']['suricata'])) $config['installedpackages']['suricata'] = array(); @@ -51,10 +48,21 @@ if (!is_array($config['installedpackages']['suricata']['rule'])) if (!is_array($config['installedpackages']['suricata']['rule'][$id]['libhtp_policy']['item'])) $config['installedpackages']['suricata']['rule'][$id]['libhtp_policy']['item'] = array(); +// Initialize required array variables as necessary +if (!is_array($config['aliases']['alias'])) + $config['aliases']['alias'] = array(); +$a_aliases = $config['aliases']['alias']; + $a_nat = &$config['installedpackages']['suricata']['rule']; $libhtp_engine_next_id = count($a_nat[$id]['libhtp_policy']['item']); +// Build a lookup array of currently used engine 'bind_to' Aliases +// so we can screen matching Alias names from the list. +$used = array(); +foreach ($a_nat[$id]['libhtp_policy']['item'] as $v) + $used[$v['bind_to']] = true; + $pconfig = array(); if (isset($id) && $a_nat[$id]) { /* Get current values from config for page form fields */ @@ -78,29 +86,143 @@ if (isset($id) && $a_nat[$id]) { $pconfig['libhtp_policy'] = $a_nat[$id]['libhtp_policy']; } -// Check for returned "selected alias" if action is import -if ($_GET['act'] == "import" && isset($_GET['varname']) && !empty($_GET['varvalue'])) { - $pconfig[$_GET['varname']] = $_GET['varvalue']; +// Check for "import or select alias mode" and set flags if TRUE. +// "selectalias", when true, displays radio buttons to limit +// multiple selections. +if ($_POST['import_alias']) { + $importalias = true; + $selectalias = false; + $title = "HTTP Server Policy"; } - -if ($_GET['act'] && isset($_GET['eng_id'])) { - +elseif ($_POST['select_alias']) { + $importalias = true; + $selectalias = true; + $title = "HTTP Server Policy"; + + // Preserve current Libhtp Policy Engine settings + $eng_id = $_POST['eng_id']; + $eng_name = $_POST['policy_name']; + $eng_bind = $_POST['policy_bind_to']; + $eng_personality = $_POST['personality']; + $eng_req_body_limit = $_POST['req_body_limit']; + $eng_resp_body_limit = $_POST['resp_body_limit']; + $eng_enable_double_decode_path = $_POST['enable_double_decode_path']; + $eng_enable_double_decode_query = $_POST['enable_double_decode_query']; + $mode = "add_edit_libhtp_policy"; +} +if ($_POST['save_libhtp_policy']) { + if ($_POST['eng_id'] != "") { + $eng_id = $_POST['eng_id']; + + // Grab all the POST values and save in new temp array + $engine = array(); + $policy_name = trim($_POST['policy_name']); + if ($policy_name) { + $engine['name'] = $policy_name; + } + else + $input_errors[] = gettext("The 'Policy Name' value cannot be blank."); + + if ($_POST['policy_bind_to']) { + if (is_alias($_POST['policy_bind_to'])) + $engine['bind_to'] = $_POST['policy_bind_to']; + elseif (strtolower(trim($_POST['policy_bind_to'])) == "all") + $engine['bind_to'] = "all"; + else + $input_errors[] = gettext("You must provide a valid Alias or the reserved keyword 'all' for the 'Bind-To IP Address' value."); + } + else + $input_errors[] = gettext("The 'Bind-To IP Address' value cannot be blank. Provide a valid Alias or the reserved keyword 'all'."); + + if ($_POST['personality']) { $engine['personality'] = $_POST['personality']; } else { $engine['personality'] = "bsd"; } + + if (is_numeric($_POST['req_body_limit']) && $_POST['req_body_limit'] >= 0) + $engine['request-body-limit'] = $_POST['req_body_limit']; + else + $input_errors[] = gettext("The value for 'Request Body Limit' must be all numbers and greater than or equal to zero."); + + if (is_numeric($_POST['resp_body_limit']) && $_POST['resp_body_limit'] >= 0) + $engine['response-body-limit'] = $_POST['resp_body_limit']; + else + $input_errors[] = gettext("The value for 'Response Body Limit' must be all numbers and greater than or equal to zero."); + + if ($_POST['enable_double_decode_path']) { $engine['double-decode-path'] = 'yes'; }else{ $engine['double-decode-path'] = 'no'; } + if ($_POST['enable_double_decode_query']) { $engine['double-decode-query'] = 'yes'; }else{ $engine['double-decode-query'] = 'no'; } + + // Can only have one "all" Bind_To address + if ($engine['bind_to'] == "all" && $engine['name'] <> "default") + $input_errors[] = gettext("Only one default OS-Policy Engine can be bound to all addresses."); + + // if no errors, write new entry to conf + if (!$input_errors) { + if (isset($eng_id) && $a_nat[$id]['libhtp_policy']['item'][$eng_id]) { + $a_nat[$id]['libhtp_policy']['item'][$eng_id] = $engine; + } + else + $a_nat[$id]['libhtp_policy']['item'][] = $engine; + + /* Reorder the engine array to ensure the */ + /* 'bind_to=all' entry is at the bottom */ + /* if it contains more than one entry. */ + if (count($a_nat[$id]['libhtp_policy']['item']) > 1) { + $i = -1; + foreach ($a_nat[$id]['libhtp_policy']['item'] as $f => $v) { + if ($v['bind_to'] == "all") { + $i = $f; + break; + } + } + /* Only relocate the entry if we */ + /* found it, and it's not already */ + /* at the end. */ + if ($i > -1 && ($i < (count($a_nat[$id]['libhtp_policy']['item']) - 1))) { + $tmp = $a_nat[$id]['libhtp_policy']['item'][$i]; + unset($a_nat[$id]['libhtp_policy']['item'][$i]); + $a_nat[$id]['libhtp_policy']['item'][] = $tmp; + } + } + + // Now write the new engine array to conf + write_config(); + $pconfig['libhtp_policy']['item'] = $a_nat[$id]['libhtp_policy']['item']; + } + else { + $add_edit_libhtp_policy = true; + $pengcfg = $engine; + } + } +} +elseif ($_POST['add_libhtp_policy']) { + $add_edit_libhtp_policy = true; + $pengcfg = array( "name" => "engine_{$libhtp_engine_next_id}", "bind_to" => "", "personality" => "IDS", + "request-body-limit" => "4096", "response-body-limit" => "4096", + "double-decode-path" => "no", "double-decode-query" => "no" ); + $eng_id = $libhtp_engine_next_id; +} +elseif ($_POST['edit_libhtp_policy']) { + if ($_POST['eng_id'] != "") { + $add_edit_libhtp_policy = true; + $eng_id = $_POST['eng_id']; + $pengcfg = $a_nat[$id]['libhtp_policy']['item'][$eng_id]; + } +} +elseif ($_POST['del_libhtp_policy']) { $natent = array(); $natent = $pconfig; - if ($_GET['act'] == "del_libhtp_policy") - unset($natent['libhtp_policy']['item'][$_GET['eng_id']]); - + if ($_POST['eng_id'] != "") { + unset($natent['libhtp_policy']['item'][$_POST['eng_id']]); + $pconfig = $natent; + } if (isset($id) && $a_nat[$id]) { $a_nat[$id] = $natent; write_config(); } - - header("Location: /suricata/suricata_app_parsers.php?id=$id"); - exit; } - -if ($_POST['ResetAll']) { +elseif ($_POST['cancel_libhtp_policy']) { + $add_edit_libhtp_policy = false; +} +elseif ($_POST['ResetAll']) { /* Reset all the settings to defaults */ $pconfig['asn1_max_frames'] = "256"; @@ -108,7 +230,111 @@ if ($_POST['ResetAll']) { /* Log a message at the top of the page to inform the user */ $savemsg = gettext("All flow and stream settings have been reset to their defaults."); } -elseif ($_POST['Submit']) { +elseif ($_POST['save_import_alias']) { + // If saving out of "select alias" mode, + // then return to Libhtp Policy Engine edit + // page. + if ($_POST['mode'] == 'add_edit_libhtp_policy') { + $pengcfg = array(); + $eng_id = $_POST['eng_id']; + $pengcfg['name'] = $_POST['eng_name']; + $pengcfg['bind_to'] = $_POST['eng_bind']; + $pengcfg['personality'] = $_POST['eng_personality']; + $pengcfg['request-body-limit'] = $_POST['eng_req_body_limit']; + $pengcfg['response-body-limit'] = $_POST['eng_resp_body_limit']; + $pengcfg['double-decode-path'] = $_POST['eng_enable_double_decode_path']; + $pengcfg['double-decode-query'] = $_POST['eng_enable_double_decode_query']; + $add_edit_libhtp_policy = true; + $mode = "add_edit_libhtp_policy"; + + if (is_array($_POST['aliastoimport']) && count($_POST['aliastoimport']) == 1) { + $pengcfg['bind_to'] = $_POST['aliastoimport'][0]; + $importalias = false; + $selectalias = false; + } + else { + $input_errors[] = gettext("No Alias is selected for import. Nothing to SAVE."); + $importalias = true; + $selectalias = true; + $eng_id = $_POST['eng_id']; + $eng_name = $_POST['eng_name']; + $eng_bind = $_POST['eng_bind']; + $eng_personality = $_POST['eng_personality']; + $eng_req_body_limit = $_POST['eng_req_body_limit']; + $eng_resp_body_limit = $_POST['eng_resp_body_limit']; + $eng_enable_double_decode_path = $_POST['eng_enable_double_decode_path']; + $eng_enable_double_decode_query = $_POST['eng_enable_double_decode_query']; + } + } + else { + $engine = array( "name" => "", "bind_to" => "", "personality" => "IDS", + "request-body-limit" => "4096", "response-body-limit" => "4096", + "double-decode-path" => "no", "double-decode-query" => "no" ); + + // See if anything was checked to import + if (is_array($_POST['aliastoimport']) && count($_POST['aliastoimport']) > 0) { + foreach ($_POST['aliastoimport'] as $item) { + $engine['name'] = strtolower($item); + $engine['bind_to'] = $item; + $a_nat[$id]['libhtp_policy']['item'][] = $engine; + } + } + else { + $input_errors[] = gettext("No entries were selected for import. Please select one or more Aliases for import and click SAVE."); + $importalias = true; + } + + // if no errors, write new entry to conf + if (!$input_errors) { + // Reorder the engine array to ensure the + // 'bind_to=all' entry is at the bottom if + // the array contains more than one entry. + if (count($a_nat[$id]['libhtp_policy']['item']) > 1) { + $i = -1; + foreach ($a_nat[$id]['libhtp_policy']['item'] as $f => $v) { + if ($v['bind_to'] == "all") { + $i = $f; + break; + } + } + // Only relocate the entry if we + // found it, and it's not already + // at the end. + if ($i > -1 && ($i < (count($a_nat[$id]['libhtp_policy']['item']) - 1))) { + $tmp = $a_nat[$id]['libhtp_policy']['item'][$i]; + unset($a_nat[$id]['libhtp_policy']['item'][$i]); + $a_nat[$id]['libhtp_policy']['item'][] = $tmp; + } + $pconfig['libhtp_policy']['item'] = $a_nat[$id]['libhtp_policy']['item']; + } + + // Write the new engine array to config file + write_config(); + $importalias = false; + } + } +} +elseif ($_POST['cancel_import_alias']) { + $importalias = false; + $selectalias = false; + $eng_id = $_POST['eng_id']; + + // If cancelling out of "select alias" mode, + // then return to Libhtp Policy Engine edit + // page. + if ($_POST['mode'] == 'add_edit_libhtp_policy') { + $pengcfg = array(); + $pengcfg['name'] = $_POST['eng_name']; + $pengcfg['bind_to'] = $_POST['eng_bind']; + $pengcfg['personality'] = $_POST['eng_personality']; + $pengcfg['request-body-limit'] = $_POST['eng_req_body_limit']; + $pengcfg['response-body-limit'] = $_POST['eng_resp_body_limit']; + $pengcfg['double-decode-path'] = $_POST['eng_enable_double_decode_path']; + $pengcfg['double-decode-query'] = $_POST['eng_enable_double_decode_query']; + $add_edit_libhtp_policy = true; + } +} +elseif ($_POST['save']) { $natent = array(); $natent = $pconfig; @@ -122,15 +348,14 @@ elseif ($_POST['Submit']) { /**************************************************/ /* If we have a valid rule ID, save configuration */ - /* then update the suricata.conf file and rebuild */ - /* the rules for this interface. */ + /* then update the suricata.conf file for this */ + /* interface. */ /**************************************************/ if (isset($id) && $a_nat[$id]) { $a_nat[$id] = $natent; write_config(); - $rebuild_rules = true; - suricata_generate_yaml($natent); $rebuild_rules = false; + suricata_generate_yaml($natent); } header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' ); @@ -149,29 +374,19 @@ include_once("head.inc"); ?> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> -<?php include("fbegin.inc"); ?> -<?php if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';} - - - /* Display Alert message */ - +<?php include("fbegin.inc"); + /* Display error or save message */ if ($input_errors) { print_input_errors($input_errors); // TODO: add checks } - if ($savemsg) { print_info_box($savemsg); } - ?> -<script type="text/javascript" src="/javascript/autosuggest.js"> -</script> -<script type="text/javascript" src="/javascript/suggestions.js"> -</script> - -<form action="suricata_app_parsers.php" method="post" - enctype="multipart/form-data" name="iform" id="iform"> +<form action="suricata_app_parsers.php" method="post" name="iform" id="iform"> +<input name="id" type="hidden" value="<?=$id;?>"/> +<input type="hidden" name="eng_id" id="eng_id" value="<?=$eng_id;?>"/> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr><td> <?php @@ -179,9 +394,9 @@ include_once("head.inc"); $tab_array[] = array(gettext("Suricata Interfaces"), true, "/suricata/suricata_interfaces.php"); $tab_array[] = array(gettext("Global Settings"), false, "/suricata/suricata_global.php"); $tab_array[] = array(gettext("Update Rules"), false, "/suricata/suricata_download_updates.php"); - $tab_array[] = array(gettext("Alerts"), false, "/suricata/suricata_alerts.php"); + $tab_array[] = array(gettext("Alerts"), false, "/suricata/suricata_alerts.php?instance={$id}"); $tab_array[] = array(gettext("Suppress"), false, "/suricata/suricata_suppress.php"); - $tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php"); + $tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php?instance={$id}"); display_top_tabs($tab_array); echo '</td></tr>'; echo '<tr><td>'; @@ -198,6 +413,25 @@ include_once("head.inc"); ?> </td></tr> <tr><td><div id="mainarea"> + +<?php if ($importalias) : ?> + <?php include("/usr/local/www/suricata/suricata_import_aliases.php"); + if ($selectalias) { + echo '<input type="hidden" name="eng_name" value="' . $eng_name . '"/>'; + echo '<input type="hidden" name="eng_bind" value="' . $eng_bind . '"/>'; + echo '<input type="hidden" name="eng_personality" value="' . $eng_personality . '"/>'; + echo '<input type="hidden" name="eng_req_body_limit" value="' . $eng_req_body_limit . '"/>'; + echo '<input type="hidden" name="eng_resp_body_limit" value="' . $eng_resp_body_limit . '"/>'; + echo '<input type="hidden" name="eng_enable_double_decode_path" value="' . $eng_enable_double_decode_path . '"/>'; + echo '<input type="hidden" name="eng_enable_double_decode_query" value="' . $eng_enable_double_decode_query . '"/>'; + } + ?> + +<?php elseif ($add_edit_libhtp_policy) : ?> + <?php include("/usr/local/www/suricata/suricata_libhtp_policy_engine.php"); ?> + +<?php else: ?> + <table id="maintable" class="tabcont" width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> @@ -231,25 +465,23 @@ include_once("head.inc"); <tr> <th class="listhdrr" axis="string"><?php echo gettext("Name");?></th> <th class="listhdrr" axis="string"><?php echo gettext("Bind-To Address Alias");?></th> - <th class="list" align="right"><a href="suricata_import_aliases.php?id=<?=$id?>&eng=libhtp_policy"> - <img src="../themes/<?= $g['theme'];?>/images/icons/icon_import_alias.gif" width="17" - height="17" border="0" title="<?php echo gettext("Import server configuration from existing Aliases");?>"></a> - <a href="suricata_libhtp_policy_engine.php?id=<?=$id?>&eng_id=<?=$libhtp_engine_next_id?>"> - <img src="../themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" width="17" - height="17" border="0" title="<?php echo gettext("Add a new server configuration");?>"></a></th> + <th class="list" align="right"><input type="image" name="import_alias[]" src="../themes/<?= $g['theme'];?>/images/icons/icon_import_alias.gif" width="17" + height="17" border="0" title="<?php echo gettext("Import server configuration from existing Aliases");?>"/> + <input type="image" name="add_libhtp_policy[]" src="../themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" width="17" + height="17" border="0" title="<?php echo gettext("Add a new server configuration");?>"></th> </tr> </thead> <?php foreach ($pconfig['libhtp_policy']['item'] as $f => $v): ?> <tr> <td class="listlr" align="left"><?=gettext($v['name']);?></td> <td class="listbg" align="center"><?=gettext($v['bind_to']);?></td> - <td class="listt" align="right"><a href="suricata_libhtp_policy_engine.php?id=<?=$id;?>&eng_id=<?=$f;?>"> - <img src="/themes/<?=$g['theme'];?>/images/icons/icon_e.gif" - width="17" height="17" border="0" title="<?=gettext("Edit this server configuration");?>"></a> + <td class="listt" align="right"><input type="image" name="edit_libhtp_policy[]" value="<?=$f;?>" onclick="document.getElementById('eng_id').value='<?=$f;?>'" + src="/themes/<?=$g['theme'];?>/images/icons/icon_e.gif" + width="17" height="17" border="0" title="<?=gettext("Edit this server configuration");?>"/> <?php if ($v['bind_to'] <> "all") : ?> - <a href="suricata_app_parsers.php?id=<?=$id;?>&eng_id=<?=$f;?>&act=del_libhtp_policy" onclick="return confirm('Are you sure you want to delete this entry?');"> - <img src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif" width="17" height="17" border="0" - title="<?=gettext("Delete this server configuration");?>"></a> + <input type="image" name="del_libhtp_policy[]" value="<?=$f;?>" onclick="document.getElementById('eng_id').value='<?=$f;?>';return confirm('Are you sure you want to delete this entry?');" + src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif" width="17" height="17" border="0" + title="<?=gettext("Delete this server configuration");?>"> <?php else : ?> <img src="/themes/<?=$g['theme'];?>/images/icons/icon_x_d.gif" width="17" height="17" border="0" title="<?=gettext("Default server configuration cannot be deleted");?>"> @@ -263,9 +495,9 @@ include_once("head.inc"); <tr> <td width="22%" valign="top"> </td> <td width="78%"> - <input name="Submit" type="submit" class="formbtn" value="Save" title="<?php echo + <input name="save" type="submit" class="formbtn" value="Save" title="<?php echo gettext("Save flow and stream settings"); ?>"> - <input name="id" type="hidden" value="<?=$id;?>"> + <input name="ResetAll" type="submit" class="formbtn" value="Reset" title="<?php echo gettext("Reset all settings to defaults") . "\" onclick=\"return confirm('" . gettext("WARNING: This will reset ALL App Parsers settings to their defaults. Click OK to continue or CANCEL to quit.") . @@ -278,26 +510,12 @@ include_once("head.inc"); <?php echo gettext("may take several seconds. Suricata must also be restarted to activate any changes made on this screen."); ?></td> </tr> </table> + +<?php endif; ?> + </div> </td></tr></table> </form> -<script type="text/javascript"> -function wopen(url, name, w, h) -{ - // Fudge factors for window decoration space. - // In my tests these work well on all platforms & browsers. - w += 32; - h += 96; - var win = window.open(url, - name, - 'width=' + w + ', height=' + h + ', ' + - 'location=no, menubar=no, ' + - 'status=no, toolbar=no, scrollbars=yes, resizable=yes'); - win.resizeTo(w, h); - win.focus(); -} - -</script> <?php include("fend.inc"); ?> </body> </html> diff --git a/config/suricata/suricata_barnyard.php b/config/suricata/suricata_barnyard.php index f0bdbd17..e1ae892e 100644 --- a/config/suricata/suricata_barnyard.php +++ b/config/suricata/suricata_barnyard.php @@ -46,8 +46,8 @@ if (!is_array($config['installedpackages']['suricata']['rule'])) $a_nat = &$config['installedpackages']['suricata']['rule']; $pconfig = array(); + if (isset($id) && $a_nat[$id]) { - /* old options */ $pconfig = $a_nat[$id]; if (!empty($a_nat[$id]['barnconfigpassthru'])) $pconfig['barnconfigpassthru'] = base64_decode($a_nat[$id]['barnconfigpassthru']); @@ -69,28 +69,20 @@ if (isset($id) && $a_nat[$id]) { $pconfig['barnyard_syslog_facility'] = "LOG_USER"; if (empty($a_nat[$id]['barnyard_syslog_priority'])) $pconfig['barnyard_syslog_priority'] = "LOG_INFO"; + if (empty($a_nat[$id]['barnyard_bro_ids_dport'])) + $pconfig['barnyard_bro_ids_dport'] = "47760"; if (empty($a_nat[$id]['barnyard_sensor_name'])) $pconfig['barnyard_sensor_name'] = php_uname("n"); } -if (isset($_GET['dup'])) - unset($id); - -if ($_POST) { - - foreach ($a_nat as $natent) { - if (isset($id) && ($a_nat[$id]) && ($a_nat[$id] === $natent)) - continue; - if ($natent['interface'] != $_POST['interface']) - $input_error[] = "This interface has already an instance defined"; - } - +if ($_POST['save']) { // Check that at least one output plugin is enabled - if ($_POST['barnyard_mysql_enable'] != 'on' && $_POST['barnyard_syslog_enable'] != 'on') + if ($_POST['barnyard_mysql_enable'] != 'on' && $_POST['barnyard_syslog_enable'] != 'on' && + $_POST['barnyard_bro_ids_enable'] != 'on' && $_POST['barnyard_enable'] == "on") $input_errors[] = gettext("You must enable at least one output option when using Barnyard2."); // Validate inputs if MySQL database loggging enabled - if ($_POST['barnyard_mysql_enable'] == 'on') { + if ($_POST['barnyard_mysql_enable'] == 'on' && $_POST['barnyard_enable'] == "on") { if (empty($_POST['barnyard_dbhost'])) $input_errors[] = gettext("Please provide a valid hostname or IP address for the MySQL database host."); if (empty($_POST['barnyard_dbname'])) @@ -100,13 +92,22 @@ if ($_POST) { } // Validate inputs if syslog output enabled - if ($_POST['barnyard_syslog_enable'] == 'on' && $_POST['barnyard_syslog_local'] <> 'on') { + if ($_POST['barnyard_syslog_enable'] == 'on' && $_POST['barnyard_syslog_local'] <> 'on' && + $_POST['barnyard_enable'] == "on") { if (empty($_POST['barnyard_syslog_dport']) || !is_numeric($_POST['barnyard_syslog_dport'])) $input_errors[] = gettext("Please provide a valid number between 1 and 65535 for the Syslog Remote Port."); if (empty($_POST['barnyard_syslog_rhost'])) $input_errors[] = gettext("Please provide a valid hostname or IP address for the Syslog Remote Host."); } + // Validate inputs if Bro-IDS output enabled + if ($_POST['barnyard_bro_ids_enable'] == 'on' && $_POST['barnyard_enable'] == "on") { + if (empty($_POST['barnyard_bro_ids_dport']) || !is_numeric($_POST['barnyard_bro_ids_dport'])) + $input_errors[] = gettext("Please provide a valid number between 1 and 65535 for the Bro-IDS Remote Port."); + if (empty($_POST['barnyard_bro_ids_rhost'])) + $input_errors[] = gettext("Please provide a valid hostname or IP address for the Bro-IDS Remote Host."); + } + // if no errors write to conf if (!$input_errors) { $natent = array(); @@ -121,6 +122,7 @@ if ($_POST) { $natent['barnyard_mysql_enable'] = $_POST['barnyard_mysql_enable'] ? 'on' : 'off'; $natent['barnyard_syslog_enable'] = $_POST['barnyard_syslog_enable'] ? 'on' : 'off'; $natent['barnyard_syslog_local'] = $_POST['barnyard_syslog_local'] ? 'on' : 'off'; + $natent['barnyard_bro_ids_enable'] = $_POST['barnyard_bro_ids_enable'] ? 'on' : 'off'; $natent['barnyard_syslog_opmode'] = $_POST['barnyard_syslog_opmode']; $natent['barnyard_syslog_proto'] = $_POST['barnyard_syslog_proto']; @@ -133,23 +135,30 @@ if ($_POST) { if ($_POST['barnyard_syslog_dport']) $natent['barnyard_syslog_dport'] = $_POST['barnyard_syslog_dport']; else $natent['barnyard_syslog_dport'] = '514'; if ($_POST['barnyard_syslog_facility']) $natent['barnyard_syslog_facility'] = $_POST['barnyard_syslog_facility']; else $natent['barnyard_syslog_facility'] = 'LOG_USER'; if ($_POST['barnyard_syslog_priority']) $natent['barnyard_syslog_priority'] = $_POST['barnyard_syslog_priority']; else $natent['barnyard_syslog_priority'] = 'LOG_INFO'; + if ($_POST['barnyard_bro_ids_rhost']) $natent['barnyard_bro_ids_rhost'] = $_POST['barnyard_bro_ids_rhost']; else unset($natent['barnyard_bro_ids_rhost']); + if ($_POST['barnyard_bro_ids_dport']) $natent['barnyard_bro_ids_dport'] = $_POST['barnyard_bro_ids_dport']; else $natent['barnyard_bro_ids_dport'] = '47760'; if ($_POST['barnconfigpassthru']) $natent['barnconfigpassthru'] = base64_encode($_POST['barnconfigpassthru']); else unset($natent['barnconfigpassthru']); - if (isset($id) && $a_nat[$id]) - $a_nat[$id] = $natent; - else { - $a_nat[] = $natent; - } - + $a_nat[$id] = $natent; write_config(); - // No need to rebuild rules if just toggling Barnyard2 on or off + // No need to rebuild rules for Barnyard2 changes $rebuild_rules = false; sync_suricata_package_config(); - // Signal any running barnyard2 instance on this interface to - // reload its configuration to pick up any changes made. - suricata_barnyard_reload_config($a_nat[$id], "HUP"); + // If disabling Barnyard2 on the interface, stop any + // currently running instance. If an instance is + // running, signal it to reload the configuration. + // If Barnyard2 is enabled but not running, start it. + if ($a_nat[$id]['barnyard_enable'] == "off") { + suricata_barnyard_stop($a_nat[$id], get_real_interface($a_nat[$id]['interface'])); + } + elseif ($a_nat[$id]['barnyard_enable'] == "on") { + if (suricata_is_running($a_nat[$id]['uuid'], get_real_interface($a_nat[$id]['interface']), "barnyard2")) + suricata_barnyard_reload_config($a_nat[$id], "HUP"); + else + suricata_barnyard_start($a_nat[$id], get_real_interface($a_nat[$id]['interface'])); + } // after click go to this page header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' ); @@ -160,6 +169,33 @@ if ($_POST) { header("Location: suricata_barnyard.php?id=$id"); exit; } + else { + // We had errors, so save incoming field data to prevent retyping + $pconfig['barnyard_enable'] = $_POST['barnyard_enable']; + $pconfig['barnyard_show_year'] = $_POST['barnyard_show_year']; + $pconfig['barnyard_archive_enable'] = $_POST['barnyard_archive_enable']; + $pconfig['barnyard_dump_payload'] = $_POST['barnyard_dump_payload']; + $pconfig['barnyard_obfuscate_ip'] = $_POST['barnyard_obfuscate_ip']; + $pconfig['barnyard_mysql_enable'] = $_POST['barnyard_mysql_enable']; + $pconfig['barnyard_syslog_enable'] = $_POST['barnyard_syslog_enable']; + $pconfig['barnyard_syslog_local'] = $_POST['barnyard_syslog_local']; + $pconfig['barnyard_syslog_opmode'] = $_POST['barnyard_syslog_opmode']; + $pconfig['barnyard_syslog_proto'] = $_POST['barnyard_syslog_proto']; + $pconfig['barnyard_bro_ids_enable'] = $_POST['barnyard_bro_ids_enable']; + + $pconfig['barnyard_sensor_name'] = $_POST['barnyard_sensor_name']; + $pconfig['barnyard_dbhost'] = $_POST['barnyard_dbhost']; + $pconfig['barnyard_dbname'] = $_POST['barnyard_dbname']; + $pconfig['barnyard_dbuser'] = $_POST['barnyard_dbuser']; + $pconfig['barnyard_dbpwd'] = $_POST['barnyard_dbpwd']; + $pconfig['barnyard_syslog_rhost'] = $_POST['barnyard_syslog_rhost']; + $pconfig['barnyard_syslog_dport'] = $_POST['barnyard_syslog_dport']; + $pconfig['barnyard_syslog_facility'] = $_POST['barnyard_syslog_facility']; + $pconfig['barnyard_syslog_priority'] = $_POST['barnyard_syslog_priority']; + $pconfig['barnyard_bro_ids_rhost'] = $_POST['barnyard_bro_ids_rhost']; + $pconfig['barnyard_bro_ids_dport'] = $_POST['barnyard_bro_ids_dport']; + $pconfig['barnconfigpassthru'] = $_POST['barnconfigpassthru']; + } } $if_friendly = convert_friendly_interface_to_friendly_descr($pconfig['interface']); @@ -169,10 +205,8 @@ include_once("head.inc"); ?> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> -<?php include("fbegin.inc"); ?> -<?if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}?> +<?php include("fbegin.inc"); -<?php /* Display Alert message */ if ($input_errors) { print_input_errors($input_errors); // TODO: add checks @@ -182,10 +216,9 @@ include_once("head.inc"); print_info_box($savemsg); } - ?> +?> -<form action="suricata_barnyard.php" method="post" - enctype="multipart/form-data" name="iform" id="iform"> +<form action="suricata_barnyard.php" method="post" name="iform" id="iform"> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr><td> <?php @@ -195,7 +228,7 @@ include_once("head.inc"); $tab_array[] = array(gettext("Update Rules"), false, "/suricata/suricata_download_updates.php"); $tab_array[] = array(gettext("Alerts"), false, "/suricata/suricata_alerts.php?instance={$id}"); $tab_array[] = array(gettext("Suppress"), false, "/suricata/suricata_suppress.php"); - $tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php"); + $tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php?instance={$id}"); display_top_tabs($tab_array); echo '</td></tr>'; echo '<tr><td class="tabnavtbl">'; @@ -261,7 +294,6 @@ include_once("head.inc"); <?php echo gettext("Unique name to use for this sensor."); ?> </td> </tr> - </tr> <tr> <td colspan="2" valign="top" class="listtopic"><?php echo gettext("MySQL Database Output Settings"); ?></td> </tr> @@ -272,6 +304,7 @@ include_once("head.inc"); onClick="toggle_mySQL()"/><?php echo gettext("Enable logging of alerts to a MySQL database instance"); ?><br/> <?php echo gettext("You will also have to provide the database credentials in the fields below."); ?></td> </tr> + <tbody id="mysql_config_rows"> <tr> <td width="22%" valign="top" class="vncell"><?php echo gettext("Database Host"); ?></td> <td width="78%" class="vtable"> @@ -304,6 +337,7 @@ include_once("head.inc"); <?php echo gettext("Password for the MySQL database user"); ?> </td> </tr> + </tbody> <tr> <td colspan="2" valign="top" class="listtopic"><?php echo gettext("Syslog Output Settings"); ?></td> </tr> @@ -315,6 +349,7 @@ include_once("head.inc"); <?php echo gettext("Enable logging of alerts to a syslog receiver"); ?><br/> <?php echo gettext("This will send alert data to either a local or remote syslog receiver."); ?></td> </tr> + <tbody id="syslog_config_rows"> <tr> <td width="22%" valign="top" class="vncell"><?php echo gettext("Operation Mode"); ?></td> <td width="78%" class="vtable"> @@ -395,6 +430,36 @@ include_once("head.inc"); <?php echo gettext("Select Syslog Priority (Level) to use for remote reporting. Default is ") . "<strong>" . gettext("LOG_INFO") . "</strong>."; ?> </td> </tr> + </tbody> + <tr> + <td colspan="2" valign="top" class="listtopic"><?php echo gettext("Bro-IDS Output Settings"); ?></td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?php echo gettext("Enable Bro-IDS"); ?></td> + <td width="78%" class="vtable"> + <input name="barnyard_bro_ids_enable" type="checkbox" value="on" <?php if ($pconfig['barnyard_bro_ids_enable'] == "on") echo "checked"; ?> + onClick="toggle_bro_ids()"/> + <?php echo gettext("Enable logging of alerts to a Bro-IDS receiver"); ?><br/> + <?php echo gettext("This will send alert data to either a local or remote Bro-IDS receiver."); ?></td> + </tr> + <tbody id="bro_ids_config_rows"> + <tr> + <td width="22%" valign="top" class="vncell"><?php echo gettext("Remote Host"); ?></td> + <td width="78%" class="vtable"> + <input name="barnyard_bro_ids_rhost" type="text" class="formfld host" + id="barnyard_bro_ids_rhost" size="25" value="<?=htmlspecialchars($pconfig['barnyard_bro_ids_rhost']);?>"/> + <?php echo gettext("Hostname or IP address of remote Bro-IDS host"); ?> + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?php echo gettext("Remote Port"); ?></td> + <td width="78%" class="vtable"> + <input name="barnyard_bro_ids_dport" type="text" class="formfld unknown" + id="barnyard_bro_ids_dport" size="25" value="<?=htmlspecialchars($pconfig['barnyard_bro_ids_dport']);?>"/> + <?php echo gettext("Port number for Bro-IDS instance on remote host. Default is ") . "<strong>" . gettext("47760") . "</strong>."; ?> + </td> + </tr> + </tbody> <tr> <td colspan="2" valign="top" class="listtopic"><?php echo gettext("Advanced Settings"); ?></td> </tr> @@ -410,7 +475,7 @@ include_once("head.inc"); <tr> <td width="22%" valign="top"> </td> <td width="78%"> - <input name="Submit" type="submit" class="formbtn" value="Save"> + <input name="save" type="submit" class="formbtn" value="Save"> <input name="id" type="hidden" value="<?=$id;?>"> </td> </tr> <tr> @@ -435,6 +500,11 @@ function toggle_mySQL() { document.iform.barnyard_dbname.disabled = endis; document.iform.barnyard_dbuser.disabled = endis; document.iform.barnyard_dbpwd.disabled = endis; + + if (endis) + document.getElementById("mysql_config_rows").style.display = "none"; + else + document.getElementById("mysql_config_rows").style.display = ""; } function toggle_syslog() { @@ -449,6 +519,11 @@ function toggle_syslog() { document.iform.barnyard_syslog_proto_tcp.disabled = endis; document.iform.barnyard_syslog_facility.disabled = endis; document.iform.barnyard_syslog_priority.disabled = endis; + + if (endis) + document.getElementById("syslog_config_rows").style.display = "none"; + else + document.getElementById("syslog_config_rows").style.display = ""; } function toggle_local_syslog() { @@ -464,6 +539,18 @@ function toggle_local_syslog() { } } +function toggle_bro_ids() { + var endis = !document.iform.barnyard_bro_ids_enable.checked; + + document.iform.barnyard_bro_ids_rhost.disabled = endis; + document.iform.barnyard_bro_ids_dport.disabled = endis; + + if (endis) + document.getElementById("bro_ids_config_rows").style.display = "none"; + else + document.getElementById("bro_ids_config_rows").style.display = ""; +} + function enable_change(enable_change) { endis = !(document.iform.barnyard_enable.checked || enable_change); // make sure a default answer is called if this is invoked. @@ -488,6 +575,9 @@ function enable_change(enable_change) { document.iform.barnyard_syslog_proto_tcp.disabled = endis; document.iform.barnyard_syslog_facility.disabled = endis; document.iform.barnyard_syslog_priority.disabled = endis; + document.iform.barnyard_bro_ids_enable.disabled = endis; + document.iform.barnyard_bro_ids_rhost.disabled = endis; + document.iform.barnyard_bro_ids_dport.disabled = endis; document.iform.barnconfigpassthru.disabled = endis; } @@ -495,6 +585,7 @@ enable_change(false); toggle_mySQL(); toggle_syslog(); toggle_local_syslog(); +toggle_bro_ids(); </script> diff --git a/config/suricata/suricata_check_cron_misc.inc b/config/suricata/suricata_check_cron_misc.inc index 88dfd5ff..b2678059 100644 --- a/config/suricata/suricata_check_cron_misc.inc +++ b/config/suricata/suricata_check_cron_misc.inc @@ -68,7 +68,7 @@ if ($suricatalogdirsizeKB > 0 && $suricatalogdirsizeKB > $suricataloglimitsizeKB /* Clean-up the logs for each configured Suricata instance */ foreach ($config['installedpackages']['suricata']['rule'] as $value) { - $if_real = suricata_get_real_interface($value['interface']); + $if_real = get_real_interface($value['interface']); $suricata_uuid = $value['uuid']; $suricata_log_dir = SURICATALOGDIR . "suricata_{$if_real}{$suricata_uuid}"; log_error(gettext("[Suricata] Truncating logs for {$value['descr']} ({$if_real})...")); @@ -95,12 +95,6 @@ if ($suricatalogdirsizeKB > 0 && $suricatalogdirsizeKB > $suricataloglimitsizeKB // This is needed if suricata is run as suricata user mwexec('/bin/chmod 660 /var/log/suricata/*', true); - - // Soft-restart Suricata process to resync logging - if (file_exists("{$g['varrun_path']}/suricata_{$if_real}{$suricata_uuid}.pid")) { - log_error(gettext("[Suricata] Restarting logging on {$value['descr']} ({$if_real})...")); - mwexec("/bin/pkill -HUP -F {$g['varrun_path']}/suricata_{$if_real}{$suricata_uuid}.pid -a"); - } } conf_mount_ro(); log_error(gettext("[Suricata] Automatic clean-up of Suricata logs completed.")); diff --git a/config/suricata/suricata_check_for_rule_updates.php b/config/suricata/suricata_check_for_rule_updates.php index 9aa14f6e..3cf6b84b 100644 --- a/config/suricata/suricata_check_for_rule_updates.php +++ b/config/suricata/suricata_check_for_rule_updates.php @@ -431,17 +431,27 @@ if ($emergingthreats == 'on') { array_map('unlink', glob("{$suricatadir}rules/{$eto_prefix}*ips.txt")); array_map('unlink', glob("{$suricatadir}rules/{$etpro_prefix}*ips.txt")); - // The code below renames ET-Pro files with a prefix, so we + // The code below renames ET files with a prefix, so we // skip renaming the Suricata default events rule files - // that are also bundled in the ET-Pro rules. - $default_rules = array( "decoder-events.rules", "files.rules", "http-events.rules", "smtp-events.rules", "stream-events.rules" ); + // that are also bundled in the ET rules. + $default_rules = array( "decoder-events.rules", "files.rules", "http-events.rules", "smtp-events.rules", "stream-events.rules", "tls-events.rules" ); $files = glob("{$tmpfname}/emerging/rules/*.rules"); + // Determine the correct prefix to use based on which + // Emerging Threats rules package is enabled. + if ($etpro == "on") + $prefix = ET_PRO_FILE_PREFIX; + else + $prefix = ET_OPEN_FILE_PREFIX; foreach ($files as $file) { $newfile = basename($file); - if ($etpro == "on" && !in_array($newfile, $default_rules)) - @copy($file, "{$suricatadir}rules/" . ET_PRO_FILE_PREFIX . "{$newfile}"); - else + if (in_array($newfile, $default_rules)) @copy($file, "{$suricatadir}rules/{$newfile}"); + else { + if (strpos($newfile, $prefix) === FALSE) + @copy($file, "{$suricatadir}rules/{$prefix}{$newfile}"); + else + @copy($file, "{$suricatadir}rules/{$newfile}"); + } } /* IP lists for Emerging Threats rules */ $files = glob("{$tmpfname}/emerging/rules/*ips.txt"); @@ -646,17 +656,38 @@ if ($snortdownload == 'on' || $emergingthreats == 'on' || $snortcommunityrules = $rebuild_rules = false; /* Restart Suricata if already running and we are not rebooting to pick up the new rules. */ - if (is_process_running("suricata") && !$g['booting']) { - if ($pkg_interface <> "console") { - update_status(gettext('Restarting Suricata to activate the new set of rules...')); - update_output_window(gettext("Please wait ... restarting Suricata will take some time...")); + if (is_process_running("suricata") && !$g['booting'] && + !empty($config['installedpackages']['suricata']['rule'])) { + + // See if "Live Reload" is configured and signal each Suricata instance + // if enabled, else just do a hard restart of all the instances. + if ($config['installedpackages']['suricata']['config'][0]['live_swap_updates'] == 'on') { + if ($pkg_interface <> "console") { + update_status(gettext('Signalling Suricata to live-load the new set of rules...')); + update_output_window(gettext("Please wait ... the process should complete in a few seconds...")); + } + log_error(gettext("[Suricata] Live-Reload of rules from auto-update is enabled...")); + error_log(gettext("\tLive-Reload of updated rules is enabled...\n"), 3, $suricata_rules_upd_log); + foreach ($config['installedpackages']['suricata']['rule'] as $value) { + $if_real = get_real_interface($value['interface']); + suricata_reload_config($value); + error_log(gettext("\tLive swap of updated rules requested for " . convert_friendly_interface_to_friendly_descr($value['interface']) . ".\n"), 3, $suricata_rules_upd_log); + } + log_error(gettext("[Suricata] Live-Reload of updated rules completed...")); + error_log(gettext("\tLive-Reload of the updated rules is complete.\n"), 3, $suricata_rules_upd_log); + } + else { + if ($pkg_interface <> "console") { + update_status(gettext('Restarting Suricata to activate the new set of rules...')); + update_output_window(gettext("Please wait ... restarting Suricata will take some time...")); + } + error_log(gettext("\tRestarting Suricata to activate the new set of rules...\n"), 3, $suricata_rules_upd_log); + restart_service("suricata"); + if ($pkg_interface <> "console") + update_output_window(gettext("Suricata has restarted with your new set of rules...")); + log_error(gettext("[Suricata] Suricata has restarted with your new set of rules...")); + error_log(gettext("\tSuricata has restarted with your new set of rules.\n"), 3, $suricata_rules_upd_log); } - error_log(gettext("\tRestarting Suricata to activate the new set of rules...\n"), 3, $suricata_rules_upd_log); - restart_service("suricata"); - if ($pkg_interface <> "console") - update_output_window(gettext("Suricata has restarted with your new set of rules...")); - log_error(gettext("[Suricata] Suricata has restarted with your new set of rules...")); - error_log(gettext("\tSuricata has restarted with your new set of rules.\n"), 3, $suricata_rules_upd_log); } else { if ($pkg_interface <> "console") @@ -666,13 +697,17 @@ if ($snortdownload == 'on' || $emergingthreats == 'on' || $snortcommunityrules = // Remove old $tmpfname files if (is_dir("{$tmpfname}")) { - if ($pkg_interface <> "console") + if ($pkg_interface <> "console") { update_status(gettext("Cleaning up after rules extraction...")); + update_output_window(gettext("Removing {$tmpfname} directory...")); + } exec("/bin/rm -r {$tmpfname}"); } -if ($pkg_interface <> "console") +if ($pkg_interface <> "console") { update_status(gettext("The Rules update has finished...")); + update_output_window(""); +} log_error(gettext("[Suricata] The Rules update has finished.")); error_log(gettext("The Rules update has finished. Time: " . date("Y-m-d H:i:s"). "\n\n"), 3, $suricata_rules_upd_log); conf_mount_ro(); diff --git a/config/suricata/suricata_define_vars.php b/config/suricata/suricata_define_vars.php index b1cbfee9..e130e555 100644 --- a/config/suricata/suricata_define_vars.php +++ b/config/suricata/suricata_define_vars.php @@ -162,7 +162,7 @@ if ($savemsg) $tab_array[] = array(gettext("Update Rules"), false, "/suricata/suricata_download_updates.php"); $tab_array[] = array(gettext("Alerts"), false, "/suricata/suricata_alerts.php?instance={$id}"); $tab_array[] = array(gettext("Suppress"), false, "/suricata/suricata_suppress.php"); - $tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php"); + $tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php?instance={$id}"); display_top_tabs($tab_array); echo '</td></tr>'; echo '<tr><td class="tabnavtbl">'; diff --git a/config/suricata/suricata_download_updates.php b/config/suricata/suricata_download_updates.php index ecfd5f8b..46030bd0 100644 --- a/config/suricata/suricata_download_updates.php +++ b/config/suricata/suricata_download_updates.php @@ -35,9 +35,6 @@ require_once("/usr/local/pkg/suricata/suricata.inc"); $suricatadir = SURICATADIR; $suricata_rules_upd_log = RULES_UPD_LOGFILE; -/* load only javascript that is needed */ -$suricata_load_jquery = 'yes'; -$suricata_load_jquery_colorbox = 'yes'; $snortdownload = $config['installedpackages']['suricata']['config'][0]['enable_vrt_rules']; $emergingthreats = $config['installedpackages']['suricata']['config'][0]['enable_etopen_rules']; $etpro = $config['installedpackages']['suricata']['config'][0]['enable_etpro_rules']; @@ -48,25 +45,52 @@ $snort_community_rules_filename = GPLV2_DNLD_FILENAME; if ($etpro == "on") { $emergingthreats_filename = ETPRO_DNLD_FILENAME; - $et_name = "EMERGING THREATS PRO RULES"; + $et_name = "Emerging Threats Pro Rules"; } else { $emergingthreats_filename = ET_DNLD_FILENAME; - $et_name = "EMERGING THREATS RULES"; + $et_name = "Emerging Threats Open Rules"; } /* quick md5 chk of downloaded rules */ -$snort_org_sig_chk_local = 'N/A'; -if (file_exists("{$suricatadir}{$snort_rules_file}.md5")) +if ($snortdownload == 'on') { + $snort_org_sig_chk_local = 'Not Downloaded'; + $snort_org_sig_date = 'Not Downloaded'; +} +else { + $snort_org_sig_chk_local = 'Not Enabled'; + $snort_org_sig_date = 'Not Enabled'; +} +if (file_exists("{$suricatadir}{$snort_rules_file}.md5")){ $snort_org_sig_chk_local = file_get_contents("{$suricatadir}{$snort_rules_file}.md5"); + $snort_org_sig_date = date(DATE_RFC850, filemtime("{$suricatadir}{$snort_rules_file}.md5")); +} -$emergingt_net_sig_chk_local = 'N/A'; -if (file_exists("{$suricatadir}{$emergingthreats_filename}.md5")) +if ($etpro == "on" || $emergingthreats == "on") { + $emergingt_net_sig_chk_local = 'Not Downloaded'; + $emergingt_net_sig_date = 'Not Downloaded'; +} +else { + $emergingt_net_sig_chk_local = 'Not Enabled'; + $emergingt_net_sig_date = 'Not Enabled'; +} +if (file_exists("{$suricatadir}{$emergingthreats_filename}.md5")) { $emergingt_net_sig_chk_local = file_get_contents("{$suricatadir}{$emergingthreats_filename}.md5"); + $emergingt_net_sig_date = date(DATE_RFC850, filemtime("{$suricatadir}{$emergingthreats_filename}.md5")); +} -$snort_community_sig_chk_local = 'N/A'; -if (file_exists("{$suricatadir}{$snort_community_rules_filename}.md5")) +if ($snortcommunityrules == 'on') { + $snort_community_sig_chk_local = 'Not Downloaded'; + $snort_community_sig_sig_date = 'Not Downloaded'; +} +else { + $snort_community_sig_chk_local = 'Not Enabled'; + $snort_community_sig_sig_date = 'Not Enabled'; +} +if (file_exists("{$suricatadir}{$snort_community_rules_filename}.md5")) { $snort_community_sig_chk_local = file_get_contents("{$suricatadir}{$snort_community_rules_filename}.md5"); + $snort_community_sig_sig_date = date(DATE_RFC850, filemtime("{$suricatadir}{$snort_community_rules_filename}.md5")); +} /* Check for postback to see if we should clear the update log file. */ if ($_POST['clear']) { @@ -74,7 +98,28 @@ if ($_POST['clear']) { mwexec("/bin/rm -f {$suricata_rules_upd_log}"); } -if ($_POST['update']) { +if ($_POST['check']) { + // Go see if new updates for rule sets are available + header("Location: /suricata/suricata_download_rules.php"); + exit; +} + +if ($_POST['force']) { + // Mount file system R/W since we need to remove files + conf_mount_rw(); + + // Remove the existing MD5 signature files to force a download + if (file_exists("{$suricatadir}{$emergingthreats_filename}.md5")) + @unlink("{$suricatadir}{$emergingthreats_filename}.md5"); + if (file_exists("{$suricatadir}{$snort_community_rules_filename}.md5")) + @unlink("{$suricatadir}{$snort_community_rules_filename}.md5"); + if (file_exists("{$suricatadir}{$snort_rules_file}.md5")) + @unlink("{$suricatadir}{$snort_rules_file}.md5"); + + // Revert file system to R/O. + conf_mount_ro(); + + // Go download the updates header("Location: /suricata/suricata_download_rules.php"); exit; } @@ -91,6 +136,9 @@ if ($_POST['view']&& $suricata_rules_upd_log_chk == 'yes') { $input_errors[] = gettext("Unable to read log file: {$suricata_rules_upd_log}"); } +if ($_POST['hide']) + $contents = ""; + $pgtitle = gettext("Suricata: Update Rules Set Files"); include_once("head.inc"); ?> @@ -128,21 +176,32 @@ include_once("head.inc"); <div id="mainarea"> <table id="maintable4" class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> - <td valign="top" class="listtopic" align="center"><?php echo gettext("INSTALLED RULE SET MD5 SIGNATURES");?></td> + <td valign="top" class="listtopic" align="center"><?php echo gettext("INSTALLED RULE SET MD5 SIGNATURE");?></td> </tr> <tr> <td align="center"><br/> - <table width="100%" border="0" cellpadding="2" cellspacing="2"> + <table width="95%" border="0" cellpadding="2" cellspacing="2"> + <thead> + <tr> + <th class="listhdrr"><?=gettext("Rule Set Name/Publisher");?></th> + <th class="listhdrr"><?=gettext("MD5 Signature Hash");?></th> + <th class="listhdrr"><?=gettext("MD5 Signature Date");?></th> + </tr> + </thead> <tr> - <td align="right" class="vexpl"><b><?=$et_name;?> ---></b></td> - <td class="vexpl"><? echo $emergingt_net_sig_chk_local; ?></td> + <td align="center" class="vncell vexpl"><b><?=$et_name;?></b></td> + <td align="center" class="vncell vexpl"><? echo trim($emergingt_net_sig_chk_local);?></td> + <td align="center" class="vncell vexpl"><?php echo gettext($emergingt_net_sig_date);?></td> </tr> <tr> - <td align="right" class="vexpl"><b>SNORT VRT RULES ---></b></td> - <td class="vexpl"><? echo $snort_org_sig_chk_local; ?></td> + <td align="center" class="vncell vexpl"><b>Snort VRT Rules</b></td> + <td align="center" class="vncell vexpl"><? echo trim($snort_org_sig_chk_local);?></td> + <td align="center" class="vncell vexpl"><?php echo gettext($snort_org_sig_date);?></td> </tr> - <td align="right" class="vexpl"><b>SNORT GPLv2 COMMUNITY RULES ---></b></td> - <td class="vexpl"><? echo $snort_community_sig_chk_local; ?></td> + <tr> + <td align="center" class="vncell vexpl"><b>Snort GPLv2 Community Rules</b></td> + <td align="center" class="vncell vexpl"><? echo trim($snort_community_sig_chk_local);?></td> + <td align="center" class="vncell vexpl"><?php echo gettext($snort_community_sig_sig_date);?></td> </tr> </table><br/> </td> @@ -153,16 +212,22 @@ include_once("head.inc"); <tr> <td align="center"> <?php if ($snortdownload != 'on' && $emergingthreats != 'on' && $etpro != 'on'): ?> - <br/><button disabled="disabled"><?php echo gettext("Update Rules"); ?></button><br/> - <p style="text-align:left;"> - <font color="red" size="2px"><b><?php echo gettext("WARNING:");?></b></font><font size="1px" color="#000000"> + <br/><button disabled="disabled"><?=gettext("Check");?></button> + <button disabled="disabled"><?=gettext("Force");?></button> + <br/> + <p style="text-align:center;" class="vexpl"> + <font class="red"><b><?php echo gettext("WARNING:");?></b></font> <?php echo gettext('No rule types have been selected for download. ') . gettext('Visit the ') . '<a href="/suricata/suricata_global.php">Global Settings Tab</a>' . gettext(' to select rule types.'); ?> - </font><br/></p> + <br/></p> <?php else: ?> <br/> - <input type="submit" value="<?php echo gettext(" Update "); ?>" name="update" id="submit" class="formbtn" - title="<?php echo gettext("Check for new updates to configured rulesets"); ?>"/><br/><br/> + <input type="submit" value="<?=gettext("Check");?>" name="check" id="check" class="formbtn" + title="<?php echo gettext("Check for new updates to enabled rule sets"); ?>"/> + <input type="submit" value="<?=gettext("Force");?>" name="force" id="force" class="formbtn" + title="<?=gettext("Force an update of all enabled rule sets");?>" + onclick="return confirm('<?=gettext("This will zero-out the MD5 hashes to force a fresh download of enabled rule sets. Click OK to continue or CANCEL to quit");?>');"/> + <br/><br/> <?php endif; ?> </td> </tr> @@ -174,15 +239,20 @@ include_once("head.inc"); <td align="center" valign="middle" class="vexpl"> <?php if ($suricata_rules_upd_log_chk == 'yes'): ?> <br/> - <input type="submit" value="<?php echo gettext("View Log"); ?>" name="view" id="view" class="formbtn" - title="<?php echo gettext("View rules update log contents"); ?>"/> - - <input type="submit" value="<?php echo gettext("Clear Log"); ?>" name="clear" id="clear" class="formbtn" - title="<?php echo gettext("Clear rules update log contents"); ?>" onClick="return confirm('Are you sure?\nOK to confirm, or CANCEL to quit');"/> + <?php if (!empty($contents)): ?> + <input type="submit" value="<?php echo gettext("Hide"); ?>" name="hide" id="hide" class="formbtn" + title="<?php echo gettext("Hide rules update log"); ?>"/> + <?php else: ?> + <input type="submit" value="<?php echo gettext("View"); ?>" name="view" id="view" class="formbtn" + title="<?php echo gettext("View rules update log"); ?>"/> + <?php endif; ?> + + <input type="submit" value="<?php echo gettext("Clear"); ?>" name="clear" id="clear" class="formbtn" + title="<?php echo gettext("Clear rules update log"); ?>" onClick="return confirm('Are you sure you want to delete the log contents?\nOK to confirm, or CANCEL to quit');"/> <br/> <?php else: ?> <br/> - <button disabled='disabled'><?php echo gettext("View Log"); ?></button> <?php echo gettext("Log is empty."); ?><br/> + <button disabled='disabled'><?php echo gettext("View Log"); ?></button><br/><?php echo gettext("Log is empty."); ?><br/> <?php endif; ?> <br/><?php echo gettext("The log file is limited to 1024K in size and automatically clears when the limit is exceeded."); ?><br/><br/> </td> @@ -201,9 +271,9 @@ include_once("head.inc"); <?php endif; ?> <tr> <td align="center"> - <span class="vexpl"><br/><br/> + <span class="vexpl"><br/> <span class="red"><b><?php echo gettext("NOTE:"); ?></b></span> - <a href="http://www.snort.org/" target="_blank"><?php echo gettext("Snort.org") . "</a>" . + <a href="http://www.snort.org/" target="_blank"><?php echo gettext("Snort.org") . "</a>" . gettext(" and ") . "<a href=\"http://www.emergingthreats.net/\" target=\"_blank\">" . gettext("EmergingThreats.net") . "</a>" . gettext(" will go down from time to time. Please be patient."); ?></span><br/> </td> diff --git a/config/suricata/suricata_flow_stream.php b/config/suricata/suricata_flow_stream.php index 3a677d3a..1a65ddfd 100644 --- a/config/suricata/suricata_flow_stream.php +++ b/config/suricata/suricata_flow_stream.php @@ -28,7 +28,6 @@ * POSSIBILITY OF SUCH DAMAGE. */ - require_once("guiconfig.inc"); require_once("/usr/local/pkg/suricata/suricata.inc"); @@ -37,16 +36,19 @@ global $g, $rebuild_rules; $id = $_GET['id']; if (isset($_POST['id'])) $id = $_POST['id']; -if (is_null($id)) { - header("Location: /suricata/suricata_interfaces.php"); - exit; -} +if (is_null($id)) + $id=0; if (!is_array($config['installedpackages']['suricata'])) $config['installedpackages']['suricata'] = array(); if (!is_array($config['installedpackages']['suricata']['rule'])) $config['installedpackages']['suricata']['rule'] = array(); +// Initialize required array variables as necessary +if (!is_array($config['aliases']['alias'])) + $config['aliases']['alias'] = array(); +$a_aliases = $config['aliases']['alias']; + // Initialize Host-OS Policy engine arrays if necessary if (!is_array($config['installedpackages']['suricata']['rule'][$id]['host_os_policy']['item'])) $config['installedpackages']['suricata']['rule'][$id]['host_os_policy']['item'] = array(); @@ -55,6 +57,12 @@ $a_nat = &$config['installedpackages']['suricata']['rule']; $host_os_policy_engine_next_id = count($a_nat[$id]['host_os_policy']['item']); +// Build a lookup array of currently used engine 'bind_to' Aliases +// so we can screen matching Alias names from the list. +$used = array(); +foreach ($a_nat[$id]['host_os_policy']['item'] as $v) + $used[$v['bind_to']] = true; + $pconfig = array(); if (isset($id) && $a_nat[$id]) { /* Get current values from config for page form fields */ @@ -76,29 +84,129 @@ if (isset($id) && $a_nat[$id]) { $pconfig['host_os_policy'] = $a_nat[$id]['host_os_policy']; } -// Check for returned "selected alias" if action is import -if ($_GET['act'] == "import" && isset($_GET['varname']) && !empty($_GET['varvalue'])) { - $pconfig[$_GET['varname']] = $_GET['varvalue']; +// Check for "import or select alias mode" and set flags if TRUE. +// "selectalias", when true, displays radio buttons to limit +// multiple selections. +if ($_POST['import_alias']) { + $importalias = true; + $selectalias = false; + $title = "Host Operating System Policy"; } +elseif ($_POST['select_alias']) { + $importalias = true; + $selectalias = true; + $title = "Host Operating System Policy"; + + // Preserve current OS Policy Engine settings + $eng_id = $_POST['eng_id']; + $eng_name = $_POST['policy_name']; + $eng_bind = $_POST['policy_bind_to']; + $eng_policy = $_POST['policy']; + $mode = "add_edit_os_policy"; +} + +if ($_POST['save_os_policy']) { + if ($_POST['eng_id'] != "") { + $eng_id = $_POST['eng_id']; -if ($_GET['act'] && isset($_GET['eng_id'])) { + // Grab all the POST values and save in new temp array + $engine = array(); + $policy_name = trim($_POST['policy_name']); + if ($policy_name) { + $engine['name'] = $policy_name; + } + else { + $input_errors[] = gettext("The 'Policy Name' value cannot be blank."); + $add_edit_os_policy = true; + } + if ($_POST['policy_bind_to']) { + if (is_alias($_POST['policy_bind_to'])) + $engine['bind_to'] = $_POST['policy_bind_to']; + elseif (strtolower(trim($_POST['policy_bind_to'])) == "all") + $engine['bind_to'] = "all"; + else { + $input_errors[] = gettext("You must provide a valid Alias or the reserved keyword 'all' for the 'Bind-To IP Address' value."); + $add_edit_os_policy = true; + } + } + else { + $input_errors[] = gettext("The 'Bind-To IP Address' value cannot be blank. Provide a valid Alias or the reserved keyword 'all'."); + $add_edit_os_policy = true; + } + + if ($_POST['policy']) { $engine['policy'] = $_POST['policy']; } else { $engine['policy'] = "bsd"; } + + // Can only have one "all" Bind_To address + if ($engine['bind_to'] == "all" && $engine['name'] <> "default") { + $input_errors[] = gettext("Only one default OS-Policy Engine can be bound to all addresses."); + $add_edit_os_policy = true; + $pengcfg = $engine; + } + // if no errors, write new entry to conf + if (!$input_errors) { + if (isset($eng_id) && $a_nat[$id]['host_os_policy']['item'][$eng_id]) { + $a_nat[$id]['host_os_policy']['item'][$eng_id] = $engine; + } + else + $a_nat[$id]['host_os_policy']['item'][] = $engine; + + /* Reorder the engine array to ensure the */ + /* 'bind_to=all' entry is at the bottom */ + /* if it contains more than one entry. */ + if (count($a_nat[$id]['host_os_policy']['item']) > 1) { + $i = -1; + foreach ($a_nat[$id]['host_os_policy']['item'] as $f => $v) { + if ($v['bind_to'] == "all") { + $i = $f; + break; + } + } + /* Only relocate the entry if we */ + /* found it, and it's not already */ + /* at the end. */ + if ($i > -1 && ($i < (count($a_nat[$id]['host_os_policy']['item']) - 1))) { + $tmp = $a_nat[$id]['host_os_policy']['item'][$i]; + unset($a_nat[$id]['host_os_policy']['item'][$i]); + $a_nat[$id]['host_os_policy']['item'][] = $tmp; + } + } + + // Now write the new engine array to conf + write_config(); + $pconfig['host_os_policy']['item'] = $a_nat[$id]['host_os_policy']['item']; + } + } +} +elseif ($_POST['add_os_policy']) { + $add_edit_os_policy = true; + $pengcfg = array( "name" => "engine_{$host_os_policy_engine_next_id}", "bind_to" => "", "policy" => "bsd" ); + $eng_id = $host_os_policy_engine_next_id; +} +elseif ($_POST['edit_os_policy']) { + if ($_POST['eng_id'] != "") { + $add_edit_os_policy = true; + $eng_id = $_POST['eng_id']; + $pengcfg = $a_nat[$id]['host_os_policy']['item'][$eng_id]; + } +} +elseif ($_POST['del_os_policy']) { $natent = array(); $natent = $pconfig; - if ($_GET['act'] == "del_host_os_policy") - unset($natent['host_os_policy']['item'][$_GET['eng_id']]); - + if ($_POST['eng_id'] != "") { + unset($natent['host_os_policy']['item'][$_POST['eng_id']]); + $pconfig = $natent; + } if (isset($id) && $a_nat[$id]) { $a_nat[$id] = $natent; write_config(); } - - header("Location: /suricata/suricata_flow_stream.php?id=$id"); - exit; } - -if ($_POST['ResetAll']) { +elseif ($_POST['cancel_os_policy']) { + $add_edit_os_policy = false; +} +elseif ($_POST['ResetAll']) { /* Reset all the settings to defaults */ $pconfig['ip_max_frags'] = "65535"; @@ -143,7 +251,7 @@ if ($_POST['ResetAll']) { /* Log a message at the top of the page to inform the user */ $savemsg = gettext("All flow and stream settings have been reset to their defaults."); } -elseif ($_POST['Submit']) { +elseif ($_POST['save']) { $natent = array(); $natent = $pconfig; @@ -191,15 +299,14 @@ elseif ($_POST['Submit']) { /**************************************************/ /* If we have a valid rule ID, save configuration */ - /* then update the suricata.conf file and rebuild */ - /* the rules for this interface. */ + /* then update the suricata.conf file for this */ + /* interface. */ /**************************************************/ if (isset($id) && $a_nat[$id]) { $a_nat[$id] = $natent; write_config(); - $rebuild_rules = true; - suricata_generate_yaml($natent); $rebuild_rules = false; + suricata_generate_yaml($natent); } header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' ); @@ -211,6 +318,99 @@ elseif ($_POST['Submit']) { exit; } } +elseif ($_POST['save_import_alias']) { + // If saving out of "select alias" mode, + // then return to Host OS Policy Engine edit + // page. + if ($_POST['mode'] =='add_edit_os_policy') { + $pengcfg = array(); + $eng_id = $_POST['eng_id']; + $pengcfg['name'] = $_POST['eng_name']; + $pengcfg['bind_to'] = $_POST['eng_bind']; + $pengcfg['policy'] = $_POST['eng_policy']; + $add_edit_os_policy = true; + $mode = "add_edit_os_policy"; + + if (is_array($_POST['aliastoimport']) && count($_POST['aliastoimport']) == 1) { + $pengcfg['bind_to'] = $_POST['aliastoimport'][0]; + $importalias = false; + $selectalias = false; + } + else { + $input_errors[] = gettext("No Alias is selected for import. Nothing to SAVE."); + $importalias = true; + $selectalias = true; + $eng_id = $_POST['eng_id']; + $eng_name = $_POST['eng_name']; + $eng_bind = $_POST['eng_bind']; + $eng_policy = $_POST['eng_policy']; + } + } + else { + // Assume we are importing one or more aliases + // for use in new Host OS Policy engines. + $engine = array( "name" => "", "bind_to" => "", "policy" => "bsd" ); + + // See if anything was checked to import + if (is_array($_POST['aliastoimport']) && count($_POST['aliastoimport']) > 0) { + foreach ($_POST['aliastoimport'] as $item) { + $engine['name'] = strtolower($item); + $engine['bind_to'] = $item; + $a_nat[$id]['host_os_policy']['item'][] = $engine; + } + } + else { + $input_errors[] = gettext("No entries were selected for import. Please select one or more Aliases for import and click SAVE."); + $importalias = true; + } + + // if no errors, write new entry to conf + if (!$input_errors) { + // Reorder the engine array to ensure the + // 'bind_to=all' entry is at the bottom if + // the array contains more than one entry. + if (count($a_nat[$id]['host_os_policy']['item']) > 1) { + $i = -1; + foreach ($a_nat[$id]['host_os_policy']['item'] as $f => $v) { + if ($v['bind_to'] == "all") { + $i = $f; + break; + } + } + // Only relocate the entry if we + // found it, and it's not already + // at the end. + if ($i > -1 && ($i < (count($a_nat[$id]['host_os_policy']['item']) - 1))) { + $tmp = $a_nat[$id]['host_os_policy']['item'][$i]; + unset($a_nat[$id]['host_os_policy']['item'][$i]); + $a_nat[$id]['host_os_policy']['item'][] = $tmp; + } + $pconfig['host_os_policy']['item'] = $a_nat[$id]['host_os_policy']['item']; + } + + // Write the new engine array to config file + write_config(); + $importalias = false; + $selectalias = false; + } + } +} +elseif ($_POST['cancel_import_alias']) { + $importalias = false; + $selectalias = false; + $eng_id = $_POST['eng_id']; + + // If cancelling out of "select alias" mode, + // then return to Host OS Policy Engine edit + // page. + if ($_POST['mode'] == 'add_edit_os_policy') { + $pengcfg = array(); + $pengcfg['name'] = $_POST['eng_name']; + $pengcfg['bind_to'] = $_POST['eng_bind']; + $pengcfg['policy'] = $_POST['eng_policy']; + $add_edit_os_policy = true; + } +} $if_friendly = convert_friendly_interface_to_friendly_descr($pconfig['interface']); $pgtitle = gettext("Suricata: Interface {$if_friendly} - Flow and Stream"); @@ -218,29 +418,21 @@ include_once("head.inc"); ?