diff --git a/README.md b/README.md index 63c639eaa2..793ea7f3c5 100644 --- a/README.md +++ b/README.md @@ -74,6 +74,7 @@ security/etpro-telemetry -- ET Pro Telemetry Edition security/intrusion-detection-content-et-pro -- IDS Proofpoint ET Pro ruleset (needs a valid subscription) security/intrusion-detection-content-pt-open -- IDS PT Research ruleset (only for non-commercial use) security/intrusion-detection-content-snort-vrt -- IDS Snort VRT ruleset (needs registration or subscription) +security/maltrail -- Malicious traffic detection system security/openconnect -- OpenConnect Client security/softether -- Cross-platform Multi-protocol VPN Program security/tinc -- Tinc VPN diff --git a/security/maltrail/Makefile b/security/maltrail/Makefile new file mode 100644 index 0000000000..37fc580caa --- /dev/null +++ b/security/maltrail/Makefile @@ -0,0 +1,8 @@ +PLUGIN_NAME= maltrail +PLUGIN_VERSION= 0.1 +PLUGIN_COMMENT= Malicious traffic detection system +PLUGIN_DEPENDS= maltrail +PLUGIN_MAINTAINER= m.muenz@gmail.com +PLUGIN_DEVEL= yes + +.include "../../Mk/plugins.mk" diff --git a/security/maltrail/pkg-descr b/security/maltrail/pkg-descr new file mode 100644 index 0000000000..2e65f0b1e2 --- /dev/null +++ b/security/maltrail/pkg-descr @@ -0,0 +1,8 @@ +Maltrail is a malicious traffic detection system, utilizing publicly +available (black)lists containing malicious and/or generally suspicious +trails, along with static trails compiled from various AV reports and +custom user defined lists, where trail can be anything from domain name, +URL, IP address or HTTP User-Agent header value. Also, it uses advanced +heuristic mechanisms that can help in discovery of unknown threats. + +WWW: https://github.com/stamparm/maltrail diff --git a/security/maltrail/src/etc/inc/plugins.inc.d/maltrail.inc b/security/maltrail/src/etc/inc/plugins.inc.d/maltrail.inc new file mode 100644 index 0000000000..4aab204c4c --- /dev/null +++ b/security/maltrail/src/etc/inc/plugins.inc.d/maltrail.inc @@ -0,0 +1,62 @@ + + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +function maltrail_services() +{ + global $config; + + $services = array(); + + if (isset($config['OPNsense']['maltrail']['general']['enabled']) && $config['OPNsense']['maltrail']['general']['enabled'] == 1) { + $services[] = array( + 'description' => gettext('maltrail sensor'), + 'configd' => array( + 'restart' => array('maltrailsensor restart'), + 'start' => array('maltrailsensor start'), + 'stop' => array('maltrailsensor stop'), + ), + 'name' => 'maltrailsensor', + 'pidfile' => '/var/run/maltrailsensor.pid' + ); + } + + if (isset($config['OPNsense']['maltrail']['server']['enabled']) && $config['OPNsense']['maltrail']['server']['enabled'] == 1) { + $services[] = array( + 'description' => gettext('maltrail server'), + 'configd' => array( + 'restart' => array('maltrailserver restart'), + 'start' => array('maltrailserver start'), + 'stop' => array('maltrailserver stop'), + ), + 'name' => 'maltrailserver', + 'pidfile' => '/var/run/maltrailserver.pid' + ); + } + + return $services; +} diff --git a/security/maltrail/src/etc/rc.d/opnsense-maltrailsensor b/security/maltrail/src/etc/rc.d/opnsense-maltrailsensor new file mode 100755 index 0000000000..852046b29a --- /dev/null +++ b/security/maltrail/src/etc/rc.d/opnsense-maltrailsensor @@ -0,0 +1,23 @@ +#!/bin/sh +# +# $FreeBSD$ +# +# PROVIDE: opnsense-maltrailsensor +# REQUIRE: SERVERS +# KEYWORD: shutdown +# + +. /etc/rc.subr + +name=maltrailsensor + +rcvar=maltrailsensor_enable +pidfile=/var/run/${name}.pid +command=/usr/sbin/daemon +command_args="-f -P /var/run/maltrailsensor.pid python2.7 /usr/local/share/maltrail/sensor.py" + +load_rc_config opnsense-maltrailsensor + +: ${maltrailsensor_enable="NO"} + +run_rc_command $1 diff --git a/security/maltrail/src/etc/rc.d/opnsense-maltrailserver b/security/maltrail/src/etc/rc.d/opnsense-maltrailserver new file mode 100755 index 0000000000..23cd811af0 --- /dev/null +++ b/security/maltrail/src/etc/rc.d/opnsense-maltrailserver @@ -0,0 +1,23 @@ +#!