From 1936a29ae46d5c4aba4b0aa65500862e501384c1 Mon Sep 17 00:00:00 2001
From: marco370 <48531002-marco370@users.noreply.replit.com>
Date: Mon, 17 Nov 2025 16:39:09 +0000
Subject: [PATCH] Improve database connection security and restart log parser

Modify pg_hba.conf to use SCRAM-SHA-256 for database authentication and restart the syslog parser service.

Replit-Commit-Author: Agent
Replit-Commit-Session-Id: 7a657272-55ba-4a79-9a2e-f1ed9bc7a528
Replit-Commit-Checkpoint-Type: full_checkpoint
Replit-Commit-Event-Id: 2c44c1cf-5725-4dd8-8305-3fa9b2a5136c
Replit-Commit-Screenshot-Url: https://storage.googleapis.com/screenshot-production-us-central1/449cf7c4-c97a-45ae-8234-e5c5b8d6a84f/7a657272-55ba-4a79-9a2e-f1ed9bc7a528/c9ITWqD
---
 ...t-ids-pyth-1763397517711_1763397517711.txt | 70 +++++++++++++++++++
 1 file changed, 70 insertions(+)
 create mode 100644 attached_assets/Pasted-sudo-cp-var-lib-pgsql-data-pg-hba-conf-var-lib-pgsql-data-pg-hba-conf-backup-manual-root-ids-pyth-1763397517711_1763397517711.txt

diff --git a/attached_assets/Pasted-sudo-cp-var-lib-pgsql-data-pg-hba-conf-var-lib-pgsql-data-pg-hba-conf-backup-manual-root-ids-pyth-1763397517711_1763397517711.txt b/attached_assets/Pasted-sudo-cp-var-lib-pgsql-data-pg-hba-conf-var-lib-pgsql-data-pg-hba-conf-backup-manual-root-ids-pyth-1763397517711_1763397517711.txt
new file mode 100644
index 0000000..46d1b97
--- /dev/null
+++ b/attached_assets/Pasted-sudo-cp-var-lib-pgsql-data-pg-hba-conf-var-lib-pgsql-data-pg-hba-conf-backup-manual-root-ids-pyth-1763397517711_1763397517711.txt
@@ -0,0 +1,70 @@
+sudo cp /var/lib/pgsql/data/pg_hba.conf /var/lib/pgsql/data/pg_hba.conf.backup_manual
+[root@ids python_ml]# sudo sed -i '/^local.*ids_database.*ids_user/d' /var/lib/pgsql/data/pg_hba.conf
+sudo sed -i '/^host.*ids_database.*ids_user/d' /var/lib/pgsql/data/pg_hba.conf
+[root@ids python_ml]# cat << 'EOF' | sudo tee -a /var/lib/pgsql/data/pg_hba.conf
+# IDS Database - SCRAM-SHA-256
+local   ids_database    ids_user                                scram-sha-256
+host    ids_database    ids_user        127.0.0.1/32            scram-sha-256
+host    ids_database    ids_user        ::1/128                 scram-sha-256
+EOF
+# IDS Database - SCRAM-SHA-256
+local   ids_database    ids_user                                scram-sha-256
+host    ids_database    ids_user        127.0.0.1/32            scram-sha-256
+host    ids_database    ids_user        ::1/128                 scram-sha-256
+[root@ids python_ml]# systemctl reload postgresql
+[root@ids python_ml]# sudo grep "ids_database" /var/lib/pgsql/data/pg_hba.conf
+local   ids_database    ids_user                                scram-sha-256
+host    ids_database    ids_user        127.0.0.1/32            scram-sha-256
+host    ids_database    ids_user        ::1/128                 scram-sha-256
+[root@ids python_ml]# export PGPASSWORD="TestPassword123"
+[root@ids python_ml]# psql -h ::1 -U ids_user -d ids_database -c "SELECT 1;"
+ ?column?
+----------
+        1
+(1 row)
+
+[root@ids python_ml]# pkill -f syslog_parser
+[root@ids python_ml]# sudo -u ids nohup python3.11 syslog_parser.py > /var/log/ids/syslog_parser.log 2>&1 &
+[1] 59373
+[root@ids python_ml]# tail -20 /var/log/ids/syslog_parser.log
+nohup: ignoring input
+=== SYSLOG PARSER PER ROUTER MIKROTIK ===
+Pressione Ctrl+C per interrompere
+
+[ERROR] Connessione database fallita: connection to server at "localhost" (::1), port 5432 failed: FATAL:  password authentication failed for user "ids_user"
+
+[INFO] Disconnesso da PostgreSQL
+Traceback (most recent call last):
+  File "/opt