Bug 12749 - Dead link on page www.ipfire.org/features
Summary: Dead link on page www.ipfire.org/features
Status: CLOSED FIXED
Alias: None
Product: Infrastructure
Classification: Unclassified
Component: Web Site (show other bugs)
Version: unspecified
Hardware: unspecified Unspecified
: - Unknown - - Unknown -
Assignee: Michael Tremer
QA Contact:
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2021-12-22 17:00 UTC by Charles Brown
Modified: 2022-02-24 14:49 UTC (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Charles Brown 2021-12-22 17:00:04 UTC 
On the webpage “www.ipfire.org/features”, the DOCUMENTATION button for "Intrusion Detection/Prevention System" takes you to a dead link.  Perhaps the correct link for the button should be "wiki.ipfire.org/configuration/firewall/ips"
Comment 1 Charles Brown 2022-01-14 16:43:30 UTC 
It would seem @ about line 104 in features.html
    href="https://wiki.ipfire.org/configuration/services/ids"
would need to be changed to ... 
    href="https://wiki.ipfire.org/configuration/firewall/ips"
 
That would fix the button press.
And perhaps it would also seem reasonable to change the text references from "Detection" to "Prevention" and correspondingly change the acronym "IDS" to "IPS"
Comment 3 Michael Tremer 2022-02-23 18:35:50 UTC 
http://git.ipfire.org/?p=ipfire.org.git;a=commit;h=73cebb40bb196fe2312f79da703adb7b75920f2f

Author: Michael Tremer <michael.tremer@ipfire.org>

features: Update text and link around the IPS

Fixes: #12749
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Comment 4 Michael Tremer 2022-02-23 18:39:14 UTC 
Oh nice, I didn't know there was a nice script that does this for me :)

This is all rolled out now. Thank you for noticing.
Comment 5 Charles Brown 2022-02-23 21:03:07 UTC 
The web-page text “Upon detection, alerts are raised and the attacker is immediately blocked”  tends to hint of the legacy technique of blocking the attacker with Guardian.  Nowadays the ‘attacker’ is not blocked, rather the offending packet(s) that raise alerts are ‘dropped’.
Comment 6 Michael Tremer 2022-02-24 09:19:56 UTC 
Y(In reply to Charles Brown from comment #5)
> The web-page text “Upon detection, alerts are raised and the attacker is
> immediately blocked”  tends to hint of the legacy technique of blocking the
> attacker with Guardian.  Nowadays the ‘attacker’ is not blocked, rather the
> offending packet(s) that raise alerts are ‘dropped’.

Yes, I stumbled over this one as well.

I believe that in all this brevity, this is correct. We will scan first, then detect something, and then log the packet and drop it. Guardian worked differently, but worked in the same way.

The entire website is (hopefully) be replaced soon and the entire features page will go. To avoid investing too much time into this, I would like to leave it the way it is and hopefully we will do better with the next one.
Comment 7 Charles Brown 2022-02-24 14:49:36 UTC 
Sounds good.  Thanks for all your dedicated efforts on this damn fine product.