> <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> -<?php include("fbegin.inc"); ?> -<?php if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';} - - - /* Display Alert message */ +<?php include("fbegin.inc"); + /* Display error or save message */ if ($input_errors) { print_input_errors($input_errors); // TODO: add checks } - if ($savemsg) { print_info_box($savemsg); } - ?> -<script type="text/javascript" src="/javascript/autosuggest.js"> -</script> -<script type="text/javascript" src="/javascript/suggestions.js"> -</script> +<form action="suricata_flow_stream.php" method="post" name="iform" id="iform"> +<input type="hidden" name="eng_id" id="eng_id" value="<?=$eng_id;?>"/> +<input type="hidden" name="id" id="id" value="<?=$id;?>"/> -<form action="suricata_flow_stream.php" method="post" - enctype="multipart/form-data" name="iform" id="iform"> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr><td> <?php @@ -248,9 +440,9 @@ include_once("head.inc"); $tab_array[] = array(gettext("Suricata Interfaces"), true, "/suricata/suricata_interfaces.php"); $tab_array[] = array(gettext("Global Settings"), false, "/suricata/suricata_global.php"); $tab_array[] = array(gettext("Update Rules"), false, "/suricata/suricata_download_updates.php"); - $tab_array[] = array(gettext("Alerts"), false, "/suricata/suricata_alerts.php"); + $tab_array[] = array(gettext("Alerts"), false, "/suricata/suricata_alerts.php?instance={$id}"); $tab_array[] = array(gettext("Suppress"), false, "/suricata/suricata_suppress.php"); - $tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php"); + $tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php?instance={$id}"); display_top_tabs($tab_array); echo '</td></tr>'; echo '<tr><td>'; @@ -267,6 +459,21 @@ include_once("head.inc"); ?> </td></tr> <tr><td><div id="mainarea"> + +<?php if ($importalias) : ?> + <?php include("/usr/local/www/suricata/suricata_import_aliases.php"); + if ($selectalias) { + echo '<input type="hidden" name="eng_name" value="' . $eng_name . '"/>'; + echo '<input type="hidden" name="eng_bind" value="' . $eng_bind . '"/>'; + echo '<input type="hidden" name="eng_policy" value="' . $eng_policy . '"/>'; + } + ?> + +<?php elseif ($add_edit_os_policy) : ?> + <?php include("/usr/local/www/suricata/suricata_os_policy_engine.php"); ?> + +<?php else: ?> + <table id="maintable" class="tabcont" width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> <td colspan="2" valign="top" class="listtopic"><?php echo gettext("Host-Specific Defrag and Stream Settings"); ?></td> @@ -284,25 +491,23 @@ include_once("head.inc"); <tr> <th class="listhdrr" axis="string"><?php echo gettext("Name");?></th> <th class="listhdrr" axis="string"><?php echo gettext("Bind-To Address Alias");?></th> - <th class="list" align="right"><a href="suricata_import_aliases.php?id=<?=$id?>&eng=host_os_policy"> - <img src="../themes/<?= $g['theme'];?>/images/icons/icon_import_alias.gif" width="17" - height="17" border="0" title="<?php echo gettext("Import policy configuration from existing Aliases");?>"></a> - <a href="suricata_os_policy_engine.php?id=<?=$id?>&eng_id=<?=$host_os_policy_engine_next_id?>"> - <img src="../themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" width="17" - height="17" border="0" title="<?php echo gettext("Add a new policy configuration");?>"></a></th> + <th class="list" align="right"><input type="image" name="import_alias[]" src="../themes/<?= $g['theme'];?>/images/icons/icon_import_alias.gif" width="17" + height="17" border="0" title="<?php echo gettext("Import policy configuration from existing Aliases");?>"/> + <input type="image" name="add_os_policy[]" src="../themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" width="17" + height="17" border="0" title="<?php echo gettext("Add a new policy configuration");?>"/></th> </tr> </thead> <?php foreach ($pconfig['host_os_policy']['item'] as $f => $v): ?> <tr> <td class="listlr" align="left"><?=gettext($v['name']);?></td> <td class="listbg" align="center"><?=gettext($v['bind_to']);?></td> - <td class="listt" align="right"><a href="suricata_os_policy_engine.php?id=<?=$id;?>&eng_id=<?=$f;?>"> - <img src="/themes/<?=$g['theme'];?>/images/icons/icon_e.gif" - width="17" height="17" border="0" title="<?=gettext("Edit this policy configuration");?>"></a> + <td class="listt" align="right"><input type="image" name="edit_os_policy[]" value="<?=$f;?>" onclick="document.getElementById('eng_id').value='<?=$f;?>'" + src="/themes/<?=$g['theme'];?>/images/icons/icon_e.gif" + width="17" height="17" border="0" title="<?=gettext("Edit this policy configuration");?>"/> <?php if ($v['bind_to'] <> "all") : ?> - <a href="suricata_flow_stream.php?id=<?=$id;?>&eng_id=<?=$f;?>&act=del_host_os_policy" onclick="return confirm('Are you sure you want to delete this entry?');"> - <img src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif" width="17" height="17" border="0" - title="<?=gettext("Delete this policy configuration");?>"></a> + <input type="image" name="del_os_policy[]" value="<?=$f;?>" onclick="document.getElementById('eng_id').value='<?=$f;?>';return confirm('Are you sure you want to delete this entry?');" + src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif" width="17" height="17" border="0" + title="<?=gettext("Delete this policy configuration");?>"/> <?php else : ?> <img src="/themes/<?=$g['theme'];?>/images/icons/icon_x_d.gif" width="17" height="17" border="0" title="<?=gettext("Default policy configuration cannot be deleted");?>"> @@ -314,7 +519,6 @@ include_once("head.inc"); </td> </tr> <tr> - <td colspan="2" valign="top" class="listtopic"><?php echo gettext("IP Defragmentation"); ?></td> </tr> <tr> @@ -603,7 +807,7 @@ include_once("head.inc"); <tr> <td width="22%" valign="top"> </td> <td width="78%"> - <input name="Submit" type="submit" class="formbtn" value="Save" title="<?php echo + <input name="save" type="submit" class="formbtn" value="Save" title="<?php echo gettext("Save flow and stream settings"); ?>"> <input name="id" type="hidden" value="<?=$id;?>"> <input name="ResetAll" type="submit" class="formbtn" value="Reset" title="<?php echo @@ -618,27 +822,12 @@ include_once("head.inc"); <?php echo gettext("may take several seconds. Suricata must also be restarted to activate any changes made on this screen."); ?></td> </tr> </table> + +<?php endif; ?> + </div> </td></tr></table> </form> -<script type="text/javascript"> - -function wopen(url, name, w, h) -{ - // Fudge factors for window decoration space. - // In my tests these work well on all platforms & browsers. - w += 32; - h += 96; - var win = window.open(url, - name, - 'width=' + w + ', height=' + h + ', ' + - 'location=no, menubar=no, ' + - 'status=no, toolbar=no, scrollbars=yes, resizable=yes'); - win.resizeTo(w, h); - win.focus(); -} - -</script> <?php include("fend.inc"); ?> </body> </html> diff --git a/config/suricata/suricata_global.php b/config/suricata/suricata_global.php index f6b5d83d..99abc49b 100644 --- a/config/suricata/suricata_global.php +++ b/config/suricata/suricata_global.php @@ -28,7 +28,6 @@ * POSSIBILITY OF SUCH DAMAGE. */ - require_once("guiconfig.inc"); require_once("/usr/local/pkg/suricata/suricata.inc"); @@ -46,6 +45,7 @@ $pconfig['suricataloglimit'] = $config['installedpackages']['suricata']['config' $pconfig['suricataloglimitsize'] = $config['installedpackages']['suricata']['config'][0]['suricataloglimitsize']; $pconfig['autoruleupdate'] = $config['installedpackages']['suricata']['config'][0]['autoruleupdate']; $pconfig['autoruleupdatetime'] = $config['installedpackages']['suricata']['config'][0]['autoruleupdatetime']; +$pconfig['live_swap_updates'] = $config['installedpackages']['suricata']['config'][0]['live_swap_updates']; $pconfig['log_to_systemlog'] = $config['installedpackages']['suricata']['config'][0]['log_to_systemlog']; $pconfig['clearlogs'] = $config['installedpackages']['suricata']['config'][0]['clearlogs']; $pconfig['forcekeepsettings'] = $config['installedpackages']['suricata']['config'][0]['forcekeepsettings']; @@ -59,7 +59,6 @@ if (empty($pconfig['suricataloglimitsize'])) // Set limit to 20% of slice that is unused */ $pconfig['suricataloglimitsize'] = round(exec('df -k /var | grep -v "Filesystem" | awk \'{print $4}\'') * .20 / 1024); - if ($_POST['autoruleupdatetime']) { if (!preg_match('/^([01]?[0-9]|2[0-3]):?([0-5][0-9])$/', $_POST['autoruleupdatetime'])) $input_errors[] = "Invalid Rule Update Start Time! Please supply a value in 24-hour format as 'HH:MM'."; @@ -73,7 +72,7 @@ if ($_POST['enable_etpro_rules'] == "on" && empty($_POST['etprocode'])) /* if no errors move foward with save */ if (!$input_errors) { - if ($_POST["Submit"]) { + if ($_POST["save"]) { $config['installedpackages']['suricata']['config'][0]['enable_vrt_rules'] = $_POST['enable_vrt_rules'] ? 'on' : 'off'; $config['installedpackages']['suricata']['config'][0]['snortcommunityrules'] = $_POST['snortcommunityrules'] ? 'on' : 'off'; @@ -139,6 +138,7 @@ if (!$input_errors) { } $config['installedpackages']['suricata']['config'][0]['autoruleupdatetime'] = str_pad($_POST['autoruleupdatetime'], 4, "0", STR_PAD_LEFT); $config['installedpackages']['suricata']['config'][0]['log_to_systemlog'] = $_POST['log_to_systemlog'] ? 'on' : 'off'; + $config['installedpackages']['suricata']['config'][0]['live_swap_updates'] = $_POST['live_swap_updates'] ? 'on' : 'off'; $config['installedpackages']['suricata']['config'][0]['clearlogs'] = $_POST['clearlogs'] ? 'on' : 'off'; $config['installedpackages']['suricata']['config'][0]['forcekeepsettings'] = $_POST['forcekeepsettings'] ? 'on' : 'off'; @@ -187,7 +187,7 @@ if ($input_errors) $tab_array[] = array(gettext("Suricata Interfaces"), false, "/suricata/suricata_interfaces.php"); $tab_array[] = array(gettext("Global Settings"), true, "/suricata/suricata_global.php"); $tab_array[] = array(gettext("Update Rules"), false, "/suricata/suricata_download_updates.php"); - $tab_array[] = array(gettext("Alerts"), false, "/suricata/suricata_alerts.php?instance={$instanceid}"); + $tab_array[] = array(gettext("Alerts"), false, "/suricata/suricata_alerts.php"); $tab_array[] = array(gettext("Suppress"), false, "/suricata/suricata_suppress.php"); $tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php"); display_top_tabs($tab_array); @@ -206,13 +206,13 @@ if ($input_errors) <table width="100%" border="0" cellpadding="2" cellspacing="0"> <tr> <td valign="top" width="8%"><input name="enable_etopen_rules" type="checkbox" value="on" onclick="enable_et_rules();" - <?php if ($config['installedpackages']['suricata']['config'][0]['enable_etopen_rules']=="on") echo "checked"; ?>></td> + <?php if ($config['installedpackages']['suricata']['config'][0]['enable_etopen_rules']=="on") echo "checked"; ?>/></td> <td><span class="vexpl"><?php echo gettext("ETOpen is an open source set of Snort rules whose coverage " . "is more limited than ETPro."); ?></span></td> </tr> <tr> <td valign="top" width="8%"><input name="enable_etpro_rules" type="checkbox" value="on" onclick="enable_pro_rules();" - <?php if ($config['installedpackages']['suricata']['config'][0]['enable_etpro_rules']=="on") echo "checked"; ?>></td> + <?php if ($config['installedpackages']['suricata']['config'][0]['enable_etpro_rules']=="on") echo "checked"; ?>/></td> <td><span class="vexpl"><?php echo gettext("ETPro for Snort offers daily updates and extensive coverage of current malware threats."); ?></span></td> </tr> <tr> @@ -234,9 +234,8 @@ if ($input_errors) </tr> <tr> <td valign="top"><span class="vexpl"><strong><?php echo gettext("Code:"); ?></strong></span></td> - <td><input name="etprocode" type="text" - class="formfld unknown" id="etprocode" size="52" - value="<?=htmlspecialchars($pconfig['etprocode']);?>"><br/> + <td><input name="etprocode" type="text" class="formfld unknown" id="etprocode" size="52" + value="<?=htmlspecialchars($pconfig['etprocode']);?>"/><br/> <?php echo gettext("Obtain an ETPro subscription code and paste it here."); ?></td> </tr> </table> @@ -248,7 +247,7 @@ if ($input_errors) <table width="100%" border="0" cellpadding="2" cellspacing="0"> <tr> <td><input name="enable_vrt_rules" type="checkbox" id="enable_vrt_rules" value="on" onclick="enable_snort_vrt();" - <?php if($pconfig['enable_vrt_rules']=='on') echo 'checked'; ?>></td> + <?php if($pconfig['enable_vrt_rules']=='on') echo 'checked'; ?>/></td> <td><span class="vexpl"><?php echo gettext("Snort VRT free Registered User or paid Subscriber rules"); ?></span></td> <tr> <td> </td> @@ -266,9 +265,8 @@ if ($input_errors) </tr> <tr> <td valign="top"><span class="vexpl"><strong><?php echo gettext("Code:"); ?></strong></span></td> - <td><input name="oinkcode" type="text" - class="formfld unknown" id="oinkcode" size="52" - value="<?=htmlspecialchars($pconfig['oinkcode']);?>"><br/> + <td><input name="oinkcode" type="text" class="formfld unknown" id="oinkcode" size="52" + value="<?=htmlspecialchars($pconfig['oinkcode']);?>"/><br/> <?php echo gettext("Obtain a snort.org Oinkmaster code and paste it here."); ?></td> </tr> </table> @@ -279,7 +277,7 @@ if ($input_errors) <table width="100%" border="0" cellpadding="2" cellspacing="0"> <tr> <td valign="top" width="8%"><input name="snortcommunityrules" type="checkbox" value="on" - <?php if ($config['installedpackages']['suricata']['config'][0]['snortcommunityrules']=="on") echo "checked";?> ></td> + <?php if ($config['installedpackages']['suricata']['config'][0]['snortcommunityrules']=="on") echo " checked";?>/></td> <td class="vexpl"><?php echo gettext("The Snort Community Ruleset is a GPLv2 VRT certified ruleset that is distributed free of charge " . "without any VRT License restrictions. This ruleset is updated daily and is a subset of the subscriber ruleset.");?> <br/><br/><?php echo "<span class=\"red\"><strong>" . gettext("Note: ") . "</strong></span>" . @@ -302,20 +300,27 @@ if ($input_errors) <?php if ($iface3 == $pconfig['autoruleupdate']) echo "selected"; ?>> <?=htmlspecialchars($ifacename3);?></option> <?php endforeach; ?> - </select><span class="vexpl"> <?php echo gettext("Please select the interval for rule updates. Choosing ") . + </select> <?php echo gettext("Please select the interval for rule updates. Choosing ") . "<strong>" . gettext("NEVER") . "</strong>" . gettext(" disables auto-updates."); ?><br/><br/> - <?php echo "<span class=\"red\"><strong>" . gettext("Hint: ") . "</strong></span>" . gettext("in most cases, every 12 hours is a good choice."); ?></span></td> + <?php echo "<span class=\"red\"><strong>" . gettext("Hint: ") . "</strong></span>" . gettext("in most cases, every 12 hours is a good choice."); ?></td> </tr> <tr> <td width="22%" valign="top" class="vncell"><?php echo gettext("Update Start Time"); ?></td> <td width="78%" class="vtable"><input type="text" class="formfld time" name="autoruleupdatetime" id="autoruleupdatetime" size="4" - maxlength="5" value="<?=$pconfig['autoruleupdatetime'];?>" <?php if ($pconfig['autoruleupdate'] == "never_up") {echo "disabled";} ?>><span class="vexpl"> - <?php echo gettext("Enter the rule update start time in 24-hour format (HH:MM). ") . "<strong>" . - gettext("Default") . " </strong>" . gettext("is ") . "<strong>" . gettext("00:03") . "</strong></span>"; ?>.<br/><br/> + maxlength="5" value="<?=$pconfig['autoruleupdatetime'];?>" <?php if ($pconfig['autoruleupdate'] == "never_up") {echo "disabled";} ?>/> + <?php echo gettext("Enter the rule update start time in 24-hour format (HH:MM). Default is ") . "<strong>" . gettext("00:03") . "</strong>"; ?>.<br/><br/> <?php echo gettext("Rules will update at the interval chosen above starting at the time specified here. For example, using the default " . "start time of 00:03 and choosing 12 Hours for the interval, the rules will update at 00:03 and 12:03 each day."); ?></td> </tr> <tr> + <td width="22%" valign="top" class="vncell"><?php echo gettext("Live Rule Swap on Update"); ?></td> + <td width="78%" class="vtable"><input name="live_swap_updates" id="live_swap_updates" type="checkbox" value="yes" + <?php if ($config['installedpackages']['suricata']['config'][0]['live_swap_updates']=="on") echo " checked"; ?>/> + <?php echo gettext("Enable \"Live Swap\" reload of rules after downloading an update. Default is ") . "<strong>" . gettext("Not Checked") . "</strong>"; ?><br/><br/> + <?php echo gettext("When enabled, Suricata will perform a live load of the new rules following an update instead of a hard restart. " . + "If issues are encountered with live load, uncheck this option to perform a hard restart of all Suricata instances following an update."); ?></td> +</tr> +<tr> <td colspan="2" valign="top" class="listtopic"><?php echo gettext("General Settings"); ?></td> </tr> <tr> @@ -330,12 +335,12 @@ if ($input_errors) <table cellpadding="0" cellspacing="0"> <tr> <td colspan="2"><input name="suricataloglimit" type="radio" id="suricataloglimit" value="on" - <?php if($pconfig['suricataloglimit']=='on') echo 'checked'; ?>><span class="vexpl"> + <?php if($pconfig['suricataloglimit']=='on') echo 'checked'; ?>/><span class="vexpl"> <strong><?php echo gettext("Enable"); ?></strong> <?php echo gettext("directory size limit"); ?> (<strong><?php echo gettext("Default"); ?></strong>)</span></td> </tr> <tr> <td colspan="2"><input name="suricataloglimit" type="radio" id="suricataloglimit" value="off" - <?php if($pconfig['suricataloglimit']=='off') echo 'checked'; ?>> <span class="vexpl"><strong><?php echo gettext("Disable"); ?></strong> + <?php if($pconfig['suricataloglimit']=='off') echo 'checked'; ?>/> <span class="vexpl"><strong><?php echo gettext("Disable"); ?></strong> <?php echo gettext("directory size limit"); ?></span><br/> <br/> <span class="red"><strong><?php echo gettext("Warning:"); ?></strong></span> <?php echo gettext("Nanobsd " . @@ -345,7 +350,7 @@ if ($input_errors) <table width="100%" border="0" cellpadding="2" cellspacing="0"> <tr> <td class="vexpl"><?php echo gettext("Size in ") . "<strong>" . gettext("MB:") . "</strong>";?> - <input name="suricataloglimitsize" type="text" class="formfld unknown" id="suricataloglimitsize" size="10" value="<?=htmlspecialchars($pconfig['suricataloglimitsize']);?>"> + <input name="suricataloglimitsize" type="text" class="formfld unknown" id="suricataloglimitsize" size="10" value="<?=htmlspecialchars($pconfig['suricataloglimitsize']);?>"/> <?php echo gettext("Default is ") . "<strong>" . gettext("20%") . "</strong>" . gettext(" of available space.");?></td> </tr> </table> @@ -368,34 +373,27 @@ if ($input_errors) </tr> <tr> <td width="22%" valign="top" class="vncell"><?php echo gettext("Log to System Log"); ?></td> - <td width="78%" class="vtable"><input name="log_to_systemlog" - id="log_to_systemlog" type="checkbox" value="yes" - <?php if ($config['installedpackages']['suricata']['config'][0]['log_to_systemlog']=="on") echo "checked"; ?> - > <?php echo gettext("Copy Suricata messages to the firewall system log."); ?></td> + <td width="78%" class="vtable"><input name="log_to_systemlog" id="log_to_systemlog" type="checkbox" value="yes" + <?php if ($config['installedpackages']['suricata']['config'][0]['log_to_systemlog']=="on") echo " checked"; ?>/> + <?php echo gettext("Copy Suricata messages to the firewall system log."); ?></td> </tr> <tr> <td width="22%" valign="top" class="vncell"><?php echo gettext("Remove Suricata Log Files After Deinstall"); ?></td> - <td width="78%" class="vtable"><input name="clearlogs" - id="clearlogs" type="checkbox" value="yes" - <?php if ($config['installedpackages']['suricata']['config'][0]['clearlogs']=="on") echo "checked"; ?> - > <?php echo gettext("Suricata log files will be removed during package deinstallation."); ?></td> + <td width="78%" class="vtable"><input name="clearlogs" id="clearlogs" type="checkbox" value="yes" + <?php if ($config['installedpackages']['suricata']['config'][0]['clearlogs']=="on") echo " checked"; ?>/> + <?php echo gettext("Suricata log files will be removed during package deinstallation."); ?></td> </tr> <tr> <td width="22%" valign="top" class="vncell"><?php echo gettext("Keep Suricata Settings After Deinstall"); ?></td> - <td width="78%" class="vtable"><input name="forcekeepsettings" - id="forcekeepsettings" type="checkbox" value="yes" - <?php if ($config['installedpackages']['suricata']['config'][0]['forcekeepsettings']=="on") echo "checked"; ?> - > <?php echo gettext("Settings will not be removed during package deinstallation."); ?></td> + <td width="78%" class="vtable"><input name="forcekeepsettings" id="forcekeepsettings" type="checkbox" value="yes" + <?php if ($config['installedpackages']['suricata']['config'][0]['forcekeepsettings']=="on") echo " checked"; ?>/> + <?php echo gettext("Settings will not be removed during package deinstallation."); ?></td> </tr> <tr> - <td width="22%" valign="top"> - <td width="78%"> - <input name="Submit" type="submit" class="formbtn" value="Save" > - </td> + <td colspan="2" align="center"><input name="save" type="submit" class="formbtn" value="Save"/></td> </tr> <tr> - <td width="22%" valign="top"> </td> - <td width="78%" class="vexpl"><span class="red"><strong><?php echo gettext("Note:");?></strong> + <td colspan="2" class="vexpl" align="center"><span class="red"><strong><?php echo gettext("Note:");?></strong> </span><?php echo gettext("Changing any settings on this page will affect all Suricata-configured interfaces.");?></td> </tr> </table> diff --git a/config/suricata/suricata_import_aliases.php b/config/suricata/suricata_import_aliases.php index c16ac65d..ccaaf29d 100644 --- a/config/suricata/suricata_import_aliases.php +++ b/config/suricata/suricata_import_aliases.php @@ -1,5 +1,4 @@ <?php -/* $Id$ */ /* suricata_import_aliases.php Copyright (C) 2014 Bill Meeks @@ -27,160 +26,51 @@ POSSIBILITY OF SUCH DAMAGE. */ -require("guiconfig.inc"); -require_once("functions.inc"); -require_once("/usr/local/pkg/suricata/suricata.inc"); +/************************************************************************************ + This file contains code for selecting and importing an existing Alias. + It is included and injected inline from other Suricata PHP pages that + use the Import Alias functionality. -// Retrieve any passed QUERY STRING or POST variables -$id = $_GET['id']; -$eng = $_GET['eng']; -if (isset($_POST['id'])) - $id = $_POST['id']; -if (isset($_POST['eng'])) - $eng = $_POST['eng']; + The following variables are assumed to exist and must be initialized + as necessary in order to utilize this page. -// Make sure we have a valid rule ID and ENGINE name, or -// else bail out to top-level menu. -if (is_null($id) || is_null($eng)) { - header("Location: /suricata/suricata_interfaces.php"); - exit; -} + $g --> system global variables array + $config --> global variable pointing to configuration information + $a_aliases --> $config['aliases']['alias'] array + $title --> title string for import alias engine type + $used --> array of currently used engine 'bind_to' Alias names + $selectalias --> boolean to display radio buttons instead of checkboxes + $mode --> string value to indicate current operation mode -// Used to track if any selectable Aliases are found -$selectablealias = false; + Information is returned from this page via the following form fields: -// Initialize required array variables as necessary -if (!is_array($config['aliases']['alias'])) - $config['aliases']['alias'] = array(); -$a_aliases = $config['aliases']['alias']; -if (!is_array($config['installedpackages']['suricata']['rule'])) - $config['installedpackages']['suricata']['rule'] = array(); - -// The $eng variable points to the specific Suricata config section -// engine we are importing values into. Initialize the config.xml -// array if necessary. -if (!is_array($config['installedpackages']['suricata']['rule'][$id][$eng]['item'])) - $config['installedpackages']['suricata']['rule'][$id][$eng]['item'] = array(); - -// Initialize a pointer to the Suricata config section engine we are -// importing values into. -$a_nat = &$config['installedpackages']['suricata']['rule'][$id][$eng]['item']; - -// Build a lookup array of currently used engine 'bind_to' Aliases -// so we can screen matching Alias names from the list. -$used = array(); -foreach ($a_nat as $v) - $used[$v['bind_to']] = true; - -// Construct the correct return URL based on the Suricata config section -// engine we were called with. This lets us return to the page we were -// called from. -switch ($eng) { - case "host_os_policy": - $returl = "/suricata/suricata_flow_stream.php"; - $multi_ip = true; - $title = "Host Operating System Policy"; - break; - case "libhtp_policy": - $returl = "/suricata/suricata_app_parsers.php"; - $multi_ip = true; - $title = "HTTP Server Policy"; - break; - default: - $returl = "/suricata/suricata_interface_edit"; - $multi_ip = true; - $title = ""; -} - -if ($_POST['cancel']) { - header("Location: {$returl}?id={$id}"); - exit; -} - -if ($_POST['save']) { - - // Define default engine configurations for each of the supported engines. - $def_os_policy = array( "name" => "", "bind_to" => "", "policy" => "bsd" ); - - $def_libhtp_policy = array( "name" => "default", "bind_to" => "all", "personality" => "IDS", - "request-body-limit" => 4096, "response-body-limit" => 4096, - "double-decode-path" => "no", "double-decode-query" => "no" ); - - // Figure out which engine type we are importing and set up default engine array - $engine = array(); - switch ($eng) { - case "host_os_policy": - $engine = $def_os_policy; - break; - case "libhtp_policy": - $engine = $def_libhtp_policy; - break; - default: - $engine = ""; - $input_errors[] = gettext("Invalid ENGINE TYPE passed in query string. Aborting operation."); - } + aliastoimport[] --> checkbox array containing selected alias names + save_import_alias --> Submit button for save operation and exit + cancel_import_alias --> Submit button to cancel operation and exit + ************************************************************************************/ +?> - // See if anything was checked to import - if (is_array($_POST['toimport']) && count($_POST['toimport']) > 0) { - foreach ($_POST['toimport'] as $item) { - $engine['name'] = strtolower($item); - $engine['bind_to'] = $item; - $a_nat[] = $engine; - } +<?php $selectablealias = false; + if (!is_array($a_aliases)) + $a_aliases = array(); + if ($mode <> "") + echo '<input type="hidden" name="mode" id="mode" value="' . $mode . '"/>'; + if ($selectalias == true) { + $fieldtype = "radio"; + $header = gettext("Select an Alias to use as {$title} target from the list below."); } - else - $input_errors[] = gettext("No entries were selected for import. Please select one or more Aliases for import and click SAVE."); - - // if no errors, write new entry to conf - if (!$input_errors) { - // Reorder the engine array to ensure the - // 'bind_to=all' entry is at the bottom if - // the array contains more than one entry. - if (count($a_nat) > 1) { - $i = -1; - foreach ($a_nat as $f => $v) { - if ($v['bind_to'] == "all") { - $i = $f; - break; - } - } - // Only relocate the entry if we - // found it, and it's not already - // at the end. - if ($i > -1 && ($i < (count($a_nat) - 1))) { - $tmp = $a_nat[$i]; - unset($a_nat[$i]); - $a_nat[] = $tmp; - } - } - - // Now write the new engine array to conf and return - write_config(); - - header("Location: {$returl}?id={$id}"); - exit; + else { + $fieldtype = "checkbox"; + $header = gettext("Select one or more Aliases to use as {$title} targets from the list below."); } -} - -$pgtitle = gettext("Suricata: Import Host/Network Alias for {$title}"); -include("head.inc"); - ?> -<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> -<?php include("fbegin.inc"); ?> -<form action="suricata_import_aliases.php" method="post"> -<input type="hidden" name="id" value="<?=$id;?>"> -<input type="hidden" name="eng" value="<?=$eng;?>"> -<?php if ($input_errors) print_input_errors($input_errors); ?> -<div id="boxarea"> -<table width="100%" border="0" cellpadding="0" cellspacing="0"> +<table id="maintable" class="tabcont" width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> - <td class="tabcont"><strong><?=gettext("Select one or more Aliases to use as {$title} targets from the list below.");?></strong><br/> - </td> + <td class="listtopic" align="center"><?=$header;?></td> </tr> <tr> - <td class="tabcont"> + <td> <table id="sortabletable1" style="table-layout: fixed;" class="sortable" width="100%" border="0" cellpadding="0" cellspacing="0"> <colgroup> <col width="5%" align="center"> @@ -221,7 +111,7 @@ include("head.inc"); <td class="listlr" align="center"><img src="../themes/<?=$g['theme'];?>/images/icons/icon_block_d.gif" width="11" height"11" border="0"/> <?php else: ?> <tr> - <td class="listlr" align="center"><input type="checkbox" name="toimport[]" value="<?=htmlspecialchars($alias['name']);?>" title="<?=$tooltip;?>"/></td> + <td class="listlr" align="center"><input type="<?=$fieldtype;?>" name="aliastoimport[]" value="<?=htmlspecialchars($alias['name']);?>" title="<?=$tooltip;?>"/></td> <?php endif; ?> <td class="listr" align="left"><?=$textss . htmlspecialchars($alias['name']) . $textse;?></td> <td class="listr" align="left"> @@ -244,29 +134,26 @@ include("head.inc"); </tr> <?php if (!$selectablealias): ?> <tr> - <td class="tabcont" align="center"><b><?php echo gettext("There are currently no defined Aliases eligible for import.");?></b></td> + <td align="center"><b><?php echo gettext("There are currently no defined Aliases eligible for import.");?></b></td> </tr> <tr> - <td class="tabcont" align="center"> - <input type="Submit" name="cancel" value="Cancel" id="cancel" class="formbtn" title="<?=gettext("Cancel import operation and return");?>"/> + <td align="center" valign="middle"> + <input type="Submit" name="cancel_import_alias" value="Cancel" id="cancel_import_alias" class="formbtn" title="<?=gettext("Cancel import operation and return");?>"/> </td> </tr> <?php else: ?> <tr> - <td class="tabcont" align="center"> - <input type="Submit" name="save" value="Save" id="save" class="formbtn" title="<?=gettext("Import selected item and return");?>"/> - <input type="Submit" name="cancel" value="Cancel" id="cancel" class="formbtn" title="<?=gettext("Cancel import operation and return");?>"/> + <td align="center" valign="middle"> + <input type="Submit" name="save_import_alias" value="Save" id="save_import_alias" class="formbtn" title="<?=gettext("Import selected item and return");?>"/> + <input type="Submit" name="cancel_import_alias" value="Cancel" id="cancel_import_alias" class="formbtn" title="<?=gettext("Cancel import operation and return");?>"/> </td> </tr> <?php endif; ?> <tr> - <td class="tabcont"> + <td> <span class="vexpl"><span class="red"><strong><?=gettext("Note:"); ?><br></strong></span><?=gettext("Fully-Qualified Domain Name (FQDN) host Aliases cannot be used as Suricata configuration parameters. Aliases resolving to a single FQDN value are disabled in the list above. In the case of nested Aliases where one or more of the nested values is a FQDN host, the FQDN host will not be included in the {$title} configuration.");?></span> </td> </tr> </table> -</div> -</form> -<?php include("fend.inc"); ?> -</body> -</html> + + diff --git a/config/suricata/suricata_interfaces.php b/config/suricata/suricata_interfaces.php index 26ccada3..50ca99c1 100644 --- a/config/suricata/suricata_interfaces.php +++ b/config/suricata/suricata_interfaces.php @@ -27,7 +27,6 @@ * POSSIBILITY OF SUCH DAMAGE. */ -$nocsrf = true; require_once("guiconfig.inc"); require_once("/usr/local/pkg/suricata/suricata.inc"); @@ -37,42 +36,26 @@ $suricatadir = SURICATADIR; $suricatalogdir = SURICATALOGDIR; $rcdir = RCFILEPREFIX; -$id = $_GET['id']; -if (isset($_POST['id'])) +if ($_POST['id']) $id = $_POST['id']; +else + $id = 0; if (!is_array($config['installedpackages']['suricata']['rule'])) $config['installedpackages']['suricata']['rule'] = array(); $a_nat = &$config['installedpackages']['suricata']['rule']; $id_gen = count($config['installedpackages']['suricata']['rule']); -if (isset($_POST['del_x'])) { - /* delete selected rules */ +if ($_POST['del_x']) { + /* delete selected interfaces */ if (is_array($_POST['rule'])) { conf_mount_rw(); foreach ($_POST['rule'] as $rulei) { - /* convert fake interfaces to real */ $if_real = get_real_interface($a_nat[$rulei]['interface']); $suricata_uuid = $a_nat[$rulei]['uuid']; suricata_stop($a_nat[$rulei], $if_real); exec("/bin/rm -r {$suricatalogdir}suricata_{$if_real}{$suricata_uuid}"); exec("/bin/rm -r {$suricatadir}suricata_{$suricata_uuid}_{$if_real}"); - - // If interface had auto-generated Suppress List, then - // delete that along with the interface - $autolist = "{$a_nat[$rulei]['interface']}" . "suppress"; - if (is_array($config['installedpackages']['suricata']['suppress']) && - is_array($config['installedpackages']['suricata']['suppress']['item'])) { - $a_suppress = &$config['installedpackages']['suricata']['suppress']['item']; - foreach ($a_suppress as $k => $i) { - if ($i['name'] == $autolist) { - unset($config['installedpackages']['suricata']['suppress']['item'][$k]); - break; - } - } - } - - // Finally delete the interface's config entry entirely unset($a_nat[$rulei]); } conf_mount_ro(); @@ -103,16 +86,15 @@ if (isset($_POST['del_x'])) { header("Location: /suricata/suricata_interfaces.php"); exit; } - } /* start/stop Barnyard2 */ -if ($_GET['act'] == 'bartoggle' && is_numeric($id)) { +if ($_POST['bartoggle']) { $suricatacfg = $config['installedpackages']['suricata']['rule'][$id]; $if_real = get_real_interface($suricatacfg['interface']); $if_friendly = convert_friendly_interface_to_friendly_descr($suricatacfg['interface']); - if (suricata_is_running($suricatacfg['uuid'], $if_real, 'barnyard2') == 'no') { + if (!suricata_is_running($suricatacfg['uuid'], $if_real, 'barnyard2')) { log_error("Toggle (barnyard starting) for {$if_friendly}({$suricatacfg['descr']})..."); sync_suricata_package_config(); suricata_barnyard_start($suricatacfg, $if_real); @@ -127,12 +109,12 @@ if ($_GET['act'] == 'bartoggle' && is_numeric($id)) { } /* start/stop Suricata */ -if ($_GET['act'] == 'toggle' && is_numeric($id)) { +if ($_POST['toggle']) { $suricatacfg = $config['installedpackages']['suricata']['rule'][$id]; $if_real = get_real_interface($suricatacfg['interface']); $if_friendly = convert_friendly_interface_to_friendly_descr($suricatacfg['interface']); - if (suricata_is_running($suricatacfg['uuid'], $if_real) == 'yes') { + if (suricata_is_running($suricatacfg['uuid'], $if_real)) { log_error("Toggle (suricata stopping) for {$if_friendly}({$suricatacfg['descr']})..."); suricata_stop($suricatacfg, $if_real); } else { @@ -152,24 +134,22 @@ if ($_GET['act'] == 'toggle' && is_numeric($id)) { header("Location: /suricata/suricata_interfaces.php"); exit; } - -$pgtitle = "Services: Suricata Intrusion Detection System"; +$suri_bin_ver = SURICATA_VER; +$suri_pkg_ver = SURICATA_PKG_VER; +$pgtitle = "Services: Suricata {$suri_bin_ver} pkg {$suri_pkg_ver} - Intrusion Detection System"; include_once("head.inc"); ?> <body link="#000000" vlink="#000000" alink="#000000"> -<?php -include_once("fbegin.inc"); -if ($pfsense_stable == 'yes') - echo '<p class="pgtitle">' . $pgtitle . '</p>'; -?> +<?php include_once("fbegin.inc"); ?> <form action="suricata_interfaces.php" method="post" enctype="multipart/form-data" name="iform" id="iform"> +<input type="hidden" name="id" id="id" value=""> <?php /* Display Alert message */ if ($input_errors) - print_input_errors($input_errors); // TODO: add checks + print_input_errors($input_errors); if ($savemsg) print_info_box($savemsg); @@ -194,25 +174,32 @@ if ($pfsense_stable == 'yes') <td> <div id="mainarea"> <table id="maintable" class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0"> + + <colgroup> + <col width="3%" align="center"> + <col width="12%"> + <col width="14%"> + <col width="120" align="center"> + <col width="65" align="center"> + <col width="14%"> + <col> + <col width="20" align="center"> + </colgroup> + <thead> <tr id="frheader"> - <td width="3%" class="list"> </td> - <td width="10%" class="listhdrr"><?php echo gettext("Interface"); ?></td> - <td width="13%" class="listhdrr"><?php echo gettext("Suricata"); ?></td> - <td width="10%" class="listhdrr"><?php echo gettext("Pattern Match"); ?></td> - <td width="10%" class="listhdrr"><?php echo gettext("Block"); ?></td> - <td width="12%" class="listhdrr"><?php echo gettext("Barnyard2"); ?></td> - <td width="30%" class="listhdr"><?php echo gettext("Description"); ?></td> - <td width="3%" class="list"> - <table border="0" cellspacing="0" cellpadding="0"> - <tr> - <td></td> - <td align="center" valign="middle"><a href="suricata_interfaces_edit.php?id=<?php echo $id_gen;?>"><img - src="../themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" - width="17" height="17" border="0" title="<?php echo gettext('Add Suricata interface mapping');?>"></a></td> - </tr> - </table> - </td> + <th class="list"> </th> + <th class="listhdrr"><?php echo gettext("Interface"); ?></th> + <th class="listhdrr"><?php echo gettext("Suricata"); ?></th> + <th class="listhdrr"><?php echo gettext("Pattern Matcher"); ?></th> + <th class="listhdrr"><?php echo gettext("Block"); ?></th> + <th class="listhdrr"><?php echo gettext("Barnyard2"); ?></th> + <th class="listhdr"><?php echo gettext("Description"); ?></th> + <th class="list"><a href="suricata_interfaces_edit.php?id=<?php echo $id_gen;?>"> + <img src="../themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" + width="17" height="17" border="0" title="<?php echo gettext('Add Suricata interface mapping');?>"></a> + </th> </tr> + </thead> <?php $nnats = $i = 0; // Turn on buffering to speed up rendering @@ -237,7 +224,7 @@ if ($pfsense_stable == 'yes') $if_real = get_real_interface($natent['interface']); $natend_friendly= convert_friendly_interface_to_friendly_descr($natent['interface']); $suricata_uuid = $natent['uuid']; - if (suricata_is_running($suricata_uuid, $if_real) == 'no'){ + if (!suricata_is_running($suricata_uuid, $if_real)){ $iconfn = 'block'; $iconfn_msg1 = 'Suricata is not running on '; $iconfn_msg2 = '. Click to start.'; @@ -247,7 +234,7 @@ if ($pfsense_stable == 'yes') $iconfn_msg1 = 'Suricata is running on '; $iconfn_msg2 = '. Click to stop.'; } - if (suricata_is_running($suricata_uuid, $if_real, 'barnyard2') == 'no'){ + if (!suricata_is_running($suricata_uuid, $if_real, 'barnyard2')){ $biconfn = 'block'; $biconfn_msg1 = 'Barnyard2 is not running on '; $biconfn_msg2 = '. Click to start.'; @@ -275,31 +262,30 @@ if ($pfsense_stable == 'yes') <td class="listt"> <input type="checkbox" id="frc<?=$nnats;?>" name="rule[]" value="<?=$i;?>" onClick="fr_bgcolor('<?=$nnats;?>')" style="margin: 0; padding: 0;"> </td> - <td class="listr" - id="frd<?=$nnats;?>" valign="middle" + <td class="listr" valign="middle" + id="frd<?=$nnats;?>" ondblclick="document.location='suricata_interfaces_edit.php?id=<?=$nnats;?>';"> <?php echo $natend_friendly; ?> </td> - <td class="listr" + <td class="listr" valign="middle" id="frd<?=$nnats;?>" ondblclick="document.location='suricata_interfaces_edit.php?id=<?=$nnats;?>';"> <?php $check_suricata_info = $config['installedpackages']['suricata']['rule'][$nnats]['enable']; if ($check_suricata_info == "on") { - echo gettext("ENABLED"); - echo "<a href='?act=toggle&id={$i}'> - <img src='../themes/{$g['theme']}/images/icons/icon_{$iconfn}.gif' - width='13' height='13' border='0' - title='" . gettext($iconfn_msg1.$natend_friendly.$iconfn_msg2) . "'></a>"; + echo gettext("ENABLED") . " "; + echo "<input type='image' src='../themes/{$g['theme']}/images/icons/icon_{$iconfn}.gif' width='13' height='13' border='0' "; + echo "onClick='document.getElementById(\"id\").value=\"{$nnats}\";' name=\"toggle[]\" "; + echo "title='" . gettext($iconfn_msg1.$natend_friendly.$iconfn_msg2) . "'/>"; echo ($no_rules) ? " <img src=\"../themes/{$g['theme']}/images/icons/icon_frmfld_imp.png\" width=\"15\" height=\"15\" border=\"0\">" : ""; } else echo gettext("DISABLED"); ?> </td> <td class="listr" - id="frd<?=$nnats;?>" valign="middle" + id="frd<?=$nnats;?>" valign="middle" align="center" ondblclick="document.location='suricata_interfaces_edit.php?id=<?=$nnats;?>';"> <?php $check_performance_info = $config['installedpackages']['suricata']['rule'][$nnats]['mpm_algo']; @@ -311,7 +297,7 @@ if ($pfsense_stable == 'yes') ?> <?=strtoupper($check_performance);?> </td> <td class="listr" - id="frd<?=$nnats;?>" valign="middle" + id="frd<?=$nnats;?>" valign="middle" align="center" ondblclick="document.location='suricata_interfaces_edit.php?id=<?=$nnats;?>';"> <?php $check_blockoffenders_info = $config['installedpackages']['suricata']['rule'][$nnats]['blockoffenders']; @@ -329,11 +315,9 @@ if ($pfsense_stable == 'yes') <?php $check_suricatabarnyardlog_info = $config['installedpackages']['suricata']['rule'][$nnats]['barnyard_enable']; if ($check_suricatabarnyardlog_info == "on") { - echo gettext("ENABLED"); - echo "<a href='?act=bartoggle&id={$i}'> - <img src='../themes/{$g['theme']}/images/icons/icon_{$biconfn}.gif' - width='13' height='13' border='0' - title='" . gettext($biconfn_msg1.$natend_friendly.$biconfn_msg2) . "'></a>"; + echo gettext("ENABLED") . " "; + echo "<input type='image' name='bartoggle[]' src='../themes/{$g['theme']}/images/icons/icon_{$biconfn}.gif' width='13' height='13' border='0' "; + echo "onClick='document.getElementById(\"id\").value=\"{$nnats}\"'; title='" . gettext($biconfn_msg1.$natend_friendly.$biconfn_msg2) . "'/>"; } else echo gettext("DISABLED"); ?> @@ -343,14 +327,9 @@ if ($pfsense_stable == 'yes') <font color="#ffffff"> <?=htmlspecialchars($natent['descr']);?> </font> </td> <td valign="middle" class="list" nowrap> - <table border="0" cellspacing="0" cellpadding="0"> - <tr> - <td><a href="suricata_interfaces_edit.php?id=<?=$i;?>"><img - src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" - width="17" height="17" border="0" title="<?php echo gettext('Edit Suricata interface mapping'); ?>"></a> - </td> - </tr> - </table> + <a href="suricata_interfaces_edit.php?id=<?=$i;?>"> + <img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" + width="17" height="17" border="0" title="<?php echo gettext('Edit Suricata interface mapping'); ?>"></a> </td> </tr> <?php $i++; $nnats++; endforeach; ob_end_flush(); ?> @@ -363,19 +342,13 @@ if ($pfsense_stable == 'yes') <?php endif; ?> </td> <td class="list" valign="middle" nowrap> - <table border="0" cellspacing="0" cellpadding="0"> - <tr> - <td><?php if ($nnats == 0): ?><img - src="../themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" - width="17" height="17" " border="0"> - <?php else: ?> - <input name="del" type="image" - src="../themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" - width="17" height="17" title="<?php echo gettext("Delete selected Suricata interface mapping(s)"); ?>" - onclick="return intf_del()"> - <?php endif; ?></td> - </tr> - </table> + <?php if ($nnats == 0): ?> + <img src="../themes/<?= $g['theme']; ?>/images/icons/icon_x_d.gif" width="17" height="17" " border="0"> + <?php else: ?> + <input name="del" type="image" src="../themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" + width="17" height="17" title="<?php echo gettext("Delete selected Suricata interface mapping(s)"); ?>" + onclick="return intf_del()"> + <?php endif; ?> </td> </tr> <tr> diff --git a/config/suricata/suricata_interfaces_edit.php b/config/suricata/suricata_interfaces_edit.php index 5f644a55..d7b5a8cb 100644 --- a/config/suricata/suricata_interfaces_edit.php +++ b/config/suricata/suricata_interfaces_edit.php @@ -40,13 +40,12 @@ if (!is_array($config['installedpackages']['suricata']['rule'])) $config['installedpackages']['suricata']['rule'] = array(); $a_rule = &$config['installedpackages']['suricata']['rule']; -$id = $_GET['id']; -if (isset($_POST['id'])) +if ($_GET['id']); + $id = htmlspecialchars($_GET['id'], ENT_QUOTES | ENT_HTML401); +if ($_POST['id']) $id = $_POST['id']; -if (is_null($id)) { - header("Location: /suricata/suricata_interfaces.php"); - exit; -} +if (is_null($id)) + $id = 0; $pconfig = array(); if (empty($suricataglob['rule'][$id]['uuid'])) { @@ -62,13 +61,7 @@ else { $suricata_uuid = $pconfig['uuid']; // Get the physical configured interfaces on the firewall -if (function_exists('get_configured_interface_with_descr')) - $interfaces = get_configured_interface_with_descr(); -else { - $interfaces = array('wan' => 'WAN', 'lan' => 'LAN'); - for ($i = 1; isset($config['interfaces']['opt' . $i]); $i++) - $interfaces['opt' . $i] = $config['interfaces']['opt' . $i]['descr']; -} +$interfaces = get_configured_interface_with_descr(); // See if interface is already configured, and use its values if (isset($id) && $a_rule[$id]) { @@ -97,9 +90,6 @@ elseif (isset($id) && !isset($a_rule[$id])) { } } -if (isset($_GET['dup'])) - unset($id); - // Set defaults for any empty key parameters if (empty($pconfig['blockoffendersip'])) $pconfig['blockoffendersip'] = "both"; @@ -136,12 +126,12 @@ if (empty($pconfig['max_pcap_log_size'])) if (empty($pconfig['max_pcap_log_files'])) $pconfig['max_pcap_log_files'] = "1000"; -if ($_POST["Submit"]) { +if ($_POST["save"]) { if (!$_POST['interface']) $input_errors[] = gettext("Choosing an Interface is mandatory!"); - if ($_POST['max_pending_packets'] < 1 || $_POST['max_pending_packets'] > 65535) - $input_errors[] = gettext("The value for Maximum-Pending-Packets must be between 1 and 65,535!"); + if ($_POST['max_pending_packets'] < 1 || $_POST['max_pending_packets'] > 65000) + $input_errors[] = gettext("The value for Maximum-Pending-Packets must be between 1 and 65,000!"); if (!empty($_POST['max_pcap_log_size']) && !is_numeric($_POST['max_pcap_log_size'])) $input_errors[] = gettext("The value for 'Max Packet Log Size' must be numbers only. Do not include any alphabetic characters."); @@ -156,15 +146,6 @@ if ($_POST["Submit"]) { $natent['enable'] = $_POST['enable'] ? 'on' : 'off'; $natent['uuid'] = $pconfig['uuid']; - // See if the HOME_NET, EXTERNAL_NET, or SUPPRESS LIST values were changed - $suricata_reload = false; - if ($_POST['homelistname'] && ($_POST['homelistname'] <> $natent['homelistname'])) - $suricata_reload = true; - if ($_POST['externallistname'] && ($_POST['externallistname'] <> $natent['externallistname'])) - $suricata_reload = true; - if ($_POST['suppresslistname'] && ($_POST['suppresslistname'] <> $natent['suppresslistname'])) - $suricata_reload = true; - if ($_POST['descr']) $natent['descr'] = $_POST['descr']; else $natent['descr'] = strtoupper($natent['interface']); if ($_POST['max_pcap_log_size']) $natent['max_pcap_log_size'] = $_POST['max_pcap_log_size']; else unset($natent['max_pcap_log_size']); if ($_POST['max_pcap_log_files']) $natent['max_pcap_log_files'] = $_POST['max_pcap_log_files']; else unset($natent['max_pcap_log_files']); @@ -263,7 +244,7 @@ if ($_POST["Submit"]) { $natent['libhtp_policy']['item'][] = $default; // Enable the basic default rules for the interface - $natent['rulesets'] = "decoder-events.rules||files.rules||http-events.rules||smtp-events.rules||stream-events.rules"; + $natent['rulesets'] = "decoder-events.rules||files.rules||http-events.rules||smtp-events.rules||stream-events.rules||tls-events.rules"; // Adding a new interface, so set flag to build new rules $rebuild_rules = true; @@ -282,15 +263,6 @@ if ($_POST["Submit"]) { // Update suricata.conf and suricata.sh files for this interface sync_suricata_package_config(); - /*******************************************************/ - /* Signal Suricata to reload configuration if we changed */ - /* HOME_NET, EXTERNAL_NET or Suppress list values. */ - /* The function only signals a running Suricata instance */ - /* to safely reload these parameters. */ - /*******************************************************/ - if ($suricata_reload == true) - suricata_reload_config($natent, "USR2"); - header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' ); header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' ); header( 'Cache-Control: no-store, no-cache, must-revalidate' ); @@ -309,19 +281,14 @@ include_once("head.inc"); <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> -<?php include("fbegin.inc"); ?> - -<?if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';}?> - -<?php - /* Display Alert message */ - if ($input_errors) { - print_input_errors($input_errors); - } - - if ($savemsg) { - print_info_box($savemsg); - } +<?php include("fbegin.inc"); +/* Display Alert message */ +if ($input_errors) { + print_input_errors($input_errors); +} +if ($savemsg) { + print_info_box($savemsg); +} ?> <form action="suricata_interfaces_edit.php<?php echo "?id=$id";?>" method="post" name="iform" id="iform"> @@ -334,7 +301,7 @@ include_once("head.inc"); $tab_array[] = array(gettext("Update Rules"), false, "/suricata/suricata_download_updates.php"); $tab_array[] = array(gettext("Alerts"), false, "/suricata/suricata_alerts.php?instance={$id}"); $tab_array[] = array(gettext("Suppress"), false, "/suricata/suricata_suppress.php"); - $tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php"); + $tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php?instance={$id}"); display_top_tabs($tab_array); echo '</td></tr>'; echo '<tr><td class="tabnavtbl">'; @@ -374,7 +341,7 @@ include_once("head.inc"); <?php endforeach; ?> </select> <span class="vexpl"><?php echo gettext("Choose which interface this Suricata instance applies to."); ?><br/> - <span class="red"><?php echo gettext("Hint:"); ?></span> <?php echo gettext("In most cases, you'll want to use WAN here."); ?></span><br/></td> + <span class="red"><?php echo gettext("Hint:"); ?></span> <?php echo gettext("In most cases, you'll want to use WAN here if this is the first Suricata-configured interface."); ?></span><br/></td> </tr> <tr> <td width="22%" valign="top" class="vncellreq"><?php echo gettext("Description"); ?></td> @@ -390,7 +357,6 @@ include_once("head.inc"); <td width="78%" class="vtable"><input name="alertsystemlog" type="checkbox" value="on" <?php if ($pconfig['alertsystemlog'] == "on") echo "checked"; ?>/> <?php echo gettext("Suricata will send Alerts to the firewall's system log."); ?></td> </tr> - <tr> <td width="22%" valign="top" class="vncell"><?php echo gettext("Enable Stats Log"); ?></td> <td width="78%" class="vtable"><input name="enable_stats_log" type="checkbox" value="on" <?php if ($pconfig['enable_stats_log'] == "on") echo "checked"; ?> @@ -466,8 +432,6 @@ include_once("head.inc"); gettext("This will consume a significant amount of disk space on a busy network when enabled!"); ?></div> </td> </tr> - - <tr> <td width="22%" valign="top" class="vncell"><?php echo gettext("Enable Packet Log"); ?></td> <td width="78%" class="vtable"><input name="enable_pcap_log" id="enable_pcap_log" type="checkbox" value="on" <?php if ($pconfig['enable_pcap_log'] == "on") echo "checked"; ?> @@ -484,7 +448,6 @@ include_once("head.inc"); <?php echo gettext("Enter maximum size in ") . "<strong>" . gettext("MB") . "</strong>" . gettext(" for a packet log file. Default is ") . "<strong>" . gettext("32") . "</strong>."; ?><br/><br/><?php echo gettext("When the packet log file size reaches the set limit, it will be rotated and a new one created.") ?></td> </tr> - </tr> <tr id="pcap_log_max_row"> <td width="22%" valign="top" class="vncell"><?php echo gettext("Max Packet Log Files"); ?></td> <td width="78%" class="vtable"><input name="max_pcap_log_files" type="text" @@ -493,7 +456,7 @@ include_once("head.inc"); gettext("1000") . "</strong>."; ?><br/><br/><?php echo gettext("When the number of packet log files reaches the set limit, the oldest file will be overwritten.") ?></td> </tr> -<!-- +<!-- ### Blocking not yet enabled, so hide the controls ### <tr> <td colspan="2" class="listtopic"><?php echo gettext("Alert Settings"); ?></td> </tr> @@ -529,6 +492,7 @@ include_once("head.inc"); <span class="red"><?php echo gettext("Hint:") . "</span> " . gettext("Choosing BOTH is suggested, and it is the default value."); ?></span><br/></td> </td> </tr> + ### End of Blocking controls ### --> <tr> @@ -539,7 +503,9 @@ include_once("head.inc"); <td width="78%" class="vtable"><input name="max_pending_packets" type="text" class="formfld unknown" id="max_pending_packets" size="8" value="<?=htmlspecialchars($pconfig['max_pending_packets']); ?>"/> <?php echo gettext("Enter number of simultaneous packets to process. Default is ") . "<strong>" . - gettext("1024") . "</strong>."; ?><br/><br/><?php echo gettext("Minimum value is 1 and the maximum value is 65,535.") ?></td> + gettext("1024") . "</strong>."; ?><br/><br/><?php echo gettext("This controls the number simultaneous packets the engine can handle. ") . + gettext("Setting this higher generally keeps the threads more busy. The minimum value is 1 and the maximum value is 65,000. ") . "<br/><span class='red'><strong>" . + gettext("Warning: ") . "</strong></span>" . gettext("Setting this too high can lead to degradation and a possible system crash by exhausting available memory.") ?></td> </tr> <tr> <td width="22%" valign="top" class="vncell"><?php echo gettext("Detect-Engine Profile"); ?></td> @@ -575,7 +541,7 @@ include_once("head.inc"); </select> <?php echo gettext("Choose a multi-pattern matcher (MPM) algorithm. ") . "<strong>" . gettext("Default") . "</strong>" . gettext(" is ") . "<strong>" . gettext("AC") . "</strong>"; ?>.<br/><br/> - <?php echo gettext("AC is recommended for most systems. "); ?> + <?php echo gettext("AC is the default, and is the best choice for almost all systems."); ?> <br/></td> </tr> <tr> @@ -605,7 +571,7 @@ include_once("head.inc"); gettext("3000") . "</strong>."; ?><br/><br/><?php echo gettext("When set to 0 an internal default is used. When left blank there is no recursion limit.") ?></td> </tr> <tr> - <td colspan="2" class="listtopic"><?php echo gettext("Networks " . "Suricata Should Inspect and Whitelist"); ?></td> + <td colspan="2" class="listtopic"><?php echo gettext("Networks " . "Suricata Should Inspect and Protect"); ?></td> </tr> <tr> <td width="22%" valign="top" class="vncell"><?php echo gettext("Home Net"); ?></td> @@ -665,6 +631,7 @@ include_once("head.inc"); "setting at default. Create an Alias for custom External Net settings."); ?><br/> </td> </tr> +<!-- <tr> <td width="22%" valign="top" class="vncell"><?php echo gettext("Whitelist"); ?></td> <td width="78%" class="vtable"> @@ -693,6 +660,7 @@ include_once("head.inc"); "whitelist adds local networks, WAN IPs, Gateways, VPNs and VIPs. Create an Alias to customize."); ?> </td> </tr> +--> <tr> <td colspan="2" class="listtopic"><?php echo gettext("Alert Suppression and Filtering"); ?></td> </tr> @@ -734,15 +702,13 @@ include_once("head.inc"); </td> </tr> <tr> - <td width="22%" valign="top"></td> - <td width="78%"><input name="Submit" type="submit" class="formbtn" value="Save" title="<?php echo + <td colspan="2" align="center" valign="middle"><input name="save" type="submit" class="formbtn" value="Save" title="<?php echo gettext("Click to save settings and exit"); ?>"/> <input name="id" type="hidden" value="<?=$id;?>"/> </td> </tr> <tr> - <td width="22%" valign="top"> </td> - <td width="78%"><span class="vexpl"><span class="red"><strong><?php echo gettext("Note: ") . "</strong></span></span>" . + <td colspan="2" align="center" valign="middle"><span class="vexpl"><span class="red"><strong><?php echo gettext("Note: ") . "</strong></span></span>" . gettext("Please save your settings before you attempt to start Suricata."); ?> </td> </tr> @@ -860,11 +826,11 @@ function enable_change(enable_change) { document.iform.alertsystemlog.disabled = endis; document.iform.externallistname.disabled = endis; document.iform.homelistname.disabled = endis; - document.iform.whitelistname.disabled=endis; +// document.iform.whitelistname.disabled=endis; document.iform.suppresslistname.disabled = endis; document.iform.configpassthru.disabled = endis; document.iform.btnHomeNet.disabled=endis; - document.iform.btnWhitelist.disabled=endis; +// document.iform.btnWhitelist.disabled=endis; document.iform.btnSuppressList.disabled=endis; } @@ -897,7 +863,7 @@ function viewList(id, elemID, elemType) { } enable_change(false); -enable_blockoffenders(); +//enable_blockoffenders(); toggle_stats_log(); toggle_http_log(); toggle_tls_log(); diff --git a/config/suricata/suricata_libhtp_policy_engine.php b/config/suricata/suricata_libhtp_policy_engine.php index e7cf4135..1a3c7455 100644 --- a/config/suricata/suricata_libhtp_policy_engine.php +++ b/config/suricata/suricata_libhtp_policy_engine.php @@ -26,159 +26,34 @@ * POSSIBILITY OF SUCH DAMAGE. */ -require_once("guiconfig.inc"); -require_once("/usr/local/pkg/suricata/suricata.inc"); - -global $g; - -// Grab the incoming QUERY STRING or POST variables -$id = $_GET['id']; -$eng_id = $_GET['eng_id']; -if (isset($_POST['id'])) - $id = $_POST['id']; -if (isset($_POST['eng_id'])) - $eng_id = $_POST['eng_id']; - -if (is_null($id)) { - header("Location: /suricata/suricata_interfaces.php"); - exit; -} - -if (!is_array($config['installedpackages']['suricata']['rule'])) - $config['installedpackages']['suricata']['rule'] = array(); -if (!is_array($config['installedpackages']['suricata']['rule'][$id]['libhtp_policy']['item'])) - $config['installedpackages']['suricata']['rule'][$id]['libhtp_policy']['item'] = array(); -$a_nat = &$config['installedpackages']['suricata']['rule'][$id]['libhtp_policy']['item']; - -$pconfig = array(); -if (empty($a_nat[$eng_id])) { - $def = array( "name" => "engine_{$eng_id}", "bind_to" => "", "personality" => "IDS", - "request-body-limit" => "4096", "response-body-limit" => "4096", - "double-decode-path" => "no", "double-decode-query" => "no" ); - - // See if this is initial entry and set to "default" if true - if ($eng_id < 1) { - $def['name'] = "default"; - $def['bind_to'] = "all"; - } - $pconfig = $def; -} -else { - $pconfig = $a_nat[$eng_id]; - - // Check for any empty values and set sensible defaults - if (empty($pconfig['personality'])) - $pconfig['personality'] = "IDS"; -} - -if ($_POST['Cancel']) { - header("Location: /suricata/suricata_app_parsers.php?id={$id}"); - exit; -} - -// Check for returned "selected alias" if action is import -if ($_GET['act'] == "import") { - if ($_GET['varname'] == "bind_to" && !empty($_GET['varvalue'])) - $pconfig[$_GET['varname']] = $_GET['varvalue']; -} - -if ($_POST['Submit']) { - - /* Grab all the POST values and save in new temp array */ - $engine = array(); - if ($_POST['policy_name']) { $engine['name'] = trim($_POST['policy_name']); } else { $engine['name'] = "default"; } - if ($_POST['policy_bind_to']) { - if (is_alias($_POST['policy_bind_to'])) - $engine['bind_to'] = $_POST['policy_bind_to']; - elseif (strtolower(trim($_POST['policy_bind_to'])) == "all") - $engine['bind_to'] = "all"; - else - $input_errors[] = gettext("You must provide a valid Alias or the reserved keyword 'all' for the 'Bind-To IP Address' value."); - } - else { - $input_errors[] = gettext("The 'Bind-To IP Address' value cannot be blank. Provide a valid Alias or the reserved keyword 'all'."); - } - - if ($_POST['personality']) { $engine['personality'] = $_POST['personality']; } else { $engine['personality'] = "IDS"; } - if (is_numeric($_POST['req_body_limit']) && $_POST['req_body_limit'] >= 0) - $engine['request-body-limit'] = $_POST['req_body_limit']; - else - $input_errors[] = gettext("The value for 'Request Body Limit' must be all numbers and greater than or equal to zero."); - - if (is_numeric($_POST['resp_body_limit']) && $_POST['resp_body_limit'] >= 0) - $engine['response-body-limit'] = $_POST['resp_body_limit']; - else - $input_errors[] = gettext("The value for 'Response Body Limit' must be all numbers and greater than or equal to zero."); - - if ($_POST['enable_double_decode_path']) { $engine['double-decode-path'] = 'yes'; }else{ $engine['double-decode-path'] = 'no'; } - if ($_POST['enable_double_decode_query']) { $engine['double-decode-query'] = 'yes'; }else{ $engine['double-decode-query'] = 'no'; } - - /* Can only have one "all" Bind_To address */ - if ($engine['bind_to'] == "all" && $engine['name'] <> "default") { - $input_errors[] = gettext("Only one default HTTP Server Policy Engine can be bound to all addresses."); - $pconfig = $engine; - } - - /* if no errors, write new entry to conf */ - if (!