mirror of
https://github.com/Ponce/slackbuilds
synced 2024-11-21 19:42:24 +01:00
system/ossec-server: Added (Open Source Host-based IDS).
Signed-off-by: Willy Sudiarto Raharjo <willysr@slackbuilds.org>
This commit is contained in:
parent
586e747224
commit
2a16520e1a
8 changed files with 466 additions and 0 deletions
3
system/ossec-server/README
Normal file
3
system/ossec-server/README
Normal file
|
@ -0,0 +1,3 @@
|
|||
OSSEC is an Open Source Host-based Intrusion Detection System that performs log
|
||||
analysis, file integrity checking, policy monitoring, rootkit detection,
|
||||
real-time alerting and active response.
|
15
system/ossec-server/README.SLACKWARE
Normal file
15
system/ossec-server/README.SLACKWARE
Normal file
|
@ -0,0 +1,15 @@
|
|||
You may wish to add these lines to /etc/rc.d/rc.local to start the service:
|
||||
|
||||
if [ -x /etc/rc.d/rc.ossec ]; then
|
||||
/etc/rc.d/rc.ossec start
|
||||
fi
|
||||
|
||||
You may also add these lines to /etc/rc.d/rc.local_shutdown:
|
||||
|
||||
if [ -x /etc/rc.d/rc.ossec ]; then
|
||||
/etc/rc.d/rc.ossec stop
|
||||
fi
|
||||
|
||||
Remember to give executable permission to /etc/rc.d/rc.local_shutdown:
|
||||
|
||||
chmod 0755 /etc/rc.d/rc.local_shutdown
|
29
system/ossec-server/doinst.sh
Normal file
29
system/ossec-server/doinst.sh
Normal file
|
@ -0,0 +1,29 @@
|
|||
config() {
|
||||
NEW="$1"
|
||||
OLD="$(dirname $NEW)/$(basename $NEW .new)"
|
||||
# If there's no config file by that name, mv it over:
|
||||
if [ ! -r $OLD ]; then
|
||||
mv $NEW $OLD
|
||||
elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then
|
||||
# toss the redundant copy
|
||||
rm $NEW
|
||||
fi
|
||||
# Otherwise, we leave the .new copy for the admin to consider...
|
||||
}
|
||||
|
||||
preserve_perms() {
|
||||
NEW="$1"
|
||||
OLD="$(dirname $NEW)/$(basename $NEW .new)"
|
||||
if [ -e $OLD ]; then
|
||||
cp -a $OLD ${NEW}.incoming
|
||||
cat $NEW > ${NEW}.incoming
|
||||
mv ${NEW}.incoming $NEW
|
||||
fi
|
||||
config $NEW
|
||||
}
|
||||
|
||||
preserve_perms etc/rc.d/rc.ossec.new
|
||||
config etc/ossec-init.conf.new
|
||||
config etc/logrotate.d/ossec.new
|
||||
find var/ossec/etc var/ossec/rules -type f -name '*.new' \
|
||||
| while read new ; do config $new ; done
|
152
system/ossec-server/ossec-server.SlackBuild
Normal file
152
system/ossec-server/ossec-server.SlackBuild
Normal file
|
@ -0,0 +1,152 @@
|
|||
#!/bin/sh
|
||||
|
||||
# Slackware build script for ossec-server
|
||||
|
||||
# Copyright 2016 Mario Preksavec, Zagreb, Croatia
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use of this script, with or without modification, is
