[Vuurmuur 0.57.2] Problem with the Vuurmuur config

> With kind regards,
> Wouter Lagendijk
> Breda, NL
>
>
> ------------------------------------------------------------------------
>
> # vuurmuur config file
>
> # Which plugin to use for which type of data.
> SERVICES_BACKEND=""
>
> ZONES_BACKEND="zones"
>
> INTERFACES_BACKEND="interfaces"
>
> RULES_BACKEND="rules"
>
> # Location of the rulesfile (full path).
> RULESFILE="/etc/vuurmuur/rules"
>
> # Location of the blocklistfile (full path).
> BLOCKLISTFILE="/etc/vuurmuur/blocked.list"
>
> # Location of the iptables-command (full path).
> IPTABLES="/sbin/iptables"
>
> # Location of the iptables-restore-command (full path).
> IPTABLES_RESTORE="/sbin/iptables-restore"
>
> # Location of the conntrack-command (full path).
> CONNTRACK="/lib/iptables/libipt_conntrack.so"
>
> # Location of the modprobe-command (full path).
> MODPROBE="/sbin/modprobe"
>
> # Load modules if needed? (yes/no)
> LOAD_MODULES="Yes"
>
> # Wait after loading a module in 1/10th of a second
> MODULES_WAIT_TIME="0"
>
> # If set to yes, each rule will be loaded into the system individually using
> # iptables. Otherwise iptables-restore will be used (yes/no).
> OLD_CREATE_METHOD="No"
>
> # The directory where the logs will be written to (full path).
> LOGDIR="/var/log/vuurmuur"
>
> # The logfile where the kernel writes the logs to e.g. /var/log/messages (full path).
> SYSTEMLOG="/var/log/messages"
>
> # The loglevel to use when logging traffic. For use with syslog.
> LOGLEVEL="info"
>
> # Check the dynamic interfaces for changes?
> DYN_INT_CHECK="Yes"
>
> # Check every x seconds.
> DYN_INT_INTERVAL="0"
>
> # LOG_POLICY controls the logging of the default policy.
> LOG_POLICY="Yes"
>
> # LOG_POLICY_LIMIT sets the maximum number of logs per second.
> LOG_POLICY_LIMIT="0"
>
> # LOG_BLOCKLIST enables/disables logging of items on the blocklist.
> LOG_BLOCKLIST="Yes"
>
> # LOG_INVALID enables/disables logging of INVALID traffic.
> LOG_INVALID="No"
>
> # LOG_NO_SYN enables/disables logging of new tcp packets without the SIN flag set.
> LOG_NO_SYN="No"
>
> # LOG_PROBES enables/disables logging of probes. Probes are packets that are used in portscans.
> LOG_PROBES="No"
>
> # LOG_FRAG enables/disables logging of fragmented packets.
> LOG_FRAG="No"
>
> # LOG_TCP_OPTIONS controls the logging of tcp options. This is.
> # not used by Vuurmuur itself. PSAD 1.4.x uses it for OS-detection.
> LOG_TCP_OPTIONS="No"
>
> # SYN_LIMIT sets the maximum number of SYN-packets per second.
> USE_SYN_LIMIT="Yes"
>
> SYN_LIMIT="10"
> SYN_LIMIT_BURST="20"
>
> # UDP_LIMIT sets the maximum number of udp 'connections' per second.
> USE_UDP_LIMIT="Yes"
>
> UDP_LIMIT="15"
> UDP_LIMIT_BURST="45"
>
> # Protect against syn-flooding? (yes/no)
> PROTECT_SYNCOOKIE="Yes"
> # Ignore echo-broadcasts? (yes/no)
> PROTECT_ECHOBROADCAST="No"
>
> # end of file
>
>
> ------------------------------------------------------------------------
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by DB2 Express
> Download DB2 Express C - the FREE version of DB2 express and take
> control of your XML. No limits. Just data. Click to get it now.
> http://sourceforge.net/powerbar/db2/
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Vuurmuur-users mailing list
> Vuurmuur-users@...
> https://lists.sourceforge.net/lists/listinfo/vuurmuur-users

> Indeed, changed myself, was empty by default. I thought it corresponded
> to the directories in /etc/vuurmuur.
> Now, I have changed according to your description. Though, still no
> luck. The /plugins directory is empty, no textdir.conf available.
> Obviously I need some more help.
> With kind regards,
> Wouter
> Victor Julien writes:
>> wslagendijk@... wrote:
>>> Dear Vuurmuur users,
>>> I am experiencing troubles with setting up Vuurmuur 0.57.2 on Debian
>>> Sid. Hopefully you can help me out.
