From 8deb541e4c698444de68c591f4f8f46bca82ed44 Mon Sep 17 00:00:00 2001 From: Michael Date: Sun, 10 Mar 2019 16:19:07 +0100 Subject: [PATCH 01/11] initial commit --- security/maltrail/Makefile | 8 +++ security/maltrail/pkg-descr | 8 +++ .../src/etc/inc/plugins.inc.d/maltrail.inc | 62 +++++++++++++++++++ .../src/etc/rc.d/opnsense-mailtrailsensor | 52 ++++++++++++++++ .../src/etc/rc.d/opnsense-mailtrailserver | 52 ++++++++++++++++ .../Maltrail/Api/GeneralController.php | 37 +++++++++++ .../Maltrail/Api/ServerController.php | 37 +++++++++++ .../Maltrail/Api/ServerserviceController.php | 39 ++++++++++++ .../Maltrail/Api/ServiceController.php | 39 ++++++++++++ .../OPNsense/Maltrail/GeneralController.php | 38 ++++++++++++ .../OPNsense/Maltrail/ServerController.php | 38 ++++++++++++ .../OPNsense/Maltrail/forms/general.xml | 20 ++++++ .../OPNsense/Maltrail/forms/server.xml | 32 ++++++++++ .../app/models/OPNsense/Maltrail/ACL/ACL.xml | 9 +++ .../app/models/OPNsense/Maltrail/General.php | 35 +++++++++++ .../app/models/OPNsense/Maltrail/General.xml | 18 ++++++ .../models/OPNsense/Maltrail/Menu/Menu.xml | 8 +++ .../app/models/OPNsense/Maltrail/Server.php | 35 +++++++++++ .../app/models/OPNsense/Maltrail/Server.xml | 26 ++++++++ .../app/views/OPNsense/Maltrail/general.volt | 61 ++++++++++++++++++ .../app/views/OPNsense/Maltrail/server.volt | 61 ++++++++++++++++++ .../actions.d/actions_maltrailsensor.conf | 23 +++++++ .../actions.d/actions_maltrailserver.conf | 23 +++++++ .../templates/OPNsense/Maltrail/+TARGETS | 3 + .../templates/OPNsense/Maltrail/maltrail.conf | 49 +++++++++++++++ .../OPNsense/Maltrail/maltrailsensor.conf | 5 ++ .../OPNsense/Maltrail/maltrailserver.conf | 5 ++ 27 files changed, 823 insertions(+) create mode 100644 security/maltrail/Makefile create mode 100644 security/maltrail/pkg-descr create mode 100644 security/maltrail/src/etc/inc/plugins.inc.d/maltrail.inc create mode 100644 security/maltrail/src/etc/rc.d/opnsense-mailtrailsensor create mode 100644 security/maltrail/src/etc/rc.d/opnsense-mailtrailserver create mode 100644 security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/Api/GeneralController.php create mode 100644 security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/Api/ServerController.php create mode 100644 security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/Api/ServerserviceController.php create mode 100644 security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/Api/ServiceController.php create mode 100644 security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/GeneralController.php create mode 100644 security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/ServerController.php create mode 100644 security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/forms/general.xml create mode 100644 security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/forms/server.xml create mode 100644 security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/ACL/ACL.xml create mode 100644 security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/General.php create mode 100644 security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/General.xml create mode 100644 security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/Menu/Menu.xml create mode 100644 security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/Server.php create mode 100644 security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/Server.xml create mode 100644 security/maltrail/src/opnsense/mvc/app/views/OPNsense/Maltrail/general.volt create mode 100644 security/maltrail/src/opnsense/mvc/app/views/OPNsense/Maltrail/server.volt create mode 100644 security/maltrail/src/opnsense/service/conf/actions.d/actions_maltrailsensor.conf create mode 100644 security/maltrail/src/opnsense/service/conf/actions.d/actions_maltrailserver.conf create mode 100644 security/maltrail/src/opnsense/service/templates/OPNsense/Maltrail/+TARGETS create mode 100644 security/maltrail/src/opnsense/service/templates/OPNsense/Maltrail/maltrail.conf create mode 100644 security/maltrail/src/opnsense/service/templates/OPNsense/Maltrail/maltrailsensor.conf create mode 100644 security/maltrail/src/opnsense/service/templates/OPNsense/Maltrail/maltrailserver.conf diff --git a/security/maltrail/Makefile b/security/maltrail/Makefile