Skip to content

security/maltrail: new plugin#1257

Merged
fichtner merged 39 commits intoopnsense:masterfrom
mimugmail:mt
Mar 19, 2019
Merged

security/maltrail: new plugin#1257
fichtner merged 39 commits intoopnsense:masterfrom
mimugmail:mt

Conversation

@mimugmail
Copy link
Copy Markdown
Member

@mimugmail mimugmail commented Mar 14, 2019

Maltrail is a server/sensor system for detecting malicious traffic. It has a nice gui and fetches always updated trails to catch the bad guys. It's some kind of IDS and lets you collect from multiple OPNsense systems to one central unit. All scripts need the usual chmod :)

image

image

image

image

fabianfrz
fabianfrz reviewed Mar 15, 2019
View reviewed changes
Copy link
Copy Markdown
Member

@fabianfrz fabianfrz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

you could deduplicate some code by using the tabbed view and I have some findings

Comment thread security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/forms/general.xml Outdated
Comment thread security/maltrail/src/opnsense/mvc/app/views/OPNsense/Maltrail/general.volt Outdated
Comment thread security/maltrail/src/opnsense/scripts/OPNsense/Maltrail/setup.sh Outdated
Comment thread security/maltrail/src/opnsense/service/templates/OPNsense/Maltrail/maltrail.conf
Comment thread security/maltrail/src/opnsense/service/templates/OPNsense/Maltrail/maltrail.conf
@mimugmail mimugmail mentioned this pull request Mar 15, 2019
Closed
@MikhailKasimov
Copy link
Copy Markdown

MikhailKasimov commented Mar 15, 2019

@mimugmail My two cents -- in GUI: Update Period -> Update Period (seconds) . This makes hint for user about field format. Thanks!

@mimugmail
Copy link
Copy Markdown
Member Author

mimugmail commented Mar 19, 2019

@MikhailKasimov Thanks for the note, we try to keep Labels short and put most things which could lead to confusion in help text:
https://github.com/mimugmail/plugins/blob/mt/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/forms/general.xml#L12

fichtner
fichtner reviewed Mar 19, 2019
View reviewed changes
Comment thread security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/forms/general.xml Outdated
fichtner
fichtner reviewed Mar 19, 2019
View reviewed changes
Comment thread security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/forms/general.xml Outdated
fichtner
fichtner reviewed Mar 19, 2019
View reviewed changes
Comment thread security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/General.php Outdated
fichtner
fichtner reviewed Mar 19, 2019
View reviewed changes
Comment thread security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/Sensor.php Outdated
fichtner
fichtner reviewed Mar 19, 2019
View reviewed changes
Comment thread security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/Server.php Outdated
fichtner
fichtner reviewed Mar 19, 2019
View reviewed changes
Comment thread security/maltrail/src/opnsense/mvc/app/views/OPNsense/Maltrail/general.volt Outdated
fichtner
fichtner reviewed Mar 19, 2019
View reviewed changes
Comment thread security/maltrail/src/opnsense/scripts/OPNsense/Maltrail/setup.sh
fichtner
fichtner reviewed Mar 19, 2019
View reviewed changes
Comment thread security/maltrail/src/etc/rc.d/opnsense-maltrailserver Outdated
@mimugmail
Copy link
Copy Markdown
Member Author

mimugmail commented Mar 19, 2019

Ok, I'd say it looks good for a 0.1
Thanks for all reviews! 👍

fichtner
fichtner approved these changes Mar 19, 2019
View reviewed changes
Copy link
Copy Markdown
Member

@fichtner fichtner left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

neat, thanks!

@fichtner fichtner merged commit b957d12 into opnsense:master Mar 19, 2019
fichtner pushed a commit that referenced this pull request Mar 19, 2019
@mimugmail @fichtner
security/maltrail: new plugin (#1257)
fcdbde1 
(cherry picked from commit b957d12)
(cherry picked from commit d954e8a)
@mimugmail
Copy link
Copy Markdown
Member Author

mimugmail commented Mar 21, 2019

CC @juliocbc as you use wazuh/ossec you might be interested in this plugin too ..

@juliocbc
Copy link
Copy Markdown
Contributor

juliocbc commented Mar 21, 2019

@mimugmail Great!! I'll make some tests soon!! Thanks for CC me!

@emsofo
Copy link
Copy Markdown

emsofo commented Aug 17, 2023

Great stuff!! Just installed on a virtual instance of OPNSense 23.7.1_3 and seems to work except for one thing - when hovering over the Trail section - the searx results always say: "Sorry! we didn't find any results. Please use another query or search in more categories." - so seems broken ?!?

@mimugmail
Copy link
Copy Markdown
Member Author

mimugmail commented Aug 17, 2023

This is related to the software itself, maybe you can ask o er there?

@emsofo
Copy link
Copy Markdown

emsofo commented Aug 17, 2023

I just submitted a bug: stamparm/maltrail#19199 (comment)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@fichtner fichtner fichtner approved these changes

+2 more reviewers

@stamparm stamparm stamparm left review comments

@fabianfrz fabianfrz fabianfrz left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

@fichtner fichtner

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@mimugmail @MikhailKasimov @juliocbc @emsofo @stamparm @fichtner @fabianfrz