|
||||
# permitted provided that the following conditions are met:
|
||||
#
|
||||
# 1. Redistributions of this script must retain the above copyright
|
||||
# notice, this list of conditions and the following disclaimer.
|
||||
#
|
||||
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED
|
||||
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
|
||||
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
|
||||
# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
|
||||
# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
|
||||
# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
|
||||
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
|
||||
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
|
||||
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
|
||||
PRGNAM=ossec-server
|
||||
VERSION=${VERSION:-2.9rc3}
|
||||
BUILD=${BUILD:-1}
|
||||
TAG=${TAG:-_SBo}
|
||||
|
||||
SRCNAM=ossec-hids
|
||||
|
||||
if [ -z "$ARCH" ]; then
|
||||
case "$( uname -m )" in
|
||||
i?86) ARCH=i586 ;;
|
||||
arm*) ARCH=arm ;;
|
||||
*) ARCH=$( uname -m ) ;;
|
||||
esac
|
||||
fi
|
||||
|
||||
CWD=$(pwd)
|
||||
TMP=${TMP:-/tmp/SBo}
|
||||
PKG=$TMP/package-$PRGNAM
|
||||
OUTPUT=${OUTPUT:-/tmp}
|
||||
|
||||
if [ "$ARCH" = "i586" ]; then
|
||||
SLKCFLAGS="-O2 -march=i586 -mtune=i686"
|
||||
LIBDIRSUFFIX=""
|
||||
elif [ "$ARCH" = "i686" ]; then
|
||||
SLKCFLAGS="-O2 -march=i686 -mtune=i686"
|
||||
LIBDIRSUFFIX=""
|
||||
elif [ "$ARCH" = "x86_64" ]; then
|
||||
SLKCFLAGS="-O2 -fPIC"
|
||||
LIBDIRSUFFIX="64"
|
||||
else
|
||||
SLKCFLAGS="-O2"
|
||||
LIBDIRSUFFIX=""
|
||||
fi
|
||||
|
||||
USERID=${USERID:-333}
|
||||
USERID_MAIL=${USERID_MAIL:-334}
|
||||
USERID_REMOTE=${USERID_REMOTE:-335}
|
||||
GROUPID=${GROUPID:-333}
|
||||
|
||||
if ! grep ^ossec: /etc/group 2>&1 > /dev/null \
|
||||
|| ! grep -E '^(ossec|ossecm|ossecr):' /etc/passwd 2>&1 > /dev/null; then
|
||||
echo -e "\n You must have ossec users and a group to run this script\n"
|
||||
fi
|
||||
|
||||
if ! grep ^ossec: /etc/group 2>&1 > /dev/null; then
|
||||
echo " # groupadd -g $GROUPID ossec"
|
||||
fi
|
||||
|
||||
if ! grep ^ossec: /etc/passwd 2>&1 > /dev/null; then
|
||||
echo " # useradd -u $USERID -d /var/ossec -s /bin/false -g ossec ossec"
|
||||
echo " # passwd -l ossec"
|
||||
fi
|
||||
|
||||
if ! grep ^ossecm: /etc/passwd 2>&1 > /dev/null; then
|
||||
echo " # useradd -u $USERID_MAIL -d /var/ossec -s /bin/false -g ossec ossecm"
|
||||
echo " # passwd -l ossecm"
|
||||
fi
|
||||
|
||||
if ! grep ^ossecr: /etc/passwd 2>&1 > /dev/null; then
|
||||
echo " # useradd -u $USERID_REMOTE -d /var/ossec -s /bin/false -g ossec ossecr"
|
||||
echo " # passwd -l ossecr"
|
||||
fi
|
||||
|
||||
if ! grep ^ossec: /etc/group 2>&1 > /dev/null \
|
||||
|| ! grep -E '^(ossec|ossecm|ossecr):' /etc/passwd 2>&1 > /dev/null; then
|
||||
echo
|
||||
exit
|
||||
fi
|
||||
|
||||
set -e
|
||||
|
||||
rm -rf $PKG
|
||||
mkdir -p $TMP $PKG $OUTPUT
|
||||
cd $TMP
|
||||
rm -rf $SRCNAM-$VERSION
|
||||
tar xvf $CWD/$SRCNAM-$VERSION.tar.gz
|
||||
cd $SRCNAM-$VERSION
|
||||
chown -R root:root .