new file mode 100644 index 0000000000..1b778cc61b --- /dev/null +++ b/security/maltrail/Makefile @@ -0,0 +1,8 @@ +PLUGIN_NAME= maltrail +PLUGIN_VERSION= 0.1 +PLUGIN_COMMENT= Malicious traffic detection system +PLUGIN_DEPENDS= maltrail +PLUGIN_MAINTAINER= m.muenz@gmail.com +PLUGIN_DEVEL= YES + +.include "../../Mk/plugins.mk" diff --git a/security/maltrail/pkg-descr b/security/maltrail/pkg-descr new file mode 100644 index 0000000000..2e65f0b1e2 --- /dev/null +++ b/security/maltrail/pkg-descr @@ -0,0 +1,8 @@ +Maltrail is a malicious traffic detection system, utilizing publicly +available (black)lists containing malicious and/or generally suspicious +trails, along with static trails compiled from various AV reports and +custom user defined lists, where trail can be anything from domain name, +URL, IP address or HTTP User-Agent header value. Also, it uses advanced +heuristic mechanisms that can help in discovery of unknown threats. + +WWW: https://github.com/stamparm/maltrail diff --git a/security/maltrail/src/etc/inc/plugins.inc.d/maltrail.inc b/security/maltrail/src/etc/inc/plugins.inc.d/maltrail.inc new file mode 100644 index 0000000000..6c13659d7c --- /dev/null +++ b/security/maltrail/src/etc/inc/plugins.inc.d/maltrail.inc @@ -0,0 +1,62 @@ + + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +function maltrail_services() +{ + global $config; + + $services = array(); + + if (isset($config['OPNsense']['maltrail']['general']['enabled']) && $config['OPNsense']['maltrail']['general']['enabled'] == 1) { + $services[] = array( + 'description' => gettext('maltrail sensor'), + 'configd' => array( + 'restart' => array('maltrailsensor restart'), + 'start' => array('maltrailsensor start'), + 'stop' => array('maltrailsensor stop'), + ), + 'name' => 'maltrailsensor', + 'pidfile' => '/var/run/maltrailsensor.pid' + ); + } + + if (isset($config['OPNsense']['maltrail']['server']['enabled']) && $config['OPNsense']['maltrail']['server']['enabled'] == 1) { + $services[] = array( + 'description' => gettext('maltrail server'), + 'configd' => array( + 'restart' => array('maltrailserver restart'), + 'start' => array('maltrailserver start'), + 'stop' => array('maltrailserver stop'), + ), + 'name' => 'maltrailserver', + 'pidfile' => '/var/run/maltrailserver.pid' + ); + } + + return $services; +} diff --git a/security/maltrail/src/etc/rc.d/opnsense-mailtrailsensor b/security/maltrail/src/etc/rc.d/opnsense-mailtrailsensor new file mode 100644 index 0000000000..21850a7723 --- /dev/null +++ b/security/maltrail/src/etc/rc.d/opnsense-mailtrailsensor @@ -0,0 +1,52 @@ +#!/bin/sh +# +# $FreeBSD$ +# +# PROVIDE: opnsense-maltrailsensor +# REQUIRE: SERVERS +# KEYWORD: shutdown +# + +. /etc/rc.subr + +name=maltrailsensor + +stop_cmd=maltrailsensor_stop +start_cmd=maltrailsensor_start +status_cmd=maltrailsensor_status +rcvar=maltrailsensor_enable +pidfile=/var/run/${name}.pid +command=/usr/sbin/daemon +command_args="-P /var/run/maltrailsensor.pid python2.7 /usr/local/maltrail/sensor.py" + +load_rc_config opnsense-maltrailsensor + +[ -z "$maltrailsensor_enable" ] && maltrailsensor_enable="NO" + +maltrailsensor_status() +{ + if [ -n "$rc_pid" ]; then + echo "${name} is running as pid $rc_pid." + return 0 + else + echo "${name} is not running." + fi +} + +maltrailsensor_stop() +{ + if [ -n "$rc_pid" ]; then + echo "stopping mailtrail sensor" + kill ${rc_pid} + else + echo "${name} is not running." + fi +} + +maltrailsensor_start() +{ + echo "starting mailtrail sensor" + ${command} ${command_args} +} + +run_rc_command $1 diff --git a/security/maltrail/src/etc/rc.d/opnsense-mailtrailserver b/security/maltrail/src/etc/rc.d/opnsense-mailtrailserver new file mode 100644 index 0000000000..31b3532dda --- /dev/null +++ b/security/maltrail/src/etc/rc.d/opnsense-mailtrailserver @@ -0,0 +1,52 @@ +#!