$input_errors) { - if (isset($eng_id) && $a_nat[$eng_id]) { - $a_nat[$eng_id] = $engine; - } - else - $a_nat[] = $engine; - - /* Reorder the engine array to ensure the */ - /* 'bind_to=all' entry is at the bottom */ - /* if it contains more than one entry. */ - if (count($a_nat) > 1) { - $i = -1; - foreach ($a_nat as $f => $v) { - if ($v['bind_to'] == "all") { - $i = $f; - break; - } - } - /* Only relocate the entry if we */ - /* found it, and it's not already */ - /* at the end. */ - if ($i > -1 && ($i < (count($a_nat) - 1))) { - $tmp = $a_nat[$i]; - unset($a_nat[$i]); - $a_nat[] = $tmp; - } - } - - /* Now write the new engine array to conf */ - write_config(); - - header("Location: /suricata/suricata_app_parsers.php?id={$id}"); - exit; - } -} - -$if_friendly = convert_friendly_interface_to_friendly_descr($config['installedpackages']['suricata']['rule'][$id]['interface']); -$pgtitle = gettext("Suricata: Interface {$if_friendly} HTTP Server Policy Engine"); -include_once("head.inc"); - -?> - -<body link="#0000CC" vlink="#0000CC" alink="#0000CC" > - -<?php -include("fbegin.inc"); -if ($input_errors) print_input_errors($input_errors); -if ($savemsg) - print_info_box($savemsg); +/************************************************************************************** + This file contains code for adding/editing an existing Libhtp Policy Engine. + It is included and injected inline as needed into the suricata_app_parsers.php + page to provide the edit functionality for Host OS Policy Engines. + + The following variables are assumed to exist and must be initialized + as necessary in order to utilize this page. + + $g --> system global variables array + $config --> global variable pointing to configuration information + $pengcfg --> array containing current Libhtp Policy engine configuration + + Information is returned from this page via the following form fields: + + policy_name --> Unique Name for the Libhtp Policy Engine + policy_bind_to --> Alias name representing "bind_to" IP address for engine + personality --> Operating system chosen for engine policy + select_alias --> Submit button for select alias operation + req_body_limit --> Request Body Limit size + resp_body_limit --> Response Body Limit size + enable_double_decode_path --> double-decode path part of URI + enable_double_decode_query --> double-decode query string part of URI + save_libhtp_policy --> Submit button for save operation and exit + cancel_libhtp_policy --> Submit button to cancel operation and exit + **************************************************************************************/ ?> -<form action="suricata_libhtp_policy_engine.php" method="post" name="iform" id="iform"> -<input name="id" type="hidden" value="<?=$id?>"> -<input name="eng_id" type="hidden" value="<?=$eng_id?>"> -<div id="boxarea"> -<table width="100%" border="0" cellpadding="0" cellspacing="0"> -<tr> -<td class="tabcont"> -<table width="100%" border="0" cellpadding="6" cellspacing="0"> +<table class="tabcont" width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> <td colspan="2" valign="middle" class="listtopic"><?php echo gettext("Suricata Target-Based HTTP Server Policy Configuration"); ?></td> </tr> @@ -186,8 +61,8 @@ if ($savemsg) <td valign="top" class="vncell"><?php echo gettext("Engine Name"); ?></td> <td class="vtable"> <input name="policy_name" type="text" class="formfld unknown" id="policy_name" size="25" maxlength="25" - value="<?=htmlspecialchars($pconfig['name']);?>"<?php if (htmlspecialchars($pconfig['name']) == "default") echo "readonly";?>> - <?php if (htmlspecialchars($pconfig['name']) <> "default") + value="<?=htmlspecialchars($pengcfg['name']);?>"<?php if (htmlspecialchars($pengcfg['name']) == "default") echo "readonly";?>> + <?php if (htmlspecialchars($pengcfg['name']) <> "default") echo gettext("Name or description for this engine. (Max 25 characters)"); else echo "<span class=\"red\">" . gettext("The name for the 'default' engine is read-only.") . "</span>";?><br/> @@ -198,13 +73,13 @@ if ($savemsg) <tr> <td valign="top" class="vncell"><?php echo gettext("Bind-To IP Address Alias"); ?></td> <td class="vtable"> - <?php if ($pconfig['name'] <> "default") : ?> + <?php if ($pengcfg['name'] <> "default") : ?> <table width="95%" border="0" cellpadding="2" cellspacing="0"> <tr> <td class="vexpl"><input name="policy_bind_to" type="text" class="formfldalias" id="policy_bind_to" size="32" - value="<?=htmlspecialchars($pconfig['bind_to']);?>" title="<?=trim(filter_expand_alias($pconfig['bind_to']));?>" autocomplete="off"> + value="<?=htmlspecialchars($pengcfg['bind_to']);?>" title="<?=trim(filter_expand_alias($pengcfg['bind_to']));?>" autocomplete="off"> <?php echo gettext("IP List to bind this engine to. (Cannot be blank)"); ?></td> - <td class="vexpl" align="right"><input type="button" class="formbtns" value="Aliases" onclick="parent.location='suricata_select_alias.php?id=<?=$id;?>&eng_id=<?=$eng_id;?>&type=host|network&varname=bind_to&act=import&multi_ip=yes&returl=<?=urlencode($_SERVER['PHP_SELF']);?>'" + <td class="vexpl" align="right"><input type="submit" class="formbtns" name="select_alias" value="Aliases" title="<?php echo gettext("Select an existing IP alias");?>"/></td> </tr> <tr> @@ -214,7 +89,7 @@ if ($savemsg) <br/><span class="red"><strong><?php echo gettext("Note: ") . "</strong></span>" . gettext("Supplied value must be a pre-configured Alias or the keyword 'all'.");?> <?php else : ?> <input name="policy_bind_to" type="text" class="formfldalias" id="policy_bind_to" size="32" - value="<?=htmlspecialchars($pconfig['bind_to']);?>" autocomplete="off" readonly> + value="<?=htmlspecialchars($pengcfg['bind_to']);?>" autocomplete="off" readonly> <?php echo "<span class=\"red\">" . gettext("IP List for the default engine is read-only and must be 'all'.") . "</span>";?><br/> <?php echo gettext("The default engine is required and will apply for packets with destination addresses not matching other engine IP Lists.");?><br/> <?php endif ?> @@ -228,7 +103,7 @@ if ($savemsg) $profile = array( 'Apache', 'Apache_2_2', 'Generic', 'IDS', 'IIS_4_0', 'IIS_5_0', 'IIS_5_1', 'IIS_6_0', 'IIS_7_0', 'IIS_7_5', 'Minimal' ); foreach ($profile as $val): ?> <option value="<?=$val;?>" - <?php if ($val == $pconfig['personality']) echo "selected"; ?>> + <?php if ($val == $pengcfg['personality']) echo "selected"; ?>> <?=gettext($val);?></option> <?php endforeach; ?> </select> <?php echo gettext("Choose the web server personality appropriate for the protected hosts. The default is ") . @@ -243,7 +118,7 @@ if ($savemsg) <td width="22%" valign="top" class="vncell"><?php echo gettext("Request Body Limit"); ?></td> <td width="78%" class="vtable"> <input name="req_body_limit" type="text" class="formfld unknown" id="req_body_limit" size="9" - value="<?=htmlspecialchars($pconfig['request-body-limit']);?>"> + value="<?=htmlspecialchars($pengcfg['request-body-limit']);?>"> <?php echo gettext("Maximum number of HTTP request body bytes to inspect. Default is ") . "<strong>" . gettext("4,096") . "</strong>" . gettext(" bytes."); ?><br/><br/> <?php echo gettext("HTTP request bodies are often big, so they take a lot of time to process which has a significant impact ") . @@ -255,7 +130,7 @@ if ($savemsg) <td width="22%" valign="top" class="vncell"><?php echo gettext("Response Body Limit"); ?></td> <td width="78%" class="vtable"> <input name="resp_body_limit" type="text" class="formfld unknown" id="resp_body_limit" size="9" - value="<?=htmlspecialchars($pconfig['response-body-limit']);?>"> + value="<?=htmlspecialchars($pengcfg['response-body-limit']);?>"> <?php echo gettext("Maximum number of HTTP response body bytes to inspect. Default is ") . "<strong>" . gettext("4,096") . "</strong>" . gettext(" bytes."); ?><br/><br/> <?php echo gettext("HTTP response bodies are often big, so they take a lot of time to process which has a significant impact ") . @@ -268,31 +143,25 @@ if ($savemsg) </tr> <tr> <td width="22%" valign="top" class="vncell"><?php echo gettext("Double-Decode Path"); ?></td> - <td width="78%" class="vtable"><input name="enable_double_decode_path" type="checkbox" value="on" <?php if ($pconfig['double-decode-path'] == "yes") echo "checked"; ?>> + <td width="78%" class="vtable"><input name="enable_double_decode_path" type="checkbox" value="yes" <?php if ($pengcfg['double-decode-path'] == "yes") echo "checked"; ?>> <?php echo gettext("Suricata will double-decode path section of the URI. Default is ") . "<strong>" . gettext("Not Checked") . "</strong>."; ?></td> </tr> <tr> <td width="22%" valign="top" class="vncell"><?php echo gettext("Double-Decode Query"); ?></td> - <td width="78%" class="vtable"><input name="enable_double_decode_query" type="checkbox" value="on" <?php if ($pconfig['double-decode-query'] == "yes") echo "checked"; ?>> + <td width="78%" class="vtable"><input name="enable_double_decode_query" type="checkbox" value="yes" <?php if ($pengcfg['double-decode-query'] == "yes") echo "checked"; ?>> <?php echo gettext("Suricata will double-decode query string section of the URI. Default is ") . "<strong>" . gettext("Not Checked") . "</strong>."; ?></td> </tr> <tr> <td width="22%" valign="bottom"> </td> <td width="78%" valign="bottom"> - <input name="Submit" id="submit" type="submit" class="formbtn" value=" Save " title="<?php echo + <input name="save_libhtp_policy" id="save_libhtp_policy" type="submit" class="formbtn" value=" Save " title="<?php echo gettext("Save web server policy engine settings and return to App Parsers tab"); ?>"> - <input name="Cancel" id="cancel" type="submit" class="formbtn" value="Cancel" title="<?php echo + <input name="cancel_libhtp_policy" id="cancel_libhtp_policy" type="submit" class="formbtn" value="Cancel" title="<?php echo gettext("Cancel changes and return to App Parsers tab"); ?>"></td> </tr> </table> -</td> -</tr> -</table> -</div> -</form> -<?php include("fend.inc"); ?> -</body> + <script type="text/javascript" src="/javascript/autosuggest.js"> </script> <script type="text/javascript" src="/javascript/suggestions.js"> @@ -311,4 +180,3 @@ setTimeout("createAutoSuggest();", 500); </script> -</html> diff --git a/config/suricata/suricata_logs_browser.php b/config/suricata/suricata_logs_browser.php index 38310b9f..9fc24927 100644 --- a/config/suricata/suricata_logs_browser.php +++ b/config/suricata/suricata_logs_browser.php @@ -32,6 +32,8 @@ require_once("/usr/local/pkg/suricata/suricata.inc"); if ($_POST['instance']) $instanceid = $_POST['instance']; +if ($_GET['instance']) + $instanceid = $_GET['instance']; if (empty($instanceid)) $instanceid = 0; diff --git a/config/suricata/suricata_os_policy_engine.php b/config/suricata/suricata_os_policy_engine.php index 61918e65..c9360901 100644 --- a/config/suricata/suricata_os_policy_engine.php +++ b/config/suricata/suricata_os_policy_engine.php @@ -26,153 +26,39 @@ * POSSIBILITY OF SUCH DAMAGE. */ -require_once("guiconfig.inc"); -require_once("/usr/local/pkg/suricata/suricata.inc"); - -global $g; - -// Grab the incoming QUERY STRING or POST variables -$id = $_GET['id']; -$eng_id = $_GET['eng_id']; -if (isset($_POST['id'])) - $id = $_POST['id']; -if (isset($_POST['eng_id'])) - $eng_id = $_POST['eng_id']; - -if (is_null($id)) { - header("Location: /suricata/suricata_interfaces.php"); - exit; -} - -if (!is_array($config['installedpackages']['suricata']['rule'])) - $config['installedpackages']['suricata']['rule'] = array(); -if (!is_array($config['installedpackages']['suricata']['rule'][$id]['host_os_policy']['item'])) - $config['installedpackages']['suricata']['rule'][$id]['host_os_policy']['item'] = array(); -$a_nat = &$config['installedpackages']['suricata']['rule'][$id]['host_os_policy']['item']; - -$pconfig = array(); -if (empty($a_nat[$eng_id])) { - $def = array( "name" => "engine_{$eng_id}", "bind_to" => "", "policy" => "bsd" ); - // See if this is initial entry and set to "default" if true - if ($eng_id < 1) { - $def['name'] = "default"; - $def['bind_to'] = "all"; - } - $pconfig = $def; -} -else { - $pconfig = $a_nat[$eng_id]; - - // Check for any empty values and set sensible defaults - if (empty($pconfig['policy'])) - $pconfig['policy'] = "bsd"; -} - -if ($_POST['Cancel']) { - header("Location: /suricata/suricata_flow_stream.php?id={$id}"); - exit; -} - -// Check for returned "selected alias" if action is import -if ($_GET['act'] == "import") { - if ($_GET['varname'] == "bind_to" && !empty($_GET['varvalue'])) - $pconfig[$_GET['varname']] = $_GET['varvalue']; -} - -if ($_POST['Submit']) { - - /* Grab all the POST values and save in new temp array */ - $engine = array(); - if ($_POST['policy_name']) { $engine['name'] = trim($_POST['policy_name']); } else { $engine['name'] = "default"; } - if ($_POST['policy_bind_to']) { - if (is_alias($_POST['policy_bind_to'])) - $engine['bind_to'] = $_POST['policy_bind_to']; - elseif (strtolower(trim($_POST['policy_bind_to'])) == "all") - $engine['bind_to'] = "all"; - else - $input_errors[] = gettext("You must provide a valid Alias or the reserved keyword 'all' for the 'Bind-To IP Address' value."); - } - else { - $input_errors[] = gettext("The 'Bind-To IP Address' value cannot be blank. Provide a valid Alias or the reserved keyword 'all'."); - } - - if ($_POST['policy']) { $engine['policy'] = $_POST['policy']; } else { $engine['policy'] = "bsd"; } - - /* Can only have one "all" Bind_To address */ - if ($engine['bind_to'] == "all" && $engine['name'] <> "default") { - $input_errors[] = gettext("Only one default OS-Policy Engine can be bound to all addresses."); - $pconfig = $engine; - } - - /* if no errors, write new entry to conf */ - if (!$input_errors) { - if (isset($eng_id) && $a_nat[$eng_id]) { - $a_nat[$eng_id] = $engine; - } - else - $a_nat[] = $engine; - - /* Reorder the engine array to ensure the */ - /* 'bind_to=all' entry is at the bottom */ - /* if it contains more than one entry. */ - if (count($a_nat) > 1) { - $i = -1; - foreach ($a_nat as $f => $v) { - if ($v['bind_to'] == "all") { - $i = $f; - break; - } - } - /* Only relocate the entry if we */ - /* found it, and it's not already */ - /* at the end. */ - if ($i > -1 && ($i < (count($a_nat) - 1))) { - $tmp = $a_nat[$i]; - unset($a_nat[$i]); - $a_nat[] = $tmp; - } - } - - /* Now write the new engine array to conf */ - write_config(); - - header("Location: /suricata/suricata_flow_stream.php?id={$id}"); - exit; - } -} - -$if_friendly = convert_friendly_interface_to_friendly_descr($config['installedpackages']['suricata']['rule'][$id]['interface']); -$pgtitle = gettext("Suricata: Interface {$if_friendly} Operating System Policy Engine"); -include_once("head.inc"); - +/************************************************************************************** + This file contains code for adding/editing an existing Host OS Policy Engine. + It is included and injected inline as needed into the suricata_stream_flow.php + page to provide the edit functionality for Host OS Policy Engines. + + The following variables are assumed to exist and must be initialized + as necessary in order to utilize this page. + + $g --> system global variables array + $config --> global variable pointing to configuration information + $pengcfg --> array containing current Host OS Policy engine configuration + + Information is returned from this page via the following form fields: + + policy_name --> Unique Name for the Host OS Policy Engine + policy_bind_to --> Alias name representing "bind_to" IP address for engine + policy --> Operating system chosen for engine policy + select_alias --> Submit button for select alias operation + save_os_policy --> Submit button for save operation and exit + cancel_os_policy --> Submit button to cancel operation and exit + **************************************************************************************/ ?> -<body link="#0000CC" vlink="#0000CC" alink="#0000CC" > - -<?php -include("fbegin.inc"); -if ($input_errors) print_input_errors($input_errors); -if ($savemsg) - print_info_box($savemsg); -?> - -<form action="suricata_os_policy_engine.php" method="post" name="iform" id="iform"> -<input name="id" type="hidden" value="<?=$id?>"> -<input name="eng_id" type="hidden" value="<?=$eng_id?>"> -<div id="boxarea"> -<table width="100%" border="0" cellpadding="0" cellspacing="0"> -<tr> -<td class="tabcont"> -<table width="100%" border="0" cellpadding="6" cellspacing="0"> +<table class="tabcont" width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> - <td colspan="2" valign="middle" class="listtopic"><?php echo gettext("Suricata Target-Based OS Policy Engine Configuration"); ?></td> + <td colspan="2" align="center" class="listtopic"><?php echo gettext("Suricata Target-Based Host OS Policy Engine Configuration"); ?></td> </tr> <tr> - <td valign="top" class="vncell"><?php echo gettext("Engine Name"); ?></td> + <td valign="top" class="vncell"><?php echo gettext("Policy Name"); ?></td> <td class="vtable"> <input name="policy_name" type="text" class="formfld unknown" id="policy_name" size="25" maxlength="25" - value="<?=htmlspecialchars($pconfig['name']);?>"<?php if (htmlspecialchars($pconfig['name']) == "default") echo "readonly";?>> - <?php if (htmlspecialchars($pconfig['name']) <> "default") + value="<?=htmlspecialchars($pengcfg['name']);?>"<?php if (htmlspecialchars($pengcfg['name']) == "default") echo "readonly";?>/> + <?php if (htmlspecialchars($pengcfg['name']) <> "default") echo gettext("Name or description for this engine. (Max 25 characters)"); else echo "<span class=\"red\">" . gettext("The name for the 'default' engine is read-only.") . "</span>";?><br/> @@ -183,13 +69,13 @@ if ($savemsg) <tr> <td valign="top" class="vncell"><?php echo gettext("Bind-To IP Address Alias"); ?></td> <td class="vtable"> - <?php if ($pconfig['name'] <> "default") : ?> + <?php if ($pengcfg['name'] <> "default") : ?> <table width="95%" border="0" cellpadding="2" cellspacing="0"> <tr> <td class="vexpl"><input name="policy_bind_to" type="text" class="formfldalias" id="policy_bind_to" size="32" - value="<?=htmlspecialchars($pconfig['bind_to']);?>" title="<?=trim(filter_expand_alias($pconfig['bind_to']));?>" autocomplete="off"> + value="<?=htmlspecialchars($pengcfg['bind_to']);?>" title="<?=trim(filter_expand_alias($pengcfg['bind_to']));?>" autocomplete="off"/> <?php echo gettext("IP List to bind this engine to. (Cannot be blank)"); ?></td> - <td class="vexpl" align="right"><input type="button" class="formbtns" value="Aliases" onclick="parent.location='suricata_select_alias.php?id=<?=$id;?>&eng_id=<?=$eng_id;?>&type=host|network&varname=bind_to&act=import&multi_ip=yes&returl=<?=urlencode($_SERVER['PHP_SELF']);?>'" + <td class="vexpl" align="right"><input type="submit" class="formbtns" name="select_alias" value="Aliases" title="<?php echo gettext("Select an existing IP alias");?>"/></td> </tr> <tr> @@ -200,7 +86,7 @@ if ($savemsg) <?php else : ?> <input name="policy_bind_to" type="text" class="formfldalias" id="policy_bind_to" size="32" - value="<?=htmlspecialchars($pconfig['bind_to']);?>" autocomplete="off" readonly> + value="<?=htmlspecialchars($pengcfg['bind_to']);?>" autocomplete="off" readonly> <?php echo "<span class=\"red\">" . gettext("IP List for the default engine is read-only and must be 'all'.") . "</span>";?><br/> <?php echo gettext("The default engine is required and will apply for packets with destination addresses not matching other engine IP Lists.");?><br/> <?php endif ?> @@ -214,7 +100,7 @@ if ($savemsg) $profile = array( 'BSD', 'BSD-Right', 'HPUX10', 'HPUX11', 'Irix', 'Linux', 'Mac-OS', 'Old-Linux', 'Old-Solaris', 'Solaris', 'Vista', 'Windows', 'Windows2k3' ); foreach ($profile as $val): ?> <option value="<?=strtolower($val);?>" - <?php if (strtolower($val) == $pconfig['policy']) echo "selected"; ?>> + <?php if (strtolower($val) == $pengcfg['policy']) echo "selected"; ?>> <?=gettext($val);?></option> <?php endforeach; ?> </select> <?php echo gettext("Choose the OS target policy appropriate for the protected hosts. The default is ") . @@ -225,20 +111,13 @@ if ($savemsg) <tr> <td width="22%" valign="bottom"> </td> <td width="78%" valign="bottom"> - <input name="Submit" id="submit" type="submit" class="formbtn" value=" Save " title="<?php echo + <input name="save_os_policy" id="save_os_policy" type="submit" class="formbtn" value=" Save " title="<?php echo gettext("Save OS policy engine settings and return to Flow/Stream tab"); ?>"> - <input name="Cancel" id="cancel" type="submit" class="formbtn" value="Cancel" title="<?php echo + <input name="cancel_os_policy" id="cancel_os_policy" type="submit" class="formbtn" value="Cancel" title="<?php echo gettext("Cancel changes and return to Flow/Stream tab"); ?>"></td> </tr> </table> -</td> -</tr> -</table> -</div> -</form> -<?php include("fend.inc"); ?> -</body> <script type="text/javascript" src="/javascript/autosuggest.js"> </script> <script type="text/javascript" src="/javascript/suggestions.js"> @@ -258,4 +137,3 @@ setTimeout("createAutoSuggest();", 500); </script> -</html> diff --git a/config/suricata/suricata_post_install.php b/config/suricata/suricata_post_install.php index 653f47fd..72257325 100644 --- a/config/suricata/suricata_post_install.php +++ b/config/suricata/suricata_post_install.php @@ -87,6 +87,17 @@ if ($config['installedpackages']['suricata']['config'][0]['forcekeepsettings'] = foreach ($suriconf as $value) { $if_real = get_real_interface($value['interface']); + // ## BETA pkg bug fix-up -- be sure default rules enabled ## + $rules = explode("||", $value['rulesets']); + foreach (array( "decoder-events.rules", "files.rules", "http-events.rules", "smtp-events.rules", "stream-events.rules", "tls-events.rules" ) as $r){ + if (!in_array($r, $rules)) + $rules[] = $r; + } + natcasesort($rules); + $value['rulesets'] = implode("||", $rules); + write_config(); + // ## end of BETA pkg bug fix-up ## + // create a suricata.yaml file for interface suricata_generate_yaml($value); @@ -106,6 +117,12 @@ if ($config['installedpackages']['suricata']['config'][0]['forcekeepsettings'] = // Add the recurring jobs created above to crontab configure_cron(); + // Restore the Dashboard Widget if it was previously enabled and saved + if (!empty($config['installedpackages']['suricata']['config'][0]['dashboard_widget']) && !empty($config['widgets']['sequence'])) + $config['widgets']['sequence'] .= "," . $config['installedpackages']['suricata']['config'][0]['dashboard_widget']; + if (!empty($config['installedpackages']['suricata']['config'][0]['dashboard_widget_rows']) && !empty($config['widgets'])) + $config['widgets']['widget_suricata_display_lines'] = $config['installedpackages']['suricata']['config'][0]['dashboard_widget_rows']; + $rebuild_rules = false; update_output_window(gettext("Finished rebuilding Suricata configuration files...")); log_error(gettext("[Suricata] Finished rebuilding installation from saved settings...")); @@ -121,7 +138,7 @@ if ($config['installedpackages']['suricata']['config'][0]['forcekeepsettings'] = } // Update Suricata package version in configuration -$config['installedpackages']['suricata']['config'][0]['suricata_config_ver'] = "0.1-BETA"; +$config['installedpackages']['suricata']['config'][0]['suricata_config_ver'] = "v0.2-BETA"; write_config(); // Done with post-install, so clear flag diff --git a/config/suricata/suricata_rules.php b/config/suricata/suricata_rules.php index b848b4e8..1a0c54b5 100644 --- a/config/suricata/suricata_rules.php +++ b/config/suricata/suricata_rules.php @@ -27,7 +27,6 @@ * POSSIBILITY OF SUCH DAMAGE. */ - require_once("guiconfig.inc"); require_once("/usr/local/pkg/suricata/suricata.inc"); @@ -35,38 +34,24 @@ global $g, $rebuild_rules; $suricatadir = SURICATADIR; $rules_map = array(); +$pconfig = array(); if (!is_array($config['installedpackages']['suricata']['rule'])) $config['installedpackages']['suricata']['rule'] = array(); $a_rule = &$config['installedpackages']['suricata']['rule']; -$id = $_GET['id']; -if (isset($_POST['id'])) +if ($_GET['id']) + $id = $_GET['id']; +if ($_POST['id']) $id = $_POST['id']; if (is_null($id)) { - header("Location: /suricata/suricata_interfaces.php"); - exit; + $id = 0; } if (isset($id) && $a_rule[$id]) { - $pconfig['enable'] = $a_rule[$id]['enable']; $pconfig['interface'] = $a_rule[$id]['interface']; $pconfig['rulesets'] = $a_rule[$id]['rulesets']; - if (!empty($a_rule[$id]['customrules'])) - $pconfig['customrules'] = base64_decode($a_rule[$id]['customrules']); -} - -function truncate($string, $length) { - - /******************************** - * This function truncates the * - * passed string to the length * - * specified adding ellipsis if * - * truncation was necessary. * - ********************************/ - if (strlen($string) > $length) - $string = substr($string, 0, ($length - 2)) . "..."; - return $string; + $pconfig['customrules'] = base64_decode($a_rule[$id]['customrules']); } function add_title_attribute($tag, $title) { @@ -111,8 +96,10 @@ $etpro = $config['installedpackages']['suricata']['config'][0]['enable_etpro_rul $categories = explode("||", $pconfig['rulesets']); if ($_GET['openruleset']) - $currentruleset = $_GET['openruleset']; -else if ($_POST['openruleset']) + $currentruleset = htmlspecialchars($_GET['openruleset'], ENT_QUOTES | ENT_HTML401); +elseif ($_POST['selectbox']) + $currentruleset = $_POST['selectbox']; +elseif ($_POST['openruleset']) $currentruleset = $_POST['openruleset']; else $currentruleset = $categories[0]; @@ -149,13 +136,11 @@ if ($currentruleset != 'custom.rules') { $enablesid = suricata_load_sid_mods($a_rule[$id]['rule_sid_on']); $disablesid = suricata_load_sid_mods($a_rule[$id]['rule_sid_off']); -if ($_GET['act'] == "toggle" && $_GET['ids'] && !empty($rules_map)) { - - // Get the GID tag embedded in the clicked rule icon. - $gid = $_GET['gid']; +if ($_POST['toggle'] && is_numeric($_POST['sid']) && is_numeric($_POST['gid']) && !empty($rules_map)) { - // Get the SID tag embedded in the clicked rule icon. - $sid= $_GET['ids']; + // Get the GID:SID tags embedded in the clicked rule icon. + $gid = $_POST['gid']; + $sid = $_POST['sid']; // See if the target SID is in our list of modified SIDs, // and toggle it back to default if present; otherwise, @@ -199,11 +184,9 @@ if ($_GET['act'] == "toggle" && $_GET['ids'] && !empty($rules_map)) { /* Update the config.xml file. */ write_config(); - $_GET['openruleset'] = $currentruleset; $anchor = "rule_{$gid}_{$sid}"; } - -if ($_GET['act'] == "disable_all" && !empty($rules_map)) { +elseif ($_POST['disable_all'] && !empty($rules_map)) { // Mark all rules in the currently selected category "disabled". foreach (array_keys($rules_map) as $k1) { @@ -240,13 +223,8 @@ if ($_GET['act'] == "disable_all" && !empty($rules_map)) { unset($a_rule[$id]['rule_sid_off']); write_config(); - - $_GET['openruleset'] = $currentruleset; - header("Location: /suricata/suricata_rules.php?id={$id}&openruleset={$currentruleset}"); - exit; } - -if ($_GET['act'] == "enable_all" && !empty($rules_map)) { +elseif ($_POST['enable_all'] && !empty($rules_map)) { // Mark all rules in the currently selected category "enabled". foreach (array_keys($rules_map) as $k1) { @@ -282,13 +260,8 @@ if ($_GET['act'] == "enable_all" && !empty($rules_map)) { unset($a_rule[$id]['rule_sid_off']); write_config(); - - $_GET['openruleset'] = $currentruleset; - header("Location: /suricata/suricata_rules.php?id={$id}&openruleset={$currentruleset}"); - exit; } - -if ($_GET['act'] == "resetcategory" && !empty($rules_map)) { +elseif ($_POST['resetcategory'] && !empty($rules_map)) { // Reset any modified SIDs in the current rule category to their defaults. foreach (array_keys($rules_map) as $k1) { @@ -326,13 +299,8 @@ if ($_GET['act'] == "resetcategory" && !empty($rules_map)) { unset($a_rule[$id]['rule_sid_off']); write_config(); - - $_GET['openruleset'] = $currentruleset; - header("Location: /suricata/suricata_rules.php?id={$id}&openruleset={$currentruleset}"); - exit; } - -if ($_GET['act'] == "resetall" && !empty($rules_map)) { +elseif ($_POST['resetall'] && !empty($rules_map)) { // Remove all modified SIDs from config.xml and save the changes. unset($a_rule[$id]['rule_sid_on']); @@ -340,46 +308,32 @@ if ($_GET['act'] == "resetall" && !empty($rules_map)) { /* Update the config.xml file. */ write_config(); - - $_GET['openruleset'] = $currentruleset; - header("Location: /suricata/suricata_rules.php?id={$id}&openruleset={$currentruleset}"); - exit; } - -if ($_POST['clear']) { +elseif ($_POST['clear']) { unset($a_rule[$id]['customrules']); write_config(); $rebuild_rules = true; suricata_generate_yaml($a_rule[$id]); $rebuild_rules = false; - header("Location: /suricata/suricata_rules.php?id={$id}&openruleset={$currentruleset}"); - exit; + $pconfig['customrules'] = ''; } - -if ($_POST['customrules']) { - $a_rule[$id]['customrules'] = base64_encode($_POST['customrules']); +elseif ($_POST['cancel']) { + $pconfig['customrules'] = base64_decode($a_rule[$id]['customrules']); +} +elseif ($_POST['save']) { + $pconfig['customrules'] = $_POST['customrules']; + if ($_POST['customrules']) + $a_rule[$id]['customrules'] = base64_encode($_POST['customrules']); + else + unset($a_rule[$id]['customrules']); write_config(); $rebuild_rules = true; suricata_generate_yaml($a_rule[$id]); $rebuild_rules = false; - $output = ""; - $retcode = ""; -// exec("/usr/local/bin/snort -T -c {$snortdir}/snort_{$snort_uuid}_{$if_real}/snort.conf 2>&1", $output, $retcode); -// if (intval($retcode) != 0) { -// $error = ""; -// $start = count($output); -// $end = $start - 4; -// for($i = $start; $i > $end; $i--) -// $error .= $output[$i]; -// $input_errors[] = "Custom rules have errors:\n {$error}"; -// } -// else { -// header("Location: /snort/snort_rules.php?id={$id}&openruleset={$currentruleset}"); -// exit; -// } + /* Signal Suricata to "live reload" the rules */ + suricata_reload_config($a_rule[$id]); } - -else if ($_POST['apply']) { +elseif ($_POST['apply']) { /* Save new configuration */ write_config(); @@ -394,16 +348,6 @@ else if ($_POST['apply']) { /* Signal Suricata to "live reload" the rules */ suricata_reload_config($a_rule[$id]); - - /* Return to this same page */ - header("Location: /suricata/suricata_rules.php?id={$id}&openruleset={$currentruleset}"); - exit; -} -else if ($_POST['cancel']) { - - /* Return to this same page */ - header("Location: /suricata/suricata_rules.php?id={$id}"); - exit; } require_once("guiconfig.inc"); @@ -416,9 +360,7 @@ $pgtitle = gettext("Suricata: Interface {$if_friendly} - Rules: {$currentruleset <body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <?php include("fbegin.inc"); -if ($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';} - -/* Display message */ +/* Display error or save messages if present */ if ($input_errors) { print_input_errors($input_errors); // TODO: add checks } @@ -429,7 +371,11 @@ if ($savemsg) { ?> -<form action="/suricata/suricata_rules.php" method="post" name="iform" id="iform"> +<form action='/suricata/suricata_rules.php' method='post' name='iform' id='iform'> +<input type='hidden' name='id' id='id' value='<?=$id;?>'/> +<input type='hidden' name='openruleset' id='openruleset' value='<?=$currentruleset;?>'/> +<input type='hidden' name='sid' id='sid' value=''/> +<input type='hidden' name='gid' id='gid' value=''/> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr><td> <?php @@ -439,7 +385,7 @@ if ($savemsg) { $tab_array[] = array(gettext("Update Rules"), false, "/suricata/suricata_download_updates.php"); $tab_array[] = array(gettext("Alerts"), false, "/suricata/suricata_alerts.php?instance={$id}"); $tab_array[] = array(gettext("Suppress"), false, "/suricata/suricata_suppress.php"); - $tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php"); + $tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php?instance={$id}"); display_top_tabs($tab_array); echo '</td></tr>'; echo '<tr><td class="tabnavtbl">'; @@ -460,31 +406,31 @@ if ($savemsg) { <tr> <td class="listtopic"><?php echo gettext("Available Rule Categories"); ?></td> </tr> - <tr> - <td class="vncell" height="30px"><strong><?php echo gettext("Category:"); ?></strong> <select id="selectbox" name="selectbox" class="formselect" onChange="go()"> - <option value='?id=<?=$id;?>&openruleset=custom.rules'>custom.rules</option> + <td class="vncell" height="30px"><strong><?php echo gettext("Category:"); ?></strong> + <select id="selectbox" name="selectbox" class="formselect" onChange="go();"> + <option value='custom.rules'>custom.rules</option> <?php - $files = explode("||", $pconfig['rulesets']); - if ($a_rule[$id]['ips_policy_enable'] == 'on') - $files[] = "IPS Policy - " . ucfirst($a_rule[$id]['ips_policy']); - if ($a_rule[$id]['autoflowbitrules'] == 'on') - $files[] = "Auto-Flowbit Rules"; - natcasesort($files); - foreach ($files as $value) { - if ($snortdownload != 'on' && substr($value, 0, mb_strlen(VRT_FILE_PREFIX)) == VRT_FILE_PREFIX) - continue; - if ($emergingdownload != 'on' && substr($value, 0, mb_strlen(ET_OPEN_FILE_PREFIX)) == ET_OPEN_FILE_PREFIX) - continue; - if ($etpro != 'on' && substr($value, 0, mb_strlen(ET_PRO_FILE_PREFIX)) == ET_PRO_FILE_PREFIX) - continue; - if (empty($value)) - continue; - echo "<option value='?id={$id}&openruleset={$value}' "; - if ($value == $currentruleset) - echo "selected"; - echo ">{$value}</option>\n"; - } + $files = explode("||", $pconfig['rulesets']); + if ($a_rule[$id]['ips_policy_enable'] == 'on') + $files[] = "IPS Policy - " . ucfirst($a_rule[$id]['ips_policy']); + if ($a_rule[$id]['autoflowbitrules'] == 'on') + $files[] = "Auto-Flowbit Rules"; + natcasesort($files); + foreach ($files as $value) { + if ($snortdownload != 'on' && substr($value, 0, mb_strlen(VRT_FILE_PREFIX)) == VRT_FILE_PREFIX) + continue; + if ($emergingdownload != 'on' && substr($value, 0, mb_strlen(ET_OPEN_FILE_PREFIX)) == ET_OPEN_FILE_PREFIX) + continue; + if ($etpro != 'on' && substr($value, 0, mb_strlen(ET_PRO_FILE_PREFIX)) == ET_PRO_FILE_PREFIX) + continue; + if (empty($value)) + continue; + echo "<option value='{$value}' "; + if ($value == $currentruleset) + echo "selected"; + echo ">{$value}</option>\n"; + } ?> </select> <?php echo gettext("Select the rule category to view"); ?> </td> @@ -496,15 +442,13 @@ if ($savemsg) { </tr> <tr> <td valign="top" class="vtable"> - <input type='hidden' name='openruleset' value='custom.rules'> - <input type='hidden' name='id' value='<?=$id;?>'> <textarea wrap="soft" cols="90" rows="40" name="customrules"><?=$pconfig['customrules'];?></textarea> </td> </tr> <tr> <td> - <input name="Submit" type="submit" class="formbtn" id="submit" value="<?php echo gettext(" Save "); ?>" title=" <?php echo gettext("Save custom rules"); ?>"/> - <input name="cancel" type="submit" class="formbtn" id="cancel" value="<?php echo gettext("Cancel"); ?>" title="<?php echo gettext("Cancel changes and return to last page"); ?>"/> + <input name="save" type="submit" class="formbtn" id="save" value="<?php echo gettext(" Save "); ?>" title=" <?php echo gettext("Save custom rules"); ?>"/> + <input name="cancel" type="submit" class="formbtn" id="cancel" value="<?php echo gettext("Cancel"); ?>" title="<?php echo gettext("Cancel all changes made prior to last save"); ?>"/> <input name="clear" type="submit" class="formbtn" id="clear" value="<?php echo gettext("Clear"); ?>" onclick="return confirm('<?php echo gettext("This will erase all custom rules for the interface. Are you sure?"); ?>')" title="<?php echo gettext("Deletes all custom rules"); ?>"/> </td> </tr> @@ -517,43 +461,40 @@ if ($savemsg) { <table width="100%" align="center" border="0" cellpadding="0" cellspacing="0"> <tr> <td rowspan="5" width="48%" valign="middle"><input type="submit" name="apply" id="apply" value="<?php echo gettext("Apply"); ?>" class="formbtn" - title="<?php echo gettext("Click to rebuild the rules with your changes"); ?>"/> - <input type='hidden' name='id' value='<?=$id;?>'/> - <input type='hidden' name='openruleset' value='<?=$currentruleset;?>'/><br/><br/> + title="<?php echo gettext("Click to rebuild the rules with your changes"); ?>"/><br/><br/> <span class="vexpl"><span class="red"><strong><?php echo gettext("Note: ") . "</strong></span>" . gettext("Suricata must be restarted to activate any SID enable/disable changes made on this tab."); ?></span></td> - <td class="vexpl" valign="middle"><?php echo "<a href='?id={$id}&openruleset={$currentruleset}&act=resetcategory'> - <img src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\" width=\"15\" height=\"15\" + <td class="vexpl" valign="middle"><?php echo "<input type='image' name='resetcategory[]' + src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\" width=\"15\" height=\"15\" onmouseout='this.src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\"' onmouseover='this.src=\"../themes/{$g['theme']}/images/icons/icon_x_mo.gif\"' border='0' - title='" . gettext("Click to remove enable/disable changes for rules in the selected category only") . "'></a>"?> + title='" . gettext("Click to remove enable/disable changes for rules in the selected category only") . "'/>"?> <?php echo gettext("Remove Enable/Disable changes in the current Category"); ?></td> </tr> <tr> - <td class="vexpl" valign="middle"><?php echo "<a href='?id={$id}&openruleset={$currentruleset}&act=resetall'> - <img src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\" width=\"15\" height=\"15\" + <td class="vexpl" valign="middle"><?php echo "<input type='image' name='resetall[]' + src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\" width=\"15\" height=\"15\" onmouseout='this.src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\"' onmouseover='this.src=\"../themes/{$g['theme']}/images/icons/icon_x_mo.gif\"' border='0' - title='" . gettext("Click to remove all enable/disable changes for rules in all categories") . "'></a>"?> + title='" . gettext("Click to remove all enable/disable changes for rules in all categories") . "'/>"?> <?php echo gettext("Remove all Enable/Disable changes in all Categories"); ?></td> </tr> <tr> - <td class="vexpl" valign="middle"><?php echo "<a href='?id={$id}&openruleset={$currentruleset}&act=disable_all'> - <img src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\" width=\"15\" height=\"15\" + <td class="vexpl" valign="middle"><?php echo "<input type='image' name='disable_all[]' + src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\" width=\"15\" height=\"15\" onmouseout='this.src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\"' onmouseover='this.src=\"../themes/{$g['theme']}/images/icons/icon_x_mo.gif\"' border='0' - title='" . gettext("Click to disable all rules in the selected category") . "'></a>"?> + title='" . gettext("Click to disable all rules in the selected category") . "'/>"?> <?php echo gettext("Disable all rules in the current Category"); ?></td> </tr> <tr> - <td class="vexpl" valign="middle"><?php echo "<a href='?id={$id}&openruleset={$currentruleset}&act=enable_all'> - <img src=\"../themes/{$g['theme']}/images/icons/icon_plus.gif\" width=\"15\" height=\"15\" + <td class="vexpl" valign="middle"><?php echo "<input type='image' name='enable_all[]' + src=\"../themes/{$g['theme']}/images/icons/icon_plus.gif\" width=\"15\" height=\"15\" onmouseout='this.src=\"../themes/{$g['theme']}/images/icons/icon_plus.gif\"' onmouseover='this.src=\"../themes/{$g['theme']}/images/icons/icon_plus_mo.gif\"' border='0' - title='" . gettext("Click to enable all rules in the selected category") . "'></a>"?> + title='" . gettext("Click to enable all rules in the selected category") . "'/>"?> <?php echo gettext("Enable all rules in the current Category"); ?></td> </tr> - <tr> <td class="vexpl" valign="middle"><a href="javascript: void(0)" onclick="wopen('suricata_rules_edit.php?id=<?=$id;?>&openruleset=<?=$currentruleset;?>','FileViewer',800,600)"> @@ -563,7 +504,6 @@ if ($savemsg) { title="<?php echo gettext("Click to view full text of all the category rules"); ?>" width="17" height="17" border="0"></a> <?php echo gettext("View full file contents for the current Category"); ?></td> </tr> - <?php if ($currentruleset == 'Auto-Flowbit Rules'): ?> <tr> <td colspan="3"> </td> @@ -578,7 +518,6 @@ if ($savemsg) { </table> </td> </tr> - <tr> <td class="listtopic"><?php echo gettext("Selected Category's Rules"); ?></td> </tr> @@ -586,10 +525,9 @@ if ($savemsg) { <td> <table id="myTable" class="sortable" style="table-layout: fixed;" width="100%" border="0" cellpadding="0" cellspacing="0"> <colgroup> - <col width="14" align="left" valign="middle"> + <col width="20" align="left" valign="middle"> <col width="6%" align="center" axis="number"> <col width="8%" align="center" axis="number"> - <col width="54" align="center" axis="string"> <col width="52" align="center" axis="string"> <col width="12%" align="center" axis="string"> <col width="9%" align="center" axis="string"> @@ -602,7 +540,6 @@ if ($savemsg) { <th class="list"> </th> <th class="listhdrr"><?php echo gettext("GID"); ?></th> <th class="listhdrr"><?php echo gettext("SID"); ?></th> - <th class="listhdrr"><?php echo gettext("Action"); ?></th> <th class="listhdrr"><?php echo gettext("Proto"); ?></th> <th class="listhdrr"><?php echo gettext("Source"); ?></th> <th class="listhdrr"><?php echo gettext("Port"); ?></th> @@ -653,53 +590,50 @@ if ($savemsg) { $tmp = trim(preg_replace('/^\s*#+\s*/', '', $tmp)); $rule_content = preg_split('/[\s]+/', $tmp); - // Create custom <span> tags for the fields we truncate so we can + // Create custom <span> tags for some of the fields so we can // have a "title" attribute for tooltips to show the full string. $srcspan = add_title_attribute($textss, $rule_content[2]); $srcprtspan = add_title_attribute($textss, $rule_content[3]); $dstspan = add_title_attribute($textss, $rule_content[5]); $dstprtspan = add_title_attribute($textss, $rule_content[6]); $protocol = $rule_content[1]; //protocol field - $source = truncate($rule_content[2], 14); //source field - $source_port = truncate($rule_content[3], 10); //source port field - $destination = truncate($rule_content[5], 14); //destination field - $destination_port = truncate($rule_content[6], 10); //destination port field + $source = $rule_content[2]; //source field + $source_port = $rule_content[3]; //source port field + $destination = $rule_content[5]; //destination field + $destination_port = $rule_content[6]; //destination port field $message = suricata_get_msg($v['rule']); $sid_tooltip = gettext("View the raw text for this rule"); - echo "<tr><td class=\"listt\" align=\"left\" valign=\"middle\">{$textss} - <a href='?id={$id}&openruleset={$currentruleset}&act=toggle&ids={$sid}'> - <img src=\"../themes/{$g['theme']}/images/icons/{$iconb}\" - width=\"11\" height=\"11\" border=\"0\" - title='{$title}' id=\"rule_{$gid}_{$sid}\"></a>{$textse} + echo "<tr><td class=\"listt\" align=\"left\" valign=\"middle\" sorttable_customkey=\"\">{$textss} + <input type=\"image\" onClick=\"document.getElementById('sid').value='{$sid}'; + document.getElementById('gid').value='{$gid}';\" + src=\"../themes/{$g['theme']}/images/icons/{$iconb}\" width=\"11\" height=\"11\" border=\"0\" + title='{$title}' name=\"toggle[]\"/>{$textse} </td> - <td class=\"listlr\" align=\"center\" style=\"font-size: 10px;\"> + <td class=\"listlr\" align=\"center\" style=\"font-size: 11px;\" ondblclick=\"wopen('suricata_rules_edit.php?id={$id}&openruleset={$currentruleset}&sid={$sid}&gid={$gid}','FileViewer',800,600);\"> {$textss}{$gid}{$textse} </td> - <td class=\"listlr\" align=\"center\" style=\"font-size: 10px;\"> + <td class=\"listlr\" align=\"center\" style=\"font-size: 11px;\" ondblclick=\"wopen('suricata_rules_edit.php?id={$id}&openruleset={$currentruleset}&sid={$sid}&gid={$gid}','FileViewer',800,600);\"> <a href=\"javascript: void(0)\" - onclick=\"wopen('suricata_rules_edit.php?id={$id}&openruleset={$currentruleset}&ids={$sid}&gid={$gid}','FileViewer',800,600)\" + onclick=\"wopen('suricata_rules_edit.php?id={$id}&openruleset={$currentruleset}&sid={$sid}&gid={$gid}','FileViewer',800,600);\" title='{$sid_tooltip}'>{$textss}{$sid}{$textse}</a> </td> - <td class=\"listlr\" align=\"center\" style=\"font-size: 10px;\"> - {$textss}{$v['action']}{$textse} - </td> - <td class=\"listlr\" align=\"center\" style=\"font-size: 10px;\"> + <td class=\"listlr\" align=\"center\" style=\"font-size: 11px;\" ondblclick=\"wopen('suricata_rules_edit.php?id={$id}&openruleset={$currentruleset}&sid={$sid}&gid={$gid}','FileViewer',800,600);\"> {$textss}{$protocol}{$textse} </td> - <td class=\"listlr\" align=\"center\" style=\"font-size: 10px;\"> + <td class=\"listlr ellipsis\" align=\"center\" style=\"font-size: 11px;\" ondblclick=\"wopen('suricata_rules_edit.php?id={$id}&openruleset={$currentruleset}&sid={$sid}&gid={$gid}','FileViewer',800,600);\"> {$srcspan}{$source}</span> </td> - <td class=\"listlr\" align=\"center\" style=\"font-size: 10px;\"> + <td class=\"listlr ellipsis\" align=\"center\" style=\"font-size: 11px;\" ondblclick=\"wopen('suricata_rules_edit.php?id={$id}&openruleset={$currentruleset}&sid={$sid}&gid={$gid}','FileViewer',800,600);\"> {$srcprtspan}{$source_port}</span> </td> - <td class=\"listlr\" align=\"center\" style=\"font-size: 10px;\"> + <td class=\"listlr ellipsis\" align=\"center\" style=\"font-size: 11px;\" ondblclick=\"wopen('suricata_rules_edit.php?id={$id}&openruleset={$currentruleset}&sid={$sid}&gid={$gid}','FileViewer',800,600);\"> {$dstspan}{$destination}</span> </td> - <td class=\"listlr\" align=\"center\" style=\"font-size: 10px;\"> + <td class=\"listlr ellipsis\" align=\"center\" style=\"font-size: 11px;\" ondblclick=\"wopen('suricata_rules_edit.php?id={$id}&openruleset={$currentruleset}&sid={$sid}&gid={$gid}','FileViewer',800,600);\"> {$dstprtspan}{$destination_port}</span> </td> - <td class=\"listbg\" style=\"word-wrap:break-word; whitespace:pre-line; font-size: 10px; font-color: white;\"> + <td class=\"listbg\" style=\"word-wrap:break-word; whitespace:pre-line; font-size: 11px; font-color: white;\" ondblclick=\"wopen('suricata_rules_edit.php?id={$id}&openruleset={$currentruleset}&sid={$sid}&gid={$gid}','FileViewer',800,600);\"> {$textss}{$message}{$textse} </td> </tr>"; @@ -752,15 +686,14 @@ if ($savemsg) { </tr> </table> </form> -<?php include("fend.inc"); ?> - <script language="javascript" type="text/javascript"> function go() { - var box = document.iform.selectbox; - destination = box.options[box.selectedIndex].value; - if (destination) - location.href = destination; + var box = document.getElementById("selectbox"); + var ruleset = box.options[box.selectedIndex].value; + if (ruleset) + document.getElementById("openruleset").value = ruleset; + document.getElementById("iform").submit(); } function wopen(url, name, w, h) @@ -784,7 +717,8 @@ function wopen(url, name, w, h) window.scrollBy(0,-60); <?php endif;?> - </script> +<?php include("fend.inc"); ?> + </body> </html> diff --git a/config/suricata/suricata_rules_edit.php b/config/suricata/suricata_rules_edit.php index 0dc4c57b..ad6b2986 100644 --- a/config/suricata/suricata_rules_edit.php +++ b/config/suricata/suricata_rules_edit.php @@ -49,12 +49,16 @@ if (isset($id) && $a_rule[$id]) { $pconfig['interface'] = $a_rule[$id]['interface']; $pconfig['rulesets'] = $a_rule[$id]['rulesets']; } +else { + header("Location: /suricata/suricata_interfaces.php"); + exit; +} /* convert fake interfaces to real */ -$if_real = suricata_get_real_interface($pconfig['interface']); +$if_real = get_real_interface($pconfig['interface']); $suricata_uuid = $a_rule[$id]['uuid']; $suricatacfgdir = "{$suricatadir}suricata_{$suricata_uuid}_{$if_real}"; -$file = $_GET['openruleset']; +$file = htmlspecialchars($_GET['openruleset'], ENT_QUOTES | ENT_HTML401); $contents = ''; $wrap_flag = "off"; @@ -86,33 +90,26 @@ if (substr($file, 0, 10) == "IPS Policy") { unset($rules_map); } // Is it a SID to load the rule text from? -elseif (isset($_GET['ids'])) { +elseif (isset($_GET['sid']) && is_numeric(trim($_GET['sid']))) { // If flowbit rule, point to interface-specific file if ($file == "Auto-Flowbit Rules") $rules_map = suricata_load_rules_map("{$suricatacfgdir}rules/" . FLOWBITS_FILENAME); else $rules_map = suricata_load_rules_map("{$suricatadir}rules/{$file}"); - $contents = $rules_map[$_GET['gid']][trim($_GET['ids'])]['rule']; + $contents = $rules_map[$_GET['gid']][trim($_GET['sid'])]['rule']; $wrap_flag = "soft"; } - // Is it our special flowbit rules file? elseif ($file == "Auto-Flowbit Rules") $contents = file_get_contents("{$suricatacfgdir}rules/{$flowbit_rules_file}"); // Is it a rules file in the ../rules/ directory? elseif (file_exists("{$suricatadir}rules/{$file}")) $contents = file_get_contents("{$suricatadir}rules/{$file}"); -// Is it a fully qualified path and file? -elseif (file_exists($file)) - if (substr(realpath($file), 0, strlen(SURICATALOGDIR)) != SURICATALOGDIR) - $contents = gettext("\n\nERROR -- File: {$file} can not be viewed!"); - else - $contents = file_get_contents($file); // It is not something we can display, so exit. else $input_errors[] = gettext("Unable to open file: {$displayfile}"); -$pgtitle = array(gettext("Suricata"), gettext("File Viewer")); +$pgtitle = array(gettext("Suricata"), gettext("Rules File Viewer")); ?> <?php include("head.inc");?> @@ -131,7 +128,7 @@ $pgtitle = array(gettext("Suricata"), gettext("File Viewer")); </tr> <tr> <td width="20%"> - <input type="button" class="formbtn" value="Return" onclick="window.close()"> + <input type="button" class="formbtn" value="Close" onclick="window.close()"/> </td> <td align="right"> <b><?php echo gettext("Rules File: ") . '</b> ' . $displayfile; ?> diff --git a/config/suricata/suricata_rules_flowbits.php b/config/suricata/suricata_rules_flowbits.php index ca424344..53019894 100644 --- a/config/suricata/suricata_rules_flowbits.php +++ b/config/suricata/suricata_rules_flowbits.php @@ -41,34 +41,34 @@ if (!is_array($config['installedpackages']['suricata']['rule'])) { } $a_nat = &$config['installedpackages']['suricata']['rule']; -// Set who called us so we can return to the correct page with -// the RETURN button. We will just trust this User-Agent supplied -// string for now. -session_start(); -if(!isset($_SESSION['org_referer'])) - $_SESSION['org_referer'] = $_SERVER['HTTP_REFERER']; -$referrer = $_SESSION['org_referer']; - -if ($_POST['cancel']) { - session_start(); - unset($_SESSION['org_referer']); - session_write_close(); - header("Location: {$referrer}"); - exit; -} - -$id = $_GET['id']; if (isset($_POST['id'])) $id = $_POST['id']; +elseif (isset($_GET['id'])) + $id = $_GET['id']; + if (is_null($id)) { - session_start(); - unset($_SESSION['org_referer']); - session_write_close(); header("Location: /suricata/suricata_interfaces.php"); exit; } -$if_real = suricata_get_real_interface($a_nat[$id]['interface']); +// Set who called us so we can return to the correct page with +// the RETURN ('cancel') button. +if ($_POST['referrer']) + $referrer = $_POST['referrer']; +else + $referrer = $_SERVER['HTTP_REFERER']; + +// Make sure a rule index ID is appended to the return URL +if (strpos($referrer, "?id={$id}") === FALSE) + $referrer .= "?id={$id}"; + +// If RETURN button clicked, exit to original calling page +if ($_POST['cancel']) { + header("Location: {$referrer}"); + exit; +} + +$if_real = get_real_interface($a_nat[$id]['interface']); $suricata_uuid = $a_nat[$id]['uuid']; /* We should normally never get to this page if Auto-Flowbits are disabled, but just in case... */ @@ -83,12 +83,13 @@ if ($a_nat[$id]['autoflowbitrules'] == 'on') { else $input_errors[] = gettext("Auto-Flowbit rule generation is disabled for this interface!"); -if ($_GET['act'] == "addsuppress" && is_numeric($_GET['sidid']) && is_numeric($_GET['gen_id'])) { - $descr = suricata_get_msg($rules_map[$_GET['gen_id']][$_GET['sidid']]['rule']); +if ($_POST['addsuppress'] && is_numeric($_POST['sid']) && is_numeric($_POST['gid'])) { + $descr = suricata_get_msg($rules_map[$_POST['gid']][$_POST['sid']]['rule']); + $suppress = gettext("## -- This rule manually suppressed from the Auto-Flowbits list. -- ##\n"); if (empty($descr)) - $suppress = "suppress gen_id {$_GET['gen_id']}, sig_id {$_GET['sidid']}\n"; + $suppress .= "suppress gen_id {$_POST['gid']}, sig_id {$_POST['sid']}\n"; else - $suppress = "# {$descr}\nsuppress gen_id {$_GET['gen_id']}, sig_id {$_GET['sidid']}\n"; + $suppress .= "# {$descr}\nsuppress gen_id {$_POST['gid']}, sig_id {$_POST['sid']}\n"; if (!is_array($config['installedpackages']['suricata']['suppress'])) $config['installedpackages']['suricata']['suppress'] = array(); if (!is_array($config['installedpackages']['suricata']['suppress']['item'])) @@ -128,7 +129,7 @@ if ($_GET['act'] == "addsuppress" && is_numeric($_GET['sidid']) && is_numeric($_ $rebuild_rules = false; sync_suricata_package_config(); suricata_reload_config($a_nat[$id]); - $savemsg = gettext("An entry to suppress the Alert for 'gen_id {$_GET['gen_id']}, sig_id {$_GET['sidid']}' has been added to Suppress List '{$a_nat[$id]['suppresslistname']}'."); + $savemsg = gettext("An entry to suppress the Alert for 'gen_id {$_POST['gid']}, sig_id {$_POST['sid']}' has been added to Suppress List '{$a_nat[$id]['suppresslistname']}'."); } else { /* We did not find the defined list, so notify the user with an error */ @@ -136,23 +137,10 @@ if ($_GET['act'] == "addsuppress" && is_numeric($_GET['sidid']) && is_numeric($_ } } -function truncate($string, $length) { - - /******************************** - * This function truncates the * - * passed string to the length * - * specified adding ellipsis if * - * truncation was necessary. * - ********************************/ - if (strlen($string) > $length) - $string = substr($string, 0, ($length - 3)) . "..."; - return $string; -} - /* Load up an array with the current Suppression List GID,SID values */ $supplist = suricata_load_suppress_sigs($a_nat[$id]); -$if_friendly = suricata_get_friendly_interface($a_nat[$id]['interface']); +$if_friendly = convert_friendly_interface_to_friendly_descr($a_nat[$id]['interface']); $pgtitle = gettext("Suricata: Interface {$if_friendly} - Flowbit Rules"); include_once("head.inc"); @@ -162,12 +150,15 @@ include_once("head.inc"); <?php include("fbegin.inc"); -if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';} if ($input_errors) print_input_errors($input_errors); if ($savemsg) print_info_box($savemsg); ?> <form action="suricata_rules_flowbits.php" method="post" name="iform" id="iform"> +<input type="hidden" name="id" value="<?=$id;?>"/> +<input type="hidden" name="referrer" value="<?=$referrer;?>"/> +<input type="hidden" name="sid" id="sid" value=""/> +<input type="hidden" name="gid" id="gid" value=""/> <div id="boxarea"> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> @@ -248,18 +239,19 @@ if ($savemsg) $rule_content = preg_split('/[\s]+/', $tmp); $protocol = $rule_content[1]; //protocol - $source = truncate($rule_content[2], 14); //source - $destination = truncate($rule_content[5], 14); //destination + $source = $rule_content[2]; //source + $destination = $rule_content[5]; //destination $message = suricata_get_msg($v['rule']); $flowbits = implode("; ", suricata_get_flowbits($v['rule'])); if (strstr($flowbits, "noalert")) $supplink = ""; else { if (!isset($supplist[$gid][$sid])) { - $supplink = "<a href=\"?id={$id}&act=addsuppress&sidid={$sid}&gen_id={$gid}\">"; - $supplink .= "<img src=\"../themes/{$g['theme']}/images/icons/icon_plus.gif\" "; + $supplink = "<input type=\"image\" name=\"addsuppress[]\" onClick=\"document.getElementById('sid').value='{$sid}';"; + $supplink .= "document.getElementById('gid').value='{$gid}';\" "; + $supplink .= "src=\"../themes/{$g['theme']}/images/icons/icon_plus.gif\" "; $supplink .= "width='12' height='12' border='0' title='"; - $supplink .= gettext("Click to add to Suppress List") . "'/></a>"; + $supplink .= gettext("Click to add to Suppress List") . "'/>"; } else { $supplink = "<img src=\"../themes/{$g['theme']}/images/icons/icon_plus_d.gif\" "; @@ -270,10 +262,10 @@ if ($savemsg) // Use "echo" to write the table HTML row-by-row. echo "<tr>" . - "<td class=\"listr\">{$sid} {$supplink}</td>" . + "<td class=\"listr\" sorttable_customkey=\"{$sid}\">{$sid} {$supplink}</td>" . "<td class=\"listr\">{$protocol}</td>" . - "<td class=\"listr\"><span title=\"{$rule_content[2]}\">{$source}</span></td>" . - "<td class=\"listr\"><span title=\"{$rule_content[5]}\">{$destination}</span></td>" . + "<td class=\"listr ellipsis\"><span title=\"{$rule_content[2]}\">{$source}</span></td>" . + "<td class=\"listr ellipsis\"><span title=\"{$rule_content[5]}\">{$destination}</span></td>" . "<td class=\"listr\" style=\"word-wrap:break-word; word-break:normal;\">{$flowbits}</td>" . "<td class=\"listr\" style=\"word-wrap:break-word; word-break:normal;\">{$message}</td>" . "</tr>"; diff --git a/config/suricata/suricata_rulesets.php b/config/suricata/suricata_rulesets.php index a1609d6c..4365de4b 100644 --- a/config/suricata/suricata_rulesets.php +++ b/config/suricata/suricata_rulesets.php @@ -35,6 +35,10 @@ global $g, $rebuild_rules; $suricatadir = SURICATADIR; $flowbit_rules_file = FLOWBITS_FILENAME; +// Array of default events rules for Suricata +$default_rules = array( "decoder-events.rules", "files.rules", "http-events.rules", + "smtp-events.rules", "stream-events.rules", "tls-events.rules" ); + if (!is_array($config['installedpackages']['suricata']['rule'])) { $config['installedpackages']['suricata']['rule'] = array(); } @@ -43,10 +47,8 @@ $a_nat = &$config['installedpackages']['suricata']['rule']; $id = $_GET['id']; if (isset($_POST['id'])) $id = $_POST['id']; -if (is_null($id)) { - header("Location: /suricata/suricata_interfaces.php"); - exit; -} +if (is_null($id)) + $id = 0; if (isset($id) && $a_nat[$id]) { $pconfig['enable'] = $a_nat[$id]['enable']; @@ -89,17 +91,6 @@ if (!file_exists("{$suricatadir}rules/" . GPL_FILE_PREFIX . "community.rules")) if (($snortdownload != 'on') || ($a_nat[$id]['ips_policy_enable'] != 'on')) $policy_select_disable = "disabled"; -if ($a_nat[$id]['autoflowbitrules'] == 'on') { - if (file_exists("{$suricatadir}suricata_{$suricata_uuid}_{$if_real}/rules/{$flowbit_rules_file}") && - filesize("{$suricatadir}suricata_{$suricata_uuid}_{$if_real}/rules/{$flowbit_rules_file}") > 0) { - $btn_view_flowb_rules = " title=\"" . gettext("View flowbit-required rules") . "\""; - } - else - $btn_view_flowb_rules = " disabled"; -} -else - $btn_view_flowb_rules = " disabled"; - // If a Snort VRT policy is enabled and selected, remove all Snort VRT // rules from the configured rule sets to allow automatic selection. if ($a_nat[$id]['ips_policy_enable'] == 'on') { @@ -117,9 +108,7 @@ if ($a_nat[$id]['ips_policy_enable'] == 'on') { else $disable_vrt_rules = ""; -/* alert file */ -if ($_POST["Submit"]) { - +if ($_POST["save"]) { if ($_POST['ips_policy_enable'] == "on") { $a_nat[$id]['ips_policy_enable'] = 'on'; $a_nat[$id]['ips_policy'] = $_POST['ips_policy']; @@ -129,11 +118,12 @@ if ($_POST["Submit"]) { unset($a_nat[$id]['ips_policy']); } - $enabled_items = ""; + // Always start with the default events and files rules + $enabled_items = implode("||", $default_rules); if (is_array($_POST['toenable'])) - $enabled_items = implode("||", $_POST['toenable']); + $enabled_items .= "||" . implode("||", $_POST['toenable']); else - $enabled_items = $_POST['toenable']; + $enabled_items .= "||{$_POST['toenable']}"; $a_nat[$id]['rulesets'] = $enabled_items; @@ -155,12 +145,12 @@ if ($_POST["Submit"]) { suricata_generate_yaml($a_nat[$id]); $rebuild_rules = false; - header("Location: /suricata/suricata_rulesets.php?id=$id"); - exit; + /* Signal Suricata to "live reload" the rules */ + suricata_reload_config($a_nat[$id]); } - -if ($_POST['unselectall']) { - $a_nat[$id]['rulesets'] = ""; +elseif ($_POST['unselectall']) { + // Remove all but the default events and files rules + $a_nat[$id]['rulesets'] = implode("||", $default_rules); if ($_POST['ips_policy_enable'] == "on") { $a_nat[$id]['ips_policy_enable'] = 'on'; @@ -173,13 +163,10 @@ if ($_POST['unselectall']) { write_config(); sync_suricata_package_config(); - - header("Location: /suricata/suricata_rulesets.php?id=$id"); - exit; } - -if ($_POST['selectall']) { - $rulesets = array(); +elseif ($_POST['selectall']) { + // Start with the required default events and files rules + $rulesets = $default_rules; if ($_POST['ips_policy_enable'] == "on") { $a_nat[$id]['ips_policy_enable'] = 'on'; @@ -218,10 +205,20 @@ if ($_POST['selectall']) { write_config(); sync_suricata_package_config(); +} - header("Location: /suricata/suricata_rulesets.php?id=$id"); - exit; +// See if we have any Auto-Flowbit rules and enable +// the VIEW button if we do. +if ($a_nat[$id]['autoflowbitrules'] == 'on') { + if (file_exists("{$suricatadir}suricata_{$suricata_uuid}_{$if_real}/rules/{$flowbit_rules_file}") && + filesize("{$suricatadir}suricata_{$suricata_uuid}_{$if_real}/rules/{$flowbit_rules_file}") > 0) { + $btn_view_flowb_rules = " title=\"" . gettext("View flowbit-required rules") . "\""; + } + else + $btn_view_flowb_rules = " disabled"; } +else + $btn_view_flowb_rules = " disabled"; $enabled_rulesets_array = explode("||", $a_nat[$id]['rulesets']); @@ -234,7 +231,6 @@ include_once("head.inc"); <?php include("fbegin.inc"); -if($pfsense_stable == 'yes'){echo '<p class="pgtitle">' . $pgtitle . '</p>';} /* Display message */ if ($input_errors) { @@ -258,7 +254,7 @@ if ($savemsg) { $tab_array[] = array(gettext("Update Rules"), false, "/suricata/suricata_download_updates.php"); $tab_array[] = array(gettext("Alerts"), false, "/suricata/suricata_alerts.php?instance={$id}"); $tab_array[] = array(gettext("Suppress"), false, "/suricata/suricata_suppress.php"); - $tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php"); + $tab_array[] = array(gettext("Logs Browser"), false, "/suricata/suricata_logs_browser.php?instance={$id}"); display_top_tabs($tab_array); echo '</td></tr>'; echo '<tr><td class="tabnavtbl">'; @@ -282,9 +278,8 @@ if ($savemsg) { $isrulesfolderempty = glob("{$suricatadir}rules/*.rules"); $iscfgdirempty = array(); if (file_exists("{$suricatadir}suricata_{$suricata_uuid}_{$if_real}/rules/custom.rules")) - $iscfgdirempty = (array)("{$suricatadir}suricata_{$suricata_uuid}_{$if_real}/rules/custom.rules"); - if (empty($isrulesfolderempty)): -?