|
||||
find -L . \
|
||||
\( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 \
|
||||
-o -perm 511 \) -exec chmod 755 {} \; -o \
|
||||
\( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \
|
||||
-o -perm 440 -o -perm 400 \) -exec chmod 644 {} \;
|
||||
|
||||
# Makefile fixes
|
||||
sed -e 's|\(./init/adduser.sh.*\)|#\1|' \
|
||||
-e 's|\(DEFINES+=-DDEFAULTDIR=\).*|\1\\"/var/ossec\\"|' \
|
||||
-i src/Makefile
|
||||
|
||||
# There is no configure script and install.sh is a bit limited
|
||||
( cd src
|
||||
make PREFIX=$PKG/var/ossec TARGET=server build
|
||||
make PREFIX=$PKG/var/ossec TARGET=server install
|
||||
)
|
||||
|
||||
# Prepare system /etc
|
||||
mkdir -p $PKG/etc/{logrotate.d,rc.d}
|
||||
cat << EOF > $PKG/etc/ossec-init.conf.new
|
||||
DIRECTORY="/var/ossec"
|
||||
VERSION="$(cat src/VERSION)"
|
||||
DATE="$(date)"
|
||||
TYPE="server"
|
||||
EOF
|
||||
chmod 600 $PKG/etc/ossec-init.conf.new
|
||||
cat src/init/ossec-hids.init > $PKG/etc/rc.d/rc.ossec.new
|
||||
cat $CWD/ossec.logrotate > $PKG/etc/logrotate.d/ossec.new
|
||||
|
||||
# Stock ossec.conf is just an example - we prefer our own
|
||||
mv $PKG/var/ossec/etc/ossec.conf $PKG/var/ossec/etc/ossec.conf.example
|
||||
cat $CWD/ossec-server.conf > $PKG/var/ossec/etc/ossec.conf.new
|
||||
chmod 640 $PKG/var/ossec/etc/ossec.conf.new
|
||||
chown root:ossec $PKG/var/ossec/etc/ossec.conf.new
|
||||
for i in $PKG/var/ossec/etc/*.{conf,keys,xml} ; do mv $i $i.new ; done
|
||||
mv $PKG/var/ossec/rules/local_rules.xml $PKG/var/ossec/rules/local_rules.xml.new
|
||||
|
||||
find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | grep ELF \
|
||||
| cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true
|
||||
|
||||
mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION
|
||||
cp -a BUGS CHANGELOG CONFIG CONTRIBUTORS LICENSE README.md doc/{*.txt,README.*} \
|
||||
$CWD/README.SLACKWARE $PKG/usr/doc/$PRGNAM-$VERSION
|
||||
cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild
|
||||
|
||||
mkdir -p $PKG/install
|
||||
cat $CWD/slack-desc > $PKG/install/slack-desc
|
||||
|
||||
cd $PKG
|
||||
/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz}
|
233
system/ossec-server/ossec-server.conf
Normal file
233
system/ossec-server/ossec-server.conf
Normal file
|
@ -0,0 +1,233 @@
|
|||
<!-- OSSEC Slackware example config -->
|
||||
<!-- Written by Mario Preksavec <mario at slackware dot hr> -->
|
||||
|
||||
<ossec_config>
|
||||
<global>
|
||||
<email_notification>no</email_notification>
|
||||
<email_to>root@example.com</email_to>
|
||||
<smtp_server>smtp.example.com</smtp_server>
|
||||
<email_from>ossecm@ossec.example.com</email_from>
|
||||
</global>
|
||||
|
||||
<rules>
|
||||
<include>rules_config.xml</include>
|
||||
<include>pam_rules.xml</include>
|
||||
<include>sshd_rules.xml</include>