/bin/sh +# +# $FreeBSD$ +# +# PROVIDE: opnsense-maltrailserver +# REQUIRE: SERVERS +# KEYWORD: shutdown +# + +. /etc/rc.subr + +name=maltrailserver + +stop_cmd=maltrailserver_stop +start_cmd=maltrailserver_start +status_cmd=maltrailserver_status +rcvar=maltrailserver_enable +pidfile=/var/run/${name}.pid +command=/usr/sbin/daemon +command_args="-P /var/run/maltrailserver.pid python2.7 /usr/local/maltrail/server.py" + +load_rc_config opnsense-maltrailserver + +[ -z "$maltrailserver_enable" ] && maltrailserver_enable="NO" + +maltrailserver_status() +{ + if [ -n "$rc_pid" ]; then + echo "${name} is running as pid $rc_pid." + return 0 + else + echo "${name} is not running." + fi +} + +maltrailserver_stop() +{ + if [ -n "$rc_pid" ]; then + echo "stopping mailtrail server" + kill ${rc_pid} + else + echo "${name} is not running." + fi +} + +maltrailserver_start() +{ + echo "starting mailtrail server" + ${command} ${command_args} +} + +run_rc_command $1 diff --git a/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/Api/GeneralController.php b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/Api/GeneralController.php new file mode 100644 index 0000000000..5f381b2ee7 --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/Api/GeneralController.php @@ -0,0 +1,37 @@ + + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +namespace OPNsense\Maltrail\Api; + +use OPNsense\Base\ApiMutableModelControllerBase; + +class GeneralController extends ApiMutableModelControllerBase +{ + protected static $internalModelClass = '\OPNsense\Maltrail\General'; + protected static $internalModelName = 'general'; +} diff --git a/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/Api/ServerController.php b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/Api/ServerController.php new file mode 100644 index 0000000000..afc87089f2 --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/Api/ServerController.php @@ -0,0 +1,37 @@ + + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +namespace OPNsense\Maltrail\Api; + +use OPNsense\Base\ApiMutableModelControllerBase; + +class ServerController extends ApiMutableModelControllerBase +{ + protected static $internalModelClass = '\OPNsense\Maltrail\Server'; + protected static $internalModelName = 'server'; +} diff --git a/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/Api/ServerserviceController.php b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/Api/ServerserviceController.php new file mode 100644 index 0000000000..981801a0ee --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/Api/ServerserviceController.php @@ -0,0 +1,39 @@ + + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +namespace OPNsense\Maltrail\Api; + +use OPNsense\Base\ApiMutableServiceControllerBase; + +class ServerserviceController extends ApiMutableServiceControllerBase +{ + protected static $internalServiceClass = '\OPNsense\Maltrail\Server'; + protected static $internalServiceTemplate = 'OPNsense/Maltrail'; + protected static $internalServiceEnabled = 'enabled'; + protected static $internalServiceName = 'maltrailserver'; +} diff --git a/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/Api/ServiceController.php b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/Api/ServiceController.php new file mode 100644 index 0000000000..6a433c1526 --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/Api/ServiceController.php @@ -0,0 +1,39 @@ + + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +namespace OPNsense\Maltrail\Api; + +use OPNsense\Base\ApiMutableServiceControllerBase; + +class ServiceController extends ApiMutableServiceControllerBase +{ + protected static $internalServiceClass = '\OPNsense\Maltrail\General'; + protected static $internalServiceTemplate = 'OPNsense/Maltrail'; + protected static $internalServiceEnabled = 'enabled'; + protected static $internalServiceName = 'maltrailsensor'; +} diff --git a/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/GeneralController.php b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/GeneralController.php new file mode 100644 index 0000000000..8123f4fb19 --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/GeneralController.php @@ -0,0 +1,38 @@ + + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +namespace OPNsense\Maltrail; + +class GeneralController extends \OPNsense\Base\IndexController +{ + public function indexAction() + { + $this->view->generalForm = $this->getForm("general"); + $this->view->pick('OPNsense/Maltrail/general'); + } +} diff --git a/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/ServerController.php b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/ServerController.php new file mode 100644 index 0000000000..0dee6e50e8 --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/ServerController.php @@ -0,0 +1,38 @@ + + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +namespace OPNsense\Maltrail; + +class ServerController extends \OPNsense\Base\IndexController +{ + public function indexAction() + { + $this->view->serverForm = $this->getForm("server"); + $this->view->pick('OPNsense/Maltrail/server'); + } +} diff --git a/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/forms/general.xml b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/forms/general.xml new file mode 100644 index 0000000000..7a1a3e3f0a --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/forms/general.xml @@ -0,0 +1,20 @@ +