> + $iscfgdirempty = (array)("{$suricatadir}suricata_{$suricata_uuid}_{$if_real}/rules/custom.rules"); ?> +<?php if (empty($isrulesfolderempty)): ?> <tr> <td class="vexpl"><br/> <?php printf(gettext("# The rules directory is empty: %s%srules%s"), '<strong>',$suricatadir,'</strong>'); ?> <br/><br/> @@ -294,14 +289,7 @@ if ($savemsg) { '</strong></a>' . gettext(" tab."); ?> </td> </tr> -<?php else: - $colspan = 4; - if ($emergingdownload != 'on') - $colspan -= 2; - if ($snortdownload != 'on') - $colspan -= 2; - -?> +<?php else: ?> <tr> <td> <table width="100%" border="0" @@ -393,7 +381,7 @@ if ($savemsg) { <tr height="45px"> <td valign="middle"><input value="Select All" class="formbtns" type="submit" name="selectall" id="selectall" title="<?php echo gettext("Add all to enforcing rules"); ?>"/></td> <td valign="middle"><input value="Unselect All" class="formbtns" type="submit" name="unselectall" id="unselectall" title="<?php echo gettext("Remove all from enforcing rules"); ?>"/></td> - <td valign="middle"><input value=" Save " class="formbtns" type="submit" name="Submit" id="Submit" title="<?php echo gettext("Save changes to enforcing rules and rebuild"); ?>"/></td> + <td valign="middle"><input value=" Save " class="formbtns" type="submit" name="save" id="save" title="<?php echo gettext("Save changes to enforcing rules and rebuild"); ?>"/></td> <td valign="middle"><span class="vexpl"><?php echo gettext("Click to save changes and auto-resolve flowbit rules (if option is selected above)"); ?></span></td> </tr> </table> @@ -531,7 +519,7 @@ if ($savemsg) { </tr> <tr> <td colspan="4" align="center" valign="middle"> - <input value="Save" type="submit" name="Submit" id="Submit" class="formbtn" title=" <?php echo gettext("Click to Save changes and rebuild rules"); ?>"/></td> + <input value="Save" type="submit" name="save" id="save" class="formbtn" title=" <?php echo gettext("Click to Save changes and rebuild rules"); ?>"/></td> </tr> <?php endif; ?> </table> @@ -581,7 +569,7 @@ function enable_change() for (var i = 0; i < document.iform.elements.length; i++) { if (document.iform.elements[i].type == 'checkbox') { var str = document.iform.elements[i].value; - if (str.substr(0,6) == "suricata_") + if (str.substr(0,6) == "snort_") document.iform.elements[i].disabled = !(endis); } } diff --git a/config/suricata/suricata_select_alias.php b/config/suricata/suricata_select_alias.php deleted file mode 100644 index f1fd4b93..00000000 --- a/config/suricata/suricata_select_alias.php +++ /dev/null @@ -1,226 +0,0 @@ -<?php -/* $Id$ */ -/* - suricata_select_alias.php - Copyright (C) 2014 Bill Meeks - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -require("guiconfig.inc"); -require_once("functions.inc"); -require_once("/usr/local/pkg/suricata/suricata.inc"); - -// Need to keep track of who called us so we can return to the correct page -// when the SAVE button is clicked. On initial entry, a GET variable is -// passed with the referrer's URL encoded within. That value is saved and -// used when SAVE or CANCEL is clicked to return to the referring page. -// - -// Retrieve the QUERY STRING of the original referrer so we can return it. -// On the initial pass, we will save it in a hidden POST field so we won't -// overwrite it on subsequent POST-BACKs to this page. -if (!isset($_POST['org_querystr'])) - $querystr = $_SERVER['QUERY_STRING']; - -// Retrieve any passed QUERY STRING or POST variables -$type = $_GET['type']; -$varname = $_GET['varname']; -$multi_ip = $_GET['multi_ip']; -$referrer = urldecode($_GET['returl']); -if (isset($_POST['type'])) - $type = $_POST['type']; -if (isset($_POST['varname'])) - $varname = $_POST['varname']; -if (isset($_POST['multi_ip'])) - $multi_ip = $_POST['multi_ip']; -if (isset($_POST['returl'])) - $referrer = urldecode($_POST['returl']); -if (isset($_POST['org_querystr'])) - $querystr = $_POST['org_querystr']; - -// Make sure we have a valid VARIABLE name -// and ALIAS TYPE, or else bail out. -if (is_null($type) || is_null($varname)) { - header("Location: http://{$referrer}?{$querystr}"); - exit; -} - -// Used to track if any selectable Aliases are found -$selectablealias = false; - -// Initialize required array variables as necessary -if (!is_array($config['aliases']['alias'])) - $config['aliases']['alias'] = array(); -$a_aliases = $config['aliases']['alias']; - -// Create an array consisting of the Alias types the -// caller wants to select from. -$a_types = array(); -$a_types = explode('|', strtolower($type)); - -// Create a proper title based on the Alias types -$title = "a"; -switch (count($a_types)) { - case 1: - $title .= " " . ucfirst($a_types[0]); - break; - - case 2: - $title .= " " . ucfirst($a_types[0]) . " or " . ucfirst($a_types[1]); - break; - - case 3: - $title .= " " . ucfirst($a_types[0]) . ", " . ucfirst($a_types[1]) . " or " . ucfirst($a_types[2]); - - default: - $title = "n"; -} - -if ($_POST['cancel']) { - header("Location: {$referrer}?{$querystr}"); - exit; -} - -if ($_POST['save']) { - if(empty($_POST['alias'])) - $input_errors[] = gettext("No alias is selected. Please select an alias before saving."); - - // if no errors, write new entry to conf - if (!$input_errors) { - $selection = $_POST['alias']; - header("Location: {$referrer}?{$querystr}&varvalue={$selection}"); - exit; - } -} - -$pgtitle = gettext("Suricata: Select {$title} Alias"); -include("head.inc"); - -?> - -<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> -<?php include("fbegin.inc"); ?> -<form action="suricata_select_alias.php" method="post"> -<input type="hidden" name="varname" value="<?=$varname;?>"> -<input type="hidden" name="type" value="<?=$type;?>"> -<input type="hidden" name="multi_ip" value="<?=$multi_ip;?>"> -<input type="hidden" name="returl" value="<?=$referrer;?>"> -<input type="hidden" name="org_querystr" value="<?=$querystr;?>"> -<?php if ($input_errors) print_input_errors($input_errors); ?> -<div id="boxarea"> -<table width="100%" border="0" cellpadding="0" cellspacing="0"> -<tr> - <td class="tabcont"><strong><?=gettext("Select an Alias to use from the list below.");?></strong><br/> - </td> -</tr> -<tr> - <td class="tabcont"> - <table id="sortabletable1" style="table-layout: fixed;" class="sortable" width="100%" border="0" cellpadding="0" cellspacing="0"> - <colgroup> - <col width="5%" align="center"> - <col width="25%" align="left" axis="string"> - <col width="35%" align="left" axis="string"> - <col width="35%" align="left" axis="string"> - </colgroup> - <thead> - <tr> - <th class="listhdrr"></th> - <th class="listhdrr" axis="string"><?=gettext("Alias Name"); ?></th> - <th class="listhdrr" axis="string"><?=gettext("Values"); ?></th> - <th class="listhdrr" axis="string"><?=gettext("Description"); ?></th> - </tr> - </thead> - <tbody> - <?php $i = 0; foreach ($a_aliases as $alias): ?> - <?php if (!in_array($alias['type'], $a_types)) - continue; - elseif (($alias['type'] == "network" || $alias['type'] == "host") && - trim(filter_expand_alias($alias['name'])) == "") { - $textss = "<span class=\"gray\">"; - $textse = "</span>"; - $disable = true; - $tooltip = gettext("Aliases representing a FQDN host cannot be used in Suricata configurations."); - } - else { - $textss = ""; - $textse = ""; - $disable = ""; - $selectablealias = true; - $tooltip = gettext("Selected entry will be imported. Click to toggle selection."); - } - ?> - <?php if ($disable): ?> - <tr title="<?=$tooltip;?>"> - <td class="listlr" align="center"><img src="../themes/<?=$g['theme'];?>/images/icons/icon_block_d.gif" width="11" height"11" border="0"/> - <?php else: ?> - <tr> - <td class="listlr" align="center"><input type="radio" name="alias" value="<?=htmlspecialchars($alias['name']);?>" title="<?=$tooltip;?>"/></td> - <?php endif; ?> - <td class="listr" align="left"><?=$textss . htmlspecialchars($alias['name']) . $textse;?></td> - <td class="listr" align="left"> - <?php - $tmpaddr = explode(" ", $alias['address']); - $addresses = implode(", ", array_slice($tmpaddr, 0, 10)); - echo "{$textss}{$addresses}{$textse}"; - if(count($tmpaddr) > 10) { - echo "..."; - } - ?> - </td> - <td class="listbg" align="left"> - <?=$textss . htmlspecialchars($alias['descr']) . $textse;?> - </td> - </tr> - <?php $i++; endforeach; ?> - </table> - </td> -</tr> -<?php if (!$selectablealias): ?> -<tr> - <td class="tabcont" align="center"><b><?php echo gettext("There are currently no defined Aliases eligible for selection.");?></b></td> -</tr> -<tr> - <td class="tabcont" align="center"> - <input type="Submit" name="cancel" value="Cancel" id="cancel" class="formbtn" title="<?=gettext("Cancel import operation and return");?>"/> - </td> -</tr> -<?php else: ?> -<tr> - <td class="tabcont" align="center"> - <input type="Submit" name="save" value="Save" id="save" class="formbtn" title="<?=gettext("Import selected item and return");?>"/> - <input type="Submit" name="cancel" value="Cancel" id="cancel" class="formbtn" title="<?=gettext("Cancel import operation and return");?>"/> - </td> -</tr> -<?php endif; ?> -<tr> - <td class="tabcont"> - <span class="vexpl"><span class="red"><strong><?=gettext("Note:"); ?><br></strong></span><?=gettext("Fully-Qualified Domain Name (FQDN) host Aliases cannot be used as Suricata configuration parameters. Aliases resolving to a single FQDN value are disabled in the list above. In the case of nested Aliases where one or more of the nested values is a FQDN host, the FQDN host will not be included in the {$title} configuration.");?></span> - </td> -</tr> -</table> -</div> -</form> -<?php include("fend.inc"); ?> -</body> -</html> diff --git a/config/suricata/suricata_suppress.php b/config/suricata/suricata_suppress.php index 58839dce..e97006dc 100644 --- a/config/suricata/suricata_suppress.php +++ b/config/suricata/suricata_suppress.php @@ -61,6 +61,28 @@ function suricata_suppresslist_used($supplist) { return false; } +function suricata_find_suppresslist_interface($supplist) { + + /****************************************************************/ + /* This function finds the first (if more than one) interface */ + /* configured to use the passed Suppress List and returns the */ + /* index of the interface in the ['rule'] config array. */ + /* */ + /* Returns: index of interface in ['rule'] config array or */ + /* FALSE if no interface found. */ + /****************************************************************/ + + global $config; + $suricataconf = $config['installedpackages']['suricata']['rule']; + if (empty($suricataconf)) + return false; + foreach ($suricataconf as $rule => $value) { + if ($value['suppresslistname'] == $supplist) + return $rule; + } + return false; +} + if ($_GET['act'] == "del") { if ($a_suppress[$_GET['id']]) { // make sure list is not being referenced by any Suricata-configured interface @@ -108,54 +130,74 @@ if ($input_errors) { </td> </tr> <tr><td><div id="mainarea"> -<table id="maintable" class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0"> -<tr> - <td width="30%" class="listhdrr"><?php echo gettext("File Name"); ?></td> - <td width="60%" class="listhdr"><?php echo gettext("Description"); ?></td> - <td width="10%" class="list"></td> -</tr> -<?php $i = 0; foreach ($a_suppress as $list): ?> -<tr> - <td class="listlr" - ondblclick="document.location='suricata_suppress_edit.php?id=<?=$i;?>';"> - <?=htmlspecialchars($list['name']);?></td> - <td class="listbg" - ondblclick="document.location='suricata_suppress_edit.php?id=<?=$i;?>';"> - <font color="#FFFFFF"> <?=htmlspecialchars($list['descr']);?> </font> - </td> - - <td valign="middle" nowrap class="list"> - <table border="0" cellspacing="0" cellpadding="1"> - <tr> - <td valign="middle"><a - href="suricata_suppress_edit.php?id=<?=$i;?>"><img - src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" - width="17" height="17" border="0" title="<?php echo gettext("edit Suppress List"); ?>"></a></td> - <td><a - href="/suricata/suricata_suppress.php?act=del&id=<?=$i;?>" - onclick="return confirm('<?php echo gettext("Do you really want to delete this Suppress List?"); ?>')"><img - src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" - width="17" height="17" border="0" title="<?php echo gettext("delete Suppress List"); ?>"></a></td> - </tr> + <table id="maintable" class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0"> + <thead> + <tr> + <th width="30%" class="listhdrr"><?php echo gettext("Suppress List Name"); ?></th> + <th width="60%" class="listhdr"><?php echo gettext("Description"); ?></th> + <th width="10%" class="list"></th> + </tr> + </thead> + <tbody> + <?php $i = 0; foreach ($a_suppress as $list): ?> + <?php + if (suricata_suppresslist_used($list['name'])) { + $icon = "<img src=\"/themes/{$g['theme']}/images/icons/icon_frmfld_pwd.png\" " . + "width=\"16\" height=\"16\" border=\"0\" title=\"" . gettext("List is in use by an instance") . "\"/>"; + } + else + $icon = ""; + ?> + <tr> + <td height="20px" class="listlr" + ondblclick="document.location='suricata_suppress_edit.php?id=<?=$i;?>';"> + <?=htmlspecialchars($list['name']);?> <?=$icon;?></td> + <td height="20px" class="listbg" + ondblclick="document.location='suricata_suppress_edit.php?id=<?=$i;?>';"> + <font color="#FFFFFF"> <?=htmlspecialchars($list['descr']);?> </font> + </td> + <td height="20px" valign="middle" nowrap class="list"> + <table border="0" cellspacing="0" cellpadding="1"> + <tr> + <td valign="middle"><a + href="suricata_suppress_edit.php?id=<?=$i;?>"><img + src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" + width="17" height="17" border="0" title="<?php echo gettext("edit Suppress List"); ?>"></a></td> + <?php if (suricata_suppresslist_used($list['name'])) : ?> + <td><img src="/themes/<?=$g['theme'];?>/images/icons/icon_x_d.gif" + width="17" height="17" border="0" title="<?php echo gettext("Assigned Suppress Lists cannot be deleted");?>"/></td> + <td><a href="/suricata/suricata_interfaces_edit.php?id=<?=suricata_find_suppresslist_interface($list['name']);?>"> + <img src="/themes/<?=$g['theme'];?>/images/icons/icon_right.gif" + width="17" height="17" border="0" title="<?php echo gettext("Goto first instance associated with this Suppress List");?>"/></a> + </td> + <?php else : ?> + <td><a href="/suricata/suricata_suppress.php?act=del&id=<?=$i;?>" + onclick="return confirm('<?php echo gettext("Do you really want to delete this Suppress List?"); ?>')"><img + src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif" + width="17" height="17" border="0" title="<?php echo gettext("delete Suppress List"); ?>"></a></td> + <td> </td> + <?php endif; ?> + </tr> + </table> + </td> + </tr> + <?php $i++; endforeach; ?> + <tr> + <td class="list" colspan="2"></td> + <td class="list"> + <table border="0" cellspacing="0" cellpadding="1"> + <tr> + <td valign="middle" width="17"> </td> + <td valign="middle"><a + href="suricata_suppress_edit.php?id=<?php echo $id_gen;?> "><img + src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" + width="17" height="17" border="0" title="<?php echo gettext("add a new list"); ?>"></a></td> + </tr> + </table> + </td> + </tr> + </tbody> </table> - </td> -</tr> -<?php $i++; endforeach; ?> -<tr> - <td class="list" colspan="2"></td> - <td class="list"> - <table border="0" cellspacing="0" cellpadding="1"> - <tr> - <td valign="middle" width="17"> </td> - <td valign="middle"><a - href="suricata_suppress_edit.php?id=<?php echo $id_gen;?> "><img - src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" - width="17" height="17" border="0" title="<?php echo gettext("add a new list"); ?>"></a></td> - </tr> - </table> - </td> -</tr> -</table> </div> </td></tr> <tr> @@ -163,7 +205,10 @@ if ($input_errors) { <p><?php echo gettext("Here you can create event filtering and " . "suppression for your Suricata package rules."); ?><br/><br/> <?php echo gettext("Please note that you must restart a running Interface so that changes can " . - "take effect."); ?></p></span></td> + "take effect."); ?><br/><br/> + <?php echo gettext("You cannot delete a Suppress List that is currently assigned to a Suricata interface (instance).") . "<br/>" . + gettext("You must first unassign the Suppress List on the Interface Edit tab."); ?> + </p></span></td> </tr> </table> </form> diff --git a/config/suricata/suricata_uninstall.php b/config/suricata/suricata_uninstall.php index 071a89a4..b8ea6097 100644 --- a/config/suricata/suricata_uninstall.php +++ b/config/suricata/suricata_uninstall.php @@ -73,8 +73,33 @@ if ($config['installedpackages']['suricata']['config'][0]['clearlogs'] == 'on') } /* Remove the Suricata GUI app directories */ -@unlink("/usr/local/pkg/suricata"); -@unlink("/usr/local/www/suricata"); +mwexec("/bin/rm -rf /usr/local/pkg/suricata"); +mwexec("/bin/rm -rf /usr/local/www/suricata"); + +/* Remove our associated Dashboard widget config and files. */ +/* If "save settings" is enabled, then save old widget */ +/* container settings so we can restore them later. */ +$widgets = $config['widgets']['sequence']; +if (!empty($widgets)) { + $widgetlist = explode(",", $widgets); + foreach ($widgetlist as $key => $widget) { + if (strstr($widget, "suricata_alerts-container")) { + if ($config['installedpackages']['suricata']['config'][0]['forcekeepsettings'] == 'on') { + $config['installedpackages']['suricata']['config'][0]['dashboard_widget'] = $widget; + if ($config['widgets']['widget_suricata_display_lines']) { + $config['installedpackages']['suricata']['config'][0]['dashboard_widget_rows'] = $config['widgets']['widget_suricata_display_lines']; + unset($config['widgets']['widget_suricata_display_lines']); + } + } + unset($widgetlist[$key]); + } + } + $config['widgets']['sequence'] = implode(",", $widgetlist); + write_config(); +} +@unlink("/usr/local/www/widgets/include/widget-suricata.inc"); +@unlink("/usr/local/www/widgets/widgets/suricata_alerts.widget.php"); +@unlink("/usr/local/www/widgets/javascript/suricata_alerts.js"); /* Keep this as a last step */ if ($config['installedpackages']['suricata']['config'][0]['forcekeepsettings'] != 'on') { @@ -83,7 +108,6 @@ if ($config['installedpackages']['suricata']['config'][0]['forcekeepsettings'] ! unset($config['installedpackages']['suricatasync']); @unlink("{$suricata_rules_upd_log}"); mwexec("/bin/rm -rf {$suricatalogdir}"); - @unlink(SURICATALOGDIR); log_error(gettext("[Suricata] The package has been removed from this system...")); } diff --git a/config/suricata/widget-suricata.inc b/config/suricata/widget-suricata.inc new file mode 100644 index 00000000..48424588 --- /dev/null +++ b/config/suricata/widget-suricata.inc @@ -0,0 +1,8 @@ +<?php +require_once("config.inc"); + +//set variable for custom title +$suricata_alerts_title = "Suricata Alerts"; +$suricata_alerts_title_link = "suricata/suricata_alerts.php"; + +?> diff --git a/config/vnstat2/vnstat_php_frontend/lang/cs.php b/config/vnstat2/vnstat_php_frontend/lang/cs.php index 8704a503..e6955964 100644 --- a/config/vnstat2/vnstat_php_frontend/lang/cs.php +++ b/config/vnstat2/vnstat_php_frontend/lang/cs.php @@ -34,6 +34,6 @@ $L['datefmt_days'] = '%d. %B'; $L['datefmt_days_img'] = '%d'; $L['datefmt_months'] = '%B %Y'; $L['datefmt_months_img'] = '%b'; -$L['datefmt_hours'] = '%k%P'; +$L['datefmt_hours'] = '%k%p'; $L['datefmt_hours_img'] = '%k'; $L['datefmt_top'] = '%d. %B %Y'; diff --git a/config/vnstat2/vnstat_php_frontend/lang/en.php b/config/vnstat2/vnstat_php_frontend/lang/en.php index b930ef2b..b5e6cf0b 100644 --- a/config/vnstat2/vnstat_php_frontend/lang/en.php +++ b/config/vnstat2/vnstat_php_frontend/lang/en.php @@ -34,6 +34,6 @@ $L['datefmt_days'] = '%d %B'; $L['datefmt_days_img'] = '%d'; $L['datefmt_months'] = '%B %Y'; $L['datefmt_months_img'] = '%b'; -$L['datefmt_hours'] = '%l%P'; +$L['datefmt_hours'] = '%l%p'; $L['datefmt_hours_img'] = '%l'; $L['datefmt_top'] = '%d %B %Y'; diff --git a/config/xsl/package.xsl b/config/xsl/package.xsl index 933cc700..947a9324 100644 --- a/config/xsl/package.xsl +++ b/config/xsl/package.xsl @@ -4,7 +4,8 @@ /* ========================================================================== */ /* package.xsl - part of pfSense (http://www.pfSense.com) + part of pfSense (https://www.pfsense.org) + Copyright (C) 2004-2014 Electric Sheep Fencing, LLC Copyright (C) 2007 Daniel S. Haischt <me@daniel.stefan.haischt.name> All rights reserved. @@ -68,7 +69,6 @@ <meta name="DC.rights" content="All rights reserved" /> <meta http-equiv="Keywords" content="bsd license, altq, traffic shaping, packet, rule, Linux, OpenBSD, DragonFlyBSD, freebsd 5.3, vpn, stateful failover, carp, packet filter, m0n0wall, firewall" /> <style type="text/css"> - @import url('http://www.pfsense.com/assets/site/style.css'); </style> <script type="text/javascript" language="utf-8"> //<![CDATA[ @@ -148,16 +148,14 @@ <table style="width: 802px; text-align: left; margin-left: auto; margin-right: auto;" border="0" cellpadding="0" cellspacing="0"> <tbody> <tr> - <td style="background-image: url(http://www.pfsense.com/assets/images/header1.gif); width: 811px; text-align: left; vertical-align: bottom; background-color: transparent; height: 65px;"></td> </tr> <tr> - <td style="background-image: url(http://www.pfsense.com/assets/images/header2.gif); height: 25px; width: 802px;"> <font color="#ffffff"><span class="headers"></span></font> </td> </tr> <tr> <td> - <table style="background-image: url(http://www.pfsense.com/assets/images/horizontal.gif); text-align: left; width: 802px;" border="0" cellpadding="0" cellspacing="0"> + <table style="text-align: left; width: 802px;" border="0" cellpadding="0" cellspacing="0"> <tbody> <tr> <td style="width: 200px; text-align: center; vertical-align: top;"> @@ -168,7 +166,6 @@ </tr> <tr style="padding: 0px; margin: 0px;"> <td height="100%" align="left" valign="top" class="navigation" style="padding: 0px; margin: 0px;"> - <img src="http://www.pfsense.com/manager/media/images/_tx_.gif" alt="" height="4" /> <br /> <a href='#' id="infoa" onclick="toggleContentItem('info-div');">Info</a> <a href='#' id="licensea" onclick="toggleContentItem('license-div');">License</a> @@ -182,7 +179,6 @@ <a href='#' id="rsynca" onclick="toggleContentItem('rsync-div');">custom_php_resync_config_command</a> <a href='#' id="installa" onclick="toggleContentItem('install-div');">custom_php_install_command</a> <a href='#' id="deinstalla" onclick="toggleContentItem('deinstall-div');">custom_php_deinstall_command</a> - <img src="http://www.pfsense.com/manager/media/images/_tx_.gif" height="4" alt="" /> </td> </tr> </tbody> @@ -300,7 +296,6 @@ </td> </tr> <tr style="color: rgb(255, 255, 255);"> - <td style="background-image: url(http://www.pfsense.com/assets/images/footer.gif); width: 802px; height: 60px; text-align: center; vertical-align: middle;"> pfSense is Copyright 2004-2014 Electric Sheep Fencing LLC. All Rights Reserved. <br /> </td> diff --git a/config/zabbix2/zabbix2-agent.xml b/config/zabbix2/zabbix2-agent.xml index 3f8e84db..9dc11bbd 100644 --- a/config/zabbix2/zabbix2-agent.xml +++ b/config/zabbix2/zabbix2-agent.xml @@ -41,7 +41,7 @@ <name>zabbixagent</name> <title>Services: Zabbix-2 Agent</title> <category>Monitoring</category> - <version>0.8_0</version> + <version>0.8_1</version> <include_file>/usr/local/pkg/zabbix2.inc</include_file> <addedit_string>Zabbix Agent has been created/modified.</addedit_string> <delete_string>Zabbix Agent has been deleted.</delete_string> diff --git a/config/zabbix2/zabbix2-proxy.xml b/config/zabbix2/zabbix2-proxy.xml index c857bec1..369443ba 100644 --- a/config/zabbix2/zabbix2-proxy.xml +++ b/config/zabbix2/zabbix2-proxy.xml @@ -41,7 +41,7 @@ <name>zabbixproxy</name> <title>Services: Zabbix-2 Proxy</title> <category>Monitoring</category> - <version>0.8_0</version> + <version>0.8_1</version> <include_file>/usr/local/pkg/zabbix2.inc</include_file> <addedit_string>Zabbix Proxy has been created/modified.</addedit_string> <delete_string>Zabbix Proxy has been deleted.</delete_string> @@ -129,6 +129,15 @@ <size>10</size> <required>true</required> </field> + <field> + <fielddescr>Advanced Parameters</fielddescr> + <fieldname>advancedparams</fieldname> + <encoding>base64</encoding> + <type>textarea</type> + <rows>5</rows> + <cols>50</cols> + <description>Advanced parameters. There are some rarely used parameters that sometimes need to be defined. Value has form, example: StartDiscoverers=10</description> + </field> </fields> <custom_php_install_command>sync_package_zabbix2();</custom_php_install_command> <custom_php_command_before_form></custom_php_command_before_form> diff --git a/config/zabbix2/zabbix2.inc b/config/zabbix2/zabbix2.inc index 92aad309..bf9c6606 100644 --- a/config/zabbix2/zabbix2.inc +++ b/config/zabbix2/zabbix2.inc @@ -193,6 +193,7 @@ function sync_package_zabbix2(){ $zbproxy_config = $config['installedpackages']['zabbixproxy']['config'][0]; if ($zbproxy_config['proxyenabled']=="on"){ $Mode=(is_numericint($zbproxy_config['proxymode'])?$zbproxy_config['proxymode'] : 0); + $AdvancedParams=base64_decode($zbproxy_config['advancedparams']); $zbproxy_conf_file = <<< EOF Server={$zbproxy_config['server']} @@ -206,6 +207,7 @@ FpingLocation=/usr/local/sbin/fping #there's currently no fping6 (IPv6) dependency in the package, but if there was, the binary would likely also be in /usr/local/sbin Fping6Location=/usr/local/sbin/fping6 ProxyMode={$Mode} +{$AdvancedParams} EOF; file_put_contents(ZABBIX_PROXY_BASE . "/etc/zabbix22/zabbix_proxy.conf", strtr($zbproxy_conf_file, array("\r" => ""))); diff --git a/pkg_config.10.xml b/pkg_config.10.xml index 19e149a0..ce360f2f 100644 --- a/pkg_config.10.xml +++ b/pkg_config.10.xml @@ -4,20 +4,20 @@ <copy_packages_to_host_ssh_port>222</copy_packages_to_host_ssh_port> <copy_packages_to_host_ssh>packagecopy@files.pfsense.org</copy_packages_to_host_ssh> <copy_packages_to_folder_ssh>/usr/local/www/files/packages/10/All/</copy_packages_to_folder_ssh> -<depends_on_package_base_url>http://files.pfsense.org/packages/10/All/</depends_on_package_base_url> +<depends_on_package_base_url>https://files.pfsense.org/packages/10/All/</depends_on_package_base_url> <packages> <!-- <package> <name>someprogram</name> <internal_name>someprogram</internal_name> - <pkginfolink>http://forum.pfsense.org/</pkginfolink> + <pkginfolink>https://forum.pfsense.org/</pkginfolink> <descr><![CDATA[Some cool program]]></descr> <website>http://www.example.org/someprogram</website> <category>Services</category> <version>0.99</version> <status>Beta</status> <required_version>2.2</required_version> - <config_file>http://www.pfsense.com/packages/config/someprogram/someprogram.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/someprogram/someprogram.xml</config_file> <maintainer>me@example.com</maintainer> <configurationfile>someprogram.xml</configurationfile> <build_pbi> @@ -31,14 +31,14 @@ --> <package> <name>Asterisk</name> - <pkginfolink>http://forum.pfsense.org/index.php/topic,47210.0.html</pkginfolink> + <pkginfolink>https://forum.pfsense.org/index.php/topic,47210.0.html</pkginfolink> <descr><![CDATA[Asterisk is an open source framework for building communications applications.<br />Asterisk turns an ordinary computer into a communications server.]]></descr> <website>http://www.asterisk.org/</website> <category>Services</category> <version>1.8 pkg v0.3.1</version> <status>Beta</status> <required_version>2.2</required_version> - <config_file>http://www.pfsense.com/packages/config/asterisk/asterisk.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/asterisk/asterisk.xml</config_file> <depends_on_package_pbi>asterisk-1.8.25.0-##ARCH##.pbi</depends_on_package_pbi> <build_pbi> <port>net/asterisk</port> @@ -49,14 +49,14 @@ </package> <package> <name>bind</name> - <!-- <pkginfolink>http://doc.pfsense.org/index.php/bind</pkginfolink> --> + <!-- <pkginfolink>https://doc.pfsense.org/index.php/bind</pkginfolink> --> <descr><![CDATA[The most widely used name server software]]></descr> <website>http://www.isc.org/downloads/BIND/</website> <category>Services</category> <version>9.9.5 pkg v 0.3.2</version> <status>RC</status> <required_version>2.2</required_version> - <config_file>http://www.pfsense.com/packages/config/bind/bind.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/bind/bind.xml</config_file> <configurationfile>bind.xml</configurationfile> <depends_on_package_pbi>bind-9.9.5-##ARCH##.pbi</depends_on_package_pbi> <build_pbi> @@ -70,8 +70,8 @@ <website/> <descr>Allows you to create and overwrite files from the GUI.</descr> <category>File Management</category> - <pkginfolink>http://doc.pfsense.org/index.php/Filer_package</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/filer/filer.xml</config_file> + <pkginfolink>https://doc.pfsense.org/index.php/Filer_package</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/filer/filer.xml</config_file> <version>0.60</version> <status>Beta</status> <required_version>2.2</required_version> @@ -83,8 +83,8 @@ <website/> <descr>Block countries - This has been replaced by pfblocker. <u>This is a legacy app</u></descr> <category>Firewall</category> - <pkginfolink>http://forum.pfsense.org/index.php/topic,25732.0.html</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/countryblock/countryblock.xml</config_file> + <pkginfolink>https://forum.pfsense.org/index.php/topic,25732.0.html</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/countryblock/countryblock.xml</config_file> <version>0.2.4</version> <status>Beta</status> <required_version>2.2</required_version> @@ -95,13 +95,13 @@ <name>Strikeback</name> <descr>Detect port scans with iplog and strikeback</descr> <website></website> - <pkginfolink>http://forum.pfsense.org/index.php/topic,37225.0.html</pkginfolink> + <pkginfolink>https://forum.pfsense.org/index.php/topic,37225.0.html</pkginfolink> <category>Services</category> <version>0.1</version> <status>BETA</status> <required_version>2.2</required_version> <maintainer>tom@tomschaefer.org</maintainer> - <config_file>http://www.pfsense.com/packages/config/strikeback/strikeback.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/strikeback/strikeback.xml</config_file> <configurationfile>strikeback.xml</configurationfile> <only_for_archs>i386</only_for_archs> </package> @@ -110,8 +110,8 @@ <website/> <descr>PHP File Manager</descr> <category>Diagnostics</category> - <pkginfolink>http://forum.pfsense.org/index.php/topic,26974.0.html</pkginfolink> - <config_file>http://pfsense.org/packages/config/filemgr/filemgr.xml</config_file> + <pkginfolink>https://forum.pfsense.org/index.php/topic,26974.0.html</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/filemgr/filemgr.xml</config_file> <version>0.1.3</version> <status>Beta</status> <required_version>2.2</required_version> @@ -126,8 +126,8 @@ This package also Block countries and IP ranges.<br /> pfBlocker replaces Countryblock and IPblocklist.]]></descr> <category>Firewall</category> - <pkginfolink>http://forum.pfsense.org/index.php/topic,42543.0.html</pkginfolink> - <config_file>http://pfsense.org/packages/config/pf-blocker/pfblocker.xml</config_file> + <pkginfolink>https://forum.pfsense.org/index.php/topic,42543.0.html</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/pf-blocker/pfblocker.xml</config_file> <version>1.0.2</version> <status>Release</status> <required_version>2.2</required_version> @@ -138,17 +138,17 @@ <name>anyterm</name> <descr>Ajax Interactive Shell - Have you ever wanted SSH or telnet access to your system from an internet desert - from behind a strict firewall, from an internet cafe, or even from a mobile phone? Anyterm is a combination of a web page and a process that runs on your web server that provides this access. WARNING! We suggest using Stunnel in combination with this package!</descr> <website>http://anyterm.org/</website> - <pkginfolink>http://doc.pfsense.org/index.php/AnyTerm_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/AnyTerm_package</pkginfolink> <category>Diagnostics</category> <version>0.5</version> <status>BETA</status> <required_version>2.2</required_version> - <config_file>http://www.pfsense.com/packages/config/anyterm/anyterm.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/anyterm/anyterm.xml</config_file> <configurationfile>anyterm.xml</configurationfile> </package> <package> <name>haproxy</name> - <pkginfolink>http://doc.pfsense.org/index.php/haproxy_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/haproxy_package</pkginfolink> <descr><![CDATA[The Reliable, High Performance TCP/HTTP Load Balancer<br /> This package implements both TCP and HTTP balance features from Haproxy.<br /> Supports acl's for smart backend switching.]]></descr> @@ -157,7 +157,7 @@ <version>1.4.24_1 pkg v 1.2.4</version> <status>Release</status> <required_version>2.2</required_version> - <config_file>http://www.pfsense.com/packages/config/haproxy/haproxy.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/haproxy/haproxy.xml</config_file> <configurationfile>haproxy.xml</configurationfile> <depends_on_package_pbi>haproxy-1.4.24_1-##ARCH##.pbi</depends_on_package_pbi> <build_pbi> @@ -166,7 +166,7 @@ </package> <package> <name>haproxy-full</name> - <pkginfolink>http://doc.pfsense.org/index.php/haproxy_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/haproxy_package</pkginfolink> <descr><![CDATA[The Reliable, High Performance TCP/HTTP Load Balancer<br /> This package implements both TCP and HTTP balance features from Haproxy.<br /> (Legacy version)]]></descr> @@ -175,13 +175,13 @@ <version>1.4.24_1 pkg v 1.1</version> <status>Release</status> <required_version>2.2</required_version> - <config_file>http://www.pfsense.com/packages/config/haproxy-legacy/haproxy.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/haproxy-legacy/haproxy.xml</config_file> <configurationfile>haproxy.xml</configurationfile> <depends_on_package_pbi>haproxy-1.4.24_1-##ARCH##.pbi</depends_on_package_pbi> </package> <package> <name>haproxy-devel</name> - <pkginfolink>http://doc.pfsense.org/index.php/haproxy_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/haproxy_package</pkginfolink> <descr><![CDATA[The Reliable, High Performance TCP/HTTP(s) Load Balancer<br /> This package implements TCP, HTTP and HTTPS balance features from Haproxy.<br /> Supports acl's for smart backend switching.]]></descr> @@ -190,7 +190,7 @@ <version>1.5-dev22 pkg v 0.7</version> <status>Release</status> <required_version>2.2</required_version> - <config_file>http://www.pfsense.com/packages/config/haproxy-devel/haproxy.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/haproxy-devel/haproxy.xml</config_file> <configurationfile>haproxy.xml</configurationfile> <depends_on_package_pbi>haproxy-devel-1.5-dev22-##ARCH##.pbi</depends_on_package_pbi> <build_pbi> @@ -202,7 +202,7 @@ </package> <package> <name>Apache with mod_security-dev</name> - <pkginfolink>http://doc.pfsense.org/index.php/ProxyServerModSecurity_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/ProxyServerModSecurity_package</pkginfolink> <website>http://www.modsecurity.org/</website> <descr><![CDATA[ModSecurity is a web application firewall that can work either embedded or as a reverse proxy.<br> It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.<br> @@ -212,7 +212,7 @@ <version>2.4.6 pkg v0.3</version> <status>ALPHA</status> <required_version>2.2</required_version> - <config_file>http://www.pfsense.com/packages/config/apache_mod_security-dev/apache_virtualhost.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/apache_mod_security-dev/apache_virtualhost.xml</config_file> <depends_on_package_pbi>proxy_mod_security-2.4.6_1-##ARCH##.pbi git-1.8.5.2-##ARCH##.pbi</depends_on_package_pbi> <configurationfile>apache_virtualhost.xml</configurationfile> <build_pbi> @@ -226,14 +226,14 @@ </package> <package> <name>Proxy Server with mod_security</name> - <pkginfolink>http://doc.pfsense.org/index.php/ProxyServerModSecurity_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/ProxyServerModSecurity_package</pkginfolink> <website>http://www.modsecurity.org/</website> <descr>ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. In addition this package allows URL forwarding which can be convenient for hosting multiple websites behind pfSense using 1 IP address.</descr> <category>Network Management</category> <version>0.1.3</version> <status>ALPHA</status> <required_version>2.2</required_version> - <config_file>http://www.pfsense.com/packages/config/apache_mod_security/apache_mod_security.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/apache_mod_security/apache_mod_security.xml</config_file> <depends_on_package_pbi>proxy_mod_security-2.2.26-##ARCH##.pbi</depends_on_package_pbi> <configurationfile>apache_mod_security.xml</configurationfile> <build_pbi> @@ -247,7 +247,7 @@ </package> <package> <name>Avahi</name> - <pkginfolink>http://doc.pfsense.org/index.php/Avahi_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Avahi_package</pkginfolink> <website>http://www.avahi.org/</website> <descr>Avahi is a system which facilitates service discovery on a local network. This means that you can plug your laptop or computer into a network and instantly be able to view other people who you can chat with, find printers to print to or find files being shared. This kind of technology is already found in Apple MacOS X (branded Rendezvous, Bonjour and sometimes Zeroconf) and is very convenient. Avahi is mainly based on Lennart Poettering's flexmdns mDNS implementation for Linux which has been discontinued in favour of Avahi.</descr> <category>Network Management</category> @@ -259,7 +259,7 @@ <version>0.6.29 pkg v1.02</version> <status>ALPHA</status> <required_version>2.2</required_version> - <config_file>http://www.pfsense.com/packages/config/avahi/avahi.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/avahi/avahi.xml</config_file> <configurationfile>avahi.xml</configurationfile> <after_install_info>Please visit the Avahi settings tab and select which interfaces you do not wish Avahi to listen on and click save to start the service.</after_install_info> </package> @@ -277,7 +277,7 @@ <version>5.0.1 v2.3</version> <status>BETA</status> <required_version>2.2</required_version> - <config_file>http://www.pfsense.com/packages/config/ntop2/ntop.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/ntop2/ntop.xml</config_file> <configurationfile>ntop.xml</configurationfile> <noembedded>true</noembedded> </package> @@ -287,7 +287,7 @@ <descr>Track things you want to note for this system.</descr> <category>Status</category> <pkginfolink/> - <config_file>http://www.pfsense.com/packages/config/notes/notes.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/notes/notes.xml</config_file> <version>0.2.4</version> <status>Alpha</status> <required_version>2.2</required_version> @@ -300,7 +300,7 @@ <descr>Trivial File Transport Protocol is a very simple file transfer protocol. Often used with routers, voip phones and more.</descr> <category>Services</category> <pkginfolink/> - <config_file>http://www.pfsense.com/packages/config/tftp2/tftp.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/tftp2/tftp.xml</config_file> <version>2.0</version> <status>Stable</status> <required_version>2.2</required_version> @@ -311,8 +311,8 @@ <website/> <descr>PHP run as a service it can do anything PHP can do including but not limited to monitoring files, CPU, RAM, and send alerts to the syslog.</descr> <category>Services</category> - <pkginfolink>http://doc.pfsense.org/index.php/PHPService</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/phpservice/phpservice.xml</config_file> + <pkginfolink>https://doc.pfsense.org/index.php/PHPService</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/phpservice/phpservice.xml</config_file> <version>0.4.1</version> <status>Beta</status> <required_version>2.2</required_version> @@ -325,7 +325,7 @@ <descr>Tool to Backup and Restore files and directories.</descr> <category>System</category> <pkginfolink></pkginfolink> - <config_file>http://www.pfsense.com/packages/config/backup/backup.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/backup/backup.xml</config_file> <version>0.1.5</version> <status>Beta</status> <required_version>2.2</required_version> @@ -338,7 +338,7 @@ <descr>The cron utility is used to manage commands on a schedule.</descr> <category>Services</category> <pkginfolink></pkginfolink> - <config_file>http://www.pfsense.com/packages/config/cron/cron.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/cron/cron.xml</config_file> <version>0.1.8</version> <status>Beta</status> <required_version>2.2</required_version> @@ -350,8 +350,8 @@ <website/> <descr>It is a web server package that can host HTML, Javascript, CSS, and PHP. It uses the lighttpd web server that is already installed. It uses PHP5 in FastCGI mode and has access to PHP Data Ojbects and PDO SQLite.</descr> <category>Services</category> - <pkginfolink>http://doc.pfsense.org/index.php/vhosts</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/vhosts/vhosts.xml</config_file> + <pkginfolink>https://doc.pfsense.org/index.php/vhosts</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/vhosts/vhosts.xml</config_file> <version>0.7.4</version> <status>Stable</status> <required_version>2.2</required_version> @@ -371,7 +371,7 @@ </build_pbi> <!-- Use both styles for now, since our snort port isn't yet optionsng, but barnyard2 and others are. --> <build_options>barnyard2_UNSET_FORCE=ODBC PGSQL PRELUDE;barnyard2_SET_FORCE=GRE IPV6 MPLS MYSQL PORT_PCAP;snort_SET_FORCE=TARGETBASED PERFPROFILE DECODERPRE FLEXRESP3 GRE IPV6 MPLS NORMALIZER ZLIB;perl_SET_FORCE=THREADS;WITH_THREADS=yes;WITH_IPV6=true;WITH_MPLS=true;WITH_GRE=true;WITH_TARGETBASED=true;WITH_PERFPROFILE=true;WITH_DECODERPRE=true;WITH_ZLIB=true;WITH_NORMALIZER=true;WITH_REACT=true;WITH_FLEXRESP3=true;WITHOUT_ODBC=true;WITHOUT_POSTGRESQL=true;WITHOUT_PRELUDE=true;NOPORTDOCS=true</build_options> - <config_file>http://www.pfsense.com/packages/config/snort/snort.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/snort/snort.xml</config_file> <version>2.9.5.6 pkg v3.0.4</version> <required_version>2.2</required_version> <status>Stable</status> @@ -383,7 +383,7 @@ <website>http://www.olsr.org/</website> <descr>The olsr.org OLSR daemon is an implementation of the Optimized Link State Routing protocol. OLSR is a routing protocol for mobile ad-hoc networks. The protocol is pro-active, table driven and utilizes a technique called multipoint relaying for message flooding.</descr> <category>Services</category> - <config_file>http://www.pfsense.com/packages/config/olsrd.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/olsrd.xml</config_file> <depends_on_package_pbi>olsrd-0.6.5.2-##ARCH##.pbi</depends_on_package_pbi> <build_pbi> <port>net/olsrd</port> @@ -395,10 +395,10 @@ </package> <package> <name>routed</name> - <website>http://www.pfsense.com/</website> + <website>https://packages.pfsense.org/</website> <descr>RIP v1 and v2 daemon.</descr> <category>Network Management</category> - <config_file>http://www.pfsense.com/packages/config/routed/routed.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/routed/routed.xml</config_file> <version>1.1</version> <status>Stable</status> <required_version>2.2</required_version> @@ -409,7 +409,7 @@ <website>http://www.openbsd.org/spamd/</website> <descr>Tarpits like spamd are fake SMTP servers, which accept connections but don't deliver mail. Instead, they keep the connections open and reply very slowly. If the peer is patient enough to actually complete the SMTP dialogue (which will take ten minutes or more), the tarpit returns a 'temporary error' code (4xx), which indicates that the mail could not be delivered successfully and that the sender should keep the mail in their queue and retry again later.</descr> <category>Services</category> - <config_file>http://www.pfsense.com/packages/config/spamd/spamd.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/spamd/spamd.xml</config_file> <depends_on_package_pbi>spamd-4.9.1_1-##ARCH##.pbi</depends_on_package_pbi> <version>4.9.1_1 v1.1</version> <status>Beta</status> @@ -430,8 +430,8 @@ It can do first and second line antispam combat before sending incoming mail to local mail servers.<br /> Postfix can also detect zombies, check RBLS, SPF, seach ldap for valid recipients and use third part antispam engines like policyd and mailscanner for better antispam solution.]]></descr> <category>Services</category> - <pkginfolink>http://forum.pfsense.org/index.php/topic,40622.0.html</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/postfix/postfix.xml</config_file> + <pkginfolink>https://forum.pfsense.org/index.php/topic,40622.0.html</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/postfix/postfix.xml</config_file> <depends_on_package_pbi>postfix-2.11.0-##ARCH##.pbi</depends_on_package_pbi> <version>2.10.2 pkg v.2.3.7</version> <status>Release</status> @@ -451,8 +451,8 @@ For all non-commercial it's free, without cost.<br /> For all commercial use visit dansguardian website to get a licence.]]></descr> <category>Services</category> - <config_file>http://www.pfsense.com/packages/config/dansguardian/dansguardian.xml</config_file> - <pkginfolink>http://forum.pfsense.org/index.php/topic,43786.0.html</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/dansguardian/dansguardian.xml</config_file> + <pkginfolink>https://forum.pfsense.org/index.php/topic,43786.0.html</pkginfolink> <depends_on_package_pbi>dansguardian-2.12.0.3_2-##ARCH##.pbi</depends_on_package_pbi> <version>2.12.0.3_2 pkg v.0.1.8</version> <status>beta</status> @@ -473,8 +473,8 @@ <descr><![CDATA[MailScanner is an e-mail security and anti-spam package for e-mail gateway systems.<br /> This is a level3 mail scanning tool with high CPU load.]]></descr> <category>Services</category> - <config_file>http://www.pfsense.com/packages/config/mailscanner/mailscanner.xml</config_file> - <pkginfolink>http://forum.pfsense.org/index.php/topic,43687.0.html</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/mailscanner/mailscanner.xml</config_file> + <pkginfolink>https://forum.pfsense.org/index.php/topic,43687.0.html</pkginfolink> <depends_on_package_pbi>mailscanner-4.84.5_3-##ARCH##.pbi</depends_on_package_pbi> <version>4.84.5_3 pkg v.0.2.4</version> <status>beta</status> @@ -491,9 +491,9 @@ <website>http://siproxd.sourceforge.net/</website> <descr>Proxy for handling NAT of multiple SIP devices to a single public IP.</descr> <category>Services</category> - <config_file>http://www.pfsense.com/packages/config/siproxd.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/siproxd.xml</config_file> <depends_on_package_pbi>siproxd-0.8.0-##ARCH##.pbi</depends_on_package_pbi> - <pkginfolink>http://doc.pfsense.org/index.php/Siproxd_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Siproxd_package</pkginfolink> <build_pbi> <port>net/siproxd</port> </build_pbi> @@ -506,13 +506,13 @@ <name>OpenBGPD</name> <descr>OpenBGPD is a FREE implementation of the Border Gateway Protocol, Version 4. It allows ordinary machines to be used as routers exchanging routes with other systems speaking the BGP protocol. -- WARNING! Installs files to the same place as Quagga OSPF. Installing both will result in a broken state, remove this package before installing Quagga OSPF.</descr> <category>NET</category> - <config_file>http://www.pfsense.com/packages/config/openbgpd/openbgpd.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/openbgpd/openbgpd.xml</config_file> <build_pbi> <port>net/openbgpd</port> </build_pbi> <version>0.9.1</version> <status>STABLE</status> - <pkginfolink>http://doc.pfsense.org/index.php/OpenBGPD_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/OpenBGPD_package</pkginfolink> <required_version>2.2</required_version> <configurationfile>openbgpd.xml</configurationfile> <depends_on_package_pbi>openbgpd-5.2.20121209-##ARCH##.pbi</depends_on_package_pbi> @@ -532,7 +532,7 @@ <build_options>WITHOUT_DEBUGGING=true;WITHOUT_GDBM=true;WITHOUT_PERL_MALLOC=true;WITH_PERL_64BITINT=true;WITHOUT_THREADS=true;WITHOUT_MULTIPLICITY=true;WITHOUT_SUIDPERL=true;WITHOUT_SITECUSTOMIZE=true;WITH_USE_PERL=true;WITH_GDSUPPORT=true</build_options> <status>RC1</status> <required_version>2.2</required_version> - <config_file>http://www.pfsense.com/packages/config/lightsquid/lightsquid.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/lightsquid/lightsquid.xml</config_file> <pkginfolink></pkginfolink> <configurationfile>lightsquid.xml</configurationfile> <noembedded>true</noembedded> @@ -543,8 +543,8 @@ <descr><![CDATA[Sarg - Squid Analysis Report Generator is a tool that allow you to view "where" your users are going to on the Internet.<br /> Sarg provides many informations about Proxy(squid,squidguard or dansguardian) users activities: times, bytes, sites, etc...]]></descr> <category>Network Report</category> - <config_file>http://www.pfsense.com/packages/config/sarg/sarg.xml</config_file> - <pkginfolink>http://forum.pfsense.org/index.php/topic,47765.0.html</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/sarg/sarg.xml</config_file> + <pkginfolink>https://forum.pfsense.org/index.php/topic,47765.0.html</pkginfolink> <depends_on_package_pbi>sarg-2.3.6_2-##ARCH##.pbi</depends_on_package_pbi> <version>2.3.6_2 pkg v.0.6.3</version> <status>Release</status> @@ -564,8 +564,8 @@ If it receives one with MAC-IP pair, which is not listed in 'ethers' file, it will send ARP reply with configured fake address.<br /> This will prevent not permitted host to work properly in local ethernet segment.]]></descr> <category>Security</category> - <config_file>http://www.pfsense.com/packages/config/ipguard/ipguard.xml</config_file> - <pkginfolink>http://forum.pfsense.org/index.php/topic,49917.msg263664.html#msg263664</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/ipguard/ipguard.xml</config_file> + <pkginfolink>https://forum.pfsense.org/index.php/topic,49917.msg263664.html#msg263664</pkginfolink> <depends_on_package_pbi>ipguard-1.04_1-##ARCH##.pbi</depends_on_package_pbi> <version>1.0.4 pkg v.0.1</version> <status>beta</status> @@ -583,12 +583,12 @@ It uses the advanced features in FreeBSD 6/7/8 to achieve its high performance.<br /> Version 3 includes streaming support]]></descr> <website>http://varnish-cache.org</website> - <pkginfolink>http://doc.pfsense.org/index.php/Varnish_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Varnish_package</pkginfolink> <category>Services</category> <version>3.0.4 pkg v.0.2.1</version> <status>RC</status> <required_version>2.2</required_version> - <config_file>http://www.pfsense.com/packages/config/varnish3/varnish_backends.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/varnish3/varnish_backends.xml</config_file> <configurationfile>varnish_backends.xml</configurationfile> <depends_on_package_pbi>varnish-3.0.5-##ARCH##.pbi</depends_on_package_pbi> <build_pbi> @@ -601,7 +601,7 @@ <name>vnstat2</name> <website>http://humdi.net/vnstat/</website> <descr>Vnstat is a console-based network traffic monitor<br />The vnstat PHP frontend and vnstati adds a more user friendly way of displaying traffic usage.</descr> - <pkginfolink>http://forum.pfsense.org/index.php/topic,14179.0.html</pkginfolink> + <pkginfolink>https://forum.pfsense.org/index.php/topic,14179.0.html</pkginfolink> <category>Network Management</category> <depends_on_package_pbi>vnstat-1.11_5-##ARCH##.pbi</depends_on_package_pbi> <build_pbi> @@ -611,7 +611,7 @@ <status>Stable</status> <required_version>2.2</required_version> <maintainer>crazypark2@yahoo.dk</maintainer> - <config_file>http://www.pfsense.com/packages/config/vnstat2/vnstat2.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/vnstat2/vnstat2.xml</config_file> <configurationfile>vnstat2.xml</configurationfile> <after_install_info></after_install_info> </package> @@ -627,7 +627,7 @@ <build_pbi> <port>sysutils/mbmon</port> </build_pbi> - <config_file>http://www.pfsense.com/packages/config/phpsysinfo/phpsysinfo.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/phpsysinfo/phpsysinfo.xml</config_file> <configurationfile>phpsysinfo.xml</configurationfile> <noembedded>true</noembedded> </package> @@ -638,9 +638,9 @@ <category>Services</category> <version>1.0.6.18</version> <status>Beta</status> - <pkginfolink>http://doc.pfsense.org/index.php/Tinydns_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Tinydns_package</pkginfolink> <required_version>2.2</required_version> - <config_file>http://www.pfsense.com/packages/config/tinydns/tinydns.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/tinydns/tinydns.xml</config_file> <configurationfile>tinydns.xml</configurationfile> <depends_on_package_pbi>djbdns-1.05_15-##ARCH##.pbi</depends_on_package_pbi> <build_pbi> @@ -657,9 +657,9 @@ <category>Services</category> <version>8.7.0.3046 (build-425873)</version> <status>Stable</status> - <pkginfolink>http://doc.pfsense.org/index.php/Open_VM_Tools_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Open_VM_Tools_package</pkginfolink> <required_version>2.2</required_version> - <config_file>http://www.pfsense.org/packages/config/open-vm-tools_2/open-vm-tools.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/open-vm-tools_2/open-vm-tools.xml</config_file> <configurationfile>open-vm-tools.xml</configurationfile> <build_pbi> <port>emulators/open-vm-tools-nox11</port> @@ -675,8 +675,8 @@ <version>1.21</version> <status>Stable</status> <required_version>2.2</required_version> - <pkginfolink>http://doc.pfsense.org/index.php/AutoConfigBackup</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/autoconfigbackup/autoconfigbackup.xml</config_file> + <pkginfolink>https://doc.pfsense.org/index.php/AutoConfigBackup</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/autoconfigbackup/autoconfigbackup.xml</config_file> <configurationfile>autoconfigbackup.xml</configurationfile> </package> <package> @@ -687,13 +687,13 @@ <version>2.13 v1.1</version> <status>Stable</status> <required_version>2.2</required_version> - <config_file>http://www.pfsense.com/packages/config/arping/arping.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/arping/arping.xml</config_file> <configurationfile>arping.xml</configurationfile> <depends_on_package_pbi>arping-2.13-##ARCH##.pbi</depends_on_package_pbi> <build_pbi> <port>net/arping</port> </build_pbi> - <pkginfolink>http://doc.pfsense.org/index.php/Arping</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Arping</pkginfolink> </package> <package> <name>nmap</name> @@ -701,10 +701,10 @@ <descr>NMap is a utility for network exploration or security auditing. It supports ping scanning (determine which hosts are up), many port scanning techniques (determine what services the hosts are offering), version detection (determine what application/service is runing on a port), and TCP/IP fingerprinting (remote host OS or device identification). It also offers flexible target and port specification, decoy/stealth scanning, SunRPC scanning, and more. Most Unix and Windows platforms are supported in both GUI and command line modes. Several popular handheld devices are also supported, including the Sharp Zaurus and the iPAQ.</descr> <category>Security</category> <depends_on_package_pbi>nmap-6.40_2-##ARCH##.pbi</depends_on_package_pbi> - <config_file>http://www.pfsense.com/packages/config/nmap/nmap.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/nmap/nmap.xml</config_file> <version>nmap-6.40_2 pkg v1.2</version> <status>Stable</status> - <pkginfolink>http://doc.pfsense.org/index.php/Nmap_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Nmap_package</pkginfolink> <required_version>2.2</required_version> <configurationfile>nmap.xml</configurationfile> <build_pbi> @@ -720,8 +720,8 @@ <version>20111108_1 pkg v 0.3.1</version> <required_version>2.2</required_version> <status>BETA</status> - <pkginfolink>http://doc.pfsense.org/index.php/IMSpector_package</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/imspector/imspector.xml</config_file> + <pkginfolink>https://doc.pfsense.org/index.php/IMSpector_package</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/imspector/imspector.xml</config_file> <configurationfile>imspector.xml</configurationfile> <depends_on_package_pbi>imspector-20111108_1-##ARCH##.pbi</depends_on_package_pbi> <build_options>imspector_SET_FORCE=PLUGINS;imspector_UNSET_FORCE=IPFW</build_options> @@ -738,13 +738,13 @@ <status>BETA</status> <required_version>2.2</required_version> <maintainer>rswagoner@gmail.com</maintainer> - <config_file>http://www.pfsense.com/packages/config/nut/nut.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/nut/nut.xml</config_file> <configurationfile>nut.xml</configurationfile> <depends_on_package_pbi>nut-2.6.5_1-##ARCH##.pbi</depends_on_package_pbi> <build_pbi> <port>sysutils/nut</port> </build_pbi> - <pkginfolink>http://doc.pfsense.org/index.php/Nut_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Nut_package</pkginfolink> </package> <package> <name>diag_new_states</name> @@ -755,8 +755,8 @@ <maintainer>ptaylor@addressplus.net</maintainer> <required_version>2.2</required_version> <status>BETA</status> - <config_file>http://www.pfsense.org/packages/config/diag_states_pt/diag_new_states.xml</config_file> - <configurationfile>http://www.pfsense.com/packages/config/diag_states_pt/diag_new_states.xml</configurationfile> + <config_file>https://packages.pfsense.org/packages/config/diag_states_pt/diag_new_states.xml</config_file> + <configurationfile>https://packages.pfsense.org/packages/config/diag_states_pt/diag_new_states.xml</configurationfile> </package> <package> <name>darkstat</name> @@ -768,7 +768,7 @@ <status>Stable</status> <required_version>2.2</required_version> <maintainer>sullrich+pfsp@gmail.com</maintainer> - <config_file>http://www.pfsense.com/packages/config/darkstat/darkstat.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/darkstat/darkstat.xml</config_file> <configurationfile>darkstat.xml</configurationfile> <build_pbi> <port>net-mgmt/darkstat</port> @@ -779,7 +779,7 @@ <website>http://www.mindrot.org/pfflowd.html</website> <descr>pfflowd converts OpenBSD PF status messages (sent via the pfsync interface) to Cisco NetFlow datagrams. These datagrams may be sent (via UDP) to a host of one's choice. Utilising the OpenBSD stateful packet filter infrastructure means that flow tracking is very fast and accurate.</descr> <category>Network Management</category> - <config_file>http://www.pfsense.com/packages/config/pfflowd.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/pfflowd.xml</config_file> <depends_on_package_pbi>pfflowd-0.8-##ARCH##.pbi</depends_on_package_pbi> <version>0.8.3</version> <status>Stable</status> @@ -799,9 +799,9 @@ <depends_on_package_pbi>widentd-1.03_2-##ARCH##.pbi</depends_on_package_pbi> <version>1.03_1</version> <status>Stable</status> - <pkginfolink>http://doc.pfsense.org/index.php/Widentd_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Widentd_package</pkginfolink> <required_version>2.2</required_version> - <config_file>http://www.pfsense.com/packages/config/widentd.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/widentd.xml</config_file> <configurationfile>widentd.xml</configurationfile> <build_pbi> <port>net/widentd</port> @@ -814,14 +814,14 @@ Support: MySQL, PostgreSQL, LDAP, Kerberos<br /> FreeRADIUS and FreeRADIUS2 settings are not compatible so don't use them together or try to update<br /> On pfSense docs there is a how-to which could help you on porting users.]]></descr> - <pkginfolink>http://doc.pfsense.org/index.php/FreeRADIUS_2.x_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/FreeRADIUS_2.x_package</pkginfolink> <category>System</category> <version>2.1.12_1/2.2.0 pkg v1.6.7_2</version> <status>RC1</status> <required_version>2.2</required_version> <maintainer>nachtfalkeaw@web.de</maintainer> <depends_on_package_pbi>freeradius-2.2.3_1-##ARCH##.pbi</depends_on_package_pbi> - <config_file>http://www.pfsense.org/packages/config/freeradius2/freeradius.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/freeradius2/freeradius.xml</config_file> <configurationfile>freeradius.xml</configurationfile> <after_install_info>Please visit Services: FreeRADIUS</after_install_info> <!-- Try to use the new PBI build syntax here, it may help it pick up the right libs inside the single PBI rather than using multiple. --> @@ -840,7 +840,7 @@ <status>BETA</status> <required_version>2.2</required_version> <depends_on_package_pbi>bandwidthd-2.0.1_6-##ARCH##.pbi</depends_on_package_pbi> - <config_file>http://www.pfsense.org/packages/config/bandwidthd/bandwidthd.