>>> I create .deb's from the source and installed those debs.
>>> When running Vuurmuur_conf error "Problem with the Vuurmuur config"
>>> turn up. Problem is most likely in the plugins settings. But I do not
>>> know what to enter. Attached the config.conf file.
>>
>> Hello Wouter,
>> The settings need to be:
>> SERVICES_BACKEND="textdir"
>> ZONES_BACKEND="textdir"
>> INTERFACES_BACKEND="textdir"
>> RULES_BACKEND="textdir"
>> 'textdir' is a plugin for storing the data from Vuurmuur. It stores
>> the data in textfiles in a directory structure, hence the name.
>> I wonder though how these values where changed to what you have. Did
>> you change this yourself?
>> Regards,
>> Victor
>>
>>> With kind regards,
>>> Wouter Lagendijk
>>> Breda, NL
>>>
>>> ------------------------------------------------------------------------
>>> # vuurmuur config file
>>> # Which plugin to use for which type of data.
>>> SERVICES_BACKEND=""
>>> ZONES_BACKEND="zones"
>>> INTERFACES_BACKEND="interfaces"
>>> RULES_BACKEND="rules"
>>> # Location of the rulesfile (full path).
>>> RULESFILE="/etc/vuurmuur/rules"
>>> # Location of the blocklistfile (full path).
>>> BLOCKLISTFILE="/etc/vuurmuur/blocked.list"
>>> # Location of the iptables-command (full path).
>>> IPTABLES="/sbin/iptables"
>>> # Location of the iptables-restore-command (full path).
>>> IPTABLES_RESTORE="/sbin/iptables-restore"
>>> # Location of the conntrack-command (full path).
>>> CONNTRACK="/lib/iptables/libipt_conntrack.so"
>>> # Location of the modprobe-command (full path).
>>> MODPROBE="/sbin/modprobe"
>>> # Load modules if needed? (yes/no)
>>> LOAD_MODULES="Yes"
>>> # Wait after loading a module in 1/10th of a second
>>> MODULES_WAIT_TIME="0"
>>> # If set to yes, each rule will be loaded into the system
>>> individually using
>>> # iptables. Otherwise iptables-restore will be used (yes/no).
>>> OLD_CREATE_METHOD="No"
>>> # The directory where the logs will be written to (full path).
>>> LOGDIR="/var/log/vuurmuur"
>>> # The logfile where the kernel writes the logs to e.g.
>>> /var/log/messages (full path).
>>> SYSTEMLOG="/var/log/messages"
>>> # The loglevel to use when logging traffic. For use with syslog.
>>> LOGLEVEL="info"
>>> # Check the dynamic interfaces for changes?
>>> DYN_INT_CHECK="Yes"
>>> # Check every x seconds.
>>> DYN_INT_INTERVAL="0"
>>> # LOG_POLICY controls the logging of the default policy.
>>> LOG_POLICY="Yes"
>>> # LOG_POLICY_LIMIT sets the maximum number of logs per second.
>>> LOG_POLICY_LIMIT="0"
>>> # LOG_BLOCKLIST enables/disables logging of items on the blocklist.
>>> LOG_BLOCKLIST="Yes"
>>> # LOG_INVALID enables/disables logging of INVALID traffic.
>>> LOG_INVALID="No"
>>> # LOG_NO_SYN enables/disables logging of new tcp packets without the
>>> SIN flag set.
>>> LOG_NO_SYN="No"
>>> # LOG_PROBES enables/disables logging of probes. Probes are packets
>>> that are used in portscans.
>>> LOG_PROBES="No"
>>> # LOG_FRAG enables/disables logging of fragmented packets.
>>> LOG_FRAG="No"
>>> # LOG_TCP_OPTIONS controls the logging of tcp options. This is.
>>> # not used by Vuurmuur itself. PSAD 1.4.x uses it for OS-detection.
>>> LOG_TCP_OPTIONS="No"
>>> # SYN_LIMIT sets the maximum number of SYN-packets per second.
>>> USE_SYN_LIMIT="Yes"
>>> SYN_LIMIT="10"
>>> SYN_LIMIT_BURST="20"
>>> # UDP_LIMIT sets the maximum number of udp 'connections' per second.