+ + general.enabled + + checkbox + This will activate the Sensor. Do not forget to enable the local server mode or send the logs to a remote server. + + + general.remoteserver + + text + IP address of the remote logging server. + + + general.remoteport + + text + Port of the logging server. Leave empty when sensor and server run on the same system. + +
diff --git a/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/forms/server.xml b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/forms/server.xml new file mode 100644 index 0000000000..67d433f296 --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/controllers/OPNsense/Maltrail/forms/server.xml @@ -0,0 +1,32 @@ +
+ + server.enabled + + checkbox + This will activate the Maltrail server. You can use this service to also collect data from remote Maltrail sensors. + + + server.listenaddress + + text + IP address the server UI listens on. + + + server.listenport + + text + TCP port of the server UI. + + + server.loglistenaddress + + text + IP address to listen to where sensors should send log. Leave blank if you run server and sensor on the same machine. + + + server.loglistenport + + text + The UDP port of the log server. Leave blank if you run server and sensor on the same machine. The default when in use should be set to 8337. + +
diff --git a/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/ACL/ACL.xml b/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/ACL/ACL.xml new file mode 100644 index 0000000000..08500d34b4 --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/ACL/ACL.xml @@ -0,0 +1,9 @@ + + + Services: Maltrail + + ui/maltrail/* + api/maltrail/* + + + diff --git a/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/General.php b/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/General.php new file mode 100644 index 0000000000..8ccd4da89f --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/General.php @@ -0,0 +1,35 @@ + + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +namespace OPNsense\Maltrail; + +use OPNsense\Base\BaseModel; + +class General extends BaseModel +{ +} diff --git a/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/General.xml b/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/General.xml new file mode 100644 index 0000000000..34a936941e --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/General.xml @@ -0,0 +1,18 @@ + + //OPNsense/maltrail/general + Maltrail sensor configuration + 0.0.1 + + + 0 + Y + + + N + + + 8337 + Y + + + diff --git a/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/Menu/Menu.xml b/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/Menu/Menu.xml new file mode 100644 index 0000000000..8efc1e0d6c --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/Menu/Menu.xml @@ -0,0 +1,8 @@ + + + + + + + + diff --git a/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/Server.php b/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/Server.php new file mode 100644 index 0000000000..fa99b15616 --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/Server.php @@ -0,0 +1,35 @@ + + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +namespace OPNsense\Maltrail; + +use OPNsense\Base\BaseModel; + +class Server extends BaseModel +{ +} diff --git a/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/Server.xml b/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/Server.xml new file mode 100644 index 0000000000..0c94548350 --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/models/OPNsense/Maltrail/Server.xml @@ -0,0 +1,26 @@ + + //OPNsense/maltrail/server + Maltrail server configuration + 0.0.1 + + + 0 + Y + + + 0.0.0.0 + Y + Please provide a valid hostname or IP address. + + + 8338 + Y + + + N + + + N + + + diff --git a/security/maltrail/src/opnsense/mvc/app/views/OPNsense/Maltrail/general.volt b/security/maltrail/src/opnsense/mvc/app/views/OPNsense/Maltrail/general.volt new file mode 100644 index 0000000000..d006291a91 --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/views/OPNsense/Maltrail/general.volt @@ -0,0 +1,61 @@ +{# + +OPNsense® is Copyright © 2014 – 2018 by Deciso B.V. +This file is Copyright © 2019 by Michael Muenz +All rights reserved. + +Redistribution and use in source and binary forms, with or without modification, +are permitted provided that the following conditions are met: + +1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + +2. Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + +THIS SOFTWARE IS PROVIDED “AS IS” AND ANY EXPRESS OR IMPLIED WARRANTIES, +INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY +AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, +OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + +#} +
+ {{ partial("layout_partials/base_form",['fields':generalForm,'id':'frm_general_settings'])}} +
+
+ +
+
+ + diff --git a/security/maltrail/src/opnsense/mvc/app/views/OPNsense/Maltrail/server.volt b/security/maltrail/src/opnsense/mvc/app/views/OPNsense/Maltrail/server.volt new file mode 100644 index 0000000000..cea2aaac4b --- /dev/null +++ b/security/maltrail/src/opnsense/mvc/app/views/OPNsense/Maltrail/server.volt @@ -0,0 +1,61 @@ +{# + +OPNsense® is Copyright © 2014 – 2018 by Deciso B.V. +This file is Copyright © 2019 by Michael Muenz +All rights reserved. + +Redistribution and use in source and binary forms, with or without modification, +are permitted provided that the following conditions are met: + +1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + +2. Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + +THIS SOFTWARE IS PROVIDED “AS IS” AND ANY EXPRESS OR IMPLIED WARRANTIES, +INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY +AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, +OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + +#} +
+ {{ partial("layout_partials/base_form",['fields':serverForm,'id':'frm_sever_settings'])}} +
+
+ +
+
+ + diff --git a/security/maltrail/src/opnsense/service/conf/actions.d/actions_maltrailsensor.conf b/security/maltrail/src/opnsense/service/conf/actions.d/actions_maltrailsensor.conf new file mode 100644 index 0000000000..548b1f5198 --- /dev/null +++ b/security/maltrail/src/opnsense/service/conf/actions.d/actions_maltrailsensor.conf @@ -0,0 +1,23 @@ +[start] +command:/usr/local/etc/rc.d/opnsense-maltrailsensor start +parameters: +type:script +message:starting Maltrail sensor + +[stop] +command:/usr/local/etc/rc.d/opnsense-maltrailsensor stop +parameters: +type:script +message:stopping Maltrail sensor + +[restart] +command:/usr/local/etc/rc.d/opnsense-maltrailsensor restart +parameters: +type:script +message:restarting Maltrail sensor + +[status] +command:/usr/local/etc/rc.d/opnsense-maltrailsensor status;exit 0 +parameters: +type:script_output +message:request Maltrail sensor status diff --git a/security/maltrail/src/opnsense/service/conf/actions.d/actions_maltrailserver.conf b/security/maltrail/src/opnsense/service/conf/actions.d/actions_maltrailserver.conf new file mode 100644 index 0000000000..96d31f326e --- /dev/null +++ b/security/maltrail/src/opnsense/service/conf/actions.d/actions_maltrailserver.conf @@ -0,0 +1,23 @@ +[start] +command:/usr/local/etc/rc.d/opnsense-maltrailserver start +parameters: +type:script +message:starting Maltrail Server + +[stop] +command:/usr/local/etc/rc.d/opnsense-maltrailserver stop +parameters: +type:script +message:stopping Maltrail Server + +[restart] +command:/usr/local/etc/rc.d/opnsense-maltrailserver restart +parameters: +type:script +message:restarting Maltrail Server + +[status] +command:/usr/local/etc/rc.d/opnsense-maltrailserver status;exit 0 +parameters: +type:script_output +message:request Maltrail Server status diff --git a/security/maltrail/src/opnsense/service/templates/OPNsense/Maltrail/+TARGETS b/security/maltrail/src/opnsense/service/templates/OPNsense/Maltrail/+TARGETS new file mode 100644 index 0000000000..c1fe18ec33 --- /dev/null +++ b/security/maltrail/src/opnsense/service/templates/OPNsense/Maltrail/+TARGETS @@ -0,0 +1,3 @@ +maltrailsensor:/etc/rc.conf.d/opnsense-maltrailsensor +maltrailserver:/etc/rc.conf.d/opnsense-maltrailserver +maltrail.conf:/usr/local/maltrail/maltrail.conf diff --git a/security/maltrail/src/opnsense/service/templates/OPNsense/Maltrail/maltrail.conf b/security/maltrail/src/opnsense/service/templates/OPNsense/Maltrail/maltrail.conf new file mode 100644 index 0000000000..a25645607f --- /dev/null +++ b/security/maltrail/src/opnsense/service/templates/OPNsense/Maltrail/maltrail.conf @@ -0,0 +1,49 @@ +{% if helpers.exists('OPNsense.maltrail.server.enabled') and OPNsense.maltrail.server.enabled == '1' %} + +# [Server] +HTTP_ADDRESS {{ OPNsense.maltrail.server.listenaddress }} +HTTP_PORT {{ OPNsense.maltrail.server.listenport }} +USE_SSL false +USERS + admin:9ab3cd9d67bf49d01f6a2e33d0bd9bc804ddbe6ce1ff5d219c42624851db5dbc:2000:0.0.0.0/0 # changeme! + +{% if helpers.exists('OPNsense.maltrail.server.loglistenaddress') and OPNsense.maltrail.server.loglistenaddress != '' %} +UDP_ADDRESS {{ OPNsense.maltrail.server.loglistenaddress }} +{% endif %} +{% if helpers.exists('OPNsense.maltrail.server.loglistenport') and OPNsense.maltrail.server.loglistenport != '' %} +UDP_PORT {{ OPNsense.maltrail.server.loglistenport }} +{% endif %} + +USE_SERVER_UPDATE_TRAILS false +{% endif %} + +{% if helpers.exists('OPNsense.maltrail.general.enabled') and OPNsense.maltrail.general.enabled == '1' %} +# [Sensor] + + +PROCESS_COUNT $CPU_CORES +DISABLE_CPU_AFFINITY false +USE_FEED_UPDATES true +DISABLED_FEEDS turris, ciarmy, policeman, myip +UPDATE_PERIOD 86400 +CUSTOM_TRAILS_DIR /usr/local/maltrail/trails/custom/ +CAPTURE_BUFFER 10% +MONITOR_INTERFACE any +CAPTURE_FILTER udp or icmp or (tcp and (tcp[tcpflags] == tcp-syn or port 80 or port 1080 or port 3128 or port 8000 or port 8080 or port 8118)) +SENSOR_NAME $HOSTNAME + +{% if helpers.exists('OPNsense.maltrail.general.remoteserver') and OPNsense.maltrail.general.remoteserver != '' %} +LOG_SERVER {{ OPNsense.maltrail.general.remoteserver }}:{{ OPNsense.maltrail.general.remoteport }} +DISABLE_LOCAL_LOG_STORAGE true +{% else %} +DISABLE_LOCAL_LOG_STORAGE false +{% endif %} + +USE_HEURISTICS true +CHECK_MISSING_HOST false +CHECK_HOST_DOMAINS false + +# [All] +SHOW_DEBUG false +LOG_DIR $SYSTEM_LOG_DIR/maltrail +{% endif %} \ No newline at end of file diff --git a/security/maltrail/src/opnsense/service/templates/OPNsense/Maltrail/maltrailsensor.conf b/security/maltrail/src/opnsense/service/templates/OPNsense/Maltrail/maltrailsensor.conf new file mode 100644 index 0000000000..b795e3bc67 --- /dev/null +++ b/security/maltrail/src/opnsense/service/templates/OPNsense/Maltrail/maltrailsensor.conf @@ -0,0 +1,5 @@ +{% if helpers.exists('OPNsense.maltrail.general.enabled') and OPNsense.maltrail.general.enabled == '1' %} +maltrailsensor_enable="YES" +{% else %} +maltrailsensor_enable="NO" +{% endif %} diff --git a/security/maltrail/src/opnsense/service/templates/OPNsense/Maltrail/maltrailserver.conf b/security/maltrail/src/opnsense/service/templates/OPNsense/Maltrail/maltrailserver.conf new file mode 100644 index 0000000000..70e38ace56 --- /dev/null +++ b/security/maltrail/src/opnsense/service/templates/OPNsense/Maltrail/maltrailserver.conf @@ -0,0 +1,5 @@ +{% if helpers.exists('OPNsense.maltrail.server.enabled') and OPNsense.maltrail.server.enabled == '1' %} +maltrailseerver_enable="YES" +{% else %} +maltrailserver_enable="NO" +{% endif %} From 97a931fee9219fa6de225c3f923314d447107e99 Mon Sep 17 00:00:00 2001 From: Michael Date: Sun, 10 Mar 2019 16:46:30 +0100 Subject: [PATCH 02/11] Update server.volt --- .../src/opnsense/mvc/app/views/OPNsense/Maltrail/server.volt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/security/maltrail/src/opnsense/mvc/app/views/OPNsense/Maltrail/server.volt b/security/maltrail/src/opnsense/mvc/app/views/OPNsense/Maltrail/server.volt index cea2aaac4b..5f0a1cba60 100644 --- a/security/maltrail/src/opnsense/mvc/app/views/OPNsense/Maltrail/server.volt +++ b/security/maltrail/src/opnsense/mvc/app/views/OPNsense/Maltrail/server.volt @@ -27,7 +27,7 @@ POSSIBILITY OF SUCH DAMAGE. #}
- {{ partial("layout_partials/base_form",['fields':serverForm,'id':'frm_sever_settings'])}} + {{ partial("layout_partials/base_form",['fields':serverForm,'id':'frm_server_settings'])}}
@@ -36,7 +36,7 @@ POSSIBILITY OF SUCH DAMAGE.