Announcements for OPNids

Look here for latest news and announements.

Release Notes for OPNids(18.9) Initial GA Release

OPNids can be thought of as a child project of OPNsense. It started life as
a fork working in conjunction with the OPNsense team. Then focused on adding
the Dragonfly Machine Learning Engine open sourced by CounterFlow AI. In this
case applying it to Suricata.

The Dragonfly Machine Learning Engine is an open source project from
CounterFlow AI and is available in GitHub at:

The project suite that makes up OPNids can be found in GitHub at:

This project aims to ‘enable’ the end user to add the power of machine learning
to intrusion detection and help the analyst prioritize their efforts
using explainable AI to assist in protecting their networks.

Following this note is the changelog from inception of OPNids through the
initial full release. As we get ready to move into 2019, the project will
be resyncing with OPNsense and updating the underlying stack. Once that has
happened we will be moving into a regular cycle using the OPNsense release
cycle as a guide.

Please hit our website opnids.io and our Discourse forum to work with us on
improving OPNids.

–The OPNids Team

CHANGELOG follows for all tags up to initial release(18.9):

18.9 - 12/10/2018

  • No change from rc1

18.9.rc1 - 12/5/2018

  • includes v0.6.8 of counterflow-ai/dragonfly-mle

Following commit log info up to tag:

opnids/tools: NO CHANGE FROM 18.9.rc

opnids/ports:

7a99be99e6 (HEAD -> master, tag: 18.9.rc1, origin/master, origin/HEAD) distinfo update

8869873fd4 add www/ and nsm.json and alert.json

opnids/src: NO CHANGE FROM 18.9.rc

opnids/plugins: NO CHANGE FROM 18.9.rc

opnids/core: NO CHANGE FROM 18.9.rc

18.9.rc - 12/3/2018

  • includes v0.6.7 of counterflow-ai/dragonfly-mle

Following commit log info up to tag:

opnids/tools:

d877994 (HEAD -> master, tag: 18.9.rc1, tag: 18.9.rc, origin/master, origin/HEAD) add www/libmicrohttpd for latest MLE

8a02a1e minor mod

bace49a NAME=OPNids-devel

opnids/ports:

e57305c680 (tag: 18.9.rc) add new distinfo for dragonfly-mle

a7e223e56a up version and add libmicrohttpd to LIBDEPENDS

opnids/src: NO CHANGE FROM 18.9.b

opnids/plugins: NO CHANGE FROM 18.9.b

opnids/core:

29d8a42b3 (tag: 18.9.rc1, tag: 18.9.rc, origin/stable/18.9) put name back in

dd7a67929 Merge branch ‘stable/18.9’ of https://github.com/opnids/core into stable/18.9

ef1d64602 minor makefile change

b2ffc0ebb (HEAD -> master, origin/master, origin/HEAD) revert: redis POST_INSTALL

66c1cf2e2 fix: remove due to build conflicts

ebad19355 fix: revert to filebeats in POST_INSTALL

1ade6cb81 remove: build conflict errors

7ff026756 fix: filebeat rc file typo

3545eda8f rc.d clean up from POST_INSTALL

13e76e2ef Extended MLE plugin w/API endpoint

c27e82b01 filebeat configuration change

3a7e256b0 add libmicrohttpd

c44a60ce9 firewall->sensor

7486c9af1 Suricata configuration changes

5ae98b53e fix: redis template refactor

5e1af820b fix: filebeat module errors in syslog

358f52015 set firmware-upgrade

dd4f70eb5 18.9.rc

18.9.b - 10/26/2018

  • includes v0.6.6 of counterflow-ai/dragonfly-mle

Following commit log info up to tag:

opnids/tools:

e75693a (tag: 18.9.b) isc-dhcp44-client

0685ed2 after review remove some ports

577ded8 remove xtools from nightly

9daba44 add an opnids dir to ports and move some things into it

e0a7d57 move our ports under opnids

8f2821e update readme slightly

bf4be30 rm LibreSSL for now, maybe add back later

f86d061 move branches to stable/18.9 vs. 18.9

dda014e move 18.1 -> 18.9

fef35ae add 18.9 and all the config that comes with it

97a9086 modify mirrors list

opnids/ports:

d0ce46b600 (tag: 18.9) update distinfo

40d93bbb6a new distinfo Makefile

a14993c2a3 update Makefile distinfo for v0.6.5

b38572bc7f mv to v0.6.3 tag

dcc53e8ac2 update port Makefile and distinfo for v0.6.1

f2222c1ee2 new distinfo

67a474caa5 add diffs for 6.3.2 to Makefile, distinfo, files/

8e25a066f0 add new distinfo for v0.5.2

80267d6664 mv Makefile to v0.5.2

877f03dd29 update distinfo and Makefile

feec7b8fa8 modify Makefile for new tag of dragonfly-mle

4a9c0b79dc add new distinfo

opnids/src: NO CHANGE FROM 18.9.a

opnids/plugins: NO CHANGE FROM 18.9.a

opnids/core:

713d92f91 (tag: 18.9.b) minor makefile change

d8157b34f default behavior mle, filebeat – redis running hidden

6f6d84195 removal: widget display if only enabled

c2c5fd1cb fix: Redis should start automatically

6d18e4bc4 default mle disabled

d54c8154e rc.d files modification/enable input

53c46d57e updated redis settings

6de7014b4 added redis.conf to install template

056ac134c added redis-ml to redis.conf

f7a5e6a9c added gui inputs for eventtypes/template update

beb845cf4 Updated compile dependencies

93b9b752b beats version upgrade

ee635e7f8 added redis-ml to redis.conf

e9610bec3 added redis-ml to redis.conf

cd1ca4f22 added gui inputs for eventtypes/template update

4a94c743d Updated compile dependencies

c309aeed6 beats version upgrade

7aba06438 Beats plugin added

5f7a5cb7a updated redis settings

a41523c46 added redis.conf to install template

d39f65330 added redis-ml to redis.conf

d67959e6d added gui inputs for eventtypes/template update

be673d50e Updated compile dependencies

b06a16943 beats version upgrade

115910bf6 Beats plugin added

5d976e013 update firmware-message for upcoming beta release

7ea085174 update firmware-message for upcoming beta release

991031d8c install beats by default

300312444 install beats by default

b5fc997f5 add release name to Makefile

8f41639eb get rid of hardcoded name

32ad96f6f forum->discourse and fix a space

c93000e39 name it Rockfish

3aeb2cbbe FIX: Illegal string offset ‘mgt’ in /usr/local/opnsense/scripts/shell/setaddr.php on line 544

b5541a1f3 fix typo in packagesite name

18fe806f9 mv 18.7 -> 18.9

a75998c95 modify for .io

4d81796fe removed de-install commands for redis/mle

1d87a4663 cleaned up some typ0’s

304a9dd07 changed the stream to possible in-line to static no

bbddff715 removed promisc input element from settings

6c43899b2 Updated the xml to change the default behavior of the IDS to promiscuous mode on capture interfaces

de0113096 updated the suricate.yaml templete to remove the in kernel ip stack from netmap and connect directly behind the bare metal

c417de5e5 removed promisc input element from settings

321a46f0e Updated the xml to change the default behavior of the IDS to promiscuous mode on capture interfaces

3934f8861 updated the suricate.yaml templete to remove the in kernel ip stack from netmap and connect directly behind the bare metal

3b026f47b suricata_netmap enabled default + host-mode = sniffer-only

ca27b44ef Remove IPS input element

13219f6cc Updated the suricate.yaml template to switch the NETMAP mode to tap from ips

8f51333b9 Updated the default policy for syncookies 0, tso 0, udp.checksum 0

fcf425c4c update dragonfly-mle log file path

3c05ca21b forum->discourse and fix a space

b6260ac76 name it Rockfish

ae23a6637 FIX: Illegal string offset ‘mgt’ in /usr/local/opnsense/scripts/shell/setaddr.php on line 544

e3db202b2 fix typo in packagesite name

f0d0696ba mv 18.7 -> 18.9

d642d607d modify for .io

f0cb366d1 removed de-install commands for redis/mle

c67167a94 cleaned up some typ0’s

be6f93118 changed the stream to possible in-line to static no

f92071f3f removed promisc input element from settings

6c3a06208 Updated the xml to change the default behavior of the IDS to promiscuous mode on capture interfaces

6f7e98f87 updated the suricate.yaml templete to remove the in kernel ip stack from netmap and connect directly behind the bare metal

06d8439f7 suricata_netmap enabled default + host-mode = sniffer-only

b08fa842e Remove IPS input element

39791a6fc Updated the suricate.yaml template to switch the NETMAP mode to tap from ips

b6788d3f6 Updated the default policy for syncookies 0, tso 0, udp.checksum 0

dafb81459 update dragonfly-mle log file path

4ea25ff02 change some values to move from opnsense centric to opnids

18.9.a - 7/26/2018

  • includes v0.5.0 of counterflow-ai/dragonfly-mle

  • includes 0.99.1 tag of clang-bsd branch of counterflow-ai/redis-ml

Following commit log info up to tag:

opnids/tools:

72ee64d (tag: 18.9.a, origin/18.9) move build.conf to 18.9 branches

5896e82 Merge branch ‘master’ of https://github.com/opnids/tools

21bfe94 add redis-ml to ports.conf

4153d75 mv repository url from opnsense -> opnids

a643a1e remove plugins

4b8f3f5 add db/redis and ml/dragonfly-mle to the plugins.conf

6acc8b1 add lang/lua51 to ports.conf

9dd6e69 add security/dragonfly-mle to ports.conf

0303755 clean plugins.conf, since we don’t use plugins at the moment.

fc4a82b fix typo

710a695 add lang/luajit databases/hiredis

2593310 add an OPNids note to the top of the README

opnids/ports:

–at this stage ports was still being pulled directly from OPNsense project

opnids/src:

–at this stage src was still being pulled directly from OPNsense project

opnids/plugins:

42973a6 (HEAD -> master, tag: 18.9.rc1, tag: 18.9.rc, tag: 18.9.b, tag: 18.9.a, origin/stable/18.9, origin/master, origin/HEAD) fix typo

ee20a91 redis and dragonfly-mle ripped out of plugins

32ed3af redis + dragonfly-mle plugins added

1c39217 (origin/stable/18.1) sync build tools with upstream source

opnids/core:

190013c01 (tag: 18.9.a) re-added redis-ml

995d8d72e remove redis-ml temp

647f34542 update redis

99ef699dc split out rc command

9e84f3ae6 setup.sh excutable

dbe60b83c Redis startup update

ce6ff8203 Merge branch ‘master’ of https://github.com/opnids/core

72c30591c add redis-ml to CORE_DEPENDS

9fe3616c0 update firmware-message firmware-upgrade contents

d3cec501e FIX: add redis setup.sh script to every redis start via configd

8eaa16851 remove redis commands

dc73a24d3 FIX: redis start after reset factory defaults

a1acb9661 removed setup wizard intially

ed48440c7 [WIP]: second round of modifications for wan/lan

20cc6e017 [WIP]: switch wan/lan to tap/mgt

3413f5410 add cron default for blockbogons due to hardcoded dependencies

75fc8182b disable blockbogons and blockpriv from GUI and console by default

a10aeaaaa Added MLE default configuration to config.xml + modified test config

05d4c3ba9 Removed checkboxes for netflow, dhcp, and captive portal backups

c56010e26 blockpriv and blockbogons default set to “0”

a5c78efff Change defaults for SSL certificate to originate from the US

bc87cae6f Switch service control to only show when enabled is checked

470926993 1. Enabled [] check box 2. Log File view (like Suricata) 3. Config placeholder 4. Services made available via API now 5. Service controller on setting page

df5ae4e91 Switched “Machine Learning” to “Dragonfly MLE”

3861c3137 Change MLE logo to brain icon, goes better w/OPNids overall theme

a3facfcaa Modified OPNsense’s original service control to fit new service needs

534da9ce0 change default pass

271f1522e mv from firewall -> IDS

e9d59eba2 tweak the congratulations message post successful configuration

eab4367bc migrate product names from opnsense->opnids

74933fb31 modal header color change

fe86a1b42 Deinstall script for dragonfly-mle and redis

f0d812525 Merge branch ‘master’ of https://github.com/opnids/core

526b567a5 simplify motd dealing with whitespace

f72a1a0d7 dragonfly-mle rc flip NO to YES script

6a0758963 dragonfly-mle + redis plugins added to core

acdcc4801 change the variable ‘loader_brand=’ from opnsense to opnids, this will build a /boot/loader.conf with the correct variable used to find .4th files for ASCII spalce

278561614 bootup splash ASCII logo for OPNids added to /boot

e08b8f908 Modified wizard image to go well against a white background

4323266f6 fix web console errors w/caret.png

1ca505d20 modify motd.in for opnids

c843b635f Merge branch ‘master’ of github.com:OPNids/core

b58243b9f minor logo change and revert domain

719b0c160 add lua51 to CORE_DEPENDS

7716ebed2 new opnids logo

f39c12311 removed domain addition - default only hostname

6b250c673 disabled dhcpd + blockpriv and blockbogons disabled

33e35441d changed default hostname from OPNsense to OPNids

5aeb4b737 add dragonfly-mle to CORE_DEPENDS

5a9f209e8 Logout positioned in header bar

91b8757d8 rebuilt main.css

bab93a28f Merge branch ‘master’ of github.com:OPNids/core

178ecc028 Update MLE logo + color changes + css modifications

9654a58de Sidebar menu complete override

5ff43d105 switch crashreporter to crash.opnids.org

71dde834a modified asset build script + new dragonfly mle vector

89e06b731 copyright text reverted to original decisio & counterflow ai

6a8cacedc Menu mods + MLE logo altered

21e6d115c de facto standard for logos only SVG - menu changes