>>> USE_UDP_LIMIT="Yes"
>>> UDP_LIMIT="15"
>>> UDP_LIMIT_BURST="45"
>>> # Protect against syn-flooding? (yes/no)
>>> PROTECT_SYNCOOKIE="Yes"
>>> # Ignore echo-broadcasts? (yes/no)
>>> PROTECT_ECHOBROADCAST="No"
>>> # end of file
>>>
>>> ------------------------------------------------------------------------
>>> -------------------------------------------------------------------------
>>>
>>> This SF.net email is sponsored by DB2 Express
>>> Download DB2 Express C - the FREE version of DB2 express and take
>>> control of your XML. No limits. Just data. Click to get it now.
>>> http://sourceforge.net/powerbar/db2/
>>>
>>> ------------------------------------------------------------------------
>>> _______________________________________________
>>> Vuurmuur-users mailing list
>>> Vuurmuur-users@...
>>> https://lists.sourceforge.net/lists/listinfo/vuurmuur-users
>>  
>>
>> -------------------------------------------------------------------------
>> This SF.net email is sponsored by DB2 Express
>> Download DB2 Express C - the FREE version of DB2 express and take
>> control of your XML. No limits. Just data. Click to get it now.
>> http://sourceforge.net/powerbar/db2/
>> _______________________________________________
>> Vuurmuur-users mailing list
>> Vuurmuur-users@...
>> https://lists.sourceforge.net/lists/listinfo/vuurmuur-users
>

> Please keep the conversation on the list so it gets archived for people
> running into the same issue in the future.
>
> Hi Wouter,
>
> This is really strange. Can you describe how you created the deb packages?
>
> Anyway, create a directory /etc/vuurmuur/plugins and create a file
> 'textdir.conf' there with as content:
> LOCATION=/etc/vuurmuur
>
> Then create the following directories:
> /etc/vuurmuur/interfaces
> /etc/vuurmuur/zones
> /etc/vuurmuur/services
> /etc/vuurmuur/rules
>
> I think this should be enough to get you going. There won't be any
> predefined services however. There should be services in
> /usr/share/vuurmuur/services/ that you just can copy to
> /etc/vuurmuur/services/
>
> Let us know how this worked!
>
> Cheers,
> Victor
>
> wslagendijk@... wrote:
>> Indeed, changed myself, was empty by default. I thought it corresponded
>> to the directories in /etc/vuurmuur.
>> Now, I have changed according to your description. Though, still no
>> luck. The /plugins directory is empty, no textdir.conf available.
>> Obviously I need some more help.
>> With kind regards,
>> Wouter
>> Victor Julien writes:
>>> wslagendijk@... wrote:
>>>> Dear Vuurmuur users,
>>>> I am experiencing troubles with setting up Vuurmuur 0.57.2 on Debian
>>>> Sid. Hopefully you can help me out.
>>>> I create .deb's from the source and installed those debs.
>>>> When running Vuurmuur_conf error "Problem with the Vuurmuur config"
>>>> turn up. Problem is most likely in the plugins settings. But I do not
>>>> know what to enter. Attached the config.conf file.
>>>
>>> Hello Wouter,
>>> The settings need to be:
>>> SERVICES_BACKEND="textdir"
>>> ZONES_BACKEND="textdir"
>>> INTERFACES_BACKEND="textdir"
>>> RULES_BACKEND="textdir"
>>> 'textdir' is a plugin for storing the data from Vuurmuur. It stores
>>> the data in textfiles in a directory structure, hence the name.
>>> I wonder though how these values where changed to what you have. Did
>>> you change this yourself?
>>> Regards,
>>> Victor
>>>
>>>> With kind regards,
>>>> Wouter Lagendijk
>>>> Breda, NL
>>>>
>>>> ------------------------------------------------------------------------
>>>> # vuurmuur config file
>>>> # Which plugin to use for which type of data.
>>>> SERVICES_BACKEND=""
>>>> ZONES_BACKEND="zones"
>>>> INTERFACES_BACKEND="interfaces"
>>>> RULES_BACKEND="rules"
>>>> # Location of the rulesfile (full path).
>>>> RULESFILE="/etc/vuurmuur/rules"
>>>> # Location of the blocklistfile (full path).
>>>> BLOCKLISTFILE="/etc/vuurmuur/blocked.list"
>>>> # Location of the iptables-command (full path).
>>>> IPTABLES="/sbin/iptables"
>>>> # Location of the iptables-restore-command (full path).
>>>> IPTABLES_RESTORE="/sbin/iptables-restore"
>>>> # Location of the conntrack-command (full path).
>>>> CONNTRACK="/lib/iptables/libipt_conntrack.so"
>>>> # Location of the modprobe-command (full path).