|
||||
<include>telnetd_rules.xml</include>
|
||||
<include>syslog_rules.xml</include>
|
||||
<include>arpwatch_rules.xml</include>
|
||||
<include>symantec-av_rules.xml</include>
|
||||
<include>symantec-ws_rules.xml</include>
|
||||
<include>pix_rules.xml</include>
|
||||
<include>named_rules.xml</include>
|
||||
<include>smbd_rules.xml</include>
|
||||
<include>vsftpd_rules.xml</include>
|
||||
<include>pure-ftpd_rules.xml</include>
|
||||
<include>proftpd_rules.xml</include>
|
||||
<include>ms_ftpd_rules.xml</include>
|
||||
<include>ftpd_rules.xml</include>
|
||||
<include>hordeimp_rules.xml</include>
|
||||
<include>roundcube_rules.xml</include>
|
||||
<include>wordpress_rules.xml</include>
|
||||
<include>cimserver_rules.xml</include>
|
||||
<include>vpopmail_rules.xml</include>
|
||||
<include>vmpop3d_rules.xml</include>
|
||||
<include>courier_rules.xml</include>
|
||||
<include>web_rules.xml</include>
|
||||
<include>web_appsec_rules.xml</include>
|
||||
<include>apache_rules.xml</include>
|
||||
<include>nginx_rules.xml</include>
|
||||
<include>php_rules.xml</include>
|
||||
<include>mysql_rules.xml</include>
|
||||
<include>postgresql_rules.xml</include>
|
||||
<include>ids_rules.xml</include>
|
||||
<include>squid_rules.xml</include>
|
||||
<include>firewall_rules.xml</include>
|
||||
<include>apparmor_rules.xml</include>
|
||||
<include>cisco-ios_rules.xml</include>
|
||||
<include>netscreenfw_rules.xml</include>
|
||||
<include>sonicwall_rules.xml</include>
|
||||
<include>postfix_rules.xml</include>
|
||||
<include>sendmail_rules.xml</include>
|
||||
<include>imapd_rules.xml</include>
|
||||
<include>mailscanner_rules.xml</include>
|
||||
<include>dovecot_rules.xml</include>
|
||||
<include>ms-exchange_rules.xml</include>
|
||||
<include>racoon_rules.xml</include>
|
||||
<include>vpn_concentrator_rules.xml</include>
|
||||
<include>spamd_rules.xml</include>
|
||||
<include>msauth_rules.xml</include>
|
||||
<include>mcafee_av_rules.xml</include>
|
||||
<include>trend-osce_rules.xml</include>
|
||||
<include>ms-se_rules.xml</include>
|
||||
<!-- <include>policy_rules.xml</include> -->
|
||||
<include>zeus_rules.xml</include>
|
||||
<include>solaris_bsm_rules.xml</include>
|
||||
<include>vmware_rules.xml</include>
|
||||
<include>ms_dhcp_rules.xml</include>
|
||||
<include>asterisk_rules.xml</include>
|
||||
<include>ossec_rules.xml</include>
|
||||
<include>attack_rules.xml</include>
|
||||
<include>systemd_rules.xml</include>
|
||||
<include>firewalld_rules.xml</include>
|
||||
<include>dropbear_rules.xml</include>
|
||||
<include>unbound_rules.xml</include>
|
||||
<include>sysmon_rules.xml</include>
|
||||
<include>opensmtpd_rules.xml</include>
|
||||
<include>local_rules.xml</include>
|
||||
</rules>
|
||||
|
||||
<syscheck>
|
||||
