From 775dc19b31c8d9304c571187464f936f4f337064 Mon Sep 17 00:00:00 2001 From: spag Date: Sun, 3 Feb 2013 18:30:15 +0100 Subject: perimeter parameters added --- .../20130203165800_add_perimeter_parameters.rb | 23 ++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 db/migrate/20130203165800_add_perimeter_parameters.rb (limited to 'db/migrate/20130203165800_add_perimeter_parameters.rb') diff --git a/db/migrate/20130203165800_add_perimeter_parameters.rb b/db/migrate/20130203165800_add_perimeter_parameters.rb new file mode 100644 index 0000000..9ef41d0 --- /dev/null +++ b/db/migrate/20130203165800_add_perimeter_parameters.rb @@ -0,0 +1,23 @@ +class AddPerimeterParameters < ActiveRecord::Migration + def up + GsParameter.create(:entity => 'perimeter', :section => 'general', :name => 'contact_count_threshold', :value => '10', :class_type => 'Integer', :description => '') + GsParameter.create(:entity => 'perimeter', :section => 'general', :name => 'contact_span_threshold', :value => '2', :class_type => 'Integer', :description => '') + GsParameter.create(:entity => 'perimeter', :section => 'general', :name => 'name_changes_threshold', :value => '2', :class_type => 'Integer', :description => '') + GsParameter.create(:entity => 'perimeter', :section => 'general', :name => 'ban_threshold', :value => '20', :class_type => 'Integer', :description => '') + GsParameter.create(:entity => 'perimeter', :section => 'general', :name => 'ban_tries', :value => '2', :class_type => 'Integer', :description => '') + GsParameter.create(:entity => 'perimeter', :section => 'general', :name => 'blacklist_file', :value => '/var/opt/gemeinschaft/firewall/blacklist', :class_type => 'String', :description => '') + GsParameter.create(:entity => 'perimeter', :section => 'general', :name => 'blacklist_file_comment', :value => '# PERIMETER_BAN - points: {points}, generated: {date}', :class_type => 'String', :description => '') + GsParameter.create(:entity => 'perimeter', :section => 'general', :name => 'blacklist_file_entry', :value => '{received_ip} udp 5060', :class_type => 'String', :description => '') + GsParameter.create(:entity => 'perimeter', :section => 'general', :name => 'ban_command', :value => 'sudo /sbin/service shorewall refresh', :class_type => 'String', :description => '') + GsParameter.create(:entity => 'perimeter', :section => 'checks', :name => 'check_frequency', :value => '1', :class_type => 'Integer', :description => '') + GsParameter.create(:entity => 'perimeter', :section => 'checks', :name => 'check_username_scan', :value => '1', :class_type => 'Integer', :description => '') + GsParameter.create(:entity => 'perimeter', :section => 'checks', :name => 'check_bad_headers', :value => '1', :class_type => 'Integer', :description => '') + GsParameter.create(:entity => 'perimeter', :section => 'bad_headers', :name => 'user_agent', :value => '^friendly.scanner$', :class_type => 'String', :description => '') + GsParameter.create(:entity => 'perimeter', :section => 'bad_headers', :name => 'to_user', :value => '^%d+', :class_type => 'String', :description => '') + GsParameter.create(:entity => 'perimeter', :section => 'bad_headers', :name => 'auth_result', :value => '^FORBIDDEN$', :class_type => 'String', :description => '') + end + + def down + GsParameter.where(:entity => 'perimeter').destroy_all + end +end -- cgit v1.2.3 From ecdbd88b2059ccfcf79e000d07efb9ffddde9aed Mon Sep 17 00:00:00 2001 From: spag Date: Sun, 3 Feb 2013 20:03:28 +0100 Subject: try to ban only once --- db/migrate/20130203165800_add_perimeter_parameters.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'db/migrate/20130203165800_add_perimeter_parameters.rb') diff --git a/db/migrate/20130203165800_add_perimeter_parameters.rb b/db/migrate/20130203165800_add_perimeter_parameters.rb index 9ef41d0..d229b29 100644 --- a/db/migrate/20130203165800_add_perimeter_parameters.rb +++ b/db/migrate/20130203165800_add_perimeter_parameters.rb @@ -4,7 +4,7 @@ class AddPerimeterParameters < ActiveRecord::Migration GsParameter.create(:entity => 'perimeter', :section => 'general', :name => 'contact_span_threshold', :value => '2', :class_type => 'Integer', :description => '') GsParameter.create(:entity => 'perimeter', :section => 'general', :name => 'name_changes_threshold', :value => '2', :class_type => 'Integer', :description => '') GsParameter.create(:entity => 'perimeter', :section => 'general', :name => 'ban_threshold', :value => '20', :class_type => 'Integer', :description => '') - GsParameter.create(:entity => 'perimeter', :section => 'general', :name => 'ban_tries', :value => '2', :class_type => 'Integer', :description => '') + GsParameter.create(:entity => 'perimeter', :section => 'general', :name => 'ban_tries', :value => '1', :class_type => 'Integer', :description => '') GsParameter.create(:entity => 'perimeter', :section => 'general', :name => 'blacklist_file', :value => '/var/opt/gemeinschaft/firewall/blacklist', :class_type => 'String', :description => '') GsParameter.create(:entity => 'perimeter', :section => 'general', :name => 'blacklist_file_comment', :value => '# PERIMETER_BAN - points: {points}, generated: {date}', :class_type => 'String', :description => '') GsParameter.create(:entity => 'perimeter', :section => 'general', :name => 'blacklist_file_entry', :value => '{received_ip} udp 5060', :class_type => 'String', :description => '') -- cgit v1.2.3 From 947d4a71a17518b734c32a148617bef15a42fed1 Mon Sep 17 00:00:00 2001 From: spag Date: Sun, 3 Feb 2013 22:03:45 +0100 Subject: threshold changed --- db/migrate/20130203165800_add_perimeter_parameters.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'db/migrate/20130203165800_add_perimeter_parameters.rb') diff --git a/db/migrate/20130203165800_add_perimeter_parameters.rb b/db/migrate/20130203165800_add_perimeter_parameters.rb index d229b29..23e0157 100644 --- a/db/migrate/20130203165800_add_perimeter_parameters.rb +++ b/db/migrate/20130203165800_add_perimeter_parameters.rb @@ -2,7 +2,7 @@ class AddPerimeterParameters < ActiveRecord::Migration def up GsParameter.create(:entity => 'perimeter', :section => 'general', :name => 'contact_count_threshold', :value => '10', :class_type => 'Integer', :description => '') GsParameter.create(:entity => 'perimeter', :section => 'general', :name => 'contact_span_threshold', :value => '2', :class_type => 'Integer', :description => '') - GsParameter.create(:entity => 'perimeter', :section => 'general', :name => 'name_changes_threshold', :value => '2', :class_type => 'Integer', :description => '') + GsParameter.create(:entity => 'perimeter', :section => 'general', :name => 'name_changes_threshold', :value => '5', :class_type => 'Integer', :description => '') GsParameter.create(:entity => 'perimeter', :section => 'general', :name => 'ban_threshold', :value => '20', :class_type => 'Integer', :description => '') GsParameter.create(:entity => 'perimeter', :section => 'general', :name => 'ban_tries', :value => '1', :class_type => 'Integer', :description => '') GsParameter.create(:entity => 'perimeter', :section => 'general', :name => 'blacklist_file', :value => '/var/opt/gemeinschaft/firewall/blacklist', :class_type => 'String', :description => '') -- cgit v1.2.3