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/bandwidthd/bandwidthd.xml</config_file> <configurationfile>bandwidthd.xml</configurationfile> <build_pbi> <ports_before>net/libpcap databases/postgresql91-client graphics/gd</ports_before> @@ -856,9 +856,9 @@ <depends_on_package_pbi>stunnel-4.56-##ARCH##.pbi</depends_on_package_pbi> <version>4.43.0</version> <status>Stable</status> - <pkginfolink>http://doc.pfsense.org/index.php/Stunnel_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Stunnel_package</pkginfolink> <required_version>2.2</required_version> - <config_file>http://www.pfsense.com/packages/config/stunnel.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/stunnel.xml</config_file> <configurationfile>stunnel.xml</configurationfile> <build_pbi> <port>security/stunnel</port> @@ -870,11 +870,11 @@ <website>http://dast.nlanr.net/Projects/Iperf/</website> <descr>Iperf is a tool for testing network throughput, loss, and jitter.</descr> <category>Network Management</category> - <config_file>http://www.pfsense.com/packages/config/iperf.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/iperf.xml</config_file> <depends_on_package_pbi>iperf-2.0.5-##ARCH##.pbi</depends_on_package_pbi> <version>2.0.5</version> <status>Beta</status> - <pkginfolink>http://doc.pfsense.org/index.php/Iperf_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Iperf_package</pkginfolink> <required_version>2.2</required_version> <configurationfile>iperf.xml</configurationfile> <build_pbi> @@ -886,7 +886,7 @@ <website>http://freshmeat.net/projects/netio/</website> <descr>This is a network benchmark for DOS, OS/2 2.x, Windows NT/2000 and Unix. It measures the net throughput of a network via NetBIOS and/or TCP/IP protocols (Unix and DOS only support TCP/IP) using various different packet sizes.</descr> <category>Network Management</category> - <config_file>http://www.pfsense.com/packages/config/netio.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/netio.xml</config_file> <depends_on_package_pbi>netio-1.26-##ARCH##.pbi</depends_on_package_pbi> <version>1.26</version> <required_version>2.2</required_version> @@ -906,7 +906,7 @@ <version>0.82</version> <status>Stable</status> <required_version>2.2</required_version> - <config_file>http://www.pfsense.com/packages/config/mtr-nox11.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/mtr-nox11.xml</config_file> <configurationfile>mtr-nox11.xml</configurationfile> <build_pbi> <port>net/mtr</port> @@ -929,7 +929,7 @@ <ports_after>www/squid_radius_auth</ports_after> </build_pbi> <build_options>squid_UNSET_FORCE=DNS_HELPER IPFILTER PINGER STACKTRACES STRICT_HTTP_DESC USERAGENT_LOG WCCPV2;squid_SET_FORCE=PF LDAP_AUTH NIS_AUTH SASL_AUTH ARP_ACL AUFS CACHE_DIGESTS CARP COSS DELAY_POOLS FOLLOW_XFF HTCP IDENT KERB_AUTH KQUEUE LARGEFILE REFERER_LOG SNMP SSL VIA_DB WCCP;SQUID_UID=proxy;SQUID_GID=proxy</build_options> - <config_file>http://www.pfsense.org/packages/config/squid/squid.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/squid/squid.xml</config_file> <configurationfile>squid.xml</configurationfile> </package> <package> @@ -938,7 +938,7 @@ <descr><![CDATA[High performance web proxy cache.<br /> It combines squid as a proxy server with it's capabilities of acting as a HTTP / HTTPS reverse proxy.<br /> It includes an Exchange-Web-Access (OWA) Assistant.]]></descr> - <pkginfolink>http://forum.pfsense.org/index.php/topic,48347.0.html</pkginfolink> + <pkginfolink>https://forum.pfsense.org/index.php/topic,48347.0.html</pkginfolink> <website>http://www.squid-cache.org/</website> <category>Network</category> <version>3.1.20 pkg 2.0.6</version> @@ -952,7 +952,7 @@ </build_pbi> <build_options>c-icap_UNSET_FORCE=IPV6;squid_UNSET_FORCE=AUTH_SMB AUTH_SQL DNS_HELPER FS_COSS ESI SNMP ECAP STACKTRACES STRICT_HTTP TP_IPF TP_IPFW VIA_DB DEBUG DOCS EXAMPLES;squid_SET_FORCE=ARP_ACL AUTH_KERB AUTH_LDAP AUTH_NIS AUTH_SASL CACHE_DIGESTS DELAY_POOLS FOLLOW_XFF TP_PF MSSL_CRTD WCCP WCCPV2 FS_AUFS HTCP ICAP ICMP IDENT IPV6 KQUEUE LARGEFILE SSL SSL_CRTD</build_options> <!--<build_options>WITH_SQUID_KERB_AUTH=true;WITH_SQUID_LDAP_AUTH=true;WITH_SQUID_NIS_AUTH=true;WITH_SQUID_SASL_AUTH=true;WITH_SQUID_IPV6=true;WITH_SQUID_DELAY_POOLS=true;WITH_SQUID_SNMP=true;WITH_SQUID_SSL=true;WITH_SQUID_SSL_CRTD=true;WITH_SQUID_PINGER=true;WITHOUT_SQUID_DNS_HELPER=true;WITH_SQUID_HTCP=true;WITH_SQUID_VIA_DB=true;WITH_SQUID_CACHE_DIGESTS=true;WITHOUT_SQUID_WCCP=true;WITH_SQUID_WCCPV2=true;WITHOUT_SQUID_STRICT_HTTP=true;WITH_SQUID_IDENT=true;WITH_SQUID_REFERER_LOG=true;WITH_SQUID_USERAGENT_LOG=true;WITH_SQUID_ARP_ACL=true;WITH_SQUID_IPFW=true;WITH_SQUID_PF=true;WITHOUT_SQUID_IPFILTER=true;WITH_SQUID_FOLLOW_XFF=true;WITHOUT_SQUID_ECAP=true;WITHOUT_SQUID_ICAP=true;WITHOUT_SQUID_ESI=true;WITH_SQUID_AUFS=true;WITHOUT_SQUID_COSS=true;WITHOUT_SQUID_KQUEUE=true;WITH_SQUID_LARGEFILE=true;WITHOUT_SQUID_STACKTRACES=true;WITHOUT_SQUID_DEBUG=true</build_options>--> - <config_file>http://www.pfsense.org/packages/config/squid3/31/squid.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/squid3/31/squid.xml</config_file> <configurationfile>squid.xml</configurationfile> <depends_on_package_pbi>squid-3.1.22_1-##ARCH##.pbi</depends_on_package_pbi> </package> @@ -962,10 +962,10 @@ <descr><![CDATA[High performance web proxy cache.<br /> It combines squid as a proxy server with it's capabilities of acting as a HTTP / HTTPS reverse proxy.<br /> It includes an Exchange-Web-Access (OWA) Assistant, ssl filtering and antivirus integration via i-cap]]></descr> - <pkginfolink>http://forum.pfsense.org/index.php/topic,48347.0.html</pkginfolink> + <pkginfolink>https://forum.pfsense.org/index.php/topic,48347.0.html</pkginfolink> <website>http://www.squid-cache.org/</website> <category>Network</category> - <version>3.3.10 pkg 2.2</version> + <version>3.3.10 pkg 2.2.1</version> <status>beta</status> <required_version>2.2</required_version> <maintainer>marcellocoutinho@gmail.com fernando@netfilter.com.br seth.mos@dds.nl mfuchs77@googlemail.com jimp@pfsense.org</maintainer> @@ -975,7 +975,7 @@ <ports_after>www/squid_radius_auth security/clamav www/squidclamav security/ca_root_nss www/c-icap-modules</ports_after> </build_pbi> <build_options>c-icap_UNSET_FORCE=IPV6;squid_UNSET_FORCE=AUTH_SMB AUTH_SQL DNS_HELPER FS_COSS ESI SNMP ECAP STACKTRACES STRICT_HTTP TP_IPF TP_IPFW VIA_DB DEBUG DOCS EXAMPLES AUTH_SASL;squid_SET_FORCE=ARP_ACL AUTH_KERB AUTH_LDAP AUTH_NIS CACHE_DIGESTS DELAY_POOLS FOLLOW_XFF TP_PF MSSL_CRTD WCCP WCCPV2 FS_AUFS HTCP ICAP ICMP IDENT IPV6 KQUEUE LARGEFILE SSL SSL_CRTD</build_options> - <config_file>http://www.pfsense.org/packages/config/squid3/33/squid.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/squid3/33/squid.xml</config_file> <configurationfile>squid.xml</configurationfile> <depends_on_package_pbi>squid-3.3.11-##ARCH##.pbi</depends_on_package_pbi> </package> @@ -989,7 +989,7 @@ <required_version>2.2</required_version> <maintainer>seth.mos@dds.nl</maintainer> <depends_on_package_pbi>lcdproc-0.5.6-##ARCH##.pbi</depends_on_package_pbi> - <config_file>http://www.pfsense.org/packages/config/lcdproc/lcdproc.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/lcdproc/lcdproc.xml</config_file> <configurationfile>lcdproc.xml</configurationfile> <build_pbi> <port>sysutils/lcdproc</port> @@ -1006,9 +1006,9 @@ <status>BETA</status> <required_version>2.2</required_version> <maintainer>michele@nt2.it</maintainer> - <pkginfolink>http://forum.pfsense.org/index.php/topic,44034.0.html</pkginfolink> + <pkginfolink>https://forum.pfsense.org/index.php/topic,44034.0.html</pkginfolink> <depends_on_package_pbi>lcdproc-0.5.6-##ARCH##.pbi</depends_on_package_pbi> - <config_file>http://www.pfsense.org/packages/config/lcdproc-dev/lcdproc.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/lcdproc-dev/lcdproc.xml</config_file> <configurationfile>lcdproc.xml</configurationfile> <build_pbi> <port>sysutils/lcdproc</port> @@ -1028,7 +1028,7 @@ <version>2.1.a15_7 pkg v1.1.1</version> <status>ALPHA</status> <required_version>2.2</required_version> - <config_file>http://www.pfsense.com/packages/config/arpwatch.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/arpwatch.xml</config_file> <configurationfile>arpwatch.xml</configurationfile> <logging> <facilityname>arpwatch</facilityname> @@ -1050,7 +1050,7 @@ <port>www/squidguard</port> </build_pbi> <build_options>squidGuard_UNSET_FORCE=SQUID32 SQUID33;squidGuard_SET_FORCE=SAMPLE_BL SASL LDAP SQUID27;squid_UNSET_FORCE=DNS_HELPER IPFILTER PINGER STACKTRACES STRICT_HTTP_DESC USERAGENT_LOG WCCPV2;squid_SET_FORCE=PF LDAP_AUTH NIS_AUTH SASL_AUTH ARP_ACL AUFS CACHE_DIGESTS CARP COSS DELAY_POOLS FOLLOW_XFF HTCP IDENT KERB_AUTH KQUEUE LARGEFILE REFERER_LOG SNMP SSL VIA_DB WCCP;SQUID_UID=proxy;SQUID_GID=proxy</build_options> - <config_file>http://www.pfsense.org/packages/config/squidGuard/squidguard.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/squidGuard/squidguard.xml</config_file> <configurationfile>squidguard.xml</configurationfile> </package> <package> @@ -1069,7 +1069,7 @@ <custom_name>squidguard-devel</custom_name> </build_pbi> <build_options>squidGuard-devel_UNSET_FORCE=SQUID32 SQUID33;squidGuard-devel_SET_FORCE=LDAP STRIPNT SQUID27;squid_UNSET_FORCE=DNS_HELPER IPFILTER PINGER STACKTRACES STRICT_HTTP_DESC USERAGENT_LOG WCCPV2;squid_SET_FORCE=PF LDAP_AUTH NIS_AUTH SASL_AUTH ARP_ACL AUFS CACHE_DIGESTS CARP COSS DELAY_POOLS FOLLOW_XFF HTCP IDENT KERB_AUTH KQUEUE LARGEFILE REFERER_LOG SNMP SSL VIA_DB WCCP;SQUID_UID=proxy;SQUID_GID=proxy</build_options> - <config_file>http://www.pfsense.org/packages/config/squidGuard-devel/squidguard.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/squidGuard-devel/squidguard.xml</config_file> <configurationfile>squidguard.xml</configurationfile> </package> <package> @@ -1088,7 +1088,7 @@ <custom_name>squidguard-squid3</custom_name> </build_pbi> <build_options>OPTIONS_SET_FORCE=FETCH LDAP;squidGuard_UNSET_FORCE=SQUID27;squidGuard_SET_FORCE=SAMPLE_BL SASL SQUID33;c-icap_UNSET_FORCE=IPV6 squid_UNSET_FORCE=AUTH_SMB AUTH_SQL DNS_HELPER FS_COSS ESI SNMP ECAP STACKTRACES STRICT_HTTP TP_IPF TP_IPFW VIA_DB DEBUG DOCS EXAMPLES;squid_SET_FORCE=ARP_ACL AUTH_KERB AUTH_LDAP AUTH_NIS AUTH_SASL CACHE_DIGESTS DELAY_POOLS FOLLOW_XFF TP_PF MSSL_CRTD WCCP WCCPV2 FS_AUFS HTCP ICAP ICMP IDENT IPV6 KQUEUE LARGEFILE SSL SSL_CRTD</build_options> - <config_file>http://www.pfsense.org/packages/config/squidGuard/squidguard.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/squidGuard/squidguard.xml</config_file> <configurationfile>squidguard.xml</configurationfile> </package> <package> @@ -1101,7 +1101,7 @@ <version>1.2.4</version> <status>RELEASE</status> <required_version>2.2</required_version> - <config_file>http://www.pfsense.com/packages/config/openvpn-client-export/openvpn-client-export.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/openvpn-client-export/openvpn-client-export.xml</config_file> <configurationfile>openvpn-client-export.xml</configurationfile> </package> <package> @@ -1118,7 +1118,7 @@ <version>0.91_1 pkg v1.01</version> <status>BETA</status> <required_version>2.2</required_version> - <config_file>http://www.pfsense.com/packages/config/havp/havp.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/havp/havp.xml</config_file> <configurationfile>havp.xml</configurationfile> <maintainer>dv_serg@mail.ru</maintainer> <after_install_info>Please check the HAVP settings.</after_install_info> @@ -1131,8 +1131,8 @@ <version>0.51</version> <required_version>2.2</required_version> <status>BETA</status> - <pkginfolink>http://doc.pfsense.org/index.php/PfJailctl_package</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/jailctl.xml</config_file> + <pkginfolink>https://doc.pfsense.org/index.php/PfJailctl_package</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/jailctl.xml</config_file> <configurationfile>jailctl.xml</configurationfile> <maintainer>ltning-jailctl@anduin.net</maintainer> </package> @@ -1144,8 +1144,8 @@ <version>0.2</version> <required_version>2.2</required_version> <status>BETA</status> - <pkginfolink>http://doc.pfsense.org/index.php/PfJailctl_package</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/jail_template.xml</config_file> + <pkginfolink>https://doc.pfsense.org/index.php/PfJailctl_package</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/jail_template.xml</config_file> <configurationfile>jail_template.xml</configurationfile> <maintainer>ltning-jailctl@anduin.net</maintainer> </package> @@ -1157,10 +1157,10 @@ <status>Beta</status> <maintainer>jimp@pfsense.org</maintainer> <required_version>2.2</required_version> - <config_file>http://www.pfsense.org/packages/config/blinkled8/blinkled.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/blinkled8/blinkled.xml</config_file> <configurationfile>blinkled.xml</configurationfile> - <pkginfolink>http://doc.pfsense.org/index.php/BlinkLED_Package</pkginfolink> - <website>http://doc.pfsense.org/index.php/BlinkLED_Package</website> + <pkginfolink>https://doc.pfsense.org/index.php/BlinkLED_Package</pkginfolink> + <website>https://doc.pfsense.org/index.php/BlinkLED_Package</website> <build_pbi> <port>sysutils/blinkled</port> </build_pbi> @@ -1174,14 +1174,14 @@ <status>Beta</status> <maintainer>jimp@pfsense.org</maintainer> <required_version>2.2</required_version> - <config_file>http://www.pfsense.org/packages/config/gwled/gwled.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/gwled/gwled.xml</config_file> <configurationfile>gwled.xml</configurationfile> </package> <package> <name>Dashboard Widget: Snort</name> <descr>Dashboard widget for Snort.</descr> <category>System</category> - <config_file>http://www.pfsense.com/packages/config/widget-snort/widget-snort.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/widget-snort/widget-snort.xml</config_file> <version>0.3.7</version> <status>BETA</status> <required_version>2.2</required_version> @@ -1191,7 +1191,7 @@ <name>Dashboard Widget: HAVP</name> <descr>Dashboard widget for HAVP alerts.</descr> <category>System</category> - <config_file>http://www.pfsense.com/packages/config/widget-havp/widget-havp.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/widget-havp/widget-havp.xml</config_file> <version>0.1</version> <status>BETA</status> <required_version>2.2</required_version> @@ -1201,7 +1201,7 @@ <name>Dashboard Widget: Antivirus Status</name> <descr>Dashboard widget for HAVP status.</descr> <category>System</category> - <config_file>http://www.pfsense.com/packages/config/widget-antivirus/widget-antivirus.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/widget-antivirus/widget-antivirus.xml</config_file> <version>0.1</version> <status>BETA</status> <required_version>2.2</required_version> @@ -1215,7 +1215,7 @@ <status>Beta</status> <maintainer>jimp@pfsense.org</maintainer> <required_version>2.2</required_version> - <config_file>http://www.pfsense.org/packages/config/rrd-summary/rrd-summary.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/rrd-summary/rrd-summary.xml</config_file> <configurationfile>rrd-summary.xml</configurationfile> </package> <package> @@ -1224,7 +1224,7 @@ <descr>The shellcmd utility is used to manage commands on system startup.</descr> <category>Services</category> <pkginfolink></pkginfolink> - <config_file>http://www.pfsense.com/packages/config/shellcmd/shellcmd.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/shellcmd/shellcmd.xml</config_file> <version>0.5</version> <status>Beta</status> <required_version>2.2</required_version> @@ -1242,7 +1242,7 @@ <port>net-mgmt/nrpe</port> </build_pbi> <build_options>nrpe_SET_FORCE=SSL;nrpe_UNSET_FORCE=ARGS</build_options> - <config_file>http://www.pfsense.com/packages/config/nrpe2/nrpe2.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/nrpe2/nrpe2.xml</config_file> <version>2.15 v2.2</version> <status>Beta</status> <required_version>2.2</required_version> @@ -1260,7 +1260,7 @@ <port>sysutils/muse</port> </build_pbi> <build_options></build_options> - <config_file>http://www.pfsense.com/packages/config/checkmk-agent/checkmk.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/checkmk-agent/checkmk.xml</config_file> <version>v0.1</version> <status>RC1</status> <required_version>2.2</required_version> @@ -1275,7 +1275,7 @@ <version>1.0</version> <status>Beta</status> <required_version>2.2</required_version> - <config_file>http://www.pfsense.com/packages/config/sshdcond/sshdcond.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/sshdcond/sshdcond.xml</config_file> <maintainer>namezero@afim.info</maintainer> <configurationfile>sshdcond.xml</configurationfile> </package> @@ -1286,7 +1286,7 @@ <version>2.0.9</version> <status>Stable</status> <required_version>2.2</required_version> - <config_file>http://www.pfsense.com/packages/config/mailreport/mailreport.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/mailreport/mailreport.xml</config_file> <configurationfile>mailreport.xml</configurationfile> </package> <package> @@ -1301,7 +1301,7 @@ <maintainer>jorgelustosa@gmail.com marcellocoutinho@gmail.com</maintainer> <required_version>2.2</required_version> <depends_on_package_pbi>zebedee-2.5.3-##ARCH##.pbi</depends_on_package_pbi> - <config_file>http://www.pfsense.com/packages/config/zebedee/zebedee.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/zebedee/zebedee.xml</config_file> <configurationfile>zebedee.xml</configurationfile> <build_pbi> <port>security/zebedee</port> @@ -1315,7 +1315,7 @@ <category>Routing</category> <status>BETA</status> <depends_on_package_pbi>quagga-0.99.22.3-##ARCH##.pbi</depends_on_package_pbi> - <config_file>http://www.pfsense.com/packages/config/quagga_ospfd/quagga_ospfd.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/quagga_ospfd/quagga_ospfd.xml</config_file> <build_pbi> <port>net/quagga</port> </build_pbi> @@ -1330,7 +1330,7 @@ <version>1.0</version> <category>System</category> <status>RELEASE</status> - <config_file>http://www.pfsense.com/packages/config/systempatches/systempatches.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/systempatches/systempatches.xml</config_file> <pkginfolink></pkginfolink> <required_version>2.2</required_version> <configurationfile>systempatches.xml</configurationfile> @@ -1344,7 +1344,7 @@ <version>5.2.12_3 pkg v 1.0.1</version> <status>Stable</status> <required_version>2.2</required_version> - <config_file>http://www.pfsense.com/packages/config/bacula-client/bacula-client.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/bacula-client/bacula-client.xml</config_file> <depends_on_package_pbi>bacula-5.2.12_3-##ARCH##.pbi</depends_on_package_pbi> <build_pbi> <port>sysutils/bacula-client</port> @@ -1356,13 +1356,13 @@ <package> <!-- This does not exist yet, this is here to trigger a PBI build --> <name>urlsnarf</name> - <pkginfolink>http://forum.pfsense.org/</pkginfolink> + <pkginfolink>https://forum.pfsense.org/</pkginfolink> <descr><![CDATA[HTTP URL Sniffer (console/shell only)]]></descr> <category>Services</category> <version>2.3_4</version> <status>Beta</status> <required_version>2.2</required_version> - <config_file>http://www.pfsense.com/packages/config/urlsnarf/urlsnarf.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/urlsnarf/urlsnarf.xml</config_file> <maintainer>jimp@pfsense.org</maintainer> <configurationfile>urlsnarf.xml</configurationfile> <build_pbi> @@ -1374,13 +1374,13 @@ <package> <!-- This does not exist yet, this is here to trigger a PBI build --> <name>iftop</name> - <pkginfolink>http://forum.pfsense.org/</pkginfolink> + <pkginfolink>https://forum.pfsense.org/</pkginfolink> <descr><![CDATA[Realtime interface monitor (console/shell only)]]></descr> <category>Services</category> <version>0.17</version> <status>Beta</status> <required_version>2.2</required_version> - <config_file>http://www.pfsense.com/packages/config/iftop/iftop.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/iftop/iftop.xml</config_file> <maintainer>jimp@pfsense.org</maintainer> <configurationfile>iftop.xml</configurationfile> <build_pbi> @@ -1391,13 +1391,13 @@ <package> <!-- This does not exist yet, this is here to trigger a pkg build --> <name>git</name> - <pkginfolink>http://forum.pfsense.org/</pkginfolink> + <pkginfolink>https://forum.pfsense.org/</pkginfolink> <descr><![CDATA[GIT Source Code Management (console/shell only)]]></descr> <category>Services</category> <version>1.8.5.2</version> <status>Beta</status> <required_version>2.2</required_version> - <config_file>http://www.pfsense.com/packages/config/git/git.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/git/git.xml</config_file> <maintainer>jimp@pfsense.org</maintainer> <configurationfile>git.xml</configurationfile> <build_options>git_UNSET_FORCE=GITWEB GUI HTMLDOCS CVS P4 SVN;git_SET_FORCE=CONTRIB CURL ETCSHELLS ICONV NLS PERL</build_options> @@ -1418,9 +1418,9 @@ <build_options></build_options> <version>1.0.22 v1.1</version> <status>ALPHA</status> - <pkginfolink>http://doc.pfsense.org/index.php/tinc_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/tinc_package</pkginfolink> <required_version>2.2</required_version> - <config_file>http://www.pfsense.com/packages/config/tinc/tinc.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/tinc/tinc.xml</config_file> <configurationfile>tinc.xml</configurationfile> <logging> <facilityname>tinc</facilityname> @@ -1443,15 +1443,15 @@ </build_pbi> <build_options></build_options> <maintainer>laleger@gmail.com</maintainer> - <config_file>http://www.pfsense.com/packages/config/syslog-ng/syslog-ng.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/syslog-ng/syslog-ng.xml</config_file> <configurationfile>syslog-ng.xml</configurationfile> </package> <package> <name>Zabbix-2 Agent</name> <descr>Monitoring agent.</descr> <category>Services</category> - <config_file>http://www.pfsense.org/packages/config/zabbix2/zabbix2-agent.xml</config_file> - <version>zabbix2-agent-2.2.1 pkg v0.8_0</version> + <config_file>https://packages.pfsense.org/packages/config/zabbix2/zabbix2-agent.xml</config_file> + <version>zabbix2-agent-2.2.2 pkg v0.8_1</version> <status>BETA</status> <required_version>2.2</required_version> <configurationfile>zabbix2-agent.xml</configurationfile> @@ -1460,14 +1460,14 @@ <custom_name>zabbix22-agent</custom_name> <port>net-mgmt/zabbix22-agent</port> </build_pbi> - <depends_on_package_pbi>zabbix22-agent-2.2.1_2-##ARCH##.pbi</depends_on_package_pbi> + <depends_on_package_pbi>zabbix22-agent-2.2.2-##ARCH##.pbi</depends_on_package_pbi> </package> <package> <name>Zabbix-2 Proxy</name> <descr>Monitoring agent proxy.</descr> <category>Services</category> - <config_file>http://www.pfsense.org/packages/config/zabbix2/zabbix2-proxy.xml</config_file> - <version>zabbix2-proxy-2.2.1 pkg v0.8_0</version> + <config_file>https://packages.pfsense.org/packages/config/zabbix2/zabbix2-proxy.xml</config_file> + <version>zabbix2-proxy-2.2.2 pkg v0.8_1</version> <status>BETA</status> <required_version>2.2</required_version> <configurationfile>zabbix2-proxy.xml</configurationfile> @@ -1477,18 +1477,18 @@ <port>net-mgmt/zabbix22-proxy</port> </build_pbi> <build_options>OPTIONS_SET+= SQLITE IPV6;OPTIONS_UNSET+= MYSQL JABBER GSSAPI</build_options> - <depends_on_package_pbi>zabbix22-proxy-2.2.1_2-##ARCH##.pbi</depends_on_package_pbi> + <depends_on_package_pbi>zabbix22-proxy-2.2.2-##ARCH##.pbi</depends_on_package_pbi> </package> <package> <!-- This does not exist yet, this is here to trigger a PBI build --> <name>ipmitool</name> - <pkginfolink>http://forum.pfsense.org/</pkginfolink> + <pkginfolink>https://forum.pfsense.org/</pkginfolink> <descr><![CDATA[IPMI Tools for local/remote data retrieval and control (Console only, no GUI)]]></descr> <category>Services</category> <version>1.8.12_4</version> <status>Beta</status> <required_version>2.2</required_version> - <config_file>http://www.pfsense.com/packages/config/ipmitool/ipmitool.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/ipmitool/ipmitool.xml</config_file> <maintainer>jimp@pfsense.org</maintainer> <configurationfile>ipmitool.xml</configurationfile> <build_pbi> @@ -1499,13 +1499,13 @@ </package> <package> <name>sudo</name> - <pkginfolink>http://doc.pfsense.org/index.php/Sudo_Package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Sudo_Package</pkginfolink> <descr><![CDATA[sudo allows delegation of privileges to users in the shell so commands can be run as other users, such as root.]]></descr> <category>Security</category> <version>0.2</version> <status>Beta</status> <required_version>2.2</required_version> - <config_file>http://www.pfsense.com/packages/config/sudo/sudo.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/sudo/sudo.xml</config_file> <maintainer>jimp@pfsense.org</maintainer> <configurationfile>sudo.xml</configurationfile> <build_pbi> @@ -1520,7 +1520,7 @@ <version>1.5</version> <category>Services</category> <status>BETA</status> - <config_file>http://www.pfsense.com/packages/config/servicewatchdog/servicewatchdog.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/servicewatchdog/servicewatchdog.xml</config_file> <pkginfolink></pkginfolink> <required_version>2.2</required_version> <configurationfile>servicewatchdog.xml</configurationfile> @@ -1530,7 +1530,7 @@ <website>http://code.google.com/p/softflowd/</website> <descr>Softflowd is flow-based network traffic analyser capable of Cisco NetFlow data export. Softflowd semi-statefully tracks traffic flows recorded by listening on a network interface or by reading a packet capture file. These flows may be reported via NetFlow to a collecting host or summarised within softflowd itself. Softflowd supports Netflow versions 1, 5 and 9 and is fully IPv6-capable - it can track IPv6 flows and send export datagrams via IPv6. It also supports export to multicast groups, allowing for redundant flow collectors.</descr> <category>Network Management</category> - <config_file>http://www.pfsense.com/packages/config/softflowd/softflowd.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/softflowd/softflowd.xml</config_file> <depends_on_package_pbi>softflowd-0.9.8_2-##ARCH##.pbi</depends_on_package_pbi> <version>0.9.8</version> <status>Beta</status> @@ -1545,7 +1545,7 @@ <name>Apcupsd</name> <descr>Set of programs for controlling APC UPS.</descr> <category>Services</category> - <config_file>http://www.pfsense.org/packages/config/apcupsd/apcupsd.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/apcupsd/apcupsd.xml</config_file> <version>apcupsd-3.14.10_1 pkg v0.2</version> <status>BETA</status> <required_version>2.2</required_version> @@ -1566,7 +1566,7 @@ <version>1.0.4</version> <status>BETA</status> <depends_on_package_pbi>ladvd-1.0.4-##ARCH##.pbi</depends_on_package_pbi> - <config_file>http://www.pfsense.org/packages/config/ladvd/ladvd.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/ladvd/ladvd.xml</config_file> <build_pbi> <port>net/ladvd</port> </build_pbi> @@ -1579,16 +1579,16 @@ <website>http://suricata-ids.org/</website> <descr><![CDATA[Suricata is the OISF IDP engine, the open source Intrusion Detection and Prevention Engine.]]></descr> <category>Security</category> - <version>1.4.6 pkg v0.1</version> + <version>1.4.6 pkg v0.2</version> <status>BETA</status> - <required_version>2.1</required_version> - <config_file>http://www.pfsense.org/packages/config/suricata/suricata.xml</config_file> + <required_version>2.2</required_version> + <config_file>https://packages.pfsense.org/packages/config/suricata/suricata.xml</config_file> <configurationfile>suricata.xml</configurationfile> <build_pbi> <port>security/suricata</port> <ports_after>security/barnyard2</ports_after> </build_pbi> - <build_options>barnyard2_UNSET=ODBC PGSQL PRELUDE;barnyard2_SET=GRE IPV6 MPLS MYSQL PORT_PCAP;suricata_SET=IPFW PORTS_PCAP TESTS;suricata_UNSET=PRELUDE</build_options> + <build_options>barnyard2_UNSET=ODBC PGSQL PRELUDE;barnyard2_SET=GRE IPV6 MPLS MYSQL PORT_PCAP BRO;suricata_SET=IPFW PORTS_PCAP TESTS;suricata_UNSET=PRELUDE</build_options> <depends_on_package_pbi>suricata-1.4.6-##ARCH##.pbi</depends_on_package_pbi> </package> </packages> diff --git a/pkg_config.7.xml b/pkg_config.7.xml index b8a5397b..296f7a47 100644 --- a/pkg_config.7.xml +++ b/pkg_config.7.xml @@ -7,8 +7,8 @@ <website/> <descr>Allows you to create and overwrite files from the GUI.</descr> <category>File Management</category> - <pkginfolink>http://doc.pfsense.org/index.php/Filer_package</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/filer/filer.xml</config_file> + <pkginfolink>https://doc.pfsense.org/index.php/Filer_package</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/filer/filer.xml</config_file> <version>0.60</version> <status>Beta</status> <required_version>1.2.3</required_version> @@ -20,8 +20,8 @@ <website/> <descr>PHP File Manager</descr> <category>Diagnostics</category> - <pkginfolink>http://forum.pfsense.org/index.php/topic,26974.0.html</pkginfolink> - <config_file>http://pfsense.org/packages/config/filemgr/filemgr.xml</config_file> + <pkginfolink>https://forum.pfsense.org/index.php/topic,26974.0.html</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/filemgr/filemgr.xml</config_file> <version>0.1.3</version> <status>Beta</status> <required_version>1.2.2</required_version> @@ -33,8 +33,8 @@ <website/> <descr>Block countries</descr> <category>Firewall</category> - <pkginfolink>http://forum.pfsense.org/index.php/topic,25732.0.html</pkginfolink> - <config_file>http://pfsense.org/packages/config/countryblock/countryblock.xml</config_file> + <pkginfolink>https://forum.pfsense.org/index.php/topic,25732.0.html</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/countryblock/countryblock.xml</config_file> <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url> <version>0.2.4</version> <status>Beta</status> @@ -47,8 +47,8 @@ <website/> <descr>IP-Blocklist is the new PeerBlock. IP lists are used to add deny/allow rules to the firewall for in & out traffic.</descr> <category>Firewall</category> - <pkginfolink>http://forum.pfsense.org/index.php/topic,24769.0.html</pkginfolink> - <config_file>http://pfsense.org/packages/config/ipblocklist/7/ipblocklist.xml</config_file> + <pkginfolink>https://forum.pfsense.org/index.php/topic,24769.0.html</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/ipblocklist/7/ipblocklist.xml</config_file> <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url> <version>0.3.4</version> <status>Beta</status> @@ -60,16 +60,16 @@ <name>anyterm</name> <descr>Ajax Interactive Shell - Have you ever wanted SSH or telnet access to your system from an internet desert - from behind a strict firewall, from an internet cafe, or even from a mobile phone? Anyterm is a combination of a web page and a process that runs on your web server that provides this access. WARNING! We suggest using Stunnel in combination with this package!</descr> <website>http://anyterm.org/</website> - <pkginfolink>http://doc.pfsense.org/index.php/AnyTerm_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/AnyTerm_package</pkginfolink> <category>Diagnostics</category> <version>0.5</version> <status>BETA</status> <required_version>1.2.3</required_version> - <config_file>http://www.pfsense.com/packages/config/anyterm/anyterm.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/anyterm/anyterm.xml</config_file> <configurationfile>anyterm.xml</configurationfile> </package> <package> - <pkginfolink>http://doc.pfsense.org/index.php/haproxy_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/haproxy_package</pkginfolink> <name>haproxy</name> <descr>The Reliable, High Performance TCP/HTTP Load Balancer</descr> <website>http://haproxy.1wt.eu/</website> @@ -77,11 +77,11 @@ <version>0.32</version> <status>BETA</status> <required_version>1.2.3</required_version> - <config_file>http://www.pfsense.com/packages/config/haproxy/haproxy.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/haproxy/haproxy.xml</config_file> <configurationfile>haproxy.xml</configurationfile> </package> <package> - <pkginfolink>http://doc.pfsense.org/index.php/haproxy_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/haproxy_package</pkginfolink> <name>haproxy-stable</name> <descr>The Reliable, High Performance TCP/HTTP Load Balancer</descr> <website>http://haproxy.1wt.eu/</website> @@ -89,19 +89,19 @@ <version>0.30</version> <status>BETA</status> <required_version>1.2.3</required_version> - <config_file>http://www.pfsense.com/packages/config/haproxy-stable/haproxy.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/haproxy-stable/haproxy.xml</config_file> <configurationfile>haproxy.xml</configurationfile> </package> <package> <name>Proxy Server with mod_security</name> - <pkginfolink>http://doc.pfsense.org/index.php/ProxyServerModSecurity_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/ProxyServerModSecurity_package</pkginfolink> <website>http://www.modsecurity.org/</website> <descr>ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. In addition this package allows URL forwarding which can be convenient for hosting multiple websites behind pfSense using 1 IP address.</descr> <category>Network Management</category> <version>0.1.2</version> <status>ALPHA</status> <required_version>1.2.3</required_version> - <config_file>http://www.pfsense.com/packages/config/apache_mod_security/apache_mod_security.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/apache_mod_security/apache_mod_security.xml</config_file> <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url> <depends_on_package>mod_security-2.5.9.tbz</depends_on_package> <depends_on_package>apache-2.2.11_7.tbz</depends_on_package> @@ -116,7 +116,7 @@ <website>http://www.pureftpd.org/</website> <descr>*DO NOT RUN THIS ON A FIREWALL. USE A DEDICATED MACHINE!* Pure FTPd Server is a fast, production quality, standards-conformant FTP server based on Troll-FTPd. It has no known vulnerabilities, is trivial to set up, and is especially designed for modern kernels. Features include PAM support, IPv6, chroot()ed home directories, virtual domains, built-in 'ls', FXP protocol, anti-warez system, bandwidth throttling, restricted ports for passive downloads, an LDAP backend, XML output, and more.</descr> <category>FTP</category> - <config_file>http://www.pfsense.com/packages/config/pure-ftpd.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/pure-ftpd.xml</config_file> <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url> <depends_on_package>pure-ftpd-1.0.20_3.tbz</depends_on_package> <version>1.0.21</version> @@ -130,7 +130,7 @@ </package> <package> <name>Avahi</name> - <pkginfolink>http://doc.pfsense.org/index.php/Avahi_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Avahi_package</pkginfolink> <website>http://www.avahi.org/</website> <descr>Avahi is a system which facilitates service discovery on a local network. This means that you can plug your laptop or computer into a network and instantly be able to view other people who you can chat with, find printers to print to or find files being shared. This kind of technology is already found in Apple MacOS X (branded Rendezvous, Bonjour and sometimes Zeroconf) and is very convenient. Avahi is mainly based on Lennart Poettering's flexmdns mDNS implementation for Linux which has been discontinued in favour of Avahi.</descr> <category>Network Management</category> @@ -138,7 +138,7 @@ <version>0.6.25_2</version> <status>ALPHA</status> <required_version>1.2.3</required_version> - <config_file>http://www.pfsense.com/packages/config/avahi/avahi.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/avahi/avahi.xml</config_file> <configurationfile>avahi.xml</configurationfile> <after_install_info>Please visit the Avahi settings tab and select which interfaces you do not wish Avahi to listen on and click save to start the service.</after_install_info> </package> @@ -154,7 +154,7 @@ <version>3.3.8</version> <status>BETA</status> <required_version>1.2.1</required_version> - <config_file>http://www.pfsense.com/packages/config/ntop/ntop.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/ntop/ntop.xml</config_file> <configurationfile>ntop.xml</configurationfile> <noembedded>true</noembedded> </package> @@ -166,8 +166,8 @@ <version>1.0</version> <required_version>1.0</required_version> <status>RELEASE</status> - <pkginfolink>http://doc.pfsense.org/index.php/Pubkey_package</pkginfolink> - <config_file>http://www.pfsense.org/packages/config/pubkey.xml</config_file> + <pkginfolink>https://doc.pfsense.org/index.php/Pubkey_package</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/pubkey.xml</config_file> <configurationfile>pubkey.xml</configurationfile> <after_install_info>The pfSense release key has been updated.</after_install_info> </package> @@ -175,7 +175,7 @@ <name>Dashboard</name> <descr>Adds pfSense dashboard that will be included with 2.0. WARNING! Cannot be deinstalled.</descr> <category>System</category> - <config_file>http://www.pfsense.com/packages/config/dashboard/dashboard.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/dashboard/dashboard.xml</config_file> <version>0.8.8</version> <status>BETA</status> <required_version>1.2</required_version> @@ -186,7 +186,7 @@ <name>Dashboard Widget: Snort</name> <descr>Dashboard widget for Snort.</descr> <category>System</category> - <config_file>http://www.pfsense.com/packages/config/widget-snort/widget-snort.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/widget-snort/widget-snort.xml</config_file> <version>0.3</version> <status>BETA</status> <required_version>1.2</required_version> @@ -196,7 +196,7 @@ <name>Dashboard Widget: HAVP</name> <descr>Dashboard widget for HAVP alerts.</descr> <category>System</category> - <config_file>http://www.pfsense.com/packages/config/widget-havp/widget-havp.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/widget-havp/widget-havp.xml</config_file> <version>0.1</version> <status>BETA</status> <required_version>1.2</required_version> @@ -206,7 +206,7 @@ <name>Dashboard Widget: Antivirus Status</name> <descr>Dashboard widget for HAVP status.</descr> <category>System</category> - <config_file>http://www.pfsense.com/packages/config/widget-antivirus/widget-antivirus.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/widget-antivirus/widget-antivirus.xml</config_file> <version>0.1</version> <status>BETA</status> <required_version>1.2</required_version> @@ -217,8 +217,8 @@ <website>http://www.freeswitch.org/</website> <descr>FreeSWITCH is an open source telephony platform designed to facilitate the creation of voice and chat driven products scaling from a soft-phone up to a soft-switch. It can be used as a simple switching engine, a PBX, a media gateway or a media server to host IVR applications using simple scripts or XML to control the callflow. pfSense 1.2.3 or higher is recommended.</descr> <category>Services</category> - <pkginfolink>http://doc.pfsense.org/index.php/FreeSWITCH</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/freeswitch/freeswitch.xml</config_file> + <pkginfolink>https://doc.pfsense.org/index.php/FreeSWITCH</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/freeswitch/freeswitch.xml</config_file> <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url> <version>0.9.6</version> <status>Beta</status> @@ -232,8 +232,8 @@ <website>http://www.freeswitch.org/</website> <descr>FreeSWITCH package development version.</descr> <category>Services</category> - <pkginfolink>http://doc.pfsense.org/index.php/FreeSWITCH</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/freeswitch_dev/freeswitch.xml</config_file> + <pkginfolink>https://doc.pfsense.org/index.php/FreeSWITCH</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/freeswitch_dev/freeswitch.xml</config_file> <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url> <version>0.9.7.26</version> <status>Beta</status> @@ -248,7 +248,7 @@ <descr>Track things you want to note for this system.</descr> <category>Status</category> <pkginfolink/> - <config_file>http://www.pfsense.com/packages/config/notes/notes.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/notes/notes.xml</config_file> <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url> <version>0.2.4</version> <status>Stable</status> @@ -262,7 +262,7 @@ <descr>Trivial File Transport Protocol is a very simple file transfer protocol. Often used with routers, voip phones and more.</descr> <category>Services</category> <pkginfolink/> - <config_file>http://www.pfsense.com/packages/config/tftp/tftp.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/tftp/tftp.xml</config_file> <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url> <version>1.0.7</version> <status>Stable</status> @@ -275,8 +275,8 @@ <website/> <descr>PHP run as a service it can do anything PHP can do including but not limited to monitoring files, CPU, RAM, and send alerts to the syslog.</descr> <category>Services</category> - <pkginfolink>http://doc.pfsense.org/index.php/PHPService</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/phpservice/phpservice.xml</config_file> + <pkginfolink>https://doc.pfsense.org/index.php/PHPService</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/phpservice/phpservice.xml</config_file> <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url> <version>0.4.1</version> <status>Beta</status> @@ -290,7 +290,7 @@ <descr>Tool to Backup and Restore files and directories.</descr> <category>System</category> <pkginfolink></pkginfolink> - <config_file>http://www.pfsense.com/packages/config/backup/backup.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/backup/backup.xml</config_file> <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url> <version>0.1.7</version> <status>Stable</status> @@ -304,7 +304,7 @@ <descr>The cron utility is used to manage commands on a schedule.</descr> <category>Services</category> <pkginfolink></pkginfolink> - <config_file>http://www.pfsense.com/packages/config/cron/cron.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/cron/cron.xml</config_file> <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url> <version>0.2.2</version> <status>Beta</status> @@ -318,7 +318,7 @@ <descr>The shellcmd utility is used to manage commands on system startup.</descr> <category>Services</category> <pkginfolink></pkginfolink> - <config_file>http://www.pfsense.com/packages/config/shellcmd/shellcmd.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/shellcmd/shellcmd.xml</config_file> <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url> <version>0.5</version> <status>Beta</status> @@ -332,7 +332,7 @@ <descr>DenyHosts analyzes logs for SSH login attempts and blocks offending IP addresses.</descr> <category>Services</category> <pkginfolink></pkginfolink> - <config_file>http://www.pfsense.com/packages/config/denyhosts/denyhosts.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/denyhosts/denyhosts.xml</config_file> <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url> <version>0.5.1</version> <status>Beta</status> @@ -346,7 +346,7 @@ <descr>DNS Blacklist uses dnsmasq entries to block domain names by category.</descr> <category>Services</category> <pkginfolink></pkginfolink> - <config_file>http://www.pfsense.com/packages/config/dnsblacklist/dnsblacklist.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/dnsblacklist/dnsblacklist.xml</config_file> <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url> <version>0.2.4</version> <status>Beta</status> @@ -359,8 +359,8 @@ <website/> <descr>It is a web server package that can host HTML, Javascript, CSS, and PHP. It uses the lighttpd web server that is already installed. It uses PHP5 in FastCGI mode and has access to PHP Data Ojbects and PDO SQLite.</descr> <category>Services</category> - <pkginfolink>http://doc.pfsense.org/index.php/vhosts</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/vhosts/vhosts.xml</config_file> + <pkginfolink>https://doc.pfsense.org/index.php/vhosts</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/vhosts/vhosts.xml</config_file> <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url> <version>0.7.4</version> <status>Stable</status> @@ -370,7 +370,7 @@ </package> <package> <name>snort-old</name> - <pkginfolink>http://forum.pfsense.org/index.php/topic,16847.0.html</pkginfolink> + <pkginfolink>https://forum.pfsense.org/index.php/topic,16847.0.html</pkginfolink> <website>http://www.snort.org</website> <descr>WARNING: This is the old snort package. A few current snort.org rules are not supported in this package. This package will not be supported in Pfsense 2.0.</descr> <category>Security</category> @@ -380,7 +380,7 @@ <depends_on_package>perl-5.8.9_3.tbz</depends_on_package> <depends_on_package>mysql-client-5.1.34.tbz</depends_on_package> <depends_on_package>snort-2.8.4.1_1.tbz</depends_on_package> - <config_file>http://www.pfsense.com/packages/config/snort-old/snort.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/snort-old/snort.xml</config_file> <version>2.8.4.1_5 pkg v.1.8</version> <required_version>1.2.3</required_version> <status>legacy</status> @@ -389,15 +389,15 @@ </package> <package> <name>snort</name> - <pkginfolink>http://forum.pfsense.org/index.php/topic,16847.0.html</pkginfolink> + <pkginfolink>https://forum.pfsense.org/index.php/topic,16847.0.html</pkginfolink> <website>http://www.snort.org</website> <descr>Used by fortune 500 companies and governments Snort is the most widely deployed IDS/IPS technology worldwide. It features rules based logging and can perform content searching/matching in addition to being used to detect a variety of other attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, and much more.</descr> <category>Security</category> - <depends_on_package_base_url>http://www.pfsense.com/packages/config/snort/bin/7.3.x86/</depends_on_package_base_url> + <depends_on_package_base_url>https://packages.pfsense.org/packages/config/snort/bin/7.3.x86/</depends_on_package_base_url> <depends_on_package>pcre-8.10.tbz</depends_on_package> <depends_on_package>mysql-client-5.1.50_1.tbz</depends_on_package> <depends_on_package>snort-2.8.6.1.tbz</depends_on_package> - <config_file>http://www.pfsense.com/packages/config/snort/snort.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/snort/snort.xml</config_file> <version>2.8.6.1 pkg v. 1.35</version> <required_version>1.2.3</required_version> <status>Stable</status> @@ -409,10 +409,10 @@ <website>http://siproxd.sourceforge.net/</website> <descr>Proxy for handling NAT of multiple SIP devices to a single public IP.</descr> <category>Services</category> - <config_file>http://www.pfsense.com/packages/config/siproxd.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/siproxd.xml</config_file> <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url> <depends_on_package>siproxd-0.8.0.tbz</depends_on_package> - <pkginfolink>http://doc.pfsense.org/index.php/Siproxd_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Siproxd_package</pkginfolink> <version>0.8.0_2</version> <status>Beta</status> <required_version>1.2.1</required_version> @@ -422,7 +422,7 @@ <name>OpenBGPD</name> <descr>OpenBGPD is a FREE implementation of the Border Gateway Protocol, Version 4. It allows ordinary machines to be used as routers exchanging routes with other systems speaking the BGP protocol.</descr> <category>NET</category> - <config_file>http://www.pfsense.com/packages/config/openbgpd/openbgpd.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/openbgpd/openbgpd.xml</config_file> <version>0.4.2</version> <status>STABLE</status> <required_version>1.3</required_version> @@ -442,7 +442,7 @@ <depends_on_package>perl-5.8.8_1.tbz</depends_on_package> <status>Beta1</status> <required_version>1.2.1</required_version> - <config_file>http://www.pfsense.com/packages/config/lightsquid/lightsquid.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/lightsquid/lightsquid.xml</config_file> <configurationfile>lightsquid.xml</configurationfile> <noembedded>true</noembedded> </package> @@ -450,7 +450,7 @@ <name>vnstat</name> <website>http://humdi.net/vnstat/</website> <descr>A console-based network traffic monitor + vnstat PHP frontend</descr> - <pkginfolink>http://forum.pfsense.org/index.php/topic,14179.0.html</pkginfolink> + <pkginfolink>https://forum.pfsense.org/index.php/topic,14179.0.html</pkginfolink> <category>Network Management</category> <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url> <depends_on_package>vnstat-1.6_3.tbz</depends_on_package> @@ -458,7 +458,7 @@ <status>Stable</status> <required_version>1.2.3</required_version> <maintainer>crazypark2@yahoo.dk</maintainer> - <config_file>http://www.pfsense.com/packages/config/vnstat/vnstat.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/vnstat/vnstat.xml</config_file> <configurationfile>vnstat.xml</configurationfile> <after_install_info></after_install_info> </package> @@ -472,7 +472,7 @@ <required_version>1.0</required_version> <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url> <depends_on_package>mbmon-205_4.tbz</depends_on_package> - <config_file>http://www.pfsense.com/packages/config/phpsysinfo/phpsysinfo.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/phpsysinfo/phpsysinfo.xml</config_file> <configurationfile>phpsysinfo.xml</configurationfile> <noembedded>true</noembedded> </package> @@ -486,7 +486,7 @@ <required_version>1.2.3</required_version> <maximum_version>1.2.3</maximum_version> <maintainer>crazypark2@yahoo.dk</maintainer> - <config_file>http://www.pfsense.com/packages/config/Fit123/fit123.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/Fit123/fit123.xml</config_file> <configurationfile>fit123.xml</configurationfile> </package> <package> @@ -496,9 +496,9 @@ <category>Services</category> <version>1.0.6.14</version> <status>Beta</status> - <pkginfolink>http://doc.pfsense.org/index.php/Tinydns_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Tinydns_package</pkginfolink> <required_version>1.2</required_version> - <config_file>http://www.pfsense.com/packages/config/tinydns/tinydns.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/tinydns/tinydns.xml</config_file> <configurationfile>tinydns.xml</configurationfile> <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url> <depends_on_package>ucspi-tcp-0.88_2.tbz</depends_on_package> @@ -512,9 +512,9 @@ <category>Services</category> <version>167859</version> <status>Stable</status> - <pkginfolink>http://doc.pfsense.org/index.php/Open_VM_Tools_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Open_VM_Tools_package</pkginfolink> <required_version>1.2.1</required_version> - <config_file>http://www.pfsense.org/packages/config/open-vm-tools/open-vm-tools.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/open-vm-tools/open-vm-tools.xml</config_file> <configurationfile>open-vm-tools.xml</configurationfile> <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url> <depends_on_package>open-vm-tools-nox11-253928.tbz</depends_on_package> @@ -535,8 +535,8 @@ <version>1.20</version> <status>Stable</status> <required_version>1.2</required_version> - <pkginfolink>http://doc.pfsense.org/index.php/AutoConfigBackup</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/autoconfigbackup/autoconfigbackup.xml</config_file> + <pkginfolink>https://doc.pfsense.org/index.php/AutoConfigBackup</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/autoconfigbackup/autoconfigbackup.xml</config_file> <configurationfile>autoconfigbackup.xml</configurationfile> </package> <package> @@ -546,9 +546,9 @@ <category>Services</category> <version>2.06.1</version> <status>Stable</status> - <pkginfolink>http://doc.pfsense.org/index.php/Arping_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Arping_package</pkginfolink> <required_version>1.0.1</required_version> - <config_file>http://www.pfsense.com/packages/config/arping/arping.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/arping/arping.xml</config_file> <configurationfile>arping.xml</configurationfile> <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url> <depends_on_package>arping-2.06.tbz</depends_on_package> @@ -560,10 +560,10 @@ <category>Security</category> <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url> <depends_on_package>nmap-4.76.tbz</depends_on_package> - <config_file>http://www.pfsense.com/packages/config/nmap/nmap.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/nmap/nmap.xml</config_file> <version>4.76</version> <status>Stable</status> - <pkginfolink>http://doc.pfsense.org/index.php/Nmap_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Nmap_package</pkginfolink> <required_version>1.2.1</required_version> <configurationfile>nmap.xml</configurationfile> </package> @@ -577,7 +577,7 @@ <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url> <depends_on_package>openospfd-4.6.tbz</depends_on_package> <depends_on_package>libevent-1.4.14b_2.tbz</depends_on_package> - <config_file>http://www.pfsense.com/packages/config/openospfd/openospfd.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/openospfd/openospfd.xml</config_file> <pkginfolink></pkginfolink> <required_version>1.2.1</required_version> <configurationfile>openospfd.xml</configurationfile> @@ -591,8 +591,8 @@ <version>0.8-9</version> <required_version>1.2.1</required_version> <status>BETA</status> - <pkginfolink>http://doc.pfsense.org/index.php/IMSpector_package</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/imspector/imspector.xml</config_file> + <pkginfolink>https://doc.pfsense.org/index.php/IMSpector_package</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/imspector/imspector.xml</config_file> <configurationfile>imspector.xml</configurationfile> <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url> <depends_on_package>imspector-0.8.tbz</depends_on_package> @@ -609,11 +609,11 @@ <status>BETA</status> <required_version>1.2.1</required_version> <maintainer>rswagoner@gmail.com</maintainer> - <config_file>http://www.pfsense.com/packages/config/nut/nut.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/nut/nut.xml</config_file> <configurationfile>nut.xml</configurationfile> <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url> <depends_on_package>nut-2.2.2.tbz</depends_on_package> - <pkginfolink>http://doc.pfsense.org/index.php/Nut_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Nut_package</pkginfolink> </package> <package> <name>diag_new_states</name> @@ -624,8 +624,8 @@ <maintainer>ptaylor@addressplus.net</maintainer> <required_version>1.2.1</required_version> <status>BETA</status> - <config_file>http://www.pfsense.org/packages/config/diag_states_pt/diag_new_states.xml</config_file> - <configurationfile>http://www.pfsense.com/packages/config/diag_states_pt/diag_new_states.xml</configurationfile> + <config_file>https://packages.pfsense.org/packages/config/diag_states_pt/diag_new_states.xml</config_file> + <configurationfile>https://packages.pfsense.org/packages/config/diag_states_pt/diag_new_states.xml</configurationfile> </package> <package> <name>darkstat</name> @@ -639,7 +639,7 @@ <status>Stable</status> <required_version>1.2.1</required_version> <maintainer>sullrich+pfsp@gmail.com</maintainer> - <config_file>http://www.pfsense.com/packages/config/darkstat/darkstat.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/darkstat/darkstat.xml</config_file> <configurationfile>darkstat.xml</configurationfile> </package> <package> @@ -647,7 +647,7 @@ <website>http://www.mindrot.org/pfflowd.html</website> <descr>pfflowd converts OpenBSD PF status messages (sent via the pfsync interface) to Cisco NetFlow datagrams. These datagrams may be sent (via UDP) to a host of one's choice. Utilising the OpenBSD stateful packet filter infrastructure means that flow tracking is very fast and accurate.</descr> <category>Network Management</category> - <config_file>http://www.pfsense.com/packages/config/pfflowd.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/pfflowd.xml</config_file> <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url> <depends_on_package>pfflowd-0.8.tbz</depends_on_package> <version>0.8.2</version> @@ -665,9 +665,9 @@ <depends_on_package>widentd-1.03_1.tbz</depends_on_package> <version>1.03_1</version> <status>Stable</status> - <pkginfolink>http://doc.pfsense.org/index.php/Widentd_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Widentd_package</pkginfolink> <required_version>1.2.1</required_version> - <config_file>http://www.pfsense.com/packages/config/widentd.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/widentd.xml</config_file> <configurationfile>widentd.xml</configurationfile> </package> <package> @@ -682,7 +682,7 @@ <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url> <depends_on_package>freeradius-1.1.7_3.tbz</depends_on_package> <depends_on_package>libltdl-1.5.26.tbz</depends_on_package> - <config_file>http://www.pfsense.org/packages/config/freeradius.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/freeradius.xml</config_file> <configurationfile>freeradius.xml</configurationfile> </package> <package> @@ -696,7 +696,7 @@ <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url> <depends_on_package>bandwidthd-2.0.1_1.tbz</depends_on_package> <depends_on_package>libiconv-1.11_1.tbz</depends_on_package> - <config_file>http://www.pfsense.org/packages/config/bandwidthd/bandwidthd.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/bandwidthd/bandwidthd.xml</config_file> <configurationfile>bandwidthd.xml</configurationfile> <noembedded>true</noembedded> </package> @@ -709,9 +709,9 @@ <depends_on_package>stunnel-4.25.tbz</depends_on_package> <version>4.30.2</version> <status>Stable</status> - <pkginfolink>http://doc.pfsense.org/index.php/Stunnel_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Stunnel_package</pkginfolink> <required_version>1.2.1</required_version> - <config_file>http://www.pfsense.com/packages/config/stunnel.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/stunnel.xml</config_file> <configurationfile>stunnel.xml</configurationfile> </package> <package> @@ -719,12 +719,12 @@ <website>http://dast.nlanr.net/Projects/Iperf/</website> <descr>Iperf is a tool for testing network throughput, loss, and jitter.</descr> <category>Network Management</category> - <config_file>http://www.pfsense.com/packages/config/iperf.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/iperf.xml</config_file> <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url> <depends_on_package>iperf-2.0.4.tbz</depends_on_package> <version>2.0.2_1</version> <status>Beta</status> - <pkginfolink>http://doc.pfsense.org/index.php/Iperf_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Iperf_package</pkginfolink> <required_version>1.2.1</required_version> <configurationfile>iperf.xml</configurationfile> </package> @@ -733,7 +733,7 @@ <website>http://freshmeat.net/projects/netio/</website> <descr>This is a network benchmark for DOS, OS/2 2.x, Windows NT/2000 and Unix. It measures the net throughput of a network via NetBIOS and/or TCP/IP protocols (Unix and DOS only support TCP/IP) using various different packet sizes.</descr> <category>Network Management</category> - <config_file>http://www.pfsense.com/packages/config/netio.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/netio.xml</config_file> <depends_on_package_base_url>http://files.pfsense.org/packages/7/All</depends_on_package_base_url> <depends_on_package>netio-1.26.tbz</depends_on_package> <version>1.26</version> @@ -752,7 +752,7 @@ <version>0.65_2</version> <status>Stable</status> <required_version>2.0</required_version> - <config_file>http://www.pfsense.com/packages/config/mtr-nox11.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/mtr-nox11.xml</config_file> <configurationfile>mtr-nox11.xml</configurationfile> </package> <package> @@ -768,7 +768,7 @@ <depends_on_package>squid-2.7.9.tbz</depends_on_package> <depends_on_package>squid_radius_auth-1.10.tbz</depends_on_package> <depends_on_package>openldap-sasl-client-2.4.25_1.tbz</depends_on_package> - <config_file>http://www.pfsense.org/packages/config/squid/squid.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/squid/squid.xml</config_file> <configurationfile>squid.xml</configurationfile> </package> <package> @@ -782,7 +782,7 @@ <maintainer>seth.mos@dds.nl</maintainer> <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url> <depends_on_package>lcdproc-0.5.2_2.tbz</depends_on_package> - <config_file>http://www.pfsense.org/packages/config/lcdproc/lcdproc.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/lcdproc/lcdproc.xml</config_file> <configurationfile>lcdproc.xml</configurationfile> </package> <package> @@ -795,7 +795,7 @@ <version>2.1.a13</version> <status>ALPHA</status> <required_version>2.0</required_version> - <config_file>http://www.pfsense.com/packages/config/arpwatch.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/arpwatch.xml</config_file> <configurationfile>arpwatch.xml</configurationfile> <logging> <facilityname>arpwatch</facilityname> @@ -813,14 +813,14 @@ <required_version>1.1</required_version> <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url> <depends_on_package>squidGuard-1.4_3.tbz</depends_on_package> - <config_file>http://www.pfsense.org/packages/config/squidGuard/squidguard.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/squidGuard/squidguard.xml</config_file> <configurationfile>squidguard.xml</configurationfile> </package> <package> <name>Zabbix Agent</name> <descr>Monitoring agent.