<!-- Frequency that syscheck is executed -- default every 20 hours -->
|
||||
<frequency>17200</frequency>
|
||||
|
||||
<!-- Directories to check (perform all possible verifications) -->
|
||||
<directories check_all="yes">/etc,/usr/bin,/usr/sbin</directories>
|
||||
<directories check_all="yes">/bin,/sbin,/boot</directories>
|
||||
|
||||
<!-- Files/directories to ignore -->
|
||||
<ignore>/etc/mtab</ignore>
|
||||
<ignore>/etc/hosts.deny</ignore>
|
||||
<ignore>/etc/mail/statistics</ignore>
|
||||
<ignore>/etc/random-seed</ignore>
|
||||
<ignore>/etc/adjtime</ignore>
|
||||
<ignore>/etc/ntp/drift</ignore>
|
||||
</syscheck>
|
||||
|
||||
<rootcheck>
|
||||
<rootkit_files>/var/ossec/etc/shared/rootkit_files.txt</rootkit_files>
|
||||
<rootkit_trojans>/var/ossec/etc/shared/rootkit_trojans.txt</rootkit_trojans>
|
||||
<system_audit>/var/ossec/etc/shared/system_audit_rcl.txt</system_audit>
|
||||
<system_audit>/var/ossec/etc/shared/cis_debian_linux_rcl.txt</system_audit>
|
||||
<system_audit>/var/ossec/etc/shared/cis_rhel_linux_rcl.txt</system_audit>
|
||||
<system_audit>/var/ossec/etc/shared/cis_rhel5_linux_rcl.txt</system_audit>
|
||||
<system_audit>/var/ossec/etc/shared/cis_rhel6_linux_rcl.txt</system_audit>
|
||||
<system_audit>/var/ossec/etc/shared/cis_rhel7_linux_rcl.txt</system_audit>
|
||||
</rootcheck>
|
||||
|
||||
<global>
|
||||
<white_list>127.0.0.1</white_list>
|
||||
<white_list>::1</white_list>
|
||||
</global>
|
||||
|
||||
<remote>
|
||||
<connection>secure</connection>
|
||||
</remote>
|
||||
|
||||
<alerts>
|
||||
<log_alert_level>1</log_alert_level>
|
||||
<email_alert_level>7</email_alert_level>
|
||||
</alerts>
|
||||
|
||||
<command>
|
||||
<name>host-deny</name>
|
||||
<executable>host-deny.sh</executable>
|
||||
<expect>srcip</expect>
|
||||
<timeout_allowed>yes</timeout_allowed>
|
||||
</command>
|
||||
|
||||
<command>
|
||||
<name>firewall-drop</name>
|
||||
<executable>firewall-drop.sh</executable>
|
||||
<expect>srcip</expect>
|
||||
<timeout_allowed>yes</timeout_allowed>
|
||||
</command>
|
||||
|
||||
<command>
|
||||
<name>disable-account</name>
|
||||
<executable>disable-account.sh</executable>
|
||||
<expect>user</expect>
|
||||
<timeout_allowed>yes</timeout_allowed>
|
||||
</command>
|
||||
|
||||
<!-- Active Response Config -->
|
||||
<active-response>
|
||||
<!-- This response is going to execute the host-deny
|
||||
- command for every event that fires a rule with
|
||||
- level (severity) >= 6.
|
||||
- The IP is going to be blocked for 600 seconds.
|
||||
-->
|
||||
<command>host-deny</command>
|
||||
<location>local</location>
|
||||
<level>6</level>
|
||||
<timeout>600</timeout>
|
||||
</active-response>
|
||||
|
||||
<active-response>
|
||||
<!-- Firewall Drop response. Block the IP for
|
||||
- 600 seconds on the firewall (iptables,
|
||||
- ipfilter, etc).