>>>> MODPROBE="/sbin/modprobe"
>>>> # Load modules if needed? (yes/no)
>>>> LOAD_MODULES="Yes"
>>>> # Wait after loading a module in 1/10th of a second
>>>> MODULES_WAIT_TIME="0"
>>>> # If set to yes, each rule will be loaded into the system
>>>> individually using
>>>> # iptables. Otherwise iptables-restore will be used (yes/no).
>>>> OLD_CREATE_METHOD="No"
>>>> # The directory where the logs will be written to (full path).
>>>> LOGDIR="/var/log/vuurmuur"
>>>> # The logfile where the kernel writes the logs to e.g.
>>>> /var/log/messages (full path).
>>>> SYSTEMLOG="/var/log/messages"
>>>> # The loglevel to use when logging traffic. For use with syslog.
>>>> LOGLEVEL="info"
>>>> # Check the dynamic interfaces for changes?
>>>> DYN_INT_CHECK="Yes"
>>>> # Check every x seconds.
>>>> DYN_INT_INTERVAL="0"
>>>> # LOG_POLICY controls the logging of the default policy.
>>>> LOG_POLICY="Yes"
>>>> # LOG_POLICY_LIMIT sets the maximum number of logs per second.
>>>> LOG_POLICY_LIMIT="0"
>>>> # LOG_BLOCKLIST enables/disables logging of items on the blocklist.
>>>> LOG_BLOCKLIST="Yes"
>>>> # LOG_INVALID enables/disables logging of INVALID traffic.
>>>> LOG_INVALID="No"
>>>> # LOG_NO_SYN enables/disables logging of new tcp packets without the
>>>> SIN flag set.
>>>> LOG_NO_SYN="No"
>>>> # LOG_PROBES enables/disables logging of probes. Probes are packets
>>>> that are used in portscans.
>>>> LOG_PROBES="No"
>>>> # LOG_FRAG enables/disables logging of fragmented packets.
>>>> LOG_FRAG="No"
>>>> # LOG_TCP_OPTIONS controls the logging of tcp options. This is.
>>>> # not used by Vuurmuur itself. PSAD 1.4.x uses it for OS-detection.
>>>> LOG_TCP_OPTIONS="No"
>>>> # SYN_LIMIT sets the maximum number of SYN-packets per second.
>>>> USE_SYN_LIMIT="Yes"
>>>> SYN_LIMIT="10"
>>>> SYN_LIMIT_BURST="20"
>>>> # UDP_LIMIT sets the maximum number of udp 'connections' per second.
>>>> USE_UDP_LIMIT="Yes"
>>>> UDP_LIMIT="15"
>>>> UDP_LIMIT_BURST="45"
>>>> # Protect against syn-flooding? (yes/no)
>>>> PROTECT_SYNCOOKIE="Yes"
>>>> # Ignore echo-broadcasts? (yes/no)
>>>> PROTECT_ECHOBROADCAST="No"
>>>> # end of file
>>>>
>>>> ------------------------------------------------------------------------
>>>> -------------------------------------------------------------------------  
>>>>
>>>> This SF.net email is sponsored by DB2 Express
>>>> Download DB2 Express C - the FREE version of DB2 express and take
>>>> control of your XML. No limits. Just data. Click to get it now.
>>>> http://sourceforge.net/powerbar/db2/ 
>>>>
>>>> ------------------------------------------------------------------------
>>>> _______________________________________________
>>>> Vuurmuur-users mailing list
>>>> Vuurmuur-users@...
>>>> https://lists.sourceforge.net/lists/listinfo/vuurmuur-users
>>>  
>>>
>>> -------------------------------------------------------------------------
>>> This SF.net email is sponsored by DB2 Express
>>> Download DB2 Express C - the FREE version of DB2 express and take
>>> control of your XML. No limits. Just data. Click to get it now.
>>> http://sourceforge.net/powerbar/db2/
>>> _______________________________________________
>>> Vuurmuur-users mailing list
>>> Vuurmuur-users@...
>>> https://lists.sourceforge.net/lists/listinfo/vuurmuur-users
>>
>  
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by DB2 Express
> Download DB2 Express C - the FREE version of DB2 express and take
> control of your XML. No limits. Just data. Click to get it now.
> http://sourceforge.net/powerbar/db2/
> _______________________________________________
> Vuurmuur-users mailing list
> Vuurmuur-users@...
> https://lists.sourceforge.net/lists/listinfo/vuurmuur-users