Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

security/maltrail: new plugin #1257

Merged
merged 39 commits into from
Mar 19, 2019
Merged

security/maltrail: new plugin #1257

merged 39 commits into from
Mar 19, 2019

Conversation

mimugmail
Copy link
Member

Maltrail is a server/sensor system for detecting malicious traffic. It has a nice gui and fetches always updated trails to catch the bad guys. It's some kind of IDS and lets you collect from multiple OPNsense systems to one central unit. All scripts need the usual chmod :)

image

image

image

image

fabianfrz
fabianfrz reviewed Mar 15, 2019
View reviewed changes
Copy link
Member

@fabianfrz fabianfrz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

you could deduplicate some code by using the tabbed view and I have some findings

security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/forms/general.xml Outdated Show resolved Hide resolved
security/maltrail/src/opnsense/mvc/app/views/OPNsense/Maltrail/general.volt Outdated Show resolved Hide resolved
security/maltrail/src/opnsense/scripts/OPNsense/Maltrail/setup.sh Outdated Show resolved Hide resolved
security/maltrail/src/opnsense/service/templates/OPNsense/Maltrail/maltrail.conf Show resolved Hide resolved
security/maltrail/src/opnsense/service/templates/OPNsense/Maltrail/maltrail.conf Show resolved Hide resolved
@mimugmail mimugmail mentioned this pull request Mar 15, 2019
Closed
@MikhailKasimov
Copy link

@mimugmail My two cents -- in GUI: Update Period -> Update Period (seconds) . This makes hint for user about field format. Thanks!

@mimugmail
Copy link
Member Author

@MikhailKasimov Thanks for the note, we try to keep Labels short and put most things which could lead to confusion in help text:
https://github.com/mimugmail/plugins/blob/mt/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/forms/general.xml#L12

@mimugmail
Copy link
Member Author

Ok, I'd say it looks good for a 0.1
Thanks for all reviews! 👍

fichtner
fichtner approved these changes Mar 19, 2019
View reviewed changes
Copy link
Member

@fichtner fichtner left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

neat, thanks!

@fichtner fichtner merged commit b957d12 into opnsense:master Mar 19, 2019
fichtner pushed a commit that referenced this pull request Mar 19, 2019
@mimugmail @fichtner
security/maltrail: new plugin (#1257)
fcdbde1 
(cherry picked from commit b957d12)
(cherry picked from commit d954e8a)
@mimugmail
Copy link
Member Author

CC @juliocbc as you use wazuh/ossec you might be interested in this plugin too ..

@juliocbc
Copy link
Contributor

@mimugmail Great!! I'll make some tests soon!! Thanks for CC me!

@emsofo
Copy link

emsofo commented Aug 17, 2023

Great stuff!! Just installed on a virtual instance of OPNSense 23.7.1_3 and seems to work except for one thing - when hovering over the Trail section - the searx results always say: "Sorry! we didn't find any results. Please use another query or search in more categories." - so seems broken ?!?

@mimugmail
Copy link
Member Author

This is related to the software itself, maybe you can ask o er there?

@emsofo
Copy link

emsofo commented Aug 17, 2023

I just submitted a bug: stamparm/maltrail#19199 (comment)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fabianfrz fabianfrz fabianfrz left review comments

@stamparm stamparm stamparm left review comments

@fichtner fichtner fichtner approved these changes

Assignees

@fichtner fichtner

Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@mimugmail @MikhailKasimov @juliocbc @emsofo @stamparm @fichtner @fabianfrz