</descr> <category>Services</category> - <config_file>http://www.pfsense.com/packages/config/zabbix-agent/zabbix-agent.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/zabbix-agent/zabbix-agent.xml</config_file> <version>1.8.2_2</version> <status>FINAL</status> <required_version>1.2.3</required_version> @@ -833,7 +833,7 @@ <name>Zabbix Proxy</name> <descr>Monitoring agent proxy.</descr> <category>Services</category> - <config_file>http://www.pfsense.com/packages/config/zabbix-proxy/zabbix-proxy.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/zabbix-proxy/zabbix-proxy.xml</config_file> <version>1.8.3,2_1</version> <status>FINAL</status> <required_version>1.2.3</required_version> @@ -851,7 +851,7 @@ <version>0.1</version> <status>BETA</status> <required_version>2.0</required_version> - <config_file>http://www.pfsense.com/packages/config/openvpn-client-export/openvpn-client-export.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/openvpn-client-export/openvpn-client-export.xml</config_file> <configurationfile>openvpn-client-export.xml</configurationfile> </package> <package> @@ -865,7 +865,7 @@ <version>0.91</version> <status>BETA</status> <required_version>1.2.2</required_version> - <config_file>http://www.pfsense.com/packages/config/havp/havp.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/havp/havp.xml</config_file> <configurationfile>havp.xml</configurationfile> <maintainer>dv_serg@mail.ru</maintainer> <after_install_info>Please check the HAVP settings.</after_install_info> @@ -876,7 +876,7 @@ <name>onatproto</name> <descr>Patch to add Protocol options to Manual Outbound NAT. WARNING! Cannot be uninstalled.</descr> <category>System</category> - <config_file>http://www.pfsense.com/packages/config/onatproto/onatproto.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/onatproto/onatproto.xml</config_file> <version>0.1</version> <status>BETA</status> <required_version>1.2.1</required_version> @@ -890,8 +890,8 @@ <version>0.51</version> <required_version>1.2.3</required_version> <status>BETA</status> - <pkginfolink>http://doc.pfsense.org/index.php/PfJailctl_package</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/jailctl.xml</config_file> + <pkginfolink>https://doc.pfsense.org/index.php/PfJailctl_package</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/jailctl.xml</config_file> <configurationfile>jailctl.xml</configurationfile> <maintainer>ltning-jailctl@anduin.net</maintainer> <noembedded>true</noembedded> @@ -904,8 +904,8 @@ <version>0.2</version> <required_version>1.2.3</required_version> <status>BETA</status> - <pkginfolink>http://doc.pfsense.org/index.php/PfJailctl_package</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/jail_template.xml</config_file> + <pkginfolink>https://doc.pfsense.org/index.php/PfJailctl_package</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/jail_template.xml</config_file> <configurationfile>jail_template.xml</configurationfile> <maintainer>ltning-jailctl@anduin.net</maintainer> <noembedded>true</noembedded> @@ -917,8 +917,8 @@ <version>0.1</version> <required_version>1.2.2</required_version> <status>BETA</status> - <pkginfolink>http://doc.pfsense.org/index.php/IGMPproxy</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/igmpproxy/igmpproxy.xml</config_file> + <pkginfolink>https://doc.pfsense.org/index.php/IGMPproxy</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/igmpproxy/igmpproxy.xml</config_file> <configurationfile>igmpproxy.xml</configurationfile> <maintainer>eri@pfsense.org</maintainer> </package> @@ -932,7 +932,7 @@ <depends_on_package>nagios-plugins-1.4.13,1.tbz</depends_on_package> <depends_on_package>libiconv-1.11_1.tbz</depends_on_package> <depends_on_package>gettext-0.17_1.tbz</depends_on_package> - <config_file>http://www.pfsense.com/packages/config/nrpe2/nrpe2.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/nrpe2/nrpe2.xml</config_file> <version>2.11</version> <status>Beta</status> <required_version>1.2</required_version> @@ -949,7 +949,7 @@ <status>STABLE</status> <required_version>1.2</required_version> <maximum_version>1.2.9</maximum_version> - <config_file>http://www.pfsense.com/packages/config/ovpnenhance/ovpnenhance.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/ovpnenhance/ovpnenhance.xml</config_file> <configurationfile>ovpnenhance.xml</configurationfile> </package> <package> @@ -960,9 +960,9 @@ <status>BETA</status> <maintainer>jimp@pfsense.org</maintainer> <required_version>1.2.2</required_version> - <depends_on_package_base_url>http://files.pfsense.com/packages/7/All/</depends_on_package_base_url> + <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url> <depends_on_package>rate-0.9.tbz</depends_on_package> - <config_file>http://www.pfsense.org/packages/config/rate/rate.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/rate/rate.xml</config_file> <configurationfile>rate.xml</configurationfile> </package> <package> @@ -973,7 +973,7 @@ <status>So Alpha it's Omega</status> <maintainer>jimp@pfsense.org</maintainer> <required_version>1.2.3</required_version> - <config_file>http://www.pfsense.org/packages/config/blinkled/blinkled.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/blinkled/blinkled.xml</config_file> <configurationfile>blinkled.xml</configurationfile> </package> <package> @@ -984,7 +984,7 @@ <status>Beta</status> <maintainer>jimp@pfsense.org</maintainer> <required_version>1.2.3</required_version> - <config_file>http://www.pfsense.org/packages/config/openvpn-status/openvpn-status.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/openvpn-status/openvpn-status.xml</config_file> <configurationfile>openvpn-status.xml</configurationfile> </package> <package> @@ -995,14 +995,14 @@ <status>Beta</status> <maintainer>jimp@pfsense.org</maintainer> <required_version>1.2.3</required_version> - <config_file>http://www.pfsense.org/packages/config/states-summary/states-summary.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/states-summary/states-summary.xml</config_file> <configurationfile>states-summary.xml</configurationfile> </package> <package> <name>IP Range Aliases</name> <descr>Patch to add IP Range support to Network Aliases. WARNING! Cannot be uninstalled. Probably does not play nice with URL Table patch.</descr> <category>System</category> - <config_file>http://www.pfsense.com/packages/config/iprangealiases/iprangealiases.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/iprangealiases/iprangealiases.xml</config_file> <version>0.2</version> <status>BETA</status> <required_version>1.2.3</required_version> @@ -1012,7 +1012,7 @@ <name>URL Table Aliases</name> <descr>Patch to add URL Table alias support to pull a list of CIDRs/IPs from a file by URL into a persist table. WARNING! Cannot be uninstalled. Probably does not play nice with IP Range Aliases patch. This is NOT a way to add an alias for host URLs.</descr> <category>System</category> - <config_file>http://www.pfsense.com/packages/config/urltables/urltables.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/urltables/urltables.xml</config_file> <version>0.1</version> <status>BETA</status> <required_version>1.2.3</required_version> @@ -1022,7 +1022,7 @@ <name>dnsmasq EDNS size increase</name> <descr>Patch to increase dnsmasq EDNS size to 4096 if needed. WARNING! Cannot be uninstalled.</descr> <category>System</category> - <config_file>http://www.pfsense.com/packages/config/dnsmasq-edns/dnsmasq-edns.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/dnsmasq-edns/dnsmasq-edns.xml</config_file> <version>0.1</version> <status>BETA</status> <required_version>1.2.3</required_version> @@ -1032,7 +1032,7 @@ <name>Packet Capture Fix</name> <descr>Patch to fix packet capture on 1.2.3 embedded (NanoBSD)</descr> <category>System</category> - <config_file>http://www.pfsense.com/packages/config/packetcapturefix/packetcapturefix.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/packetcapturefix/packetcapturefix.xml</config_file> <version>0.2</version> <status>BETA</status> <required_version>1.2.3</required_version> @@ -1046,14 +1046,14 @@ <status>Beta</status> <maintainer>jimp@pfsense.org</maintainer> <required_version>1.2.3</required_version> - <config_file>http://www.pfsense.org/packages/config/rrd-summary/rrd-summary.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/rrd-summary/rrd-summary.xml</config_file> <configurationfile>rrd-summary.xml</configurationfile> </package> <package> <name>Patch rc to leave filter_dirty</name> <descr>Patch to stop /etc/rc from removing /tmp/filter_dirty on boot. Fixes boot issues with some packages on certain platforms.</descr> <category>System</category> - <config_file>http://www.pfsense.com/packages/config/patch_rc_filter_dirty/patch_rc_filter_dirty.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/patch_rc_filter_dirty/patch_rc_filter_dirty.xml</config_file> <version>0.1</version> <status>BETA</status> <required_version>1.2.3</required_version> @@ -1065,7 +1065,7 @@ <category>Diagnostics</category> <depends_on_package_base_url>http://ftp-archive.freebsd.org/mirror/FreeBSD-Archive/ports/i386/packages-7.2-release/All/</depends_on_package_base_url> <depends_on_package>libxml2-2.7.3.tbz</depends_on_package> - <config_file>http://www.pfsense.com/packages/config/pre2upgrade/pre2upgrade.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/pre2upgrade/pre2upgrade.xml</config_file> <version>1.0</version> <status>Stable</status> <required_version>1.2</required_version> diff --git a/pkg_config.8.xml b/pkg_config.8.xml index aca3f3b3..af75b362 100644 --- a/pkg_config.8.xml +++ b/pkg_config.8.xml @@ -9,14 +9,14 @@ <package> <name>someprogram</name> <internal_name>someprogram</internal_name> - <pkginfolink>http://forum.pfsense.org/</pkginfolink> + <pkginfolink>https://forum.pfsense.org/</pkginfolink> <descr><![CDATA[Some cool program]]></descr> <website>http://www.example.org/someprogram</website> <category>Services</category> <version>0.99</version> <status>Beta</status> <required_version>2.1</required_version> - <config_file>http://www.pfsense.com/packages/config/someprogram/someprogram.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/someprogram/someprogram.xml</config_file> <maintainer>me@example.com</maintainer> <configurationfile>someprogram.xml</configurationfile> <build_pbi> @@ -24,21 +24,21 @@ <port>net/someprogram</port> <ports_after>www/somethingelsetoputinthepbi www/somethingelse</ports_after> </build_pbi> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package_pbi>someprogram-0.99-i386.pbi</depends_on_package_pbi> </package> --> <package> <name>Asterisk</name> - <pkginfolink>http://forum.pfsense.org/index.php/topic,47210.0.html</pkginfolink> + <pkginfolink>https://forum.pfsense.org/index.php/topic,47210.0.html</pkginfolink> <descr><![CDATA[Asterisk is an open source framework for building communications applications.<br />Asterisk turns an ordinary computer into a communications server.]]></descr> <website>http://www.asterisk.org/</website> <category>Services</category> <version>1.8 pkg v0.3.1</version> <status>Beta</status> <required_version>2.0</required_version> - <config_file>http://www.pfsense.com/packages/config/asterisk/asterisk.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/asterisk/asterisk.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>asterisk18-1.8.25.0.tbz</depends_on_package> <depends_on_package>openldap-client-2.4.38.tbz</depends_on_package> <depends_on_package_pbi>asterisk-1.8.25.0-i386.pbi</depends_on_package_pbi> @@ -49,16 +49,16 @@ </package> <package> <name>bind</name> - <!-- <pkginfolink>http://doc.pfsense.org/index.php/bind</pkginfolink> --> + <!-- <pkginfolink>https://doc.pfsense.org/index.php/bind</pkginfolink> --> <descr><![CDATA[The most widely used name server software]]></descr> <website>http://www.isc.org/downloads/BIND/</website> <category>Services</category> <version>9.9.4 pkg v 0.3.2</version> <status>RC</status> <required_version>2.1</required_version> - <config_file>http://www.pfsense.com/packages/config/bind/bind.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/bind/bind.xml</config_file> <configurationfile>bind.xml</configurationfile> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package_pbi>bind-9.9.4-i386.pbi</depends_on_package_pbi> <build_port_path>/usr/ports/dns/bind99</build_port_path> <build_pbi> @@ -72,8 +72,8 @@ <website/> <descr>Allows you to create and overwrite files from the GUI.</descr> <category>File Management</category> - <pkginfolink>http://doc.pfsense.org/index.php/Filer_package</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/filer/filer.xml</config_file> + <pkginfolink>https://doc.pfsense.org/index.php/Filer_package</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/filer/filer.xml</config_file> <version>0.60</version> <status>Beta</status> <required_version>2.0</required_version> @@ -85,9 +85,9 @@ <website/> <descr>Block countries - This has been replaced by pfblocker. <u>This is a legacy app</u></descr> <category>Firewall</category> - <pkginfolink>http://forum.pfsense.org/index.php/topic,25732.0.html</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/countryblock/countryblock.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <pkginfolink>https://forum.pfsense.org/index.php/topic,25732.0.html</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/countryblock/countryblock.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <version>0.2.4</version> <status>Beta</status> <required_version>1.2.2</required_version> @@ -98,13 +98,13 @@ <name>Strikeback</name> <descr>Detect port scans with iplog and strikeback</descr> <website></website> - <pkginfolink>http://forum.pfsense.org/index.php/topic,37225.0.html</pkginfolink> + <pkginfolink>https://forum.pfsense.org/index.php/topic,37225.0.html</pkginfolink> <category>Services</category> <version>0.1</version> <status>BETA</status> <required_version>2.0</required_version> <maintainer>tom@tomschaefer.org</maintainer> - <config_file>http://www.pfsense.com/packages/config/strikeback/strikeback.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/strikeback/strikeback.xml</config_file> <configurationfile>strikeback.xml</configurationfile> </package> <package> @@ -112,8 +112,8 @@ <website/> <descr>PHP File Manager</descr> <category>Diagnostics</category> - <pkginfolink>http://forum.pfsense.org/index.php/topic,26974.0.html</pkginfolink> - <config_file>http://pfsense.org/packages/config/filemgr/filemgr.xml</config_file> + <pkginfolink>https://forum.pfsense.org/index.php/topic,26974.0.html</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/filemgr/filemgr.xml</config_file> <version>0.1.3</version> <status>Beta</status> <required_version>2.0</required_version> @@ -128,9 +128,9 @@ This package also Block countries and IP ranges.<br /> pfBlocker replaces Countryblock and IPblocklist.]]></descr> <category>Firewall</category> - <pkginfolink>http://forum.pfsense.org/index.php/topic,42543.0.html</pkginfolink> - <config_file>http://pfsense.org/packages/config/pf-blocker/pfblocker.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <pkginfolink>https://forum.pfsense.org/index.php/topic,42543.0.html</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/pf-blocker/pfblocker.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <version>1.0.2</version> <status>Release</status> <required_version>2.0</required_version> @@ -141,17 +141,17 @@ <name>anyterm</name> <descr>Ajax Interactive Shell - Have you ever wanted SSH or telnet access to your system from an internet desert - from behind a strict firewall, from an internet cafe, or even from a mobile phone? Anyterm is a combination of a web page and a process that runs on your web server that provides this access. WARNING! We suggest using Stunnel in combination with this package!</descr> <website>http://anyterm.org/</website> - <pkginfolink>http://doc.pfsense.org/index.php/AnyTerm_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/AnyTerm_package</pkginfolink> <category>Diagnostics</category> <version>0.5</version> <status>BETA</status> <required_version>1.2.3</required_version> - <config_file>http://www.pfsense.com/packages/config/anyterm/anyterm.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/anyterm/anyterm.xml</config_file> <configurationfile>anyterm.xml</configurationfile> </package> <package> <name>haproxy</name> - <pkginfolink>http://doc.pfsense.org/index.php/haproxy_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/haproxy_package</pkginfolink> <descr><![CDATA[The Reliable, High Performance TCP/HTTP Load Balancer<br /> This package implements both TCP and HTTP balance features from Haproxy.<br /> Supports acl's for smart backend switching.]]></descr> @@ -160,16 +160,16 @@ <version>1.4.24 pkg v 1.2.4</version> <status>Release</status> <required_version>2.0</required_version> - <config_file>http://www.pfsense.com/packages/config/haproxy/haproxy.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/haproxy/haproxy.xml</config_file> <configurationfile>haproxy.xml</configurationfile> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>haproxy-1.4.24.tbz</depends_on_package> <depends_on_package_pbi>haproxy-1.4.24-i386.pbi</depends_on_package_pbi> <build_port_path>/usr/ports/net/haproxy</build_port_path> </package> <package> <name>haproxy-full</name> - <pkginfolink>http://doc.pfsense.org/index.php/haproxy_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/haproxy_package</pkginfolink> <descr><![CDATA[The Reliable, High Performance TCP/HTTP Load Balancer<br /> This package implements both TCP and HTTP balance features from Haproxy.<br /> (Legacy version)]]></descr> @@ -178,15 +178,15 @@ <version>1.4.24 pkg v 1.1</version> <status>Release</status> <required_version>2.0</required_version> - <config_file>http://www.pfsense.com/packages/config/haproxy-legacy/haproxy.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/haproxy-legacy/haproxy.xml</config_file> <configurationfile>haproxy.xml</configurationfile> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>haproxy-1.4.24.tbz</depends_on_package> <depends_on_package_pbi>haproxy-1.4.24-i386.pbi</depends_on_package_pbi> </package> <package> <name>haproxy-devel</name> - <pkginfolink>http://doc.pfsense.org/index.php/haproxy_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/haproxy_package</pkginfolink> <descr><![CDATA[The Reliable, High Performance TCP/HTTP(s) Load Balancer<br /> This package implements TCP, HTTP and HTTPS balance features from Haproxy.<br /> Supports acl's for smart backend switching.]]></descr> @@ -195,9 +195,9 @@ <version>1.5-dev22 pkg v 0.7</version> <status>Release</status> <required_version>2.1</required_version> - <config_file>http://www.pfsense.com/packages/config/haproxy-devel/haproxy.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/haproxy-devel/haproxy.xml</config_file> <configurationfile>haproxy.xml</configurationfile> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>haproxy-1.4.22.tbz</depends_on_package> <depends_on_package_pbi>haproxy-devel-1.5-dev22-i386.pbi</depends_on_package_pbi> <build_port_path>/usr/ports/net/haproxy-devel</build_port_path> @@ -210,7 +210,7 @@ </package> <package> <name>Apache with mod_security-dev</name> - <pkginfolink>http://doc.pfsense.org/index.php/ProxyServerModSecurity_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/ProxyServerModSecurity_package</pkginfolink> <website>http://www.modsecurity.org/</website> <descr><![CDATA[ModSecurity is a web application firewall that can work either embedded or as a reverse proxy.<br> It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.<br> @@ -220,8 +220,8 @@ <version>2.4.6 pkg v0.3</version> <status>ALPHA</status> <required_version>2.0</required_version> - <config_file>http://www.pfsense.com/packages/config/apache_mod_security-dev/apache_virtualhost.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/apache_mod_security-dev/apache_virtualhost.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>db42-4.2.52_5.tbz</depends_on_package> <depends_on_package>gdbm-1.9.1.tbz</depends_on_package> <depends_on_package>apr-ipv6-devrandom-gdbm-db42-1.4.5.1.3.12_1.tbz</depends_on_package> @@ -259,15 +259,15 @@ </package> <package> <name>Proxy Server with mod_security</name> - <pkginfolink>http://doc.pfsense.org/index.php/ProxyServerModSecurity_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/ProxyServerModSecurity_package</pkginfolink> <website>http://www.modsecurity.org/</website> <descr>ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. In addition this package allows URL forwarding which can be convenient for hosting multiple websites behind pfSense using 1 IP address.</descr> <category>Network Management</category> <version>0.1.3</version> <status>ALPHA</status> <required_version>2.0</required_version> - <config_file>http://www.pfsense.com/packages/config/apache_mod_security/apache_mod_security.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/apache_mod_security/apache_mod_security.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>db42-4.2.52_5.tbz</depends_on_package> <depends_on_package>gdbm-1.9.1.tbz</depends_on_package> <depends_on_package>apr-ipv6-devrandom-gdbm-db42-1.4.5.1.3.12_1.tbz</depends_on_package> @@ -308,8 +308,8 @@ <website>http://www.pureftpd.org/</website> <descr>*DO NOT RUN THIS ON A FIREWALL. USE A DEDICATED MACHINE!* Pure FTPd Server is a fast, production quality, standards-conformant FTP server based on Troll-FTPd. It has no known vulnerabilities, is trivial to set up, and is especially designed for modern kernels. Features include PAM support, IPv6, chroot()ed home directories, virtual domains, built-in 'ls', FXP protocol, anti-warez system, bandwidth throttling, restricted ports for passive downloads, an LDAP backend, XML output, and more.</descr> <category>FTP</category> - <config_file>http://www.pfsense.com/packages/config/pure-ftpd.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/pure-ftpd.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>pure-ftpd-1.0.35.tbz</depends_on_package> <depends_on_package_pbi>pure-ftpd-1.0.36-i386.pbi</depends_on_package_pbi> <build_port_path>/usr/ports/ftp/pure-ftpd</build_port_path> @@ -326,11 +326,11 @@ </package> <package> <name>Avahi</name> - <pkginfolink>http://doc.pfsense.org/index.php/Avahi_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Avahi_package</pkginfolink> <website>http://www.avahi.org/</website> <descr>Avahi is a system which facilitates service discovery on a local network. This means that you can plug your laptop or computer into a network and instantly be able to view other people who you can chat with, find printers to print to or find files being shared. This kind of technology is already found in Apple MacOS X (branded Rendezvous, Bonjour and sometimes Zeroconf) and is very convenient. Avahi is mainly based on Lennart Poettering's flexmdns mDNS implementation for Linux which has been discontinued in favour of Avahi.</descr> <category>Network Management</category> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <build_port_path>/usr/ports/net/avahi</build_port_path> <build_port_path>/usr/ports/net/avahi-app</build_port_path> <build_options>avahi_UNSET_FORCE=GTK</build_options> @@ -342,7 +342,7 @@ <version>0.6.29 pkg v1.02</version> <status>ALPHA</status> <required_version>1.2.3</required_version> - <config_file>http://www.pfsense.com/packages/config/avahi/avahi.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/avahi/avahi.xml</config_file> <configurationfile>avahi.xml</configurationfile> <after_install_info>Please visit the Avahi settings tab and select which interfaces you do not wish Avahi to listen on and click save to start the service.</after_install_info> </package> @@ -351,7 +351,7 @@ <website>http://www.ntop.org/</website> <descr>ntop is a network probe that shows network usage in a way similar to what top does for processes. In interactive mode, it displays the network status on the user's terminal. In Web mode it acts as a Web server, creating an HTML dump of the network status. It sports a NetFlow/sFlow emitter/collector, an HTTP-based client interface for creating ntop-centric monitoring applications, and RRD for persistently storing traffic statistics.</descr> <category>Network Management</category> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package_pbi>ntop-5.0.1-i386.pbi</depends_on_package_pbi> <depends_on_package>rrdtool-1.2.30_2.tbz</depends_on_package> <depends_on_package>gdbm-1.9.1.tbz</depends_on_package> @@ -376,7 +376,7 @@ <version>5.0.1 v2.3</version> <status>BETA</status> <required_version>2.0</required_version> - <config_file>http://www.pfsense.com/packages/config/ntop2/ntop.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/ntop2/ntop.xml</config_file> <configurationfile>ntop.xml</configurationfile> <noembedded>true</noembedded> </package> @@ -385,9 +385,9 @@ <website>http://www.freeswitch.org/</website> <descr>FreeSWITCH is an open source telephony platform designed to facilitate the creation of voice and chat driven products scaling from a soft-phone up to a soft-switch. It can be used as a simple switching engine, a PBX, a media gateway or a media server to host IVR applications using simple scripts or XML to control the callflow. </descr> <category>Services</category> - <pkginfolink>http://doc.pfsense.org/index.php/FreeSWITCH</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/freeswitch/freeswitch.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <pkginfolink>https://doc.pfsense.org/index.php/FreeSWITCH</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/freeswitch/freeswitch.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package_pbi>freeswitch-1.0.6_1-i386.pbi</depends_on_package_pbi> <build_port_path>/usr/ports/net/freeswitch</build_port_path> <version>0.8.3.6</version> @@ -403,9 +403,9 @@ <website>http://www.freeswitch.org/</website> <descr>FreeSWITCH package development version.</descr> <category>Services</category> - <pkginfolink>http://doc.pfsense.org/index.php/FreeSWITCH</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/freeswitch_dev/freeswitch.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <pkginfolink>https://doc.pfsense.org/index.php/FreeSWITCH</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/freeswitch_dev/freeswitch.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <build_port_path>/usr/ports/net/freeswitch</build_port_path> <version>0.9.7.26</version> <status>Beta</status> @@ -420,8 +420,8 @@ <descr>Track things you want to note for this system.</descr> <category>Status</category> <pkginfolink/> - <config_file>http://www.pfsense.com/packages/config/notes/notes.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/notes/notes.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <version>0.2.4</version> <status>Alpha</status> <required_version>1.2.1</required_version> @@ -434,8 +434,8 @@ <descr>Trivial File Transport Protocol is a very simple file transfer protocol. Often used with routers, voip phones and more.</descr> <category>Services</category> <pkginfolink/> - <config_file>http://www.pfsense.com/packages/config/tftp2/tftp.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/tftp2/tftp.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <version>2.0</version> <status>Stable</status> <required_version>2.0</required_version> @@ -446,9 +446,9 @@ <website/> <descr>PHP run as a service it can do anything PHP can do including but not limited to monitoring files, CPU, RAM, and send alerts to the syslog.</descr> <category>Services</category> - <pkginfolink>http://doc.pfsense.org/index.php/PHPService</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/phpservice/phpservice.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <pkginfolink>https://doc.pfsense.org/index.php/PHPService</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/phpservice/phpservice.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <version>0.4.1</version> <status>Beta</status> <required_version>1.2.1</required_version> @@ -461,8 +461,8 @@ <descr>Tool to Backup and Restore files and directories.</descr> <category>System</category> <pkginfolink></pkginfolink> - <config_file>http://www.pfsense.com/packages/config/backup/backup.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/backup/backup.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <version>0.1.5</version> <status>Beta</status> <required_version>1.2</required_version> @@ -475,8 +475,8 @@ <descr>The cron utility is used to manage commands on a schedule.</descr> <category>Services</category> <pkginfolink></pkginfolink> - <config_file>http://www.pfsense.com/packages/config/cron/cron.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/cron/cron.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <version>0.1.8</version> <status>Beta</status> <required_version>1.2</required_version> @@ -488,9 +488,9 @@ <website/> <descr>It is a web server package that can host HTML, Javascript, CSS, and PHP. It uses the lighttpd web server that is already installed. It uses PHP5 in FastCGI mode and has access to PHP Data Ojbects and PDO SQLite.</descr> <category>Services</category> - <pkginfolink>http://doc.pfsense.org/index.php/vhosts</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/vhosts/vhosts.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <pkginfolink>https://doc.pfsense.org/index.php/vhosts</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/vhosts/vhosts.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <version>0.7.4</version> <status>Stable</status> <required_version>1.2.3</required_version> @@ -503,7 +503,7 @@ <website>http://www.snort.org</website> <descr>Snort is an open source network intrusion prevention and detection system (IDS/IPS). Combining the benefits of signature, protocol, and anomaly-based inspection.</descr> <category>Security</category> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>mysql55-client-5.5.35.tbz</depends_on_package> <depends_on_package>barnyard2-1.13.tbz</depends_on_package> <depends_on_package>libnet-1.1.6_1,1.tbz </depends_on_package> @@ -525,7 +525,7 @@ </build_pbi> <!-- Use both styles for now, since our snort port isn't yet optionsng, but barnyard2 and others are. --> <build_options>barnyard2_UNSET_FORCE=ODBC PGSQL PRELUDE;barnyard2_SET=GRE IPV6 MPLS MYSQL PORT_PCAP;snort_SET=TARGETBASED PERFPROFILE DECODERPRE FLEXRESP3 GRE IPV6 MPLS NORMALIZER ZLIB;perl_SET=THREADS;WITH_THREADS=yes;WITH_IPV6=true;WITH_MPLS=true;WITH_GRE=true;WITH_TARGETBASED=true;WITH_PERFPROFILE=true;WITH_DECODERPRE=true;WITH_ZLIB=true;WITH_NORMALIZER=true;WITH_REACT=true;WITH_FLEXRESP3=true;WITHOUT_ODBC=true;WITHOUT_POSTGRESQL=true;WITHOUT_PRELUDE=true;NOPORTDOCS=true</build_options> - <config_file>http://www.pfsense.com/packages/config/snort/snort.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/snort/snort.xml</config_file> <version>2.9.5.6 pkg v3.0.4</version> <required_version>2.0</required_version> <status>Stable</status> @@ -537,8 +537,8 @@ <website>http://www.olsr.org/</website> <descr>The olsr.org OLSR daemon is an implementation of the Optimized Link State Routing protocol. OLSR is a routing protocol for mobile ad-hoc networks. The protocol is pro-active, table driven and utilizes a technique called multipoint relaying for message flooding.</descr> <category>Services</category> - <config_file>http://www.pfsense.com/packages/config/olsrd.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/olsrd.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>olsrd-0.6.2.tbz</depends_on_package> <depends_on_package_pbi>olsrd-0.6.3-i386.pbi</depends_on_package_pbi> <build_port_path>/usr/ports/net/olsrd</build_port_path> @@ -549,10 +549,10 @@ </package> <package> <name>routed</name> - <website>http://www.pfsense.com/</website> + <website>https://packages.pfsense.org/</website> <descr>RIP v1 and v2 daemon.</descr> <category>Network Management</category> - <config_file>http://www.pfsense.com/packages/config/routed/routed.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/routed/routed.xml</config_file> <version>1.1</version> <status>Stable</status> <required_version>2.1</required_version> @@ -563,8 +563,8 @@ <website>http://www.openbsd.org/spamd/</website> <descr>Tarpits like spamd are fake SMTP servers, which accept connections but don't deliver mail. Instead, they keep the connections open and reply very slowly. If the peer is patient enough to actually complete the SMTP dialogue (which will take ten minutes or more), the tarpit returns a 'temporary error' code (4xx), which indicates that the mail could not be delivered successfully and that the sender should keep the mail in their queue and retry again later.</descr> <category>Services</category> - <config_file>http://www.pfsense.com/packages/config/spamd/spamd.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/spamd/spamd.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>spamd-4.9.1.tbz</depends_on_package> <depends_on_package_pbi>spamd-4.9.1-i386.pbi</depends_on_package_pbi> <version>4.9.1 v1.1</version> @@ -584,9 +584,9 @@ It can do first and second line antispam combat before sending incoming mail to local mail servers.<br /> Postfix can also detect zombies, check RBLS, SPF, seach ldap for valid recipients and use third part antispam engines like policyd and mailscanner for better antispam solution.]]></descr> <category>Services</category> - <pkginfolink>http://forum.pfsense.org/index.php/topic,40622.0.html</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/postfix/postfix.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <pkginfolink>https://forum.pfsense.org/index.php/topic,40622.0.html</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/postfix/postfix.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>postfix-2.10.2,1.tbz</depends_on_package> <depends_on_package>perl5-5.16.3_4.tbz</depends_on_package> <depends_on_package_pbi>postfix-2.10.2-i386.pbi</depends_on_package_pbi> @@ -606,9 +606,9 @@ For all non-commercial it's free, without cost.<br /> For all commercial use visit dansguardian website to get a licence.]]></descr> <category>Services</category> - <config_file>http://www.pfsense.com/packages/config/dansguardian/dansguardian.xml</config_file> - <pkginfolink>http://forum.pfsense.org/index.php/topic,43786.0.html</pkginfolink> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/dansguardian/dansguardian.xml</config_file> + <pkginfolink>https://forum.pfsense.org/index.php/topic,43786.0.html</pkginfolink> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>dansguardian-2.12.0.3.tbz</depends_on_package> <depends_on_package>ca_root_nss-3.14.1.tbz</depends_on_package> <depends_on_package_pbi>dansguardian-2.12.0.3-i386.pbi</depends_on_package_pbi> @@ -628,9 +628,9 @@ <descr><![CDATA[MailScanner is an e-mail security and anti-spam package for e-mail gateway systems.<br /> This is a level3 mail scanning tool with high CPU load.]]></descr> <category>Services</category> - <config_file>http://www.pfsense.com/packages/config/mailscanner/mailscanner.xml</config_file> - <pkginfolink>http://forum.pfsense.org/index.php/topic,43687.0.html</pkginfolink> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/mailscanner/mailscanner.xml</config_file> + <pkginfolink>https://forum.pfsense.org/index.php/topic,43687.0.html</pkginfolink> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>dcc-dccd-1.3.141.tbz</depends_on_package> <depends_on_package>perl5-5.16.3_4.tbz</depends_on_package> <depends_on_package>pyzor-0.5.0_3.tbz</depends_on_package> @@ -658,11 +658,11 @@ <website>http://siproxd.sourceforge.net/</website> <descr>Proxy for handling NAT of multiple SIP devices to a single public IP.</descr> <category>Services</category> - <config_file>http://www.pfsense.com/packages/config/siproxd.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/siproxd.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>siproxd-0.8.0.tbz</depends_on_package> <depends_on_package_pbi>siproxd-0.8.0-i386.pbi</depends_on_package_pbi> - <pkginfolink>http://doc.pfsense.org/index.php/Siproxd_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Siproxd_package</pkginfolink> <build_port_path>/usr/ports/net/siproxd</build_port_path> <version>0.8.0_2</version> <status>Beta</status> @@ -673,17 +673,17 @@ <name>OpenBGPD</name> <descr>OpenBGPD is a FREE implementation of the Border Gateway Protocol, Version 4. It allows ordinary machines to be used as routers exchanging routes with other systems speaking the BGP protocol. -- WARNING! Installs files to the same place as Quagga OSPF. Installing both will result in a broken state, remove this package before installing Quagga OSPF.</descr> <category>NET</category> - <config_file>http://www.pfsense.com/packages/config/openbgpd/openbgpd.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/openbgpd/openbgpd.xml</config_file> <build_port_path>/usr/ports/net/openbgpd</build_port_path> <build_pbi> <port>net/openbgpd</port> </build_pbi> <version>0.9.1</version> <status>STABLE</status> - <pkginfolink>http://doc.pfsense.org/index.php/OpenBGPD_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/OpenBGPD_package</pkginfolink> <required_version>1.3</required_version> <configurationfile>openbgpd.xml</configurationfile> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>openbgpd-5.2.20121209.tbz</depends_on_package> <depends_on_package_pbi>openbgpd-5.2.20121209-i386.pbi</depends_on_package_pbi> </package> @@ -694,10 +694,10 @@ <version>0.5.2</version> <category>Routing</category> <status>DEPRECATED</status> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>openospfd-4.6.tbz</depends_on_package> <depends_on_package_pbi>openospfd-4.6-i386.pbi</depends_on_package_pbi> - <config_file>http://www.pfsense.com/packages/config/openospfd/openospfd.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/openospfd/openospfd.xml</config_file> <build_port_path>/usr/ports/net/openospfd</build_port_path> <build_port_path>/usr/ports/devel/libevent</build_port_path> <build_pbi> @@ -716,7 +716,7 @@ <category>Network Report</category> <version>1.8.2 pkg v.2.33</version> <maintainer>dv_serg@mail.ru</maintainer> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>lightsquid-1.8_2.tbz</depends_on_package> <depends_on_package>perl-5.14.2_2.tbz</depends_on_package> <depends_on_package_pbi>lightsquid-1.8_2-i386.pbi</depends_on_package_pbi> @@ -728,7 +728,7 @@ <build_options>WITHOUT_DEBUGGING=true;WITHOUT_GDBM=true;WITHOUT_PERL_MALLOC=true;WITH_PERL_64BITINT=true;WITHOUT_THREADS=true;WITHOUT_MULTIPLICITY=true;WITHOUT_SUIDPERL=true;WITHOUT_SITECUSTOMIZE=true;WITH_USE_PERL=true;WITH_GDSUPPORT=true</build_options> <status>RC1</status> <required_version>2.0</required_version> - <config_file>http://www.pfsense.com/packages/config/lightsquid/lightsquid.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/lightsquid/lightsquid.xml</config_file> <pkginfolink></pkginfolink> <configurationfile>lightsquid.xml</configurationfile> <noembedded>true</noembedded> @@ -739,9 +739,9 @@ <descr><![CDATA[Sarg - Squid Analysis Report Generator is a tool that allow you to view "where" your users are going to on the Internet.<br /> Sarg provides many informations about Proxy(squid,squidguard or dansguardian) users activities: times, bytes, sites, etc...]]></descr> <category>Network Report</category> - <config_file>http://www.pfsense.com/packages/config/sarg/sarg.xml</config_file> - <pkginfolink>http://forum.pfsense.org/index.php/topic,47765.0.html</pkginfolink> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/sarg/sarg.xml</config_file> + <pkginfolink>https://forum.pfsense.org/index.php/topic,47765.0.html</pkginfolink> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>sarg-2.3.6_2.tbz</depends_on_package> <depends_on_package>gd-2.0.35_8,1.tbz</depends_on_package> <depends_on_package_pbi>sarg-2.3.6_2-i386.pbi</depends_on_package_pbi> @@ -761,9 +761,9 @@ If it receives one with MAC-IP pair, which is not listed in 'ethers' file, it will send ARP reply with configured fake address.<br /> This will prevent not permitted host to work properly in local ethernet segment.]]></descr> <category>Security</category> - <config_file>http://www.pfsense.com/packages/config/ipguard/ipguard.xml</config_file> - <pkginfolink>http://forum.pfsense.org/index.php/topic,49917.msg263664.html#msg263664</pkginfolink> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/ipguard/ipguard.xml</config_file> + <pkginfolink>https://forum.pfsense.org/index.php/topic,49917.msg263664.html#msg263664</pkginfolink> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>ipguard-1.04.tbz</depends_on_package> <depends_on_package_pbi>ipguard-1.04-i386.pbi</depends_on_package_pbi> <version>1.0.4 pkg v.0.1</version> @@ -778,14 +778,14 @@ <descr><![CDATA[Varnish is a state-of-the-art, high-performance HTTP accelerator.<br /> It uses the advanced features in FreeBSD 6/7/8 to achieve its high performance.]]></descr> <website>http://varnish-cache.org</website> - <pkginfolink>http://doc.pfsense.org/index.php/Varnish_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Varnish_package</pkginfolink> <category>Services</category> <version>2.1.5 pkg v.1.0</version> <status>Release</status> <required_version>2.0</required_version> - <config_file>http://www.pfsense.com/packages/config/varnish64/varnish_backends.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/varnish64/varnish_backends.xml</config_file> <configurationfile>varnish_backends.xml</configurationfile> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package_pbi>varnish-2.1.5_2-i386.pbi gcc-4.2.5.20090325_5-i386.pbi</depends_on_package_pbi> <depends_on_package>varnish-2.1.5.tbz</depends_on_package> <depends_on_package>gcc-4.2.5.20090325_5.tbz</depends_on_package> @@ -799,14 +799,14 @@ It uses the advanced features in FreeBSD 6/7/8 to achieve its high performance.<br /> Version 3 includes streaming support]]></descr> <website>http://varnish-cache.org</website> - <pkginfolink>http://doc.pfsense.org/index.php/Varnish_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Varnish_package</pkginfolink> <category>Services</category> <version>3.0.4 pkg v.0.2.1</version> <status>RC</status> <required_version>2.0</required_version> - <config_file>http://www.pfsense.com/packages/config/varnish3/varnish_backends.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/varnish3/varnish_backends.xml</config_file> <configurationfile>varnish_backends.xml</configurationfile> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package_pbi>varnish-3.0.4-i386.pbi</depends_on_package_pbi> <depends_on_package>varnish-3.0.2.tbz</depends_on_package> <depends_on_package>pcre-8.21_1.tbz</depends_on_package> @@ -822,9 +822,9 @@ <name>vnstat2</name> <website>http://humdi.net/vnstat/</website> <descr>Vnstat is a console-based network traffic monitor<br />The vnstat PHP frontend and vnstati adds a more user friendly way of displaying traffic usage.</descr> - <pkginfolink>http://forum.pfsense.org/index.php/topic,14179.0.html</pkginfolink> + <pkginfolink>https://forum.pfsense.org/index.php/topic,14179.0.html</pkginfolink> <category>Network Management</category> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>vnstat-1.11.tbz</depends_on_package> <depends_on_package_pbi>vnstat-1.11_1-i386.pbi</depends_on_package_pbi> <build_port_path>/usr/ports/net/vnstat</build_port_path> @@ -832,7 +832,7 @@ <status>Stable</status> <required_version>2.0</required_version> <maintainer>bryan.paradis@gmail.com</maintainer> - <config_file>http://www.pfsense.com/packages/config/vnstat2/vnstat2.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/vnstat2/vnstat2.xml</config_file> <configurationfile>vnstat2.xml</configurationfile> <after_install_info></after_install_info> </package> @@ -844,11 +844,11 @@ <version>2.5.4</version> <status>Beta</status> <required_version>1.0</required_version> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>mbmon-205_5.tbz</depends_on_package> <depends_on_package_pbi>mbmon-205_6-i386.pbi</depends_on_package_pbi> <build_port_path>/usr/ports/sysutils/mbmon</build_port_path> - <config_file>http://www.pfsense.com/packages/config/phpsysinfo/phpsysinfo.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/phpsysinfo/phpsysinfo.xml</config_file> <configurationfile>phpsysinfo.xml</configurationfile> <noembedded>true</noembedded> </package> @@ -859,11 +859,11 @@ <category>Services</category> <version>1.0.6.18</version> <status>Beta</status> - <pkginfolink>http://doc.pfsense.org/index.php/Tinydns_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Tinydns_package</pkginfolink> <required_version>2.0</required_version> - <config_file>http://www.pfsense.com/packages/config/tinydns/tinydns.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/tinydns/tinydns.xml</config_file> <configurationfile>tinydns.xml</configurationfile> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>ucspi-tcp-0.88_2.tbz</depends_on_package> <depends_on_package>daemontools-0.76_16.tbz</depends_on_package> <depends_on_package>djbdns-ipv6-1.05.b23_13.tbz</depends_on_package> @@ -885,11 +885,11 @@ <category>Services</category> <version>8.7.0.3046 (build-425873)</version> <status>Stable</status> - <pkginfolink>http://doc.pfsense.org/index.php/Open_VM_Tools_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Open_VM_Tools_package</pkginfolink> <required_version>2.0</required_version> - <config_file>http://www.pfsense.org/packages/config/open-vm-tools_2/open-vm-tools.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/open-vm-tools_2/open-vm-tools.xml</config_file> <configurationfile>open-vm-tools.xml</configurationfile> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <build_port_path>/usr/ports/emulators/open-vm-tools-nox11/</build_port_path> <depends_on_package>open-vm-tools-nox11-425873_3,1.tbz</depends_on_package> <depends_on_package>icu-50.1.2.tbz</depends_on_package> @@ -926,8 +926,8 @@ <version>1.21</version> <status>Stable</status> <required_version>1.2</required_version> - <pkginfolink>http://doc.pfsense.org/index.php/AutoConfigBackup</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/autoconfigbackup/autoconfigbackup.xml</config_file> + <pkginfolink>https://doc.pfsense.org/index.php/AutoConfigBackup</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/autoconfigbackup/autoconfigbackup.xml</config_file> <configurationfile>autoconfigbackup.xml</configurationfile> </package> <package> @@ -938,27 +938,27 @@ <version>2.09.1 v1.1</version> <status>Stable</status> <required_version>1.0.1</required_version> - <config_file>http://www.pfsense.com/packages/config/arping/arping.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/arping/arping.xml</config_file> <configurationfile>arping.xml</configurationfile> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>arping-2.09_1.tbz</depends_on_package> <depends_on_package_pbi>arping-2.09_1-i386.pbi</depends_on_package_pbi> <build_port_path>/usr/ports/net/arping</build_port_path> - <pkginfolink>http://doc.pfsense.org/index.php/Arping</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Arping</pkginfolink> </package> <package> <name>nmap</name> <maintainer>jimp@pfsense.org</maintainer> <descr>NMap is a utility for network exploration or security auditing. It supports ping scanning (determine which hosts are up), many port scanning techniques (determine what services the hosts are offering), version detection (determine what application/service is runing on a port), and TCP/IP fingerprinting (remote host OS or device identification). It also offers flexible target and port specification, decoy/stealth scanning, SunRPC scanning, and more. Most Unix and Windows platforms are supported in both GUI and command line modes. Several popular handheld devices are also supported, including the Sharp Zaurus and the iPAQ.</descr> <category>Security</category> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>lua-5.1.5_4.tbz</depends_on_package> <depends_on_package>nmap-6.25_1.tbz</depends_on_package> <depends_on_package_pbi>nmap-6.25_1-i386.pbi</depends_on_package_pbi> - <config_file>http://www.pfsense.com/packages/config/nmap/nmap.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/nmap/nmap.xml</config_file> <version>nmap-6.25_1 pkg v1.2</version> <status>Stable</status> - <pkginfolink>http://doc.pfsense.org/index.php/Nmap_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Nmap_package</pkginfolink> <required_version>2.0</required_version> <configurationfile>nmap.xml</configurationfile> <build_port_path>/usr/ports/security/nmap</build_port_path> @@ -973,8 +973,8 @@ <version>20111108 pkg v 0.3.1</version> <required_version>2.0</required_version> <status>BETA</status> - <pkginfolink>http://doc.pfsense.org/index.php/IMSpector_package</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/imspector/imspector.xml</config_file> + <pkginfolink>https://doc.pfsense.org/index.php/IMSpector_package</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/imspector/imspector.xml</config_file> <configurationfile>imspector.xml</configurationfile> <build_options>imspector_SET_FORCE=PLUGINS;imspector_UNSET_FORCE=IPFW</build_options> <depends_on_package_base_url>http://e-sac.siteseguro.ws/packages/8/All/</depends_on_package_base_url> @@ -991,13 +991,13 @@ <status>BETA</status> <required_version>2.0</required_version> <maintainer>rswagoner@gmail.com</maintainer> - <config_file>http://www.pfsense.com/packages/config/nut/nut.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/nut/nut.xml</config_file> <configurationfile>nut.xml</configurationfile> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>nut-2.6.4.tbz</depends_on_package> <depends_on_package_pbi>nut-2.6.5_1-i386.pbi</depends_on_package_pbi> <build_port_path>/usr/ports/sysutils/nut</build_port_path> - <pkginfolink>http://doc.pfsense.org/index.php/Nut_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Nut_package</pkginfolink> </package> <package> <name>diag_new_states</name> @@ -1008,22 +1008,22 @@ <maintainer>ptaylor@addressplus.net</maintainer> <required_version>1.2.1</required_version> <status>BETA</status> - <config_file>http://www.pfsense.org/packages/config/diag_states_pt/diag_new_states.xml</config_file> - <configurationfile>http://www.pfsense.com/packages/config/diag_states_pt/diag_new_states.xml</configurationfile> + <config_file>https://packages.pfsense.org/packages/config/diag_states_pt/diag_new_states.xml</config_file> + <configurationfile>https://packages.pfsense.org/packages/config/diag_states_pt/diag_new_states.xml</configurationfile> </package> <package> <name>darkstat</name> <website>http://dmr.ath.cx/net/darkstat/</website> <descr>darkstat is a network statistics gatherer. It's a packet sniffer that runs as a background process on a cable/DSL router, gathers all sorts of statistics about network usage, and serves them over HTTP.</descr> <category>Network Management</category> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>darkstat-3.0.714.tbz</depends_on_package> <depends_on_package_pbi>darkstat-3.0.715-i386.pbi</depends_on_package_pbi> <version>3.0.714</version> <status>Stable</status> <required_version>1.2.1</required_version> <maintainer>sullrich+pfsp@gmail.com</maintainer> - <config_file>http://www.pfsense.com/packages/config/darkstat/darkstat.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/darkstat/darkstat.xml</config_file> <configurationfile>darkstat.xml</configurationfile> <build_port_path>/usr/ports/net-mgmt/darkstat</build_port_path> </package> @@ -1032,8 +1032,8 @@ <website>http://www.mindrot.org/pfflowd.html</website> <descr>pfflowd converts OpenBSD PF status messages (sent via the pfsync interface) to Cisco NetFlow datagrams. These datagrams may be sent (via UDP) to a host of one's choice. Utilising the OpenBSD stateful packet filter infrastructure means that flow tracking is very fast and accurate.</descr> <category>Network Management</category> - <config_file>http://www.pfsense.com/packages/config/pfflowd.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/pfflowd.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>pfflowd-0.8.tbz</depends_on_package> <depends_on_package_pbi>pfflowd-0.8-i386.pbi</depends_on_package_pbi> <version>0.8.3</version> @@ -1048,14 +1048,14 @@ <descr>RFC1413 auth/identd daemon with fixed fake reply</descr> <website>http://www.webweaving.org/widentd</website> <category>Services</category> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>widentd-1.03_1.tbz</depends_on_package> <depends_on_package_pbi>widentd-1.03_1-i386.pbi</depends_on_package_pbi> <version>1.03_1</version> <status>Stable</status> - <pkginfolink>http://doc.pfsense.org/index.php/Widentd_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Widentd_package</pkginfolink> <required_version>1.2.1</required_version> - <config_file>http://www.pfsense.com/packages/config/widentd.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/widentd.xml</config_file> <configurationfile>widentd.xml</configurationfile> <build_port_path>/usr/ports/net/widentd</build_port_path> </package> @@ -1068,11 +1068,11 @@ <status>Beta</status> <required_version>2.0</required_version> <maintainer>none</maintainer> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>freeradius-1.1.8_4.tbz</depends_on_package> <depends_on_package>libltdl-2.4_1.tbz</depends_on_package> <depends_on_package_pbi>freeradius-1.1.8_5-i386.pbi</depends_on_package_pbi> - <config_file>http://www.pfsense.org/packages/config/freeradius.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/freeradius.xml</config_file> <configurationfile>freeradius.xml</configurationfile> <build_port_path>/usr/ports/net/freeradius</build_port_path> <build_port_path>/usr/ports/devel/libltdl</build_port_path> @@ -1089,19 +1089,19 @@ Support: MySQL, PostgreSQL, LDAP, Kerberos<br /> FreeRADIUS and FreeRADIUS2 settings are not compatible so don't use them together or try to update<br /> On pfSense docs there is a how-to which could help you on porting users.]]></descr> - <pkginfolink>http://doc.pfsense.org/index.php/FreeRADIUS_2.x_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/FreeRADIUS_2.x_package</pkginfolink> <category>System</category> <version>2.1.12_1/2.2.0 pkg v1.6.7_2</version> <status>RC1</status> <required_version>2.0</required_version> <maintainer>nachtfalkeaw@web.de</maintainer> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>freeradius-2.1.12_1.tbz</depends_on_package> <depends_on_package_pbi>freeradius-2.2.0-i386.pbi</depends_on_package_pbi> <depends_on_package>mysql-client-5.1.63.tbz</depends_on_package> <depends_on_package>postgresql-client-8.4.12.tbz</depends_on_package> <depends_on_package>openldap-sasl-client-2.4.23.tbz</depends_on_package> - <config_file>http://www.pfsense.org/packages/config/freeradius2/freeradius.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/freeradius2/freeradius.xml</config_file> <configurationfile>freeradius.xml</configurationfile> <after_install_info>Please visit Services: FreeRADIUS</after_install_info> <!-- Try to use the new PBI build syntax here, it may help it pick up the right libs inside the single PBI rather than using multiple. --> @@ -1119,12 +1119,12 @@ <version>2.0.1_5 pkg v.0.3</version> <status>BETA</status> <required_version>1.2.1</required_version> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>bandwidthd-2.0.1_5.tbz</depends_on_package> <depends_on_package>libpcap-1.1.1.tbz</depends_on_package> <depends_on_package>postgresql-client-8.4.12.tbz</depends_on_package> <depends_on_package_pbi>bandwidthd-2.0.1_5-i386.pbi</depends_on_package_pbi> - <config_file>http://www.pfsense.org/packages/config/bandwidthd/bandwidthd.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/bandwidthd/bandwidthd.xml</config_file> <configurationfile>bandwidthd.xml</configurationfile> <build_port_path>/usr/ports/net/libpcap</build_port_path> <build_port_path>/usr/ports/databases/postgresql84-client</build_port_path> @@ -1140,14 +1140,14 @@ <website>http://www.stunnel.org/</website> <descr>An SSL encryption wrapper between remote client and local or remote servers. </descr> <category>Network Management</category> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>stunnel-4.43.tbz</depends_on_package> <depends_on_package_pbi>stunnel-4.54-i386.pbi</depends_on_package_pbi> <version>4.43.0</version> <status>Stable</status> - <pkginfolink>http://doc.pfsense.org/index.php/Stunnel_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Stunnel_package</pkginfolink> <required_version>1.2.1</required_version> - <config_file>http://www.pfsense.com/packages/config/stunnel.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/stunnel.xml</config_file> <configurationfile>stunnel.xml</configurationfile> <build_port_path>/usr/ports/security/stunnel</build_port_path> <build_options>WITHOUT_FORK=true;WITH_PTHREAD=true;WITHOUT_UCONTEXT=true;WITHOUT_IPV6=true;WITH_LIBWRAP=true;WITHOUT_SSL_PORT=true</build_options> @@ -1157,13 +1157,13 @@ <website>http://dast.nlanr.net/Projects/Iperf/</website> <descr>Iperf is a tool for testing network throughput, loss, and jitter.</descr> <category>Network Management</category> - <config_file>http://www.pfsense.com/packages/config/iperf.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/iperf.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>iperf-2.0.5.tbz</depends_on_package> <depends_on_package_pbi>iperf-2.0.5-i386.pbi</depends_on_package_pbi> <version>2.0.5</version> <status>Beta</status> - <pkginfolink>http://doc.pfsense.org/index.php/Iperf_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Iperf_package</pkginfolink> <required_version>1.2.1</required_version> <configurationfile>iperf.xml</configurationfile> <build_port_path>/usr/ports/benchmarks/iperf</build_port_path> @@ -1173,8 +1173,8 @@ <website>http://freshmeat.net/projects/netio/</website> <descr>This is a network benchmark for DOS, OS/2 2.x, Windows NT/2000 and Unix. It measures the net throughput of a network via NetBIOS and/or TCP/IP protocols (Unix and DOS only support TCP/IP) using various different packet sizes.</descr> <category>Network Management</category> - <config_file>http://www.pfsense.com/packages/config/netio.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/netio.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All</depends_on_package_base_url> <depends_on_package>netio-1.26.tbz</depends_on_package> <depends_on_package_pbi>netio-1.26-i386.pbi</depends_on_package_pbi> <version>1.26</version> @@ -1189,13 +1189,13 @@ <descr>Enhanced traceroute replacement</descr> <website>http://www.bitwizard.nl/mtr/</website> <category>Network Management</category> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>mtr-nox11-0.82.tbz</depends_on_package> <depends_on_package_pbi>mtr-0.82_1-i386.pbi</depends_on_package_pbi> <version>0.82</version> <status>Stable</status> <required_version>2.0</required_version> - <config_file>http://www.pfsense.com/packages/config/mtr-nox11.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/mtr-nox11.xml</config_file> <configurationfile>mtr-nox11.xml</configurationfile> <build_port_path>/usr/ports/net/mtr</build_port_path> <build_options>mtr_UNSET_FORCE=X11</build_options> @@ -1209,7 +1209,7 @@ <status>Stable</status> <required_version>2</required_version> <maintainer>fernando@netfilter.com.br seth.mos@dds.nl mfuchs77@googlemail.com jimp@pfsense.org</maintainer> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>squid-2.7.9_3.tbz</depends_on_package> <depends_on_package>squid_radius_auth-1.10.tbz</depends_on_package> <depends_on_package>libwww-5.4.0_4.tbz</depends_on_package> @@ -1223,7 +1223,7 @@ <ports_after>www/squid_radius_auth</ports_after> </build_pbi> <build_options>squid_UNSET_FORCE=DNS_HELPER IPFILTER PINGER STACKTRACES STRICT_HTTP_DESC USERAGENT_LOG WCCPV2;squid_SET=PF LDAP_AUTH NIS_AUTH SASL_AUTH ARP_ACL AUFS CACHE_DIGESTS CARP COSS DELAY_POOLS FOLLOW_XFF HTCP IDENT KERB_AUTH KQUEUE LARGEFILE REFERER_LOG SNMP SSL VIA_DB WCCP;SQUID_UID=proxy;SQUID_GID=proxy</build_options> - <config_file>http://www.pfsense.org/packages/config/squid/squid.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/squid/squid.xml</config_file> <configurationfile>squid.xml</configurationfile> </package> <package> @@ -1232,14 +1232,14 @@ <descr><![CDATA[High performance web proxy cache.<br /> It combines squid as a proxy server with it's capabilities of acting as a HTTP / HTTPS reverse proxy.<br /> It includes an Exchange-Web-Access (OWA) Assistant.]]></descr> - <pkginfolink>http://forum.pfsense.org/index.php/topic,48347.0.html</pkginfolink> + <pkginfolink>https://forum.pfsense.org/index.php/topic,48347.0.html</pkginfolink> <website>http://www.squid-cache.org/</website> <category>Network</category> <version>3.1.20 pkg 2.0.6</version> <status>beta</status> <required_version>2.0</required_version> <maintainer>marcellocoutinho@gmail.com fernando@netfilter.com.br seth.mos@dds.nl mfuchs77@googlemail.com jimp@pfsense.org</maintainer> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>squid-3.1.20.tbz</depends_on_package> <depends_on_package>libwww-5.4.0_4.tbz</depends_on_package> <build_pbi> @@ -1249,7 +1249,7 @@ </build_pbi> <build_options>c-icap_UNSET_FORCE=IPV6;squid_UNSET_FORCE=AUTH_SMB AUTH_SQL DNS_HELPER FS_COSS ESI SNMP ECAP STACKTRACES STRICT_HTTP TP_IPF TP_IPFW VIA_DB DEBUG DOCS EXAMPLES;squid_SET=ARP_ACL AUTH_KERB AUTH_LDAP AUTH_NIS AUTH_SASL CACHE_DIGESTS DELAY_POOLS FOLLOW_XFF TP_PF MSSL_CRTD WCCP WCCPV2 FS_AUFS HTCP ICAP ICMP IDENT IPV6 KQUEUE LARGEFILE SSL SSL_CRTD</build_options> <!--<build_options>WITH_SQUID_KERB_AUTH=true;WITH_SQUID_LDAP_AUTH=true;WITH_SQUID_NIS_AUTH=true;WITH_SQUID_SASL_AUTH=true;WITH_SQUID_IPV6=true;WITH_SQUID_DELAY_POOLS=true;WITH_SQUID_SNMP=true;WITH_SQUID_SSL=true;WITH_SQUID_SSL_CRTD=true;WITH_SQUID_PINGER=true;WITHOUT_SQUID_DNS_HELPER=true;WITH_SQUID_HTCP=true;WITH_SQUID_VIA_DB=true;WITH_SQUID_CACHE_DIGESTS=true;WITHOUT_SQUID_WCCP=true;WITH_SQUID_WCCPV2=true;WITHOUT_SQUID_STRICT_HTTP=true;WITH_SQUID_IDENT=true;WITH_SQUID_REFERER_LOG=true;WITH_SQUID_USERAGENT_LOG=true;WITH_SQUID_ARP_ACL=true;WITH_SQUID_IPFW=true;WITH_SQUID_PF=true;WITHOUT_SQUID_IPFILTER=true;WITH_SQUID_FOLLOW_XFF=true;WITHOUT_SQUID_ECAP=true;WITHOUT_SQUID_ICAP=true;WITHOUT_SQUID_ESI=true;WITH_SQUID_AUFS=true;WITHOUT_SQUID_COSS=true;WITHOUT_SQUID_KQUEUE=true;WITH_SQUID_LARGEFILE=true;WITHOUT_SQUID_STACKTRACES=true;WITHOUT_SQUID_DEBUG=true</build_options>--> - <config_file>http://www.pfsense.org/packages/config/squid3/31/squid.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/squid3/31/squid.xml</config_file> <configurationfile>squid.xml</configurationfile> <depends_on_package_pbi>squid-3.1.22_1-i386.pbi</depends_on_package_pbi> </package> @@ -1259,14 +1259,14 @@ <descr><![CDATA[High performance web proxy cache.<br /> It combines squid as a proxy server with it's capabilities of acting as a HTTP / HTTPS reverse proxy.<br /> It includes an Exchange-Web-Access (OWA) Assistant, ssl filtering and antivirus integration via i-cap]]></descr> - <pkginfolink>http://forum.pfsense.org/index.php/topic,48347.0.html</pkginfolink> + <pkginfolink>https://forum.pfsense.org/index.php/topic,48347.0.html</pkginfolink> <website>http://www.squid-cache.org/</website> <category>Network</category> - <version>3.3.10 pkg 2.2</version> + <version>3.3.10 pkg 2.2.1</version> <status>beta</status> <required_version>2.0</required_version> <maintainer>marcellocoutinho@gmail.com fernando@netfilter.com.br seth.mos@dds.nl mfuchs77@googlemail.com jimp@pfsense.org</maintainer> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>squid-3.3.5.tbz</depends_on_package> <depends_on_package>libltdl-2.4.2.tbz</depends_on_package> <depends_on_package>libwww-5.4.0_4.tbz</depends_on_package> @@ -1280,7 +1280,7 @@ <ports_after>www/squid_radius_auth security/clamav www/squidclamav security/ca_root_nss www/c-icap-modules</ports_after> </build_pbi> <build_options>c-icap_UNSET_FORCE=IPV6;squid_UNSET_FORCE=AUTH_SMB AUTH_SQL DNS_HELPER FS_COSS ESI SNMP ECAP STACKTRACES STRICT_HTTP TP_IPF TP_IPFW VIA_DB DEBUG DOCS EXAMPLES AUTH_SASL;squid_SET=ARP_ACL AUTH_KERB AUTH_LDAP AUTH_NIS CACHE_DIGESTS DELAY_POOLS FOLLOW_XFF TP_PF MSSL_CRTD WCCP WCCPV2 FS_AUFS HTCP ICAP ICMP IDENT IPV6 KQUEUE LARGEFILE SSL SSL_CRTD</build_options> - <config_file>http://www.pfsense.org/packages/config/squid3/33/squid.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/squid3/33/squid.xml</config_file> <configurationfile>squid.xml</configurationfile> <depends_on_package_pbi>squid-3.3.10-i386.pbi</depends_on_package_pbi> </package> @@ -1293,10 +1293,10 @@ <status>BETA</status> <required_version>1.2.1</required_version> <maintainer>seth.mos@dds.nl</maintainer> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>lcdproc-0.5.5.tbz</depends_on_package> <depends_on_package_pbi>lcdproc-0.5.6-i386.pbi</depends_on_package_pbi> - <config_file>http://www.pfsense.org/packages/config/lcdproc/lcdproc.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/lcdproc/lcdproc.xml</config_file> <configurationfile>lcdproc.xml</configurationfile> <build_port_path>/usr/ports/sysutils/lcdproc</build_port_path> <build_options>lcdproc_SET=USB</build_options> @@ -1311,11 +1311,11 @@ <status>BETA</status> <required_version>2.0</required_version> <maintainer>michele@nt2.it</maintainer> - <pkginfolink>http://forum.pfsense.org/index.php/topic,44034.0.html</pkginfolink> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <pkginfolink>https://forum.pfsense.org/index.php/topic,44034.0.html</pkginfolink> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>lcdproc-0.5.6.tbz</depends_on_package> <depends_on_package_pbi>lcdproc-0.5.6-i386.pbi</depends_on_package_pbi> - <config_file>http://www.pfsense.org/packages/config/lcdproc-dev/lcdproc.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/lcdproc-dev/lcdproc.xml</config_file> <configurationfile>lcdproc.xml</configurationfile> <build_port_path>/usr/ports/sysutils/lcdproc</build_port_path> <build_options>WITH_USB=true</build_options> @@ -1326,14 +1326,14 @@ <descr>Arpwatch monitors ethernet/ip address pairings. It also logs certain changes to syslog.</descr> <website>http://www-nrg.ee.lbl.gov/</website> <category>Security</category> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>arpwatch-2.1.a15_6.tbz</depends_on_package> <depends_on_package_pbi>arpwatch-2.1.a15_6-i386.pbi</depends_on_package_pbi> <build_port_path>/usr/ports/net-mgmt/arpwatch</build_port_path> <version>2.1.a15_6 pkg v1.1.1</version> <status>ALPHA</status> <required_version>2.0</required_version> - <config_file>http://www.pfsense.com/packages/config/arpwatch.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/arpwatch.xml</config_file> <configurationfile>arpwatch.xml</configurationfile> <logging> <facilityname>arpwatch</facilityname> @@ -1349,7 +1349,7 @@ <version>1.4_4 pkg v.1.9.5</version> <status>Beta</status> <required_version>1.1</required_version> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>squidGuard-1.4_4.tbz</depends_on_package> <depends_on_package>db41-4.1.25_4.tbz</depends_on_package> <depends_on_package>cyrus-sasl-2.1.26_2.tbz</depends_on_package> @@ -1362,7 +1362,7 @@ <port>www/squidguard</port> </build_pbi> <build_options>squidGuard_UNSET_FORCE=SQUID32 SQUID33;squidGuard_SET=SAMPLE_BL SASL LDAP SQUID27;squid_UNSET_FORCE=DNS_HELPER IPFILTER PINGER STACKTRACES STRICT_HTTP_DESC USERAGENT_LOG WCCPV2;squid_SET=PF LDAP_AUTH NIS_AUTH SASL_AUTH ARP_ACL AUFS CACHE_DIGESTS CARP COSS DELAY_POOLS FOLLOW_XFF HTCP IDENT KERB_AUTH KQUEUE LARGEFILE REFERER_LOG SNMP SSL VIA_DB WCCP;SQUID_UID=proxy;SQUID_GID=proxy</build_options> - <config_file>http://www.pfsense.org/packages/config/squidGuard/squidguard.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/squidGuard/squidguard.xml</config_file> <configurationfile>squidguard.xml</configurationfile> </package> <package> @@ -1374,7 +1374,7 @@ <version>1.5_1 beta</version> <status>Beta</status> <required_version>2.1</required_version> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package_pbi>squidguard-devel-1.5_1-i386.pbi</depends_on_package_pbi> <build_pbi> <ports_before>databases/db46</ports_before> @@ -1382,7 +1382,7 @@ <custom_name>squidguard-devel</custom_name> </build_pbi> <build_options>squidGuard-devel_UNSET_FORCE=SQUID32 SQUID33;squidGuard-devel_SET=LDAP STRIPNT SQUID27;squid_UNSET_FORCE=DNS_HELPER IPFILTER PINGER STACKTRACES STRICT_HTTP_DESC USERAGENT_LOG WCCPV2;squid_SET=PF LDAP_AUTH NIS_AUTH SASL_AUTH ARP_ACL AUFS CACHE_DIGESTS CARP COSS DELAY_POOLS FOLLOW_XFF HTCP IDENT KERB_AUTH KQUEUE LARGEFILE REFERER_LOG SNMP SSL VIA_DB WCCP;SQUID_UID=proxy;SQUID_GID=proxy</build_options> - <config_file>http://www.pfsense.org/packages/config/squidGuard-devel/squidguard.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/squidGuard-devel/squidguard.xml</config_file> <configurationfile>squidguard.xml</configurationfile> </package> <package> @@ -1394,7 +1394,7 @@ <version>1.4_4 pkg v.1.9.5</version> <status>Experimental</status> <required_version>2.1</required_version> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package_pbi>squidguard-squid3-1.4_4-i386.pbi</depends_on_package_pbi> <build_pbi> <ports_before>www/squid33 databases/db41 security/cyrus-sasl2</ports_before> @@ -1402,14 +1402,14 @@ <custom_name>squidguard-squid3</custom_name> </build_pbi> <build_options>OPTIONS_SET=FETCH LDAP;squidGuard_UNSET_FORCE=SQUID27;squidGuard_SET=SAMPLE_BL SASL SQUID33;c-icap_UNSET_FORCE=IPV6 squid_UNSET_FORCE=AUTH_SMB AUTH_SQL DNS_HELPER FS_COSS ESI SNMP ECAP STACKTRACES STRICT_HTTP TP_IPF TP_IPFW VIA_DB DEBUG DOCS EXAMPLES;squid_SET=ARP_ACL AUTH_KERB AUTH_LDAP AUTH_NIS AUTH_SASL CACHE_DIGESTS DELAY_POOLS FOLLOW_XFF TP_PF MSSL_CRTD WCCP WCCPV2 FS_AUFS HTCP ICAP ICMP IDENT IPV6 KQUEUE LARGEFILE SSL SSL_CRTD</build_options> - <config_file>http://www.pfsense.org/packages/config/squidGuard/squidguard.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/squidGuard/squidguard.xml</config_file> <configurationfile>squidguard.xml</configurationfile> </package> <package> <name>Zabbix Agent</name> <descr>Monitoring agent.</descr> <category>Services</category> - <config_file>http://www.pfsense.com/packages/config/zabbix-agent/zabbix-agent.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/zabbix-agent/zabbix-agent.xml</config_file> <version>1.8.10,2 pkg v1.1</version> <status>FINAL</status> <required_version>1.2.3</required_version> @@ -1421,7 +1421,7 @@ <port>net-mgmt/zabbix-agent</port> </build_pbi> <build_options>ca_root_nss_UNSET_FORCE=ETCSYMLINK;zabbix22_SET=LDAP SSH SQLITE;zabbix22_UNSET_FORCE=MYSQL</build_options> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>zabbix-agent-1.8.10,2.tbz</depends_on_package> <depends_on_package_pbi>zabbix-agent-1.8.13-i386.pbi</depends_on_package_pbi> </package> @@ -1429,7 +1429,7 @@ <name>Zabbix Proxy</name> <descr>Monitoring agent proxy.</descr> <category>Services</category> - <config_file>http://www.pfsense.com/packages/config/zabbix-proxy/zabbix-proxy.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/zabbix-proxy/zabbix-proxy.xml</config_file> <version>1.8.8,2 pkg v1.1</version> <status>FINAL</status> <required_version>1.2.3</required_version> @@ -1441,7 +1441,7 @@ <port>net-mgmt/zabbix-proxy</port> </build_pbi> <build_options>ca_root_nss_UNSET_FORCE=ETCSYMLINK;zabbix22_SET=LDAP SSH SQLITE;zabbix22_UNSET_FORCE=MYSQL</build_options> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>zabbix-proxy-1.8.8,2.tbz</depends_on_package> <depends_on_package_pbi>zabbix-proxy-1.8.13-i386.pbi</depends_on_package_pbi> </package> @@ -1449,7 +1449,7 @@ <name>OpenVPN Client Export Utility</name> <descr>Allows a pre-configured OpenVPN Windows Client or Mac OSX's Viscosity configuration bundle to be exported directly from pfSense.</descr> <category>Security</category> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>p7zip-9.20.1.tbz</depends_on_package> <depends_on_package>zip-3.0.tbz</depends_on_package> <depends_on_package_pbi>zip-3.0-i386.pbi p7zip-9.20.1-i386.pbi</depends_on_package_pbi> @@ -1458,7 +1458,7 @@ <version>1.2.4</version> <status>RELEASE</status> <required_version>2.0</required_version> - <config_file>http://www.pfsense.com/packages/config/openvpn-client-export/openvpn-client-export.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/openvpn-client-export/openvpn-client-export.xml</config_file> <configurationfile>openvpn-client-export.xml</configurationfile> </package> <package> @@ -1467,7 +1467,7 @@ <website>http://www.server-side.de/</website> <descr>Antivirus: HAVP (HTTP Antivirus Proxy) is a proxy with a ClamAV anti-virus scanner. The main aims are continuous, non-blocking downloads and smooth scanning of dynamic and password protected HTTP traffic. Havp antivirus proxy has a parent and transparent proxy mode. It can be used with squid or standalone. And File Scanner for local files.</descr> <category>Network Management</category> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>havp-0.91_1.tbz</depends_on_package> <depends_on_package_pbi>havp-0.91_1-i386.pbi</depends_on_package_pbi> <build_port_path>/usr/ports/www/havp</build_port_path> @@ -1475,7 +1475,7 @@ <version>0.91_1 pkg v1.01</version> <status>BETA</status> <required_version>1.2.2</required_version> - <config_file>http://www.pfsense.com/packages/config/havp/havp.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/havp/havp.xml</config_file> <configurationfile>havp.xml</configurationfile> <maintainer>dv_serg@mail.ru</maintainer> <after_install_info>Please check the HAVP settings.</after_install_info> @@ -1488,8 +1488,8 @@ <version>0.51</version> <required_version>1.2.3</required_version> <status>BETA</status> - <pkginfolink>http://doc.pfsense.org/index.php/PfJailctl_package</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/jailctl.xml</config_file> + <pkginfolink>https://doc.pfsense.org/index.php/PfJailctl_package</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/jailctl.xml</config_file> <configurationfile>jailctl.xml</configurationfile> <maintainer>ltning-jailctl@anduin.net</maintainer> </package> @@ -1501,8 +1501,8 @@ <version>0.2</version> <required_version>1.2.3</required_version> <status>BETA</status> - <pkginfolink>http://doc.pfsense.org/index.php/PfJailctl_package</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/jail_template.xml</config_file> + <pkginfolink>https://doc.pfsense.org/index.php/PfJailctl_package</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/jail_template.xml</config_file> <configurationfile>jail_template.xml</configurationfile> <maintainer>ltning-jailctl@anduin.net</maintainer> </package> @@ -1514,15 +1514,15 @@ <status>Beta</status> <maintainer>jimp@pfsense.org</maintainer> <required_version>1.2.3</required_version> - <config_file>http://www.pfsense.org/packages/config/blinkled8/blinkled.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/blinkled8/blinkled.xml</config_file> <configurationfile>blinkled.xml</configurationfile> - <pkginfolink>http://doc.pfsense.org/index.php/BlinkLED_Package</pkginfolink> - <website>http://doc.pfsense.org/index.php/BlinkLED_Package</website> + <pkginfolink>https://doc.pfsense.org/index.php/BlinkLED_Package</pkginfolink> + <website>https://doc.pfsense.org/index.php/BlinkLED_Package</website> <build_port_path>/usr/ports/sysutils/blinkled</build_port_path> <build_pbi> <port>sysutils/blinkled</port> </build_pbi> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>blinkled-0.1.tbz</depends_on_package> <depends_on_package_pbi>blinkled-0.1-i386.pbi</depends_on_package_pbi> </package> @@ -1534,14 +1534,14 @@ <status>Beta</status> <maintainer>jimp@pfsense.org</maintainer> <required_version>2.0</required_version> - <config_file>http://www.pfsense.org/packages/config/gwled/gwled.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/gwled/gwled.xml</config_file> <configurationfile>gwled.xml</configurationfile> </package> <package> <name>Dashboard Widget: Snort</name> <descr>Dashboard widget for Snort.</descr> <category>System</category> - <config_file>http://www.pfsense.com/packages/config/widget-snort/widget-snort.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/widget-snort/widget-snort.xml</config_file> <version>0.3.7</version> <status>BETA</status> <required_version>1.2</required_version> @@ -1551,7 +1551,7 @@ <name>Dashboard Widget: HAVP</name> <descr>Dashboard widget for HAVP alerts.</descr> <category>System</category> - <config_file>http://www.pfsense.com/packages/config/widget-havp/widget-havp.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/widget-havp/widget-havp.xml</config_file> <version>0.1</version> <status>BETA</status> <required_version>1.2</required_version> @@ -1561,7 +1561,7 @@ <name>Dashboard Widget: Antivirus Status</name> <descr>Dashboard widget for HAVP status.</descr> <category>System</category> - <config_file>http://www.pfsense.com/packages/config/widget-antivirus/widget-antivirus.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/widget-antivirus/widget-antivirus.xml</config_file> <version>0.1</version> <status>BETA</status> <required_version>1.2</required_version> @@ -1575,7 +1575,7 @@ <status>Beta</status> <maintainer>jimp@pfsense.org</maintainer> <required_version>1.2.3</required_version> - <config_file>http://www.pfsense.org/packages/config/rrd-summary/rrd-summary.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/rrd-summary/rrd-summary.xml</config_file> <configurationfile>rrd-summary.xml</configurationfile> </package> <package> @@ -1587,10 +1587,10 @@ <status>Alpha</status> <maintainer>warren@decoy.co.za</maintainer> <required_version>2.0</required_version> - <pkginfolink>http://doc.pfsense.org/index.php/Unbound_package</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/unbound/unbound.xml</config_file> + <pkginfolink>https://doc.pfsense.org/index.php/Unbound_package</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/unbound/unbound.xml</config_file> <configurationfile>unbound.xml</configurationfile> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>unbound-1.4.21_1.tbz</depends_on_package> <depends_on_package>ldns-1.6.16.tbz</depends_on_package> <depends_on_package>expat-2.0.1_2.tbz</depends_on_package> @@ -1618,7 +1618,7 @@ <descr>The shellcmd utility is used to manage commands on system startup.</descr> <category>Services</category> <pkginfolink></pkginfolink> - <config_file>http://www.pfsense.com/packages/config/shellcmd/shellcmd.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/shellcmd/shellcmd.xml</config_file> <version>0.5</version> <status>Beta</status> <required_version>1.2</required_version> @@ -1635,7 +1635,7 @@ <status>BETA</status> <required_version>2.0</required_version> <maintainer>ey@tm-k.com</maintainer> - <config_file>http://www.pfsense.org/packages/config/widescreen/widescreen.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/widescreen/widescreen.xml</config_file> <configurationfile>widescreen.xml</configurationfile> <!-- Disabling on 2.0.2 and 2.1 since it overwrites the menu --> <maximum_version>2.0.1</maximum_version> @@ -1645,7 +1645,7 @@ <website>http://wiki.nagios.org/index.php/Howtos:nrpe_nsca</website> <descr>NRPE is an addon for Nagios that allows you to execute plugins on remote Linux/Unix hosts. This is useful if you need to monitor local resources/attributes like disk usage, CPU load, memory usage, etc. on a remote host.</descr> <category>Services</category> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>nrpe-2.12_3.tbz</depends_on_package> <depends_on_package>nagios-plugins-1.4.15_1,1.tbz</depends_on_package> <depends_on_package_pbi>nrpe-2.13_2-i386.pbi</depends_on_package_pbi> @@ -1656,7 +1656,7 @@ <port>net-mgmt/nrpe</port> </build_pbi> <build_options>nrpe_SET=SSL;nrpe_UNSET_FORCE=ARGS</build_options> - <config_file>http://www.pfsense.com/packages/config/nrpe2/nrpe2.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/nrpe2/nrpe2.xml</config_file> <version>2.12_3 v2.2</version> <status>Beta</status> <required_version>1.2</required_version> @@ -1668,7 +1668,7 @@ <website>https://github.com/sileht/check_mk/blob/master/doc/README</website> <descr><![CDATA[The basic idea of check_mk is to fetch "all" information about a target host at once.<br>For each host to be monitored check_mk is called by Nagios only once per time period.]]></descr> <category>Services</category> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <build_port_path>/usr/ports/sysutils/muse</build_port_path> <build_port_path>/usr/ports/sysutils/ipmitool</build_port_path> <build_port_path>devel/libstatgrab</build_port_path> @@ -1677,7 +1677,7 @@ <port>sysutils/muse</port> </build_pbi> <build_options></build_options> - <config_file>http://www.pfsense.com/packages/config/checkmk-agent/checkmk.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/checkmk-agent/checkmk.xml</config_file> <version>v0.1</version> <status>RC1</status> <required_version>2.0</required_version> @@ -1692,7 +1692,7 @@ <version>1.0</version> <status>Beta</status> <required_version>2.0</required_version> - <config_file>http://www.pfsense.com/packages/config/sshdcond/sshdcond.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/sshdcond/sshdcond.xml</config_file> <maintainer>namezero@afim.info</maintainer> <configurationfile>sshdcond.xml</configurationfile> </package> @@ -1703,7 +1703,7 @@ <version>2.0.9</version> <status>Stable</status> <required_version>2.0</required_version> - <config_file>http://www.pfsense.com/packages/config/mailreport/mailreport.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/mailreport/mailreport.xml</config_file> <configurationfile>mailreport.xml</configurationfile> </package> <package> @@ -1717,10 +1717,10 @@ <website>www.winton.org.uk/zebedee/</website> <maintainer>jorgelustosa@gmail.com marcellocoutinho@gmail.com</maintainer> <required_version>2.0</required_version> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>zebedee-2.5.3.tbz</depends_on_package> <depends_on_package_pbi>zebedee-2.5.3-i386.pbi</depends_on_package_pbi> - <config_file>http://www.pfsense.com/packages/config/zebedee/zebedee.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/zebedee/zebedee.xml</config_file> <configurationfile>zebedee.xml</configurationfile> <build_port_path>/usr/ports/security/zebedee</build_port_path> </package> @@ -1728,7 +1728,7 @@ <name>OpenVPN tap Bridging Fix</name> <descr>Patch to fix OpenVPN tap bridging on 2.0.x. WARNING! Cannot be uninstalled.</descr> <category>System</category> - <config_file>http://www.pfsense.com/packages/config/openvpn_tapfix_20x/openvpn_tapfix_20x.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/openvpn_tapfix_20x/openvpn_tapfix_20x.xml</config_file> <version>0.4</version> <status>BETA</status> <required_version>2.0</required_version> @@ -1741,10 +1741,10 @@ <version>0.99.22.3 v0.6.1</version> <category>Routing</category> <status>BETA</status> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>quagga-0.99.22.3.tbz</depends_on_package> <depends_on_package_pbi>quagga-0.99.22.3-i386.pbi</depends_on_package_pbi> - <config_file>http://www.pfsense.com/packages/config/quagga_ospfd/quagga_ospfd.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/quagga_ospfd/quagga_ospfd.xml</config_file> <build_port_path>/usr/ports/net/quagga</build_port_path> <pkginfolink></pkginfolink> <required_version>2.0</required_version> @@ -1757,7 +1757,7 @@ <version>1.0</version> <category>System</category> <status>RELEASE</status> - <config_file>http://www.pfsense.com/packages/config/systempatches/systempatches.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/systempatches/systempatches.xml</config_file> <pkginfolink></pkginfolink> <required_version>2.0</required_version> <configurationfile>systempatches.xml</configurationfile> @@ -1771,8 +1771,8 @@ <version>5.2.12_3 pkg v 1.0.1</version> <status>Stable</status> <required_version>2.0</required_version> - <config_file>http://www.pfsense.com/packages/config/bacula-client/bacula-client.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/bacula-client/bacula-client.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>bacula-client-5.2.12_3.tbz</depends_on_package> <depends_on_package_pbi>bacula-5.2.12_3-i386.pbi</depends_on_package_pbi> <build_port_path>/usr/ports/sysutils/bacula-client</build_port_path> @@ -1786,50 +1786,50 @@ <package> <!-- This does not exist yet, this is here to trigger a PBI build --> <name>urlsnarf</name> - <pkginfolink>http://forum.pfsense.org/</pkginfolink> + <pkginfolink>https://forum.pfsense.org/</pkginfolink> <descr><![CDATA[HTTP URL Sniffer (console/shell only)]]></descr> <category>Services</category> <version>2.3_4</version> <status>Beta</status> <required_version>2.1</required_version> - <config_file>http://www.pfsense.com/packages/config/urlsnarf/urlsnarf.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/urlsnarf/urlsnarf.xml</config_file> <maintainer>jimp@pfsense.org</maintainer> <configurationfile>urlsnarf.xml</configurationfile> <build_pbi> <ports_before>net/libnet10</ports_before> <port>security/dsniff</port> </build_pbi> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package_pbi>dsniff-2.3_4-i386.pbi</depends_on_package_pbi> </package> <package> <!-- This does not exist yet, this is here to trigger a PBI build --> <name>iftop</name> - <pkginfolink>http://forum.pfsense.org/</pkginfolink> + <pkginfolink>https://forum.pfsense.org/</pkginfolink> <descr><![CDATA[Realtime interface monitor (console/shell only)]]></descr> <category>Services</category> <version>0.17</version> <status>Beta</status> <required_version>2.1</required_version> - <config_file>http://www.pfsense.com/packages/config/iftop/iftop.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/iftop/iftop.xml</config_file> <maintainer>jimp@pfsense.org</maintainer> <configurationfile>iftop.xml</configurationfile> <build_pbi> <port>net-mgmt/iftop</port> </build_pbi> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package_pbi>iftop-0.17-i386.pbi</depends_on_package_pbi> </package> <package> <!-- This does not exist yet, this is here to trigger a pkg build --> <name>git</name> - <pkginfolink>http://forum.pfsense.org/</pkginfolink> + <pkginfolink>https://forum.pfsense.org/</pkginfolink> <descr><![CDATA[GIT Source Code Management (console/shell only)]]></descr> <category>Services</category> <version>1.8.5.2</version> <status>Beta</status> <required_version>2.1</required_version> - <config_file>http://www.pfsense.com/packages/config/git/git.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/git/git.xml</config_file> <maintainer>jimp@pfsense.org</maintainer> <configurationfile>git.xml</configurationfile> <build_options>git_UNSET_FORCE=GITWEB GUI HTMLDOCS CVS P4 SVN;git_SET=CONTRIB CURL ETCSHELLS ICONV NLS PERL</build_options> @@ -1837,7 +1837,7 @@ <build_pbi> <port>devel/git</port> </build_pbi> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package_pbi>git-1.8.5.2-i386.pbi</depends_on_package_pbi> </package> <package> @@ -1845,7 +1845,7 @@ <website>http://www.tinc-vpn.org/</website> <descr>tinc is a Virtual Private Network (VPN) daemon that uses tunnelling and encryption to create a secure private mesh network between hosts on the Internet.</descr> <category>Network Management</category> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package_pbi>tinc-1.0.21-i386.pbi</depends_on_package_pbi> <build_pbi> <port>security/tinc</port> @@ -1853,9 +1853,9 @@ <build_options></build_options> <version>1.0.21 v1.1</version> <status>ALPHA</status> - <pkginfolink>http://doc.pfsense.org/index.php/tinc_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/tinc_package</pkginfolink> <required_version>2.1</required_version> - <config_file>http://www.pfsense.com/packages/config/tinc/tinc.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/tinc/tinc.xml</config_file> <configurationfile>tinc.xml</configurationfile> <logging> <facilityname>tinc</facilityname> @@ -1871,7 +1871,7 @@ <version>3.3.7_4</version> <status>ALPHA</status> <required_version>2.1</required_version> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package_pbi>syslog-ng-3.3.7_4-i386.pbi</depends_on_package_pbi> <build_pbi> <ports_before>sysutils/logrotate</ports_before> @@ -1879,15 +1879,15 @@ </build_pbi> <build_options></build_options> <maintainer>laleger@gmail.com</maintainer> - <config_file>http://www.pfsense.com/packages/config/syslog-ng/syslog-ng.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/syslog-ng/syslog-ng.xml</config_file> <configurationfile>syslog-ng.xml</configurationfile> </package> <package> <name>Zabbix-2 Agent</name> <descr>Monitoring agent.</descr> <category>Services</category> - <config_file>http://www.pfsense.org/packages/config/zabbix2/zabbix2-agent.xml</config_file> - <version>zabbix2-agent-2.2.1 pkg v0.8_0</version> + <config_file>https://packages.pfsense.org/packages/config/zabbix2/zabbix2-agent.xml</config_file> + <version>zabbix2-agent-2.2.2 pkg v0.8_1</version> <status>BETA</status> <required_version>2.0</required_version> <configurationfile>zabbix2-agent.xml</configurationfile> @@ -1897,16 +1897,16 @@ <custom_name>zabbix22-agent</custom_name> <port>net-mgmt/zabbix22-agent</port> </build_pbi> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> - <depends_on_package>zabbix22-agent-2.2.1.tbz</depends_on_package> - <depends_on_package_pbi>zabbix22-agent-2.2.1-i386.pbi</depends_on_package_pbi> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package>zabbix22-agent-2.2.2.tbz</depends_on_package> + <depends_on_package_pbi>zabbix22-agent-2.2.2-i386.pbi</depends_on_package_pbi> </package> <package> <name>Zabbix-2 Proxy</name> <descr>Monitoring agent proxy.</descr> <category>Services</category> - <config_file>http://www.pfsense.org/packages/config/zabbix2/zabbix2-proxy.xml</config_file> - <version>zabbix2-proxy-2.2.1 pkg v0.8_0</version> + <config_file>https://packages.pfsense.org/packages/config/zabbix2/zabbix2-proxy.xml</config_file> + <version>zabbix2-proxy-2.2.2 pkg v0.8_1</version> <status>BETA</status> <required_version>2.0</required_version> <configurationfile>zabbix2-proxy.xml</configurationfile> @@ -1917,45 +1917,45 @@ <port>net-mgmt/zabbix22-proxy</port> </build_pbi> <build_options>OPTIONS_SET+= SQLITE IPV6;OPTIONS_UNSET+= MYSQL JABBER GSSAPI</build_options> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> - <depends_on_package>zabbix22-proxy-2.2.1.tbz</depends_on_package> - <depends_on_package_pbi>zabbix22-proxy-2.2.1-i386.pbi</depends_on_package_pbi> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package>zabbix22-proxy-2.2.2.tbz</depends_on_package> + <depends_on_package_pbi>zabbix22-proxy-2.2.2-i386.pbi</depends_on_package_pbi> </package> <package> <!-- This does not exist yet, this is here to trigger a PBI build --> <name>ipmitool</name> - <pkginfolink>http://forum.pfsense.org/</pkginfolink> + <pkginfolink>https://forum.pfsense.org/</pkginfolink> <descr><![CDATA[IPMI Tools for local/remote data retrieval and control (Console only, no GUI)]]></descr> <category>Services</category> <version>1.8.12</version> <status>Beta</status> <required_version>2.1</required_version> - <config_file>http://www.pfsense.com/packages/config/ipmitool/ipmitool.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/ipmitool/ipmitool.xml</config_file> <maintainer>jimp@pfsense.org</maintainer> <configurationfile>ipmitool.xml</configurationfile> <build_pbi> <port>sysutils/ipmitool</port> </build_pbi> <build_options>ipmitool_SET=FREEIPMI;freeipmi_UNSET_FORCE=DOCS DEBUG IOPERM</build_options> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package_pbi>ipmitool-1.8.12_3-i386.pbi</depends_on_package_pbi> </package> <package> <name>sudo</name> - <pkginfolink>http://doc.pfsense.org/index.php/Sudo_Package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Sudo_Package</pkginfolink> <descr><![CDATA[sudo allows delegation of privileges to users in the shell so commands can be run as other users, such as root.]]></descr> <category>Security</category> <version>0.2</version> <status>Beta</status> <required_version>2.0.2</required_version> - <config_file>http://www.pfsense.com/packages/config/sudo/sudo.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/sudo/sudo.xml</config_file> <maintainer>jimp@pfsense.org</maintainer> <configurationfile>sudo.xml</configurationfile> <build_pbi> <port>security/sudo</port> </build_pbi> <build_port_path>/usr/ports/security/sudo</build_port_path> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>sudo-1.8.6.p8.tbz</depends_on_package> <depends_on_package_pbi>sudo-1.8.6p8-i386.pbi</depends_on_package_pbi> </package> @@ -1966,7 +1966,7 @@ <version>1.5</version> <category>Services</category> <status>BETA</status> - <config_file>http://www.pfsense.com/packages/config/servicewatchdog/servicewatchdog.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/servicewatchdog/servicewatchdog.xml</config_file> <pkginfolink></pkginfolink> <required_version>2.1</required_version> <configurationfile>servicewatchdog.xml</configurationfile> @@ -1976,8 +1976,8 @@ <website>http://code.google.com/p/softflowd/</website> <descr>Softflowd is flow-based network traffic analyser capable of Cisco NetFlow data export. Softflowd semi-statefully tracks traffic flows recorded by listening on a network interface or by reading a packet capture file. These flows may be reported via NetFlow to a collecting host or summarised within softflowd itself. Softflowd supports Netflow versions 1, 5 and 9 and is fully IPv6-capable - it can track IPv6 flows and send export datagrams via IPv6. It also supports export to multicast groups, allowing for redundant flow collectors.</descr> <category>Network Management</category> - <config_file>http://www.pfsense.com/packages/config/softflowd/softflowd.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/softflowd/softflowd.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package_pbi>softflowd-0.9.8_2-i386.pbi</depends_on_package_pbi> <version>0.9.8</version> <status>Beta</status> @@ -1992,7 +1992,7 @@ <name>Apcupsd</name> <descr>Set of programs for controlling APC UPS.</descr> <category>Services</category> - <config_file>http://www.pfsense.org/packages/config/apcupsd/apcupsd.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/apcupsd/apcupsd.xml</config_file> <version>apcupsd-3.14.10_1 pkg v0.2</version> <status>BETA</status> <required_version>2.0</required_version> @@ -2004,7 +2004,7 @@ <port>sysutils/apcupsd</port> </build_pbi> <build_options>apcupsd_SET=APCSMART_DRV APCDUMB_DRV PCNET_DRV USB TCP_WRAPPERS SNMP_DRV;apcupsd_UNSET_FORCE=CLIENT_ONLY CGI SNMP_DRV_OLD TEST_DRV GAPCMON DOCS</build_options> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>apcupsd-3.14.10_1.tbz</depends_on_package> <depends_on_package_pbi>apcupsd-3.14.10_1-i386.pbi</depends_on_package_pbi> </package> @@ -2015,9 +2015,9 @@ <category>Network Management</category> <version>1.0.4</version> <status>BETA</status> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package_pbi>ladvd-1.0.4-i386.pbi</depends_on_package_pbi> - <config_file>http://www.pfsense.org/packages/config/ladvd/ladvd.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/ladvd/ladvd.xml</config_file> <build_port_path>/usr/ports/net/ladvd</build_port_path> <pkginfolink></pkginfolink> <required_version>2.1</required_version> @@ -2028,18 +2028,18 @@ <website>http://suricata-ids.org/</website> <descr><![CDATA[Suricata is the OISF IDP engine, the open source Intrusion Detection and Prevention Engine.]]></descr> <category>Security</category> - <version>1.4.6 pkg v0.1</version> + <version>1.4.6 pkg v0.2</version> <status>BETA</status> <required_version>2.1</required_version> - <config_file>http://www.pfsense.org/packages/config/suricata/suricata.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/suricata/suricata.xml</config_file> <configurationfile>suricata.xml</configurationfile> <build_pbi> <port>security/suricata</port> <ports_after>security/barnyard2</ports_after> </build_pbi> - <build_options>barnyard2_UNSET=ODBC PGSQL PRELUDE;barnyard2_SET=GRE IPV6 MPLS MYSQL PORT_PCAP;suricata_SET=IPFW PORTS_PCAP TESTS;suricata_UNSET=PRELUDE</build_options> + <build_options>barnyard2_UNSET=ODBC PGSQL PRELUDE;barnyard2_SET=GRE IPV6 MPLS MYSQL PORT_PCAP BRO;suricata_SET=IPFW PORTS_PCAP TESTS;suricata_UNSET=PRELUDE</build_options> <build_port_path>/usr/ports/security/suricata</build_port_path> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package_pbi>suricata-1.4.6-i386.pbi</depends_on_package_pbi> </package> </packages> diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64 index 05ce8f0c..a8289a3c 100644 --- a/pkg_config.8.xml.amd64 +++ b/pkg_config.8.xml.amd64 @@ -9,14 +9,14 @@ <package> <name>someprogram</name> <internal_name>someprogram</internal_name> - <pkginfolink>http://forum.pfsense.org/</pkginfolink> + <pkginfolink>https://forum.pfsense.org/</pkginfolink> <descr><![CDATA[Some cool program]]></descr> <website>http://www.example.org/someprogram</website> <category>Services</category> <version>0.99</version> <status>Beta</status> <required_version>2.1</required_version> - <config_file>http://www.pfsense.com/packages/config/someprogram/someprogram.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/someprogram/someprogram.xml</config_file> <maintainer>me@example.com</maintainer> <configurationfile>someprogram.xml</configurationfile> <build_pbi> @@ -24,21 +24,21 @@ <port>net/someprogram</port> <ports_after>www/somethingelsetoputinthepbi www/somethingelse</ports_after> </build_pbi> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package_pbi>someprogram-0.99-amd64.pbi</depends_on_package_pbi> </package> --> <package> <name>Asterisk</name> - <pkginfolink>http://forum.pfsense.org/index.php/topic,47210.0.html</pkginfolink> + <pkginfolink>https://forum.pfsense.org/index.php/topic,47210.0.html</pkginfolink> <descr><![CDATA[Asterisk is an open source framework for building communications applications.<br />Asterisk turns an ordinary computer into a communications server.]]></descr> <website>http://www.asterisk.org/</website> <category>Services</category> <version>1.8 pkg v0.3.1</version> <status>Beta</status> <required_version>2.0</required_version> - <config_file>http://www.pfsense.com/packages/config/asterisk/asterisk.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/asterisk/asterisk.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>asterisk18-1.8.25.0.tbz</depends_on_package> <depends_on_package>openldap-client-2.4.38.tbz</depends_on_package> <depends_on_package_pbi>asterisk-1.8.25.0-amd64.pbi</depends_on_package_pbi> @@ -49,16 +49,16 @@ </package> <package> <name>bind</name> - <!-- <pkginfolink>http://doc.pfsense.org/index.php/bind</pkginfolink> --> + <!-- <pkginfolink>https://doc.pfsense.org/index.php/bind</pkginfolink> --> <descr><![CDATA[The most widely used name server software]]></descr> <website>http://www.isc.org/downloads/BIND/</website> <category>Services</category> <version>9.9.4 pkg v 0.3.2</version> <status>RC</status> <required_version>2.1</required_version> - <config_file>http://www.pfsense.com/packages/config/bind/bind.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/bind/bind.xml</config_file> <configurationfile>bind.xml</configurationfile> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package_pbi>bind-9.9.4-amd64.pbi</depends_on_package_pbi> <build_port_path>/usr/ports/dns/bind99</build_port_path> <build_pbi> @@ -72,8 +72,8 @@ <website/> <descr>Allows you to create and overwrite files from the GUI.</descr> <category>File Management</category> - <pkginfolink>http://doc.pfsense.org/index.php/Filer_package</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/filer/filer.xml</config_file> + <pkginfolink>https://doc.pfsense.org/index.php/Filer_package</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/filer/filer.xml</config_file> <version>0.60</version> <status>Beta</status> <required_version>2.0</required_version> @@ -85,9 +85,9 @@ <website/> <descr>Block countries - This has been replaced by pfblocker. <u>This is a legacy app</u></descr> <category>Firewall</category> - <pkginfolink>http://forum.pfsense.org/index.php/topic,25732.0.html</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/countryblock/countryblock.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <pkginfolink>https://forum.pfsense.org/index.php/topic,25732.0.html</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/countryblock/countryblock.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <version>0.2.4</version> <status>Beta</status> <required_version>1.2.2</required_version> @@ -99,8 +99,8 @@ <website/> <descr>PHP File Manager</descr> <category>Diagnostics</category> - <pkginfolink>http://forum.pfsense.org/index.php/topic,26974.0.html</pkginfolink> - <config_file>http://pfsense.org/packages/config/filemgr/filemgr.xml</config_file> + <pkginfolink>https://forum.pfsense.org/index.php/topic,26974.0.html</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/filemgr/filemgr.xml</config_file> <version>0.1.3</version> <status>Beta</status> <required_version>2.0</required_version> @@ -115,9 +115,9 @@ This package also Block countries and IP ranges.<br /> pfBlocker replaces Countryblock and IPblocklist.]]></descr> <category>Firewall</category> - <pkginfolink>http://forum.pfsense.org/index.php/topic,42543.0.html</pkginfolink> - <config_file>http://pfsense.org/packages/config/pf-blocker/pfblocker.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <pkginfolink>https://forum.pfsense.org/index.php/topic,42543.0.html</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/pf-blocker/pfblocker.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <version>1.0.2</version> <status>Release</status> <required_version>2.0</required_version> @@ -128,17 +128,17 @@ <name>anyterm</name> <descr>Ajax Interactive Shell - Have you ever wanted SSH or telnet access to your system from an internet desert - from behind a strict firewall, from an internet cafe, or even from a mobile phone? Anyterm is a combination of a web page and a process that runs on your web server that provides this access. WARNING! We suggest using Stunnel in combination with this package!</descr> <website>http://anyterm.org/</website> - <pkginfolink>http://doc.pfsense.org/index.php/AnyTerm_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/AnyTerm_package</pkginfolink> <category>Diagnostics</category> <version>0.5</version> <status>BETA</status> <required_version>1.2.3</required_version> - <config_file>http://www.pfsense.com/packages/config/anyterm/anyterm.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/anyterm/anyterm.xml</config_file> <configurationfile>anyterm.xml</configurationfile> </package> <package> <name>haproxy</name> - <pkginfolink>http://doc.pfsense.org/index.php/haproxy_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/haproxy_package</pkginfolink> <descr><![CDATA[The Reliable, High Performance TCP/HTTP Load Balancer<br /> This package implements both TCP and HTTP balance features from Haproxy.<br /> Supports acl's for smart backend switching.]]></descr> @@ -147,16 +147,16 @@ <version>1.4.24 pkg v 1.2.4</version> <status>Release</status> <required_version>2.0</required_version> - <config_file>http://www.pfsense.com/packages/config/haproxy/haproxy.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/haproxy/haproxy.xml</config_file> <configurationfile>haproxy.xml</configurationfile> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>haproxy-1.4.24.tbz</depends_on_package> <depends_on_package_pbi>haproxy-1.4.24-amd64.pbi</depends_on_package_pbi> <build_port_path>/usr/ports/net/haproxy</build_port_path> </package> <package> <name>haproxy-full</name> - <pkginfolink>http://doc.pfsense.org/index.php/haproxy_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/haproxy_package</pkginfolink> <descr><![CDATA[The Reliable, High Performance TCP/HTTP Load Balancer<br /> This package implements both TCP and HTTP balance features from Haproxy.<br /> (Legacy version)]]></descr> @@ -165,15 +165,15 @@ <version>1.4.24 pkg v 1.1</version> <status>Release</status> <required_version>2.0</required_version> - <config_file>http://www.pfsense.com/packages/config/haproxy-legacy/haproxy.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/haproxy-legacy/haproxy.xml</config_file> <configurationfile>haproxy.xml</configurationfile> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>haproxy-1.4.24.tbz</depends_on_package> <depends_on_package_pbi>haproxy-1.4.24-amd64.pbi</depends_on_package_pbi> </package> <package> <name>haproxy-devel</name> - <pkginfolink>http://doc.pfsense.org/index.php/haproxy_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/haproxy_package</pkginfolink> <descr><![CDATA[The Reliable, High Performance TCP/HTTP(s) Load Balancer<br /> This package implements TCP, HTTP and HTTPS balance features from Haproxy.<br /> Supports acl's for smart backend switching.]]></descr> @@ -182,9 +182,9 @@ <version>1.5-dev22 pkg v 0.7</version> <status>Release</status> <required_version>2.1</required_version> - <config_file>http://www.pfsense.com/packages/config/haproxy-devel/haproxy.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/haproxy-devel/haproxy.xml</config_file> <configurationfile>haproxy.xml</configurationfile> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>haproxy-1.4.22.tbz</depends_on_package> <depends_on_package_pbi>haproxy-devel-1.5-dev22-amd64.pbi</depends_on_package_pbi> <build_port_path>/usr/ports/net/haproxy-devel</build_port_path> @@ -197,7 +197,7 @@ </package> <package> <name>Apache with mod_security-dev</name> - <pkginfolink>http://doc.pfsense.org/index.php/ProxyServerModSecurity_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/ProxyServerModSecurity_package</pkginfolink> <website>http://www.modsecurity.org/</website> <descr><![CDATA[ModSecurity is a web application firewall that can work either embedded or as a reverse proxy.<br> It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.<br> @@ -207,8 +207,8 @@ <version>2.4.6 pkg v0.3</version> <status>ALPHA</status> <required_version>2.0</required_version> - <config_file>http://www.pfsense.com/packages/config/apache_mod_security-dev/apache_virtualhost.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/apache_mod_security-dev/apache_virtualhost.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>db42-4.2.52_5.tbz</depends_on_package> <depends_on_package>gdbm-1.9.1.tbz</depends_on_package> <depends_on_package>apr-ipv6-devrandom-gdbm-db42-1.4.5.1.3.12_1.tbz</depends_on_package> @@ -246,15 +246,15 @@ </package> <package> <name>Proxy Server with mod_security</name> - <pkginfolink>http://doc.pfsense.org/index.php/ProxyServerModSecurity_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/ProxyServerModSecurity_package</pkginfolink> <website>http://www.modsecurity.org/</website> <descr>ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. In addition this package allows URL forwarding which can be convenient for hosting multiple websites behind pfSense using 1 IP address.</descr> <category>Network Management</category> <version>0.1.3</version> <status>ALPHA</status> <required_version>2.0</required_version> - <config_file>http://www.pfsense.com/packages/config/apache_mod_security/apache_mod_security.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/apache_mod_security/apache_mod_security.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>db42-4.2.52_5.tbz</depends_on_package> <depends_on_package>gdbm-1.9.1.tbz</depends_on_package> <depends_on_package>apr-ipv6-devrandom-gdbm-db42-1.4.5.1.3.12_1.tbz</depends_on_package> @@ -295,8 +295,8 @@ <website>http://www.pureftpd.org/</website> <descr>*DO NOT RUN THIS ON A FIREWALL. USE A DEDICATED MACHINE!* Pure FTPd Server is a fast, production quality, standards-conformant FTP server based on Troll-FTPd. It has no known vulnerabilities, is trivial to set up, and is especially designed for modern kernels. Features include PAM support, IPv6, chroot()ed home directories, virtual domains, built-in 'ls', FXP protocol, anti-warez system, bandwidth throttling, restricted ports for passive downloads, an LDAP backend, XML output, and more.</descr> <category>FTP</category> - <config_file>http://www.pfsense.com/packages/config/pure-ftpd.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/pure-ftpd.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>pure-ftpd-1.0.35.tbz</depends_on_package> <depends_on_package_pbi>pure-ftpd-1.0.36-amd64.pbi</depends_on_package_pbi> <build_port_path>/usr/ports/ftp/pure-ftpd</build_port_path> @@ -313,11 +313,11 @@ </package> <package> <name>Avahi</name> - <pkginfolink>http://doc.pfsense.org/index.php/Avahi_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Avahi_package</pkginfolink> <website>http://www.avahi.org/</website> <descr>Avahi is a system which facilitates service discovery on a local network. This means that you can plug your laptop or computer into a network and instantly be able to view other people who you can chat with, find printers to print to or find files being shared. This kind of technology is already found in Apple MacOS X (branded Rendezvous, Bonjour and sometimes Zeroconf) and is very convenient. Avahi is mainly based on Lennart Poettering's flexmdns mDNS implementation for Linux which has been discontinued in favour of Avahi.</descr> <category>Network Management</category> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <build_port_path>/usr/ports/net/avahi</build_port_path> <build_port_path>/usr/ports/net/avahi-app</build_port_path> <build_options>avahi_UNSET_FORCE=GTK</build_options> @@ -329,7 +329,7 @@ <version>0.6.29 pkg v1.02</version> <status>ALPHA</status> <required_version>1.2.3</required_version> - <config_file>http://www.pfsense.com/packages/config/avahi/avahi.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/avahi/avahi.xml</config_file> <configurationfile>avahi.xml</configurationfile> <after_install_info>Please visit the Avahi settings tab and select which interfaces you do not wish Avahi to listen on and click save to start the service.</after_install_info> </package> @@ -338,7 +338,7 @@ <website>http://www.ntop.org/</website> <descr>ntop is a network probe that shows network usage in a way similar to what top does for processes. In interactive mode, it displays the network status on the user's terminal. In Web mode it acts as a Web server, creating an HTML dump of the network status. It sports a NetFlow/sFlow emitter/collector, an HTTP-based client interface for creating ntop-centric monitoring applications, and RRD for persistently storing traffic statistics.</descr> <category>Network Management</category> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package_pbi>ntop-5.0.1-amd64.pbi</depends_on_package_pbi> <depends_on_package>rrdtool-1.2.30_2.tbz</depends_on_package> <depends_on_package>gdbm-1.9.1.tbz</depends_on_package> @@ -363,7 +363,7 @@ <version>5.0.1 v2.3</version> <status>BETA</status> <required_version>2.0</required_version> - <config_file>http://www.pfsense.com/packages/config/ntop2/ntop.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/ntop2/ntop.xml</config_file> <configurationfile>ntop.xml</configurationfile> <noembedded>true</noembedded> </package> @@ -372,9 +372,9 @@ <website>http://www.freeswitch.org/</website> <descr>FreeSWITCH is an open source telephony platform designed to facilitate the creation of voice and chat driven products scaling from a soft-phone up to a soft-switch. It can be used as a simple switching engine, a PBX, a media gateway or a media server to host IVR applications using simple scripts or XML to control the callflow. </descr> <category>Services</category> - <pkginfolink>http://doc.pfsense.org/index.php/FreeSWITCH</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/freeswitch/freeswitch.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <pkginfolink>https://doc.pfsense.org/index.php/FreeSWITCH</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/freeswitch/freeswitch.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package_pbi>freeswitch-1.0.6_1-amd64.pbi</depends_on_package_pbi> <build_port_path>/usr/ports/net/freeswitch</build_port_path> <version>0.8.3.6</version> @@ -390,9 +390,9 @@ <website>http://www.freeswitch.org/</website> <descr>FreeSWITCH package development version.</descr> <category>Services</category> - <pkginfolink>http://doc.pfsense.org/index.php/FreeSWITCH</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/freeswitch_dev/freeswitch.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <pkginfolink>https://doc.pfsense.org/index.php/FreeSWITCH</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/freeswitch_dev/freeswitch.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <build_port_path>/usr/ports/net/freeswitch</build_port_path> <version>0.9.7.26</version> <status>Beta</status> @@ -407,8 +407,8 @@ <descr>Track things you want to note for this system.</descr> <category>Status</category> <pkginfolink/> - <config_file>http://www.pfsense.com/packages/config/notes/notes.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/notes/notes.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <version>0.2.4</version> <status>Alpha</status> <required_version>1.2.1</required_version> @@ -421,8 +421,8 @@ <descr>Trivial File Transport Protocol is a very simple file transfer protocol. Often used with routers, voip phones and more.</descr> <category>Services</category> <pkginfolink/> - <config_file>http://www.pfsense.com/packages/config/tftp2/tftp.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/tftp2/tftp.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <version>2.0</version> <status>Stable</status> <required_version>2.0</required_version> @@ -433,9 +433,9 @@ <website/> <descr>PHP run as a service it can do anything PHP can do including but not limited to monitoring files, CPU, RAM, and send alerts to the syslog.</descr> <category>Services</category> - <pkginfolink>http://doc.pfsense.org/index.php/PHPService</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/phpservice/phpservice.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <pkginfolink>https://doc.pfsense.org/index.php/PHPService</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/phpservice/phpservice.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <version>0.4.1</version> <status>Beta</status> <required_version>1.2.1</required_version> @@ -448,8 +448,8 @@ <descr>Tool to Backup and Restore files and directories.</descr> <category>System</category> <pkginfolink></pkginfolink> - <config_file>http://www.pfsense.com/packages/config/backup/backup.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/backup/backup.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <version>0.1.5</version> <status>Beta</status> <required_version>1.2</required_version> @@ -462,8 +462,8 @@ <descr>The cron utility is used to manage commands on a schedule.</descr> <category>Services</category> <pkginfolink></pkginfolink> - <config_file>http://www.pfsense.com/packages/config/cron/cron.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/cron/cron.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <version>0.1.8</version> <status>Beta</status> <required_version>1.2</required_version> @@ -475,9 +475,9 @@ <website/> <descr>It is a web server package that can host HTML, Javascript, CSS, and PHP. It uses the lighttpd web server that is already installed. It uses PHP5 in FastCGI mode and has access to PHP Data Ojbects and PDO SQLite.</descr> <category>Services</category> - <pkginfolink>http://doc.pfsense.org/index.php/vhosts</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/vhosts/vhosts.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <pkginfolink>https://doc.pfsense.org/index.php/vhosts</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/vhosts/vhosts.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <version>0.7.4</version> <status>Stable</status> <required_version>1.2.3</required_version> @@ -490,7 +490,7 @@ <website>http://www.snort.org</website> <descr>Snort is an open source network intrusion prevention and detection system (IDS/IPS). Combining the benefits of signature, protocol, and anomaly-based inspection.</descr> <category>Security</category> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>mysql55-client-5.5.35.tbz</depends_on_package> <depends_on_package>barnyard2-1.13.tbz</depends_on_package> <depends_on_package>libnet-1.1.6_1,1.tbz </depends_on_package> @@ -512,7 +512,7 @@ </build_pbi> <!-- Use both styles for now, since our snort port isn't yet optionsng, but barnyard2 and others are. --> <build_options>barnyard2_UNSET_FORCE=ODBC PGSQL PRELUDE;barnyard2_SET=GRE IPV6 MPLS MYSQL PORT_PCAP;snort_SET=TARGETBASED PERFPROFILE DECODERPRE FLEXRESP3 GRE IPV6 MPLS NORMALIZER ZLIB;perl_SET=THREADS;WITH_THREADS=yes;WITH_IPV6=true;WITH_MPLS=true;WITH_GRE=true;WITH_TARGETBASED=true;WITH_PERFPROFILE=true;WITH_DECODERPRE=true;WITH_ZLIB=true;WITH_NORMALIZER=true;WITH_REACT=true;WITH_FLEXRESP3=true;WITHOUT_ODBC=true;WITHOUT_POSTGRESQL=true;WITHOUT_PRELUDE=true;NOPORTDOCS=true</build_options> - <config_file>http://www.pfsense.com/packages/config/snort/snort.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/snort/snort.xml</config_file> <version>2.9.5.6 pkg v3.0.4</version> <required_version>2.0</required_version> <status>Stable</status> @@ -524,8 +524,8 @@ <website>http://www.olsr.org/</website> <descr>The olsr.org OLSR daemon is an implementation of the Optimized Link State Routing protocol. OLSR is a routing protocol for mobile ad-hoc networks. The protocol is pro-active, table driven and utilizes a technique called multipoint relaying for message flooding.</descr> <category>Services</category> - <config_file>http://www.pfsense.com/packages/config/olsrd.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/olsrd.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>olsrd-0.6.2.tbz</depends_on_package> <depends_on_package_pbi>olsrd-0.6.3-amd64.pbi</depends_on_package_pbi> <build_port_path>/usr/ports/net/olsrd</build_port_path> @@ -536,10 +536,10 @@ </package> <package> <name>routed</name> - <website>http://www.pfsense.com/</website> + <website>https://packages.pfsense.org/</website> <descr>RIP v1 and v2 daemon.</descr> <category>Network Management</category> - <config_file>http://www.pfsense.com/packages/config/routed/routed.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/routed/routed.xml</config_file> <version>1.1</version> <status>Stable</status> <required_version>2.1</required_version> @@ -550,8 +550,8 @@ <website>http://www.openbsd.org/spamd/</website> <descr>Tarpits like spamd are fake SMTP servers, which accept connections but don't deliver mail. Instead, they keep the connections open and reply very slowly. If the peer is patient enough to actually complete the SMTP dialogue (which will take ten minutes or more), the tarpit returns a 'temporary error' code (4xx), which indicates that the mail could not be delivered successfully and that the sender should keep the mail in their queue and retry again later.</descr> <category>Services</category> - <config_file>http://www.pfsense.com/packages/config/spamd/spamd.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/spamd/spamd.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>spamd-4.9.1.tbz</depends_on_package> <depends_on_package_pbi>spamd-4.9.1-amd64.pbi</depends_on_package_pbi> <version>4.9.1 v1.1</version> @@ -571,9 +571,9 @@ It can do first and second line antispam combat before sending incoming mail to local mail servers.<br /> Postfix can also detect zombies, check RBLS, SPF, seach ldap for valid recipients and use third part antispam engines like policyd and mailscanner for better antispam solution.]]></descr> <category>Services</category> - <pkginfolink>http://forum.pfsense.org/index.php/topic,40622.0.html</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/postfix/postfix.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <pkginfolink>https://forum.pfsense.org/index.php/topic,40622.0.html</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/postfix/postfix.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>postfix-2.10.2,1.tbz</depends_on_package> <depends_on_package>perl5-5.16.3_4.tbz</depends_on_package> <depends_on_package_pbi>postfix-2.10.2-amd64.pbi</depends_on_package_pbi> @@ -593,9 +593,9 @@ For all non-commercial it's free, without cost.<br /> For all commercial use visit dansguardian website to get a licence.]]></descr> <category>Services</category> - <config_file>http://www.pfsense.com/packages/config/dansguardian/dansguardian.xml</config_file> - <pkginfolink>http://forum.pfsense.org/index.php/topic,43786.0.html</pkginfolink> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/dansguardian/dansguardian.xml</config_file> + <pkginfolink>https://forum.pfsense.org/index.php/topic,43786.0.html</pkginfolink> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>dansguardian-2.12.0.3.tbz</depends_on_package> <depends_on_package>ca_root_nss-3.14.1.tbz</depends_on_package> <depends_on_package_pbi>dansguardian-2.12.0.3-amd64.pbi</depends_on_package_pbi> @@ -615,9 +615,9 @@ <descr><![CDATA[MailScanner is an e-mail security and anti-spam package for e-mail gateway systems.<br /> This is a level3 mail scanning tool with high CPU load.]]></descr> <category>Services</category> - <config_file>http://www.pfsense.com/packages/config/mailscanner/mailscanner.xml</config_file> - <pkginfolink>http://forum.pfsense.org/index.php/topic,43687.0.html</pkginfolink> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/mailscanner/mailscanner.xml</config_file> + <pkginfolink>https://forum.pfsense.org/index.php/topic,43687.0.html</pkginfolink> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>dcc-dccd-1.3.141.tbz</depends_on_package> <depends_on_package>perl5-5.16.3_4.tbz</depends_on_package> <depends_on_package>pyzor-0.5.0_3.tbz</depends_on_package> @@ -645,11 +645,11 @@ <website>http://siproxd.sourceforge.net/</website> <descr>Proxy for handling NAT of multiple SIP devices to a single public IP.</descr> <category>Services</category> - <config_file>http://www.pfsense.com/packages/config/siproxd.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/siproxd.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>siproxd-0.8.0.tbz</depends_on_package> <depends_on_package_pbi>siproxd-0.8.0-amd64.pbi</depends_on_package_pbi> - <pkginfolink>http://doc.pfsense.org/index.php/Siproxd_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Siproxd_package</pkginfolink> <build_port_path>/usr/ports/net/siproxd</build_port_path> <version>0.8.0_2</version> <status>Beta</status> @@ -660,17 +660,17 @@ <name>OpenBGPD</name> <descr>OpenBGPD is a FREE implementation of the Border Gateway Protocol, Version 4. It allows ordinary machines to be used as routers exchanging routes with other systems speaking the BGP protocol. -- WARNING! Installs files to the same place as Quagga OSPF. Installing both will result in a broken state, remove this package before installing Quagga OSPF.</descr> <category>NET</category> - <config_file>http://www.pfsense.com/packages/config/openbgpd/openbgpd.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/openbgpd/openbgpd.xml</config_file> <build_port_path>/usr/ports/net/openbgpd</build_port_path> <build_pbi> <port>net/openbgpd</port> </build_pbi> <version>0.9.1</version> <status>STABLE</status> - <pkginfolink>http://doc.pfsense.org/index.php/OpenBGPD_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/OpenBGPD_package</pkginfolink> <required_version>1.3</required_version> <configurationfile>openbgpd.xml</configurationfile> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>openbgpd-5.2.20121209.tbz</depends_on_package> <depends_on_package_pbi>openbgpd-5.2.20121209-amd64.pbi</depends_on_package_pbi> </package> @@ -681,10 +681,10 @@ <version>0.5.2</version> <category>Routing</category> <status>DEPRECATED</status> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>openospfd-4.6.tbz</depends_on_package> <depends_on_package_pbi>openospfd-4.6-amd64.pbi</depends_on_package_pbi> - <config_file>http://www.pfsense.com/packages/config/openospfd/openospfd.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/openospfd/openospfd.xml</config_file> <build_port_path>/usr/ports/net/openospfd</build_port_path> <build_port_path>/usr/ports/devel/libevent</build_port_path> <build_pbi> @@ -703,7 +703,7 @@ <category>Network Report</category> <version>1.8.2 pkg v.2.33</version> <maintainer>dv_serg@mail.ru</maintainer> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>lightsquid-1.8_2.tbz</depends_on_package> <depends_on_package>perl-5.14.2_2.tbz</depends_on_package> <depends_on_package_pbi>lightsquid-1.8_2-amd64.pbi</depends_on_package_pbi> @@ -715,7 +715,7 @@ <build_options>WITHOUT_DEBUGGING=true;WITHOUT_GDBM=true;WITHOUT_PERL_MALLOC=true;WITH_PERL_64BITINT=true;WITHOUT_THREADS=true;WITHOUT_MULTIPLICITY=true;WITHOUT_SUIDPERL=true;WITHOUT_SITECUSTOMIZE=true;WITH_USE_PERL=true;WITH_GDSUPPORT=true</build_options> <status>RC1</status> <required_version>2.0</required_version> - <config_file>http://www.pfsense.com/packages/config/lightsquid/lightsquid.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/lightsquid/lightsquid.xml</config_file> <pkginfolink></pkginfolink> <configurationfile>lightsquid.xml</configurationfile> <noembedded>true</noembedded> @@ -726,9 +726,9 @@ <descr><![CDATA[Sarg - Squid Analysis Report Generator is a tool that allow you to view "where" your users are going to on the Internet.<br /> Sarg provides many informations about Proxy(squid,squidguard or dansguardian) users activities: times, bytes, sites, etc...]]></descr> <category>Network Report</category> - <config_file>http://www.pfsense.com/packages/config/sarg/sarg.xml</config_file> - <pkginfolink>http://forum.pfsense.org/index.php/topic,47765.0.html</pkginfolink> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/sarg/sarg.xml</config_file> + <pkginfolink>https://forum.pfsense.org/index.php/topic,47765.0.html</pkginfolink> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>sarg-2.3.6_2.tbz</depends_on_package> <depends_on_package>gd-2.0.35_8,1.tbz</depends_on_package> <depends_on_package_pbi>sarg-2.3.6_2-amd64.pbi</depends_on_package_pbi> @@ -748,9 +748,9 @@ If it receives one with MAC-IP pair, which is not listed in 'ethers' file, it will send ARP reply with configured fake address.<br /> This will prevent not permitted host to work properly in local ethernet segment.]]></descr> <category>Security</category> - <config_file>http://www.pfsense.com/packages/config/ipguard/ipguard.xml</config_file> - <pkginfolink>http://forum.pfsense.org/index.php/topic,49917.msg263664.html#msg263664</pkginfolink> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/ipguard/ipguard.xml</config_file> + <pkginfolink>https://forum.pfsense.org/index.php/topic,49917.msg263664.html#msg263664</pkginfolink> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>ipguard-1.04.tbz</depends_on_package> <depends_on_package_pbi>ipguard-1.04-amd64.pbi</depends_on_package_pbi> <version>1.0.4 pkg v.0.1</version> @@ -765,14 +765,14 @@ <descr><![CDATA[Varnish is a state-of-the-art, high-performance HTTP accelerator.<br /> It uses the advanced features in FreeBSD 6/7/8 to achieve its high performance.]]></descr> <website>http://varnish-cache.org</website> - <pkginfolink>http://doc.pfsense.org/index.php/Varnish_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Varnish_package</pkginfolink> <category>Services</category> <version>2.1.5 pkg v.1.0</version> <status>Release</status> <required_version>2.0</required_version> - <config_file>http://www.pfsense.com/packages/config/varnish64/varnish_backends.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/varnish64/varnish_backends.xml</config_file> <configurationfile>varnish_backends.xml</configurationfile> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package_pbi>varnish-2.1.5_2-amd64.pbi gcc-4.2.5.20090325_5-amd64.pbi</depends_on_package_pbi> <depends_on_package>varnish-2.1.5.tbz</depends_on_package> <depends_on_package>gcc-4.2.5.20090325_5.tbz</depends_on_package> @@ -786,14 +786,14 @@ It uses the advanced features in FreeBSD 6/7/8 to achieve its high performance.<br /> Version 3 includes streaming support]]></descr> <website>http://varnish-cache.org</website> - <pkginfolink>http://doc.pfsense.org/index.php/Varnish_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Varnish_package</pkginfolink> <category>Services</category> <version>3.0.4 pkg v.0.2.1</version> <status>RC</status> <required_version>2.0</required_version> - <config_file>http://www.pfsense.com/packages/config/varnish3/varnish_backends.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/varnish3/varnish_backends.xml</config_file> <configurationfile>varnish_backends.xml</configurationfile> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package_pbi>varnish-3.0.4-amd64.pbi</depends_on_package_pbi> <depends_on_package>varnish-3.0.2.tbz</depends_on_package> <depends_on_package>pcre-8.21_1.tbz</depends_on_package> @@ -809,9 +809,9 @@ <name>vnstat2</name> <website>http://humdi.net/vnstat/</website> <descr>Vnstat is a console-based network traffic monitor<br />The vnstat PHP frontend and vnstati adds a more user friendly way of displaying traffic usage.</descr> - <pkginfolink>http://forum.pfsense.org/index.php/topic,14179.0.html</pkginfolink> + <pkginfolink>https://forum.pfsense.org/index.php/topic,14179.0.html</pkginfolink> <category>Network Management</category> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>vnstat-1.11.tbz</depends_on_package> <depends_on_package_pbi>vnstat-1.11_1-amd64.pbi</depends_on_package_pbi> <build_port_path>/usr/ports/net/vnstat</build_port_path> @@ -819,7 +819,7 @@ <status>Stable</status> <required_version>2.0</required_version> <maintainer>bryan.paradis@gmail.com</maintainer> - <config_file>http://www.pfsense.com/packages/config/vnstat2/vnstat2.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/vnstat2/vnstat2.xml</config_file> <configurationfile>vnstat2.xml</configurationfile> <after_install_info></after_install_info> </package> @@ -831,11 +831,11 @@ <version>2.5.4</version> <status>Beta</status> <required_version>1.0</required_version> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>mbmon-205_5.tbz</depends_on_package> <depends_on_package_pbi>mbmon-205_6-amd64.pbi</depends_on_package_pbi> <build_port_path>/usr/ports/sysutils/mbmon</build_port_path> - <config_file>http://www.pfsense.com/packages/config/phpsysinfo/phpsysinfo.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/phpsysinfo/phpsysinfo.xml</config_file> <configurationfile>phpsysinfo.xml</configurationfile> <noembedded>true</noembedded> </package> @@ -846,11 +846,11 @@ <category>Services</category> <version>1.0.6.18</version> <status>Beta</status> - <pkginfolink>http://doc.pfsense.org/index.php/Tinydns_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Tinydns_package</pkginfolink> <required_version>2.0</required_version> - <config_file>http://www.pfsense.com/packages/config/tinydns/tinydns.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/tinydns/tinydns.xml</config_file> <configurationfile>tinydns.xml</configurationfile> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>ucspi-tcp-0.88_2.tbz</depends_on_package> <depends_on_package>daemontools-0.76_16.tbz</depends_on_package> <depends_on_package>djbdns-ipv6-1.05.b23_13.tbz</depends_on_package> @@ -872,11 +872,11 @@ <category>Services</category> <version>8.7.0.3046 (build-425873)</version> <status>Stable</status> - <pkginfolink>http://doc.pfsense.org/index.php/Open_VM_Tools_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Open_VM_Tools_package</pkginfolink> <required_version>2.0</required_version> - <config_file>http://www.pfsense.org/packages/config/open-vm-tools_2/open-vm-tools.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/open-vm-tools_2/open-vm-tools.xml</config_file> <configurationfile>open-vm-tools.xml</configurationfile> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <build_port_path>/usr/ports/emulators/open-vm-tools-nox11/</build_port_path> <depends_on_package>open-vm-tools-nox11-425873_3,1.tbz</depends_on_package> <depends_on_package>icu-50.1.2.tbz</depends_on_package> @@ -913,8 +913,8 @@ <version>1.21</version> <status>Stable</status> <required_version>1.2</required_version> - <pkginfolink>http://doc.pfsense.org/index.php/AutoConfigBackup</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/autoconfigbackup/autoconfigbackup.xml</config_file> + <pkginfolink>https://doc.pfsense.org/index.php/AutoConfigBackup</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/autoconfigbackup/autoconfigbackup.xml</config_file> <configurationfile>autoconfigbackup.xml</configurationfile> </package> <package> @@ -925,27 +925,27 @@ <version>2.09.1 v1.1</version> <status>Stable</status> <required_version>1.0.1</required_version> - <config_file>http://www.pfsense.com/packages/config/arping/arping.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/arping/arping.xml</config_file> <configurationfile>arping.xml</configurationfile> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>arping-2.09_1.tbz</depends_on_package> <depends_on_package_pbi>arping-2.09_1-amd64.pbi</depends_on_package_pbi> <build_port_path>/usr/ports/net/arping</build_port_path> - <pkginfolink>http://doc.pfsense.org/index.php/Arping</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Arping</pkginfolink> </package> <package> <name>nmap</name> <maintainer>jimp@pfsense.org</maintainer> <descr>NMap is a utility for network exploration or security auditing. It supports ping scanning (determine which hosts are up), many port scanning techniques (determine what services the hosts are offering), version detection (determine what application/service is runing on a port), and TCP/IP fingerprinting (remote host OS or device identification). It also offers flexible target and port specification, decoy/stealth scanning, SunRPC scanning, and more. Most Unix and Windows platforms are supported in both GUI and command line modes. Several popular handheld devices are also supported, including the Sharp Zaurus and the iPAQ.</descr> <category>Security</category> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>lua-5.1.5_4.tbz</depends_on_package> <depends_on_package>nmap-6.25_1.tbz</depends_on_package> <depends_on_package_pbi>nmap-6.25_1-amd64.pbi</depends_on_package_pbi> - <config_file>http://www.pfsense.com/packages/config/nmap/nmap.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/nmap/nmap.xml</config_file> <version>nmap-6.25_1 pkg v1.2</version> <status>Stable</status> - <pkginfolink>http://doc.pfsense.org/index.php/Nmap_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Nmap_package</pkginfolink> <required_version>2.0</required_version> <configurationfile>nmap.xml</configurationfile> <build_port_path>/usr/ports/security/nmap</build_port_path> @@ -960,8 +960,8 @@ <version>20111108 pkg v 0.3.1</version> <required_version>2.0</required_version> <status>BETA</status> - <pkginfolink>http://doc.pfsense.org/index.php/IMSpector_package</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/imspector/imspector.xml</config_file> + <pkginfolink>https://doc.pfsense.org/index.php/IMSpector_package</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/imspector/imspector.xml</config_file> <configurationfile>imspector.xml</configurationfile> <build_options>imspector_SET_FORCE=PLUGINS;imspector_UNSET_FORCE=IPFW</build_options> <depends_on_package_base_url>http://e-sac.siteseguro.ws/packages/amd64/8/All/</depends_on_package_base_url> @@ -978,13 +978,13 @@ <status>BETA</status> <required_version>2.0</required_version> <maintainer>rswagoner@gmail.com</maintainer> - <config_file>http://www.pfsense.com/packages/config/nut/nut.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/nut/nut.xml</config_file> <configurationfile>nut.xml</configurationfile> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>nut-2.6.4.tbz</depends_on_package> <depends_on_package_pbi>nut-2.6.5_1-amd64.pbi</depends_on_package_pbi> <build_port_path>/usr/ports/sysutils/nut</build_port_path> - <pkginfolink>http://doc.pfsense.org/index.php/Nut_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Nut_package</pkginfolink> </package> <package> <name>diag_new_states</name> @@ -995,22 +995,22 @@ <maintainer>ptaylor@addressplus.net</maintainer> <required_version>1.2.1</required_version> <status>BETA</status> - <config_file>http://www.pfsense.org/packages/config/diag_states_pt/diag_new_states.xml</config_file> - <configurationfile>http://www.pfsense.com/packages/config/diag_states_pt/diag_new_states.xml</configurationfile> + <config_file>https://packages.pfsense.org/packages/config/diag_states_pt/diag_new_states.xml</config_file> + <configurationfile>https://packages.pfsense.org/packages/config/diag_states_pt/diag_new_states.xml</configurationfile> </package> <package> <name>darkstat</name> <website>http://dmr.ath.cx/net/darkstat/</website> <descr>darkstat is a network statistics gatherer. It's a packet sniffer that runs as a background process on a cable/DSL router, gathers all sorts of statistics about network usage, and serves them over HTTP.</descr> <category>Network Management</category> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>darkstat-3.0.714.tbz</depends_on_package> <depends_on_package_pbi>darkstat-3.0.715-amd64.pbi</depends_on_package_pbi> <version>3.0.714</version> <status>Stable</status> <required_version>1.2.1</required_version> <maintainer>sullrich+pfsp@gmail.com</maintainer> - <config_file>http://www.pfsense.com/packages/config/darkstat/darkstat.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/darkstat/darkstat.xml</config_file> <configurationfile>darkstat.xml</configurationfile> <build_port_path>/usr/ports/net-mgmt/darkstat</build_port_path> </package> @@ -1019,8 +1019,8 @@ <website>http://www.mindrot.org/pfflowd.html</website> <descr>pfflowd converts OpenBSD PF status messages (sent via the pfsync interface) to Cisco NetFlow datagrams. These datagrams may be sent (via UDP) to a host of one's choice. Utilising the OpenBSD stateful packet filter infrastructure means that flow tracking is very fast and accurate.</descr> <category>Network Management</category> - <config_file>http://www.pfsense.com/packages/config/pfflowd.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/pfflowd.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>pfflowd-0.8.tbz</depends_on_package> <depends_on_package_pbi>pfflowd-0.8-amd64.pbi</depends_on_package_pbi> <version>0.8.3</version> @@ -1035,14 +1035,14 @@ <descr>RFC1413 auth/identd daemon with fixed fake reply</descr> <website>http://www.webweaving.org/widentd</website> <category>Services</category> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>widentd-1.03_1.tbz</depends_on_package> <depends_on_package_pbi>widentd-1.03_1-amd64.pbi</depends_on_package_pbi> <version>1.03_1</version> <status>Stable</status> - <pkginfolink>http://doc.pfsense.org/index.php/Widentd_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Widentd_package</pkginfolink> <required_version>1.2.1</required_version> - <config_file>http://www.pfsense.com/packages/config/widentd.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/widentd.xml</config_file> <configurationfile>widentd.xml</configurationfile> <build_port_path>/usr/ports/net/widentd</build_port_path> </package> @@ -1055,11 +1055,11 @@ <status>Beta</status> <required_version>2.0</required_version> <maintainer>none</maintainer> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>freeradius-1.1.8_4.tbz</depends_on_package> <depends_on_package>libltdl-2.4_1.tbz</depends_on_package> <depends_on_package_pbi>freeradius-1.1.8_5-amd64.pbi</depends_on_package_pbi> - <config_file>http://www.pfsense.org/packages/config/freeradius.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/freeradius.xml</config_file> <configurationfile>freeradius.xml</configurationfile> <build_port_path>/usr/ports/net/freeradius</build_port_path> <build_port_path>/usr/ports/devel/libltdl</build_port_path> @@ -1076,19 +1076,19 @@ Support: MySQL, PostgreSQL, LDAP, Kerberos<br /> FreeRADIUS and FreeRADIUS2 settings are not compatible so don't use them together or try to update<br /> On pfSense docs there is a how-to which could help you on porting users.]]></descr> - <pkginfolink>http://doc.pfsense.org/index.php/FreeRADIUS_2.x_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/FreeRADIUS_2.x_package</pkginfolink> <category>System</category> <version>2.1.12_1/2.2.0 pkg v1.6.7_2</version> <status>RC1</status> <required_version>2.0</required_version> <maintainer>nachtfalkeaw@web.de</maintainer> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>freeradius-2.1.12_1.tbz</depends_on_package> <depends_on_package_pbi>freeradius-2.2.0-amd64.pbi</depends_on_package_pbi> <depends_on_package>mysql-client-5.1.63.tbz</depends_on_package> <depends_on_package>postgresql-client-9.0.8.tbz</depends_on_package> <depends_on_package>openldap-sasl-client-2.4.31_1.tbz</depends_on_package> - <config_file>http://www.pfsense.org/packages/config/freeradius2/freeradius.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/freeradius2/freeradius.xml</config_file> <configurationfile>freeradius.xml</configurationfile> <after_install_info>Please visit Services: FreeRADIUS</after_install_info> <!-- Try to use the new PBI build syntax here, it may help it pick up the right libs inside the single PBI rather than using multiple. --> @@ -1106,12 +1106,12 @@ <version>2.0.1_5 pkg v.0.3</version> <status>BETA</status> <required_version>1.2.1</required_version> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>bandwidthd-2.0.1_5.tbz</depends_on_package> <depends_on_package>libpcap-1.1.1.tbz</depends_on_package> <depends_on_package>postgresql-client-8.4.12.tbz</depends_on_package> <depends_on_package_pbi>bandwidthd-2.0.1_5-amd64.pbi</depends_on_package_pbi> - <config_file>http://www.pfsense.org/packages/config/bandwidthd/bandwidthd.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/bandwidthd/bandwidthd.xml</config_file> <configurationfile>bandwidthd.xml</configurationfile> <build_port_path>/usr/ports/net/libpcap</build_port_path> <build_port_path>/usr/ports/databases/postgresql84-client</build_port_path> @@ -1127,14 +1127,14 @@ <website>http://www.stunnel.org/</website> <descr>An SSL encryption wrapper between remote client and local or remote servers. </descr> <category>Network Management</category> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>stunnel-4.43.tbz</depends_on_package> <depends_on_package_pbi>stunnel-4.54-amd64.pbi</depends_on_package_pbi> <version>4.43</version> <status>Stable</status> - <pkginfolink>http://doc.pfsense.org/index.php/Stunnel_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Stunnel_package</pkginfolink> <required_version>1.2.1</required_version> - <config_file>http://www.pfsense.com/packages/config/stunnel.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/stunnel.xml</config_file> <configurationfile>stunnel.xml</configurationfile> <build_port_path>/usr/ports/security/stunnel</build_port_path> <build_options>WITHOUT_FORK=true;WITH_PTHREAD=true;WITHOUT_UCONTEXT=true;WITHOUT_IPV6=true;WITH_LIBWRAP=true;WITHOUT_SSL_PORT=true</build_options> @@ -1144,13 +1144,13 @@ <website>http://dast.nlanr.net/Projects/Iperf/</website> <descr>Iperf is a tool for testing network throughput, loss, and jitter.</descr> <category>Network Management</category> - <config_file>http://www.pfsense.com/packages/config/iperf.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/iperf.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>iperf-2.0.5.tbz</depends_on_package> <depends_on_package_pbi>iperf-2.0.5-amd64.pbi</depends_on_package_pbi> <version>2.0.5</version> <status>Beta</status> - <pkginfolink>http://doc.pfsense.org/index.php/Iperf_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Iperf_package</pkginfolink> <required_version>1.2.1</required_version> <configurationfile>iperf.xml</configurationfile> <build_port_path>/usr/ports/benchmarks/iperf</build_port_path> @@ -1160,8 +1160,8 @@ <website>http://freshmeat.net/projects/netio/</website> <descr>This is a network benchmark for DOS, OS/2 2.x, Windows NT/2000 and Unix. It measures the net throughput of a network via NetBIOS and/or TCP/IP protocols (Unix and DOS only support TCP/IP) using various different packet sizes.</descr> <category>Network Management</category> - <config_file>http://www.pfsense.com/packages/config/netio.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/netio.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All</depends_on_package_base_url> <depends_on_package>netio-1.26.tbz</depends_on_package> <depends_on_package_pbi>netio-1.26-amd64.pbi</depends_on_package_pbi> <version>1.26</version> @@ -1176,13 +1176,13 @@ <descr>Enhanced traceroute replacement</descr> <website>http://www.bitwizard.nl/mtr/</website> <category>Network Management</category> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>mtr-nox11-0.82.tbz</depends_on_package> <depends_on_package_pbi>mtr-0.82_1-amd64.pbi</depends_on_package_pbi> <version>0.82</version> <status>Stable</status> <required_version>2.0</required_version> - <config_file>http://www.pfsense.com/packages/config/mtr-nox11.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/mtr-nox11.xml</config_file> <configurationfile>mtr-nox11.xml</configurationfile> <build_port_path>/usr/ports/net/mtr</build_port_path> <build_options>mtr_UNSET_FORCE=X11</build_options> @@ -1196,7 +1196,7 @@ <status>Stable</status> <required_version>2</required_version> <maintainer>fernando@netfilter.com.br seth.mos@dds.nl mfuchs77@googlemail.com jimp@pfsense.org</maintainer> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>squid-2.7.9_3.tbz</depends_on_package> <depends_on_package>squid_radius_auth-1.10.tbz</depends_on_package> <depends_on_package>libwww-5.4.0_4.tbz</depends_on_package> @@ -1210,7 +1210,7 @@ <ports_after>www/squid_radius_auth</ports_after> </build_pbi> <build_options>squid_UNSET_FORCE=DNS_HELPER IPFILTER PINGER STACKTRACES STRICT_HTTP_DESC USERAGENT_LOG WCCPV2;squid_SET=PF LDAP_AUTH NIS_AUTH SASL_AUTH ARP_ACL AUFS CACHE_DIGESTS CARP COSS DELAY_POOLS FOLLOW_XFF HTCP IDENT KERB_AUTH KQUEUE LARGEFILE REFERER_LOG SNMP SSL VIA_DB WCCP;SQUID_UID=proxy;SQUID_GID=proxy</build_options> - <config_file>http://www.pfsense.org/packages/config/squid/squid.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/squid/squid.xml</config_file> <configurationfile>squid.xml</configurationfile> </package> <package> @@ -1219,14 +1219,14 @@ <descr><![CDATA[High performance web proxy cache.<br /> It combines squid as a proxy server with it's capabilities of acting as a HTTP / HTTPS reverse proxy.<br /> It includes an Exchange-Web-Access (OWA) Assistant.]]></descr> - <pkginfolink>http://forum.pfsense.org/index.php/topic,48347.0.html</pkginfolink> + <pkginfolink>https://forum.pfsense.org/index.php/topic,48347.0.html</pkginfolink> <website>http://www.squid-cache.org/</website> <category>Network</category> <version>3.1.20 pkg 2.0.6</version> <status>beta</status> <required_version>2.0</required_version> <maintainer>marcellocoutinho@gmail.com fernando@netfilter.com.br seth.mos@dds.nl mfuchs77@googlemail.com jimp@pfsense.org</maintainer> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>squid-3.1.20.tbz</depends_on_package> <depends_on_package>libwww-5.4.0_4.tbz</depends_on_package> <build_pbi> @@ -1236,7 +1236,7 @@ </build_pbi> <build_options>c-icap_UNSET_FORCE=IPV6;squid_UNSET_FORCE=AUTH_SMB AUTH_SQL DNS_HELPER FS_COSS ESI SNMP ECAP STACKTRACES STRICT_HTTP TP_IPF TP_IPFW VIA_DB DEBUG DOCS EXAMPLES;squid_SET=ARP_ACL AUTH_KERB AUTH_LDAP AUTH_NIS AUTH_SASL CACHE_DIGESTS DELAY_POOLS FOLLOW_XFF TP_PF MSSL_CRTD WCCP WCCPV2 FS_AUFS HTCP ICAP ICMP IDENT IPV6 KQUEUE LARGEFILE SSL SSL_CRTD</build_options> <!--<build_options>WITH_SQUID_KERB_AUTH=true;WITH_SQUID_LDAP_AUTH=true;WITH_SQUID_NIS_AUTH=true;WITH_SQUID_SASL_AUTH=true;WITH_SQUID_IPV6=true;WITH_SQUID_DELAY_POOLS=true;WITH_SQUID_SNMP=true;WITH_SQUID_SSL=true;WITH_SQUID_SSL_CRTD=true;WITH_SQUID_PINGER=true;WITHOUT_SQUID_DNS_HELPER=true;WITH_SQUID_HTCP=true;WITH_SQUID_VIA_DB=true;WITH_SQUID_CACHE_DIGESTS=true;WITHOUT_SQUID_WCCP=true;WITH_SQUID_WCCPV2=true;WITHOUT_SQUID_STRICT_HTTP=true;WITH_SQUID_IDENT=true;WITH_SQUID_REFERER_LOG=true;WITH_SQUID_USERAGENT_LOG=true;WITH_SQUID_ARP_ACL=true;WITH_SQUID_IPFW=true;WITH_SQUID_PF=true;WITHOUT_SQUID_IPFILTER=true;WITH_SQUID_FOLLOW_XFF=true;WITHOUT_SQUID_ECAP=true;WITHOUT_SQUID_ICAP=true;WITHOUT_SQUID_ESI=true;WITH_SQUID_AUFS=true;WITHOUT_SQUID_COSS=true;WITHOUT_SQUID_KQUEUE=true;WITH_SQUID_LARGEFILE=true;WITHOUT_SQUID_STACKTRACES=true;WITHOUT_SQUID_DEBUG=true</build_options>--> - <config_file>http://www.pfsense.org/packages/config/squid3/31/squid.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/squid3/31/squid.xml</config_file> <configurationfile>squid.xml</configurationfile> <depends_on_package_pbi>squid-3.1.22_1-amd64.pbi</depends_on_package_pbi> </package> @@ -1246,14 +1246,14 @@ <descr><![CDATA[High performance web proxy cache.<br /> It combines squid as a proxy server with it's capabilities of acting as a HTTP / HTTPS reverse proxy.<br /> It includes an Exchange-Web-Access (OWA) Assistant, ssl filtering and antivirus integration via i-cap]]></descr> - <pkginfolink>http://forum.pfsense.org/index.php/topic,48347.0.html</pkginfolink> + <pkginfolink>https://forum.pfsense.org/index.php/topic,48347.0.html</pkginfolink> <website>http://www.squid-cache.org/</website> <category>Network</category> - <version>3.3.10 pkg 2.2</version> + <version>3.3.10 pkg 2.2.1</version> <status>beta</status> <required_version>2.0</required_version> <maintainer>marcellocoutinho@gmail.com fernando@netfilter.com.br seth.mos@dds.nl mfuchs77@googlemail.com jimp@pfsense.org</maintainer> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>squid-3.3.5.tbz</depends_on_package> <depends_on_package>libltdl-2.4.2.tbz</depends_on_package> <depends_on_package>libwww-5.4.0_4.tbz</depends_on_package> @@ -1267,7 +1267,7 @@ <ports_after>www/squid_radius_auth security/clamav www/squidclamav security/ca_root_nss www/c-icap-modules</ports_after> </build_pbi> <build_options>c-icap_UNSET_FORCE=IPV6;squid_UNSET_FORCE=AUTH_SMB AUTH_SQL DNS_HELPER FS_COSS ESI SNMP ECAP STACKTRACES STRICT_HTTP TP_IPF TP_IPFW VIA_DB DEBUG DOCS EXAMPLES AUTH_SASL;squid_SET=ARP_ACL AUTH_KERB AUTH_LDAP AUTH_NIS CACHE_DIGESTS DELAY_POOLS FOLLOW_XFF TP_PF MSSL_CRTD WCCP WCCPV2 FS_AUFS HTCP ICAP ICMP IDENT IPV6 KQUEUE LARGEFILE SSL SSL_CRTD</build_options> - <config_file>http://www.pfsense.org/packages/config/squid3/33/squid.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/squid3/33/squid.xml</config_file> <configurationfile>squid.xml</configurationfile> <depends_on_package_pbi>squid-3.3.10-amd64.pbi</depends_on_package_pbi> </package> @@ -1280,10 +1280,10 @@ <status>BETA</status> <required_version>1.2.1</required_version> <maintainer>seth.mos@dds.nl</maintainer> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>lcdproc-0.5.5.tbz</depends_on_package> <depends_on_package_pbi>lcdproc-0.5.6-amd64.pbi</depends_on_package_pbi> - <config_file>http://www.pfsense.org/packages/config/lcdproc/lcdproc.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/lcdproc/lcdproc.xml</config_file> <configurationfile>lcdproc.xml</configurationfile> <build_port_path>/usr/ports/sysutils/lcdproc</build_port_path> <build_options>lcdproc_SET=USB</build_options> @@ -1298,11 +1298,11 @@ <status>BETA</status> <required_version>2.0</required_version> <maintainer>michele@nt2.it</maintainer> - <pkginfolink>http://forum.pfsense.org/index.php/topic,44034.0.html</pkginfolink> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <pkginfolink>https://forum.pfsense.org/index.php/topic,44034.0.html</pkginfolink> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>lcdproc-0.5.6.tbz</depends_on_package> <depends_on_package_pbi>lcdproc-0.5.6-amd64.pbi</depends_on_package_pbi> - <config_file>http://www.pfsense.org/packages/config/lcdproc-dev/lcdproc.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/lcdproc-dev/lcdproc.xml</config_file> <configurationfile>lcdproc.xml</configurationfile> <build_port_path>/usr/ports/sysutils/lcdproc</build_port_path> <build_options>WITH_USB=true</build_options> @@ -1313,14 +1313,14 @@ <descr>Arpwatch monitors ethernet/ip address pairings. It also logs certain changes to syslog.</descr> <website>http://www-nrg.ee.lbl.gov/</website> <category>Security</category> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>arpwatch-2.1.a15_6.tbz</depends_on_package> <depends_on_package_pbi>arpwatch-2.1.a15_6-amd64.pbi</depends_on_package_pbi> <build_port_path>/usr/ports/net-mgmt/arpwatch</build_port_path> <version>2.1.a15_6 pkg v1.1.1</version> <status>ALPHA</status> <required_version>2.0</required_version> - <config_file>http://www.pfsense.com/packages/config/arpwatch.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/arpwatch.xml</config_file> <configurationfile>arpwatch.xml</configurationfile> <logging> <facilityname>arpwatch</facilityname> @@ -1336,7 +1336,7 @@ <version>1.4_4 pkg v.1.9.5</version> <status>Beta</status> <required_version>1.1</required_version> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>squidGuard-1.4_4.tbz</depends_on_package> <depends_on_package>db41-4.1.25_4.tbz</depends_on_package> <depends_on_package>cyrus-sasl-2.1.26_2.tbz</depends_on_package> @@ -1349,7 +1349,7 @@ <port>www/squidguard</port> </build_pbi> <build_options>squidGuard_UNSET_FORCE=SQUID32 SQUID33;squidGuard_SET=SAMPLE_BL SASL LDAP SQUID27;squid_UNSET_FORCE=DNS_HELPER IPFILTER PINGER STACKTRACES STRICT_HTTP_DESC USERAGENT_LOG WCCPV2;squid_SET=PF LDAP_AUTH NIS_AUTH SASL_AUTH ARP_ACL AUFS CACHE_DIGESTS CARP COSS DELAY_POOLS FOLLOW_XFF HTCP IDENT KERB_AUTH KQUEUE LARGEFILE REFERER_LOG SNMP SSL VIA_DB WCCP;SQUID_UID=proxy;SQUID_GID=proxy</build_options> - <config_file>http://www.pfsense.org/packages/config/squidGuard/squidguard.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/squidGuard/squidguard.xml</config_file> <configurationfile>squidguard.xml</configurationfile> </package> <package> @@ -1361,7 +1361,7 @@ <version>1.5_1 beta</version> <status>Beta</status> <required_version>2.1</required_version> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package_pbi>squidguard-devel-1.5_1-amd64.pbi</depends_on_package_pbi> <build_pbi> <ports_before>databases/db46</ports_before> @@ -1369,7 +1369,7 @@ <custom_name>squidguard-devel</custom_name> </build_pbi> <build_options>squidGuard-devel_UNSET_FORCE=SQUID32 SQUID33;squidGuard-devel_SET=LDAP STRIPNT SQUID27;squid_UNSET_FORCE=DNS_HELPER IPFILTER PINGER STACKTRACES STRICT_HTTP_DESC USERAGENT_LOG WCCPV2;squid_SET=PF LDAP_AUTH NIS_AUTH SASL_AUTH ARP_ACL AUFS CACHE_DIGESTS CARP COSS DELAY_POOLS FOLLOW_XFF HTCP IDENT KERB_AUTH KQUEUE LARGEFILE REFERER_LOG SNMP SSL VIA_DB WCCP;SQUID_UID=proxy;SQUID_GID=proxy</build_options> - <config_file>http://www.pfsense.org/packages/config/squidGuard-devel/squidguard.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/squidGuard-devel/squidguard.xml</config_file> <configurationfile>squidguard.xml</configurationfile> </package> <package> @@ -1381,7 +1381,7 @@ <version>1.4_4 pkg v.1.9.5</version> <status>Experimental</status> <required_version>2.1</required_version> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package_pbi>squidguard-squid3-1.4_4-amd64.pbi</depends_on_package_pbi> <build_pbi> <ports_before>www/squid33 databases/db41 security/cyrus-sasl2</ports_before> @@ -1389,14 +1389,14 @@ <custom_name>squidguard-squid3</custom_name> </build_pbi> <build_options>OPTIONS_SET=FETCH LDAP;squidGuard_UNSET_FORCE=SQUID27;squidGuard_SET=SAMPLE_BL SASL SQUID33;c-icap_UNSET_FORCE=IPV6 squid_UNSET_FORCE=AUTH_SMB AUTH_SQL DNS_HELPER FS_COSS ESI SNMP ECAP STACKTRACES STRICT_HTTP TP_IPF TP_IPFW VIA_DB DEBUG DOCS EXAMPLES;squid_SET=ARP_ACL AUTH_KERB AUTH_LDAP AUTH_NIS AUTH_SASL CACHE_DIGESTS DELAY_POOLS FOLLOW_XFF TP_PF MSSL_CRTD WCCP WCCPV2 FS_AUFS HTCP ICAP ICMP IDENT IPV6 KQUEUE LARGEFILE SSL SSL_CRTD</build_options> - <config_file>http://www.pfsense.org/packages/config/squidGuard/squidguard.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/squidGuard/squidguard.xml</config_file> <configurationfile>squidguard.xml</configurationfile> </package> <package> <name>Zabbix Agent</name> <descr>Monitoring agent.</descr> <category>Services</category> - <config_file>http://www.pfsense.com/packages/config/zabbix-agent/zabbix-agent.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/zabbix-agent/zabbix-agent.xml</config_file> <version>1.8.10,2 pkg v1.1</version> <status>FINAL</status> <required_version>1.2.3</required_version> @@ -1408,7 +1408,7 @@ <port>net-mgmt/zabbix-agent</port> </build_pbi> <build_options>ca_root_nss_UNSET_FORCE=ETCSYMLINK;zabbix22_SET=LDAP SSH SQLITE;zabbix22_UNSET_FORCE=MYSQL</build_options> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>zabbix-agent-1.8.10,2.tbz</depends_on_package> <depends_on_package_pbi>zabbix-agent-1.8.13-amd64.pbi</depends_on_package_pbi> </package> @@ -1416,7 +1416,7 @@ <name>Zabbix Proxy</name> <descr>Monitoring agent proxy.</descr> <category>Services</category> - <config_file>http://www.pfsense.com/packages/config/zabbix-proxy/zabbix-proxy.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/zabbix-proxy/zabbix-proxy.xml</config_file> <version>1.8.8,2 pkg v1.1</version> <status>FINAL</status> <required_version>1.2.3</required_version> @@ -1428,7 +1428,7 @@ <port>net-mgmt/zabbix-proxy</port> </build_pbi> <build_options>ca_root_nss_UNSET_FORCE=ETCSYMLINK;zabbix22_SET=LDAP SSH SQLITE;zabbix22_UNSET_FORCE=MYSQL</build_options> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>zabbix-proxy-1.8.8,2.tbz</depends_on_package> <depends_on_package_pbi>zabbix-proxy-1.8.13-amd64.pbi</depends_on_package_pbi> </package> @@ -1436,7 +1436,7 @@ <name>OpenVPN Client Export Utility</name> <descr>Allows a pre-configured OpenVPN Windows Client or Mac OSX's Viscosity configuration bundle to be exported directly from pfSense.</descr> <category>Security</category> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>p7zip-9.20.1.tbz</depends_on_package> <depends_on_package>zip-3.0.tbz</depends_on_package> <depends_on_package_pbi>zip-3.0-amd64.pbi p7zip-9.20.1-amd64.pbi</depends_on_package_pbi> @@ -1445,7 +1445,7 @@ <version>1.2.4</version> <status>RELEASE</status> <required_version>2.0</required_version> - <config_file>http://www.pfsense.com/packages/config/openvpn-client-export/openvpn-client-export.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/openvpn-client-export/openvpn-client-export.xml</config_file> <configurationfile>openvpn-client-export.xml</configurationfile> </package> <package> @@ -1454,7 +1454,7 @@ <website>http://www.server-side.de/</website> <descr>Antivirus: HAVP (HTTP Antivirus Proxy) is a proxy with a ClamAV anti-virus scanner. The main aims are continuous, non-blocking downloads and smooth scanning of dynamic and password protected HTTP traffic. Havp antivirus proxy has a parent and transparent proxy mode. It can be used with squid or standalone. And File Scanner for local files.</descr> <category>Network Management</category> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>havp-0.91_1.tbz</depends_on_package> <depends_on_package_pbi>havp-0.91_1-amd64.pbi</depends_on_package_pbi> <build_port_path>/usr/ports/www/havp</build_port_path> @@ -1462,7 +1462,7 @@ <version>0.91_1 pkg v1.01</version> <status>BETA</status> <required_version>1.2.2</required_version> - <config_file>http://www.pfsense.com/packages/config/havp/havp.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/havp/havp.xml</config_file> <configurationfile>havp.xml</configurationfile> <maintainer>dv_serg@mail.ru</maintainer> <after_install_info>Please check the HAVP settings.</after_install_info> @@ -1475,8 +1475,8 @@ <version>0.51</version> <required_version>1.2.3</required_version> <status>BETA</status> - <pkginfolink>http://doc.pfsense.org/index.php/PfJailctl_package</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/jailctl.xml</config_file> + <pkginfolink>https://doc.pfsense.org/index.php/PfJailctl_package</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/jailctl.xml</config_file> <configurationfile>jailctl.xml</configurationfile> <maintainer>ltning-jailctl@anduin.net</maintainer> </package> @@ -1488,8 +1488,8 @@ <version>0.2</version> <required_version>1.2.3</required_version> <status>BETA</status> - <pkginfolink>http://doc.pfsense.org/index.php/PfJailctl_package</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/jail_template.xml</config_file> + <pkginfolink>https://doc.pfsense.org/index.php/PfJailctl_package</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/jail_template.xml</config_file> <configurationfile>jail_template.xml</configurationfile> <maintainer>ltning-jailctl@anduin.net</maintainer> </package> @@ -1501,15 +1501,15 @@ <status>Beta</status> <maintainer>jimp@pfsense.org</maintainer> <required_version>1.2.3</required_version> - <config_file>http://www.pfsense.org/packages/config/blinkled8/blinkled.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/blinkled8/blinkled.xml</config_file> <configurationfile>blinkled.xml</configurationfile> - <pkginfolink>http://doc.pfsense.org/index.php/BlinkLED_Package</pkginfolink> - <website>http://doc.pfsense.org/index.php/BlinkLED_Package</website> + <pkginfolink>https://doc.pfsense.org/index.php/BlinkLED_Package</pkginfolink> + <website>https://doc.pfsense.org/index.php/BlinkLED_Package</website> <build_port_path>/usr/ports/sysutils/blinkled</build_port_path> <build_pbi> <port>sysutils/blinkled</port> </build_pbi> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>blinkled-0.1.tbz</depends_on_package> <depends_on_package_pbi>blinkled-0.1-amd64.pbi</depends_on_package_pbi> </package> @@ -1521,14 +1521,14 @@ <status>Beta</status> <maintainer>jimp@pfsense.org</maintainer> <required_version>2.0</required_version> - <config_file>http://www.pfsense.org/packages/config/gwled/gwled.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/gwled/gwled.xml</config_file> <configurationfile>gwled.xml</configurationfile> </package> <package> <name>Dashboard Widget: Snort</name> <descr>Dashboard widget for Snort.</descr> <category>System</category> - <config_file>http://www.pfsense.com/packages/config/widget-snort/widget-snort.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/widget-snort/widget-snort.xml</config_file> <version>0.3.7</version> <status>BETA</status> <required_version>1.2</required_version> @@ -1538,7 +1538,7 @@ <name>Dashboard Widget: HAVP</name> <descr>Dashboard widget for HAVP alerts.</descr> <category>System</category> - <config_file>http://www.pfsense.com/packages/config/widget-havp/widget-havp.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/widget-havp/widget-havp.xml</config_file> <version>0.1</version> <status>BETA</status> <required_version>1.2</required_version> @@ -1548,7 +1548,7 @@ <name>Dashboard Widget: Antivirus Status</name> <descr>Dashboard widget for HAVP status.</descr> <category>System</category> - <config_file>http://www.pfsense.com/packages/config/widget-antivirus/widget-antivirus.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/widget-antivirus/widget-antivirus.xml</config_file> <version>0.1</version> <status>BETA</status> <required_version>1.2</required_version> @@ -1562,7 +1562,7 @@ <status>Beta</status> <maintainer>jimp@pfsense.org</maintainer> <required_version>1.2.3</required_version> - <config_file>http://www.pfsense.org/packages/config/rrd-summary/rrd-summary.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/rrd-summary/rrd-summary.xml</config_file> <configurationfile>rrd-summary.xml</configurationfile> </package> <package> @@ -1574,10 +1574,10 @@ <status>Alpha</status> <maintainer>warren@decoy.co.za</maintainer> <required_version>2.0</required_version> - <pkginfolink>http://doc.pfsense.org/index.php/Unbound_package</pkginfolink> - <config_file>http://www.pfsense.com/packages/config/unbound/unbound.xml</config_file> + <pkginfolink>https://doc.pfsense.org/index.php/Unbound_package</pkginfolink> + <config_file>https://packages.pfsense.org/packages/config/unbound/unbound.xml</config_file> <configurationfile>unbound.xml</configurationfile> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>unbound-1.4.21_1.tbz</depends_on_package> <depends_on_package>ldns-1.6.16.tbz</depends_on_package> <depends_on_package>expat-2.0.1_2.tbz</depends_on_package> @@ -1605,7 +1605,7 @@ <descr>The shellcmd utility is used to manage commands on system startup.</descr> <category>Services</category> <pkginfolink></pkginfolink> - <config_file>http://www.pfsense.com/packages/config/shellcmd/shellcmd.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/shellcmd/shellcmd.xml</config_file> <version>0.5</version> <status>Beta</status> <required_version>1.2</required_version> @@ -1622,7 +1622,7 @@ <status>BETA</status> <required_version>2.0</required_version> <maintainer>ey@tm-k.com</maintainer> - <config_file>http://www.pfsense.org/packages/config/widescreen/widescreen.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/widescreen/widescreen.xml</config_file> <configurationfile>widescreen.xml</configurationfile> <!-- Disabling on 2.0.2 and 2.1 since it overwrites the menu --> <maximum_version>2.0.1</maximum_version> @@ -1632,7 +1632,7 @@ <website>http://wiki.nagios.org/index.php/Howtos:nrpe_nsca</website> <descr>NRPE is an addon for Nagios that allows you to execute plugins on remote Linux/Unix hosts. This is useful if you need to monitor local resources/attributes like disk usage, CPU load, memory usage, etc. on a remote host.</descr> <category>Services</category> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>nrpe-2.12_3.tbz</depends_on_package> <depends_on_package>nagios-plugins-1.4.15_1,1.tbz</depends_on_package> <depends_on_package_pbi>nrpe-2.13_2-amd64.pbi</depends_on_package_pbi> @@ -1643,7 +1643,7 @@ <port>net-mgmt/nrpe</port> </build_pbi> <build_options>nrpe_SET=SSL;nrpe_UNSET_FORCE=ARGS</build_options> - <config_file>http://www.pfsense.com/packages/config/nrpe2/nrpe2.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/nrpe2/nrpe2.xml</config_file> <version>2.12_3 v2.2</version> <status>Beta</status> <required_version>1.2</required_version> @@ -1655,7 +1655,7 @@ <website>https://github.com/sileht/check_mk/blob/master/doc/README</website> <descr><![CDATA[The basic idea of check_mk is to fetch "all" information about a target host at once.<br>For each host to be monitored check_mk is called by Nagios only once per time period.]]></descr> <category>Services</category> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <build_port_path>/usr/ports/sysutils/muse</build_port_path> <build_port_path>/usr/ports/sysutils/ipmitool</build_port_path> <build_port_path>devel/libstatgrab</build_port_path> @@ -1664,7 +1664,7 @@ <port>sysutils/muse</port> </build_pbi> <build_options></build_options> - <config_file>http://www.pfsense.com/packages/config/checkmk-agent/checkmk.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/checkmk-agent/checkmk.xml</config_file> <version>v0.1</version> <status>RC1</status> <required_version>2.0</required_version> @@ -1679,7 +1679,7 @@ <version>1.0</version> <status>Beta</status> <required_version>2.0</required_version> - <config_file>http://www.pfsense.com/packages/config/sshdcond/sshdcond.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/sshdcond/sshdcond.xml</config_file> <maintainer>namezero@afim.info</maintainer> <configurationfile>sshdcond.xml</configurationfile> </package> @@ -1690,7 +1690,7 @@ <version>2.0.9</version> <status>Stable</status> <required_version>2.0</required_version> - <config_file>http://www.pfsense.com/packages/config/mailreport/mailreport.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/mailreport/mailreport.xml</config_file> <configurationfile>mailreport.xml</configurationfile> </package> <package> @@ -1704,10 +1704,10 @@ <website>www.winton.org.uk/zebedee/</website> <maintainer>jorgelustosa@gmail.com marcellocoutinho@gmail.com</maintainer> <required_version>2.0</required_version> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>zebedee-2.5.3.tbz</depends_on_package> <depends_on_package_pbi>zebedee-2.5.3-amd64.pbi</depends_on_package_pbi> - <config_file>http://www.pfsense.com/packages/config/zebedee/zebedee.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/zebedee/zebedee.xml</config_file> <configurationfile>zebedee.xml</configurationfile> <build_port_path>/usr/ports/security/zebedee</build_port_path> </package> @@ -1715,7 +1715,7 @@ <name>OpenVPN tap Bridging Fix</name> <descr>Patch to fix OpenVPN tap bridging on 2.0.x. WARNING! Cannot be uninstalled.</descr> <category>System</category> - <config_file>http://www.pfsense.com/packages/config/openvpn_tapfix_20x/openvpn_tapfix_20x.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/openvpn_tapfix_20x/openvpn_tapfix_20x.xml</config_file> <version>0.4</version> <status>BETA</status> <required_version>2.0</required_version> @@ -1728,10 +1728,10 @@ <version>0.99.22.3 v0.6.1</version> <category>Routing</category> <status>BETA</status> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>quagga-0.99.22.3.tbz</depends_on_package> <depends_on_package_pbi>quagga-0.99.22.3-amd64.pbi</depends_on_package_pbi> - <config_file>http://www.pfsense.com/packages/config/quagga_ospfd/quagga_ospfd.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/quagga_ospfd/quagga_ospfd.xml</config_file> <build_port_path>/usr/ports/net/quagga</build_port_path> <pkginfolink></pkginfolink> <required_version>2.0</required_version> @@ -1744,7 +1744,7 @@ <version>1.0</version> <category>System</category> <status>RELEASE</status> - <config_file>http://www.pfsense.com/packages/config/systempatches/systempatches.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/systempatches/systempatches.xml</config_file> <pkginfolink></pkginfolink> <required_version>2.0</required_version> <configurationfile>systempatches.xml</configurationfile> @@ -1758,8 +1758,8 @@ <version>5.2.12_3 pkg v 1.0.1</version> <status>Stable</status> <required_version>2.0</required_version> - <config_file>http://www.pfsense.com/packages/config/bacula-client/bacula-client.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/bacula-client/bacula-client.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>bacula-client-5.2.12_3.tbz</depends_on_package> <depends_on_package_pbi>bacula-5.2.12_3-amd64.pbi</depends_on_package_pbi> <build_port_path>/usr/ports/sysutils/bacula-client</build_port_path> @@ -1773,50 +1773,50 @@ <package> <!-- This does not exist yet, this is here to trigger a PBI build --> <name>urlsnarf</name> - <pkginfolink>http://forum.pfsense.org/</pkginfolink> + <pkginfolink>https://forum.pfsense.org/</pkginfolink> <descr><![CDATA[HTTP URL Sniffer (console/shell only)]]></descr> <category>Services</category> <version>2.3_4</version> <status>Beta</status> <required_version>2.1</required_version> - <config_file>http://www.pfsense.com/packages/config/urlsnarf/urlsnarf.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/urlsnarf/urlsnarf.xml</config_file> <maintainer>jimp@pfsense.org</maintainer> <configurationfile>urlsnarf.xml</configurationfile> <build_pbi> <ports_before>net/libnet10</ports_before> <port>security/dsniff</port> </build_pbi> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package_pbi>dsniff-2.3_4-amd64.pbi</depends_on_package_pbi> </package> <package> <!-- This does not exist yet, this is here to trigger a PBI build --> <name>iftop</name> - <pkginfolink>http://forum.pfsense.org/</pkginfolink> + <pkginfolink>https://forum.pfsense.org/</pkginfolink> <descr><![CDATA[Realtime interface monitor (console/shell only)]]></descr> <category>Services</category> <version>0.17</version> <status>Beta</status> <required_version>2.1</required_version> - <config_file>http://www.pfsense.com/packages/config/iftop/iftop.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/iftop/iftop.xml</config_file> <maintainer>jimp@pfsense.org</maintainer> <configurationfile>iftop.xml</configurationfile> <build_pbi> <port>net-mgmt/iftop</port> </build_pbi> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package_pbi>iftop-0.17-amd64.pbi</depends_on_package_pbi> </package> <package> <!-- This does not exist yet, this is here to trigger a pkg build --> <name>git</name> - <pkginfolink>http://forum.pfsense.org/</pkginfolink> + <pkginfolink>https://forum.pfsense.org/</pkginfolink> <descr><![CDATA[GIT Source Code Management (console/shell only)]]></descr> <category>Services</category> <version>1.8.5.2</version> <status>Beta</status> <required_version>2.1</required_version> - <config_file>http://www.pfsense.com/packages/config/git/git.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/git/git.xml</config_file> <maintainer>jimp@pfsense.org</maintainer> <configurationfile>git.xml</configurationfile> <build_options>git_UNSET_FORCE=GITWEB GUI HTMLDOCS CVS P4 SVN;git_SET=CONTRIB CURL ETCSHELLS ICONV NLS PERL</build_options> @@ -1824,7 +1824,7 @@ <build_pbi> <port>devel/git</port> </build_pbi> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package_pbi>git-1.8.5.2-amd64.pbi</depends_on_package_pbi> </package> <package> @@ -1832,7 +1832,7 @@ <website>http://www.tinc-vpn.org/</website> <descr>tinc is a Virtual Private Network (VPN) daemon that uses tunnelling and encryption to create a secure private mesh network between hosts on the Internet.</descr> <category>Network Management</category> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package_pbi>tinc-1.0.21-amd64.pbi</depends_on_package_pbi> <build_pbi> <port>security/tinc</port> @@ -1840,9 +1840,9 @@ <build_options></build_options> <version>1.0.21 v1.1</version> <status>ALPHA</status> - <pkginfolink>http://doc.pfsense.org/index.php/tinc_package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/tinc_package</pkginfolink> <required_version>2.1</required_version> - <config_file>http://www.pfsense.com/packages/config/tinc/tinc.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/tinc/tinc.xml</config_file> <configurationfile>tinc.xml</configurationfile> <logging> <facilityname>tinc</facilityname> @@ -1858,7 +1858,7 @@ <version>3.3.7_4</version> <status>ALPHA</status> <required_version>2.1</required_version> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package_pbi>syslog-ng-3.3.7_4-amd64.pbi</depends_on_package_pbi> <build_pbi> <ports_before>sysutils/logrotate</ports_before> @@ -1866,15 +1866,15 @@ </build_pbi> <build_options></build_options> <maintainer>laleger@gmail.com</maintainer> - <config_file>http://www.pfsense.com/packages/config/syslog-ng/syslog-ng.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/syslog-ng/syslog-ng.xml</config_file> <configurationfile>syslog-ng.xml</configurationfile> </package> <package> <name>Zabbix-2 Agent</name> <descr>Monitoring agent.</descr> <category>Services</category> - <config_file>http://www.pfsense.org/packages/config/zabbix2/zabbix2-agent.xml</config_file> - <version>zabbix2-agent-2.2.1 pkg v0.8_0</version> + <config_file>https://packages.pfsense.org/packages/config/zabbix2/zabbix2-agent.xml</config_file> + <version>zabbix2-agent-2.2.2 pkg v0.8_1</version> <status>BETA</status> <required_version>2.0</required_version> <configurationfile>zabbix2-agent.xml</configurationfile> @@ -1884,16 +1884,16 @@ <custom_name>zabbix22-agent</custom_name> <port>net-mgmt/zabbix22-agent</port> </build_pbi> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> - <depends_on_package>zabbix22-agent-2.2.1.tbz</depends_on_package> - <depends_on_package_pbi>zabbix22-agent-2.2.1-amd64.pbi</depends_on_package_pbi> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package>zabbix22-agent-2.2.2.tbz</depends_on_package> + <depends_on_package_pbi>zabbix22-agent-2.2.2-amd64.pbi</depends_on_package_pbi> </package> <package> <name>Zabbix-2 Proxy</name> <descr>Monitoring agent proxy.</descr> <category>Services</category> - <config_file>http://www.pfsense.org/packages/config/zabbix2/zabbix2-proxy.xml</config_file> - <version>zabbix2-proxy-2.2.1 pkg v0.8_0</version> + <config_file>https://packages.pfsense.org/packages/config/zabbix2/zabbix2-proxy.xml</config_file> + <version>zabbix2-proxy-2.2.2 pkg v0.8_1</version> <status>BETA</status> <required_version>2.0</required_version> <configurationfile>zabbix2-proxy.xml</configurationfile> @@ -1904,45 +1904,45 @@ <port>net-mgmt/zabbix22-proxy</port> </build_pbi> <build_options>OPTIONS_SET+= SQLITE IPV6;OPTIONS_UNSET+= MYSQL JABBER GSSAPI</build_options> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> - <depends_on_package>zabbix22-proxy-2.2.1.tbz</depends_on_package> - <depends_on_package_pbi>zabbix22-proxy-2.2.1-amd64.pbi</depends_on_package_pbi> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package>zabbix22-proxy-2.2.2.tbz</depends_on_package> + <depends_on_package_pbi>zabbix22-proxy-2.2.2-amd64.pbi</depends_on_package_pbi> </package> <package> <!-- This does not exist yet, this is here to trigger a PBI build --> <name>ipmitool</name> - <pkginfolink>http://forum.pfsense.org/</pkginfolink> + <pkginfolink>https://forum.pfsense.org/</pkginfolink> <descr><![CDATA[IPMI Tools for local/remote data retrieval and control (Console only, no GUI)]]></descr> <category>Services</category> <version>1.8.12</version> <status>Beta</status> <required_version>2.1</required_version> - <config_file>http://www.pfsense.com/packages/config/ipmitool/ipmitool.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/ipmitool/ipmitool.xml</config_file> <maintainer>jimp@pfsense.org</maintainer> <configurationfile>ipmitool.xml</configurationfile> <build_pbi> <port>sysutils/ipmitool</port> </build_pbi> <build_options>ipmitool_SET=FREEIPMI;freeipmi_UNSET_FORCE=DOCS DEBUG IOPERM</build_options> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package_pbi>ipmitool-1.8.12_3-amd64.pbi</depends_on_package_pbi> </package> <package> <name>sudo</name> - <pkginfolink>http://doc.pfsense.org/index.php/Sudo_Package</pkginfolink> + <pkginfolink>https://doc.pfsense.org/index.php/Sudo_Package</pkginfolink> <descr><![CDATA[sudo allows delegation of privileges to users in the shell so commands can be run as other users, such as root.]]></descr> <category>Security</category> <version>0.2</version> <status>Beta</status> <required_version>2.0.2</required_version> - <config_file>http://www.pfsense.com/packages/config/sudo/sudo.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/sudo/sudo.xml</config_file> <maintainer>jimp@pfsense.org</maintainer> <configurationfile>sudo.xml</configurationfile> <build_pbi> <port>security/sudo</port> </build_pbi> <build_port_path>/usr/ports/security/sudo</build_port_path> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>sudo-1.8.6.p8.tbz</depends_on_package> <depends_on_package_pbi>sudo-1.8.6p8-amd64.pbi</depends_on_package_pbi> </package> @@ -1953,7 +1953,7 @@ <version>1.5</version> <category>Services</category> <status>BETA</status> - <config_file>http://www.pfsense.com/packages/config/servicewatchdog/servicewatchdog.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/servicewatchdog/servicewatchdog.xml</config_file> <pkginfolink></pkginfolink> <required_version>2.1</required_version> <configurationfile>servicewatchdog.xml</configurationfile> @@ -1963,8 +1963,8 @@ <website>http://code.google.com/p/softflowd/</website> <descr>Softflowd is flow-based network traffic analyser capable of Cisco NetFlow data export. Softflowd semi-statefully tracks traffic flows recorded by listening on a network interface or by reading a packet capture file. These flows may be reported via NetFlow to a collecting host or summarised within softflowd itself. Softflowd supports Netflow versions 1, 5 and 9 and is fully IPv6-capable - it can track IPv6 flows and send export datagrams via IPv6. It also supports export to multicast groups, allowing for redundant flow collectors.</descr> <category>Network Management</category> - <config_file>http://www.pfsense.com/packages/config/softflowd/softflowd.xml</config_file> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <config_file>https://packages.pfsense.org/packages/config/softflowd/softflowd.xml</config_file> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package_pbi>softflowd-0.9.8_2-amd64.pbi</depends_on_package_pbi> <version>0.9.8</version> <status>Beta</status> @@ -1979,7 +1979,7 @@ <name>Apcupsd</name> <descr>Set of programs for controlling APC UPS.</descr> <category>Services</category> - <config_file>http://www.pfsense.org/packages/config/apcupsd/apcupsd.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/apcupsd/apcupsd.xml</config_file> <version>apcupsd-3.14.10_1 pkg v0.2</version> <status>BETA</status> <required_version>2.0</required_version> @@ -1991,7 +1991,7 @@ <port>sysutils/apcupsd</port> </build_pbi> <build_options>apcupsd_SET=APCSMART_DRV APCDUMB_DRV PCNET_DRV USB TCP_WRAPPERS SNMP_DRV;apcupsd_UNSET_FORCE=CLIENT_ONLY CGI SNMP_DRV_OLD TEST_DRV GAPCMON DOCS</build_options> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package>apcupsd-3.14.10_1.tbz</depends_on_package> <depends_on_package_pbi>apcupsd-3.14.10_1-amd64.pbi</depends_on_package_pbi> </package> @@ -2002,9 +2002,9 @@ <category>Network Management</category> <version>1.0.4</version> <status>BETA</status> - <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package_pbi>ladvd-1.0.4-amd64.pbi</depends_on_package_pbi> - <config_file>http://www.pfsense.org/packages/config/ladvd/ladvd.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/ladvd/ladvd.xml</config_file> <build_port_path>/usr/ports/net/ladvd</build_port_path> <pkginfolink></pkginfolink> <required_version>2.1</required_version> @@ -2015,18 +2015,18 @@ <website>http://suricata-ids.org/</website> <descr><![CDATA[Suricata is the OISF IDP engine, the open source Intrusion Detection and Prevention Engine.]]></descr> <category>Security</category> - <version>1.4.6 pkg v0.1</version> + <version>1.4.6 pkg v0.2</version> <status>BETA</status> <required_version>2.1</required_version> - <config_file>http://www.pfsense.org/packages/config/suricata/suricata.xml</config_file> + <config_file>https://packages.pfsense.org/packages/config/suricata/suricata.xml</config_file> <configurationfile>suricata.xml</configurationfile> <build_pbi> <port>security/suricata</port> <ports_after>security/barnyard2</ports_after> </build_pbi> - <build_options>barnyard2_UNSET=ODBC PGSQL PRELUDE;barnyard2_SET=GRE IPV6 MPLS MYSQL PORT_PCAP;suricata_SET=IPFW PORTS_PCAP TESTS;suricata_UNSET=PRELUDE</build_options> + <build_options>barnyard2_UNSET=ODBC PGSQL PRELUDE;barnyard2_SET=GRE IPV6 MPLS MYSQL PORT_PCAP BRO;suricata_SET=IPFW PORTS_PCAP TESTS;suricata_UNSET=PRELUDE</build_options> <build_port_path>/usr/ports/security/suricata</build_port_path> - <depends_on_package_base_url>http://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> + <depends_on_package_base_url>https://files.pfsense.org/packages/amd64/8/All/</depends_on_package_base_url> <depends_on_package_pbi>suricata-1.4.6-amd64.pbi</depends_on_package_pbi> </package> </packages> diff --git a/pkg_config.xsl b/pkg_config.xsl index d5df5626..bbe9864d 100644 --- a/pkg_config.xsl +++ b/pkg_config.xsl @@ -5,7 +5,7 @@ <html> <head> <title>pfSense Open Source Firewall Distribution - Packages</title> - <link rel="shortcut icon" href="http://www.pfsense.org/images/favicon.ico"/> + <link rel="shortcut icon" href="https://www.pfsense.org/images/favicon.ico"/> <link rel="stylesheet" href="templates/modular_plazza/css/template_css.css" type="text/css"/> <link rel="stylesheet" href="templates/modular_plazza/css/sfish.css" type="text/css"/> |