|
||||
-->
|
||||
<command>firewall-drop</command>
|
||||
<location>local</location>
|
||||
<level>6</level>
|
||||
<timeout>600</timeout>
|
||||
</active-response>
|
||||
|
||||
<!-- Files to monitor (localfiles) -->
|
||||
|
||||
<localfile>
|
||||
<log_format>syslog</log_format>
|
||||
<location>/var/log/messages</location>
|
||||
</localfile>
|
||||
|
||||
<localfile>
|
||||
<log_format>syslog</log_format>
|
||||
<location>/var/log/syslog</location>
|
||||
</localfile>
|
||||
|
||||
<localfile>
|
||||
<log_format>syslog</log_format>
|
||||
<location>/var/log/debug</location>
|
||||
</localfile>
|
||||
|
||||
<localfile>
|
||||
<log_format>syslog</log_format>
|
||||
<location>/var/log/secure</location>
|
||||
</localfile>
|
||||
|
||||
<localfile>
|
||||
<log_format>syslog</log_format>
|
||||
<location>/var/log/cron</location>
|
||||
</localfile>
|
||||
|
||||
<localfile>
|
||||
<log_format>syslog</log_format>
|
||||
<location>/var/log/maillog</location>
|
||||
</localfile>
|
||||
|
||||
<localfile>
|
||||
<log_format>syslog</log_format>
|
||||
<location>/var/log/spooler</location>
|
||||
</localfile>
|
||||
|
||||
<localfile>
|
||||
<log_format>apache</log_format>
|
||||
<location>/var/log/httpd/access_log</location>
|
||||
</localfile>
|
||||
|
||||
<localfile>
|
||||
<log_format>apache</log_format>
|
||||
<location>/var/log/httpd/error_log</location>
|
||||
</localfile>
|
||||
|
||||
<localfile>
|
||||
<log_format>command</log_format>
|
||||
<command>df -h</command>
|
||||
</localfile>
|
||||
|
||||
<localfile>
|
||||
<log_format>full_command</log_format>
|
||||
<command>netstat -tan | grep LISTEN | grep -v 127.0.0.1 | sort</command>
|
||||
</localfile>
|
||||
|
||||
<localfile>
|
||||
<log_format>full_command</log_format>
|
||||
<command>last -n 5</command>
|
||||
</localfile>
|
||||
|
||||
<localfile>
|
||||
<log_format>full_command</log_format>
|
||||
<command>lastb -n 5</command>
|
||||
</localfile>
|
||||
</ossec_config>
|
10
system/ossec-server/ossec-server.info
Normal file
10
system/ossec-server/ossec-server.info
Normal file
|
@ -0,0 +1,10 @@
|
|||
PRGNAM="ossec-server"
|
||||
VERSION="2.9rc3"
|
||||
HOMEPAGE="http://ossec.github.io/"
|
||||
DOWNLOAD="https://github.com/ossec/ossec-hids/archive/2.9rc3/ossec-hids-2.9rc3.tar.gz"
|
||||
MD5SUM="a4ce5872f32c0ab045215017198eb5a3"
|
||||
DOWNLOAD_x86_64=""
|
||||
MD5SUM_x86_64=""
|
||||
REQUIRES=""
|
||||
MAINTAINER="Mario Preksavec"
|
||||
EMAIL="mario at slackware dot hr"
|
5
system/ossec-server/ossec.logrotate
Normal file
5
system/ossec-server/ossec.logrotate
Normal file
|
@ -0,0 +1,5 @@
|
|||
/var/ossec/logs/active-responses.log /var/ossec/logs/ossec.log {
|
||||
missingok
|
||||
notifempty
|
||||
copytruncate
|
||||
}
|
19
system/ossec-server/slack-desc
Normal file
19
system/ossec-server/slack-desc
Normal file
|
@ -0,0 +1,19 @@
|
|||
# HOW TO EDIT THIS FILE:
|
||||
# The "handy ruler" below makes it easier to edit a package description.
|
||||
# Line up the first '|' above the ':' following the base package name, and
|
||||
# the '|' on the right side marks the last column you can put a character in.
|
||||
# You must make exactly 11 lines for the formatting to be correct. It's also
|
||||
# customary to leave one space after the ':' except on otherwise blank lines.
|
||||
|
||||
|-----handy-ruler------------------------------------------------------|
|
||||
ossec-server: ossec-server (Open Source Host-based Intrusion Detection System)
|
||||
ossec-server:
|
||||
ossec-server: OSSEC is an Open Source Host-based Intrusion Detection System that
|
||||
ossec-server: performs log analysis, file integrity checking, policy monitoring,
|
||||
ossec-server: rootkit detection, real-time alerting and active response.
|
||||
ossec-server:
|
||||
ossec-server: Homepage: http://ossec.github.io/
|
||||
ossec-server:
|
||||
ossec-server:
|
||||
ossec-server:
|
||||
ossec-server:
|
Loading…
Reference in a new issue