/bin/sh +# +# $FreeBSD$ +# +# PROVIDE: opnsense-maltrailserver +# REQUIRE: SERVERS +# KEYWORD: shutdown +# + +. /etc/rc.subr + +name=maltrailserver + +rcvar=maltrailserver_enable +pidfile=/var/run/${name}.pid +command=/usr/sbin/daemon +command_args="-f -P /var/run/maltrailserver.pid python2.7 /usr/local/share/maltrail/server.py" + +load_rc_config opnsense-maltrailserver + +: ${maltrailserver_enable="NO"} + +run_rc_command $1 diff --git a/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/Api/GeneralController.php b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/Api/GeneralController.php new file mode 100644 index 0000000000..5f381b2ee7 --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/Api/GeneralController.php @@ -0,0 +1,37 @@ + + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +namespace OPNsense\Maltrail\Api; + +use OPNsense\Base\ApiMutableModelControllerBase; + +class GeneralController extends ApiMutableModelControllerBase +{ + protected static $internalModelClass = '\OPNsense\Maltrail\General'; + protected static $internalModelName = 'general'; +} diff --git a/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/Api/SensorController.php b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/Api/SensorController.php new file mode 100644 index 0000000000..0ae40e5368 --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/Api/SensorController.php @@ -0,0 +1,37 @@ + + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +namespace OPNsense\Maltrail\Api; + +use OPNsense\Base\ApiMutableModelControllerBase; + +class SensorController extends ApiMutableModelControllerBase +{ + protected static $internalModelClass = '\OPNsense\Maltrail\Sensor'; + protected static $internalModelName = 'sensor'; +} diff --git a/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/Api/ServerController.php b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/Api/ServerController.php new file mode 100644 index 0000000000..afc87089f2 --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/Api/ServerController.php @@ -0,0 +1,37 @@ + + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +namespace OPNsense\Maltrail\Api; + +use OPNsense\Base\ApiMutableModelControllerBase; + +class ServerController extends ApiMutableModelControllerBase +{ + protected static $internalModelClass = '\OPNsense\Maltrail\Server'; + protected static $internalModelName = 'server'; +} diff --git a/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/Api/ServerserviceController.php b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/Api/ServerserviceController.php new file mode 100644 index 0000000000..981801a0ee --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/Api/ServerserviceController.php @@ -0,0 +1,39 @@ + + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +namespace OPNsense\Maltrail\Api; + +use OPNsense\Base\ApiMutableServiceControllerBase; + +class ServerserviceController extends ApiMutableServiceControllerBase +{ + protected static $internalServiceClass = '\OPNsense\Maltrail\Server'; + protected static $internalServiceTemplate = 'OPNsense/Maltrail'; + protected static $internalServiceEnabled = 'enabled'; + protected static $internalServiceName = 'maltrailserver'; +} diff --git a/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/Api/ServiceController.php b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/Api/ServiceController.php new file mode 100644 index 0000000000..d59fd64f4c --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/Api/ServiceController.php @@ -0,0 +1,39 @@ + + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +namespace OPNsense\Maltrail\Api; + +use OPNsense\Base\ApiMutableServiceControllerBase; + +class ServiceController extends ApiMutableServiceControllerBase +{ + protected static $internalServiceClass = '\OPNsense\Maltrail\Sensor'; + protected static $internalServiceTemplate = 'OPNsense/Maltrail'; + protected static $internalServiceEnabled = 'enabled'; + protected static $internalServiceName = 'maltrailsensor'; +} diff --git a/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/GeneralController.php b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/GeneralController.php new file mode 100644 index 0000000000..992370e1d4 --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/GeneralController.php @@ -0,0 +1,38 @@ + + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +namespace OPNsense\Maltrail; + +class GeneralController extends \OPNsense\Base\IndexController +{ + public function indexAction() + { + $this->view->generalForm = $this->getForm('general'); + $this->view->pick('OPNsense/Maltrail/general'); + } +} diff --git a/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/SensorController.php b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/SensorController.php new file mode 100644 index 0000000000..58698b75ac --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/SensorController.php @@ -0,0 +1,38 @@ + + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +namespace OPNsense\Maltrail; + +class SensorController extends \OPNsense\Base\IndexController +{ + public function indexAction() + { + $this->view->sensorForm = $this->getForm('sensor'); + $this->view->pick('OPNsense/Maltrail/sensor'); + } +} diff --git a/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/ServerController.php b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/ServerController.php new file mode 100644 index 0000000000..db80d94016 --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/ServerController.php @@ -0,0 +1,38 @@ + + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +namespace OPNsense\Maltrail; + +class ServerController extends \OPNsense\Base\IndexController +{ + public function indexAction() + { + $this->view->serverForm = $this->getForm('server'); + $this->view->pick('OPNsense/Maltrail/server'); + } +} diff --git a/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/forms/general.xml b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/forms/general.xml new file mode 100644 index 0000000000..01c848c117 --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/forms/general.xml @@ -0,0 +1,26 @@ +
+ + general.heuristics + + checkbox + Whether to enable or disable the usage or heuristic detection. + + + general.updateperiod + + text + Time in seconds how often to refresh trails. + + + general.adminpassword + + text + Set the SHA256 password for user admin here. For ways to generate it, please consult the plugin documentation. + + + general.monitorinterface + + select_multiple + List of interface to listen on, none means listen on all interfaces. + +
diff --git a/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/forms/sensor.xml b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/forms/sensor.xml new file mode 100644 index 0000000000..24636d4a30 --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/forms/sensor.xml @@ -0,0 +1,26 @@ +
+ + sensor.enabled + + checkbox + This will activate the Sensor. Do not forget to enable the local server mode or send the logs to a remote server. + + + sensor.captureall + + checkbox + This will look into all IPv4 and IPv6 traffic. If disabled it will only look for traffic for icmp, udp, tcp syn packets and on known HTTP ports. + + + sensor.remoteserver + + text + IP address of the remote logging server. + + + sensor.remoteport + + text + Port of the logging server. Leave empty when sensor and server run on the same system. + +
diff --git a/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/forms/server.xml b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/forms/server.xml new file mode 100644 index 0000000000..67d433f296 --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/forms/server.xml @@ -0,0 +1,32 @@ +
+ + server.enabled + + checkbox + This will activate the Maltrail server. You can use this service to also collect data from remote Maltrail sensors. + + + server.listenaddress + + text + IP address the server UI listens on. + + + server.listenport + + text + TCP port of the server UI. + + + server.loglistenaddress + + text + IP address to listen to where sensors should send log. Leave blank if you run server and sensor on the same machine. + + + server.loglistenport + + text + The UDP port of the log server. Leave blank if you run server and sensor on the same machine. The default when in use should be set to 8337. + +
diff --git a/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/ACL/ACL.xml b/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/ACL/ACL.xml new file mode 100644 index 0000000000..08500d34b4 --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/ACL/ACL.xml @@ -0,0 +1,9 @@ + + + Services: Maltrail + + ui/maltrail/* + api/maltrail/* + + + diff --git a/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/General.php b/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/General.php new file mode 100644 index 0000000000..ae2b0311d0 --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/General.php @@ -0,0 +1,35 @@ + + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +namespace OPNsense\Maltrail; + +use OPNsense\Base\BaseModel; + +class General extends BaseModel +{ +} diff --git a/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/General.xml b/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/General.xml new file mode 100644 index 0000000000..d094d2500b --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/General.xml @@ -0,0 +1,23 @@ + + //OPNsense/maltrail/general + Maltrail general configuration + 0.0.1 + + + 1 + Y + + + 86400 + Y + + + 9ab3cd9d67bf49d01f6a2e33d0bd9bc804ddbe6ce1ff5d219c42624851db5dbc + Y + + + Y + N + + + diff --git a/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/Menu/Menu.xml b/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/Menu/Menu.xml new file mode 100644 index 0000000000..5b424e465a --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/Menu/Menu.xml @@ -0,0 +1,9 @@ + + + + + + + + + diff --git a/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/Sensor.php b/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/Sensor.php new file mode 100644 index 0000000000..ba081559b6 --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/Sensor.php @@ -0,0 +1,35 @@ + + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +namespace OPNsense\Maltrail; + +use OPNsense\Base\BaseModel; + +class Sensor extends BaseModel +{ +} diff --git a/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/Sensor.xml b/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/Sensor.xml new file mode 100644 index 0000000000..6af3c20813 --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/Sensor.xml @@ -0,0 +1,22 @@ + + //OPNsense/maltrail/sensor + Maltrail sensor configuration + 0.0.1 + + + 0 + Y + + + 0 + Y + + + N + + + 8337 + Y + + + diff --git a/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/Server.php b/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/Server.php new file mode 100644 index 0000000000..15597f81fe --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/Server.php @@ -0,0 +1,35 @@ + + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +namespace OPNsense\Maltrail; + +use OPNsense\Base\BaseModel; + +class Server extends BaseModel +{ +} diff --git a/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/Server.xml b/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/Server.xml new file mode 100644 index 0000000000..0c94548350 --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/Server.xml @@ -0,0 +1,26 @@ + + //OPNsense/maltrail/server + Maltrail server configuration + 0.0.1 + + + 0 + Y + + + 0.0.0.0 + Y + Please provide a valid hostname or IP address. + + + 8338 + Y + + + N + + + N + + + diff --git a/security/maltrail/src/opnsense/mvc/app/views/OPNsense/Maltrail/general.volt b/security/maltrail/src/opnsense/mvc/app/views/OPNsense/Maltrail/general.volt new file mode 100644 index 0000000000..9aefe447eb --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/views/OPNsense/Maltrail/general.volt @@ -0,0 +1,52 @@ +{# + # Copyright (c) 2019 Deciso B.V. + # Copyright (c) 2019 Michael Muenz + # All rights reserved. + # + # Redistribution and use in source and binary forms, with or without modification, + # are permitted provided that the following conditions are met: + # + # 1. Redistributions of source code must retain the above copyright notice, + # this list of conditions and the following disclaimer. + # + # 2. Redistributions in binary form must reproduce the above copyright notice, + # this list of conditions and the following disclaimer in the documentation + # and/or other materials provided with the distribution. + # + # THIS SOFTWARE IS PROVIDED “AS IS” AND ANY EXPRESS OR IMPLIED WARRANTIES, + # INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + # AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + # AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + # OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + # POSSIBILITY OF SUCH DAMAGE. + #} + +
+ {{ partial("layout_partials/base_form",['fields':generalForm,'id':'frm_general_settings'])}} +
+
+ +
+
+ + diff --git a/security/maltrail/src/opnsense/mvc/app/views/OPNsense/Maltrail/sensor.volt b/security/maltrail/src/opnsense/mvc/app/views/OPNsense/Maltrail/sensor.volt new file mode 100644 index 0000000000..635e6b649b --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/views/OPNsense/Maltrail/sensor.volt @@ -0,0 +1,60 @@ +{# + # Copyright (c) 2019 Deciso B.V. + # Copyright (c) 2019 Michael Muenz + # All rights reserved. + # + # Redistribution and use in source and binary forms, with or without modification, + # are permitted provided that the following conditions are met: + # + # 1. Redistributions of source code must retain the above copyright notice, + # this list of conditions and the following disclaimer. + # + # 2. Redistributions in binary form must reproduce the above copyright notice, + # this list of conditions and the following disclaimer in the documentation + # and/or other materials provided with the distribution. + # + # THIS SOFTWARE IS PROVIDED “AS IS” AND ANY EXPRESS OR IMPLIED WARRANTIES, + # INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + # AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + # AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + # OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + # POSSIBILITY OF SUCH DAMAGE. + #} + +
+ {{ partial("layout_partials/base_form",['fields':sensorForm,'id':'frm_sensor_settings'])}} +
+
+ +
+
+ + diff --git a/security/maltrail/src/opnsense/mvc/app/views/OPNsense/Maltrail/server.volt b/security/maltrail/src/opnsense/mvc/app/views/OPNsense/Maltrail/server.volt new file mode 100644 index 0000000000..4833a29b6a --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/views/OPNsense/Maltrail/server.volt @@ -0,0 +1,60 @@ +{# + # Copyright (c) 2019 Deciso B.V. + # Copyright (c) 2019 Michael Muenz + # All rights reserved. + # + # Redistribution and use in source and binary forms, with or without modification, + # are permitted provided that the following conditions are met: + # + # 1. Redistributions of source code must retain the above copyright notice, + # this list of conditions and the following disclaimer. + # + # 2. Redistributions in binary form must reproduce the above copyright notice, + # this list of conditions and the following disclaimer in the documentation + # and/or other materials provided with the distribution. + # + # THIS SOFTWARE IS PROVIDED “AS IS” AND ANY EXPRESS OR IMPLIED WARRANTIES, + # INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + # AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + # AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + # OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + # POSSIBILITY OF SUCH DAMAGE. + #} + +
+ {{ partial("layout_partials/base_form",['fields':serverForm,'id':'frm_server_settings'])}} +
+
+ +
+
+ + diff --git a/security/maltrail/src/opnsense/scripts/OPNsense/Maltrail/setup.sh b/security/maltrail/src/opnsense/scripts/OPNsense/Maltrail/setup.sh new file mode 100755 index 0000000000..a74fbef187 --- /dev/null +++ b/security/maltrail/src/opnsense/scripts/OPNsense/Maltrail/setup.sh @@ -0,0 +1,5 @@ +#!/bin/sh + +mkdir -p /var/log/maltrail/ +chown root:wheel /var/log/maltrail +chmod 750 /var/log/maltrail diff --git a/security/maltrail/src/opnsense/service/conf/actions.d/actions_maltrailsensor.conf b/security/maltrail/src/opnsense/service/conf/actions.d/actions_maltrailsensor.conf new file mode 100644 index 0000000000..fa6090dd0b --- /dev/null +++ b/security/maltrail/src/opnsense/service/conf/actions.d/actions_maltrailsensor.conf @@ -0,0 +1,23 @@ +[start] +command:/usr/local/opnsense/scripts/OPNsense/Maltrail/setup.sh;/usr/local/etc/rc.d/opnsense-maltrailsensor start +parameters: +type:script +message:starting Maltrail sensor + +[stop] +command:/usr/local/etc/rc.d/opnsense-maltrailsensor stop +parameters: +type:script +message:stopping Maltrail sensor + +[restart] +command:/usr/local/opnsense/scripts/OPNsense/Maltrail/setup.sh;/usr/local/etc/rc.d/opnsense-maltrailsensor restart +parameters: +type:script +message:restarting Maltrail sensor + +[status] +command:/usr/local/etc/rc.d/opnsense-maltrailsensor status;exit 0 +parameters: +type:script_output +message:request Maltrail sensor status diff --git a/security/maltrail/src/opnsense/service/conf/actions.d/actions_maltrailserver.conf b/security/maltrail/src/opnsense/service/conf/actions.d/actions_maltrailserver.conf new file mode 100644 index 0000000000..ad8313f6f3 --- /dev/null +++ b/security/maltrail/src/opnsense/service/conf/actions.d/actions_maltrailserver.conf @@ -0,0 +1,23 @@ +[start] +command:/usr/local/opnsense/scripts/OPNsense/Maltrail/setup.sh;/usr/local/etc/rc.d/opnsense-maltrailserver start +parameters: +type:script +message:starting Maltrail Server + +[stop] +command:/usr/local/etc/rc.d/opnsense-maltrailserver stop +parameters: +type:script +message:stopping Maltrail Server + +[restart] +command:/usr/local/opnsense/scripts/OPNsense/Maltrail/setup.sh;/usr/local/etc/rc.d/opnsense-maltrailserver restart +parameters: +type:script +message:restarting Maltrail Server + +[status] +command:/usr/local/etc/rc.d/opnsense-maltrailserver status;exit 0 +parameters: +type:script_output +message:request Maltrail Server status diff --git a/security/maltrail/src/opnsense/service/templates/OPNsense/Maltrail/+TARGETS b/security/maltrail/src/opnsense/service/templates/OPNsense/Maltrail/+TARGETS new file mode 100644 index 0000000000..66a7ec29d4 --- /dev/null +++ b/security/maltrail/src/opnsense/service/templates/OPNsense/Maltrail/+TARGETS @@ -0,0 +1,3 @@ +maltrailsensor:/etc/rc.conf.d/opnsense-maltrailsensor +maltrailserver:/etc/rc.conf.d/opnsense-maltrailserver +maltrail.conf:/usr/local/share/maltrail/maltrail.conf diff --git a/security/maltrail/src/opnsense/service/templates/OPNsense/Maltrail/maltrail.conf b/security/maltrail/src/opnsense/service/templates/OPNsense/Maltrail/maltrail.conf new file mode 100644 index 0000000000..02e11b9f62 --- /dev/null +++ b/security/maltrail/src/opnsense/service/templates/OPNsense/Maltrail/maltrail.conf @@ -0,0 +1,60 @@ +{% from 'OPNsense/Macros/interface.macro' import physical_interface %} + +{% if helpers.exists('OPNsense.maltrail.server.enabled') and OPNsense.maltrail.server.enabled == '1' %} + +# [Server] +HTTP_ADDRESS {{ OPNsense.maltrail.server.listenaddress }} +HTTP_PORT {{ OPNsense.maltrail.server.listenport }} +USE_SSL false + +{% if helpers.exists('OPNsense.maltrail.server.loglistenaddress') and OPNsense.maltrail.server.loglistenaddress != '' %} +UDP_ADDRESS {{ OPNsense.maltrail.server.loglistenaddress }} +{% endif %} +{% if helpers.exists('OPNsense.maltrail.server.loglistenport') and OPNsense.maltrail.server.loglistenport != '' %} +UDP_PORT {{ OPNsense.maltrail.server.loglistenport }} +{% endif %} +{% endif %} + +{% if helpers.exists('OPNsense.maltrail.sensor.enabled') and OPNsense.maltrail.sensor.enabled == '1' %} +{% if helpers.exists('OPNsense.maltrail.sensor.remoteserver') and OPNsense.maltrail.sensor.remoteserver != '' %} +LOG_SERVER {{ OPNsense.maltrail.sensor.remoteserver }}:{{ OPNsense.maltrail.sensor.remoteport }} +DISABLE_LOCAL_LOG_STORAGE true +{% else %} +DISABLE_LOCAL_LOG_STORAGE false +{% endif %} +{% endif %} + +SENSOR_NAME $HOSTNAME +CUSTOM_TRAILS_DIR /usr/local/maltrail/trails/custom/ +PROCESS_COUNT $CPU_CORES +DISABLE_CPU_AFFINITY false +USE_FEED_UPDATES true +DISABLED_FEEDS turris, ciarmy, policeman, myip +UPDATE_PERIOD {{ OPNsense.maltrail.general.updateperion }} +USE_SERVER_UPDATE_TRAILS false +{% if helpers.exists('OPNsense.maltrail.general.heuristics') and OPNsense.maltrail.general.heuristics == '1' %} +USE_HEURISTICS true +{% else %} +USE_HEURISTICS false +{% endif %} +CHECK_MISSING_HOST false +CHECK_HOST_DOMAINS false +SHOW_DEBUG false +LOG_DIR /var/log/maltrail +{% if helpers.exists('OPNsense.maltrail.general.monitorinterface') and OPNsense.maltrail.general.monitorinterface != '' %} +{% set interfaces = [] %} +{% for interface in OPNsense.maltrail.general.monitorinterface.split(',') %} +{% do interfaces.append(physical_interface(interface)) %} +{% endfor %} +MONITOR_INTERFACE {{ interfaces|join(',') }} +{% else %} +MONITOR_INTERFACE any +{% endif %} +CAPTURE_BUFFER 10% +{% if helpers.exists('OPNsense.maltrail.sensor.captureall') and OPNsense.maltrail.sensor.captureall == '1' %} +CAPTURE_FILTER ip or ip6 +{% else %} +CAPTURE_FILTER udp or icmp or (tcp and (tcp[tcpflags] == tcp-syn or port 80 or port 1080 or port 3128 or port 8000 or port 8080 or port 8118)) +{% endif %} +USERS + admin:{{ OPNsense.maltrail.general.adminpassword }}:2000:0.0.0.0/0 # changeme! diff --git a/security/maltrail/src/opnsense/service/templates/OPNsense/Maltrail/maltrailsensor b/security/maltrail/src/opnsense/service/templates/OPNsense/Maltrail/maltrailsensor new file mode 100644 index 0000000000..0f1dc4832f --- /dev/null +++ b/security/maltrail/src/opnsense/service/templates/OPNsense/Maltrail/maltrailsensor @@ -0,0 +1,7 @@ +{% if helpers.exists('OPNsense.maltrail.sensor.enabled') and OPNsense.maltrail.sensor.enabled == '1' %} +maltrailsensor_var_script="/usr/local/opnsense/scripts/OPNsense/Maltrail/setup.sh" +maltrailsensor_enable="YES" +{% else %} +maltrailsensor_enable="NO" +{% endif %} +maltrailsensor_var_mfs="/var/log/maltrail" diff --git a/security/maltrail/src/opnsense/service/templates/OPNsense/Maltrail/maltrailserver b/security/maltrail/src/opnsense/service/templates/OPNsense/Maltrail/maltrailserver new file mode 100644 index 0000000000..12095bdd28 --- /dev/null +++ b/security/maltrail/src/opnsense/service/templates/OPNsense/Maltrail/maltrailserver @@ -0,0 +1,7 @@ +{% if helpers.exists('OPNsense.maltrail.server.enabled') and OPNsense.maltrail.server.enabled == '1' %} +maltrailserver_var_script="/usr/local/opnsense/scripts/OPNsense/Maltrail/setup.sh" +maltrailserver_enable="YES" +{% else %} +maltrailserver_enable="NO" +{% endif %} +maltrailserver_var_mfs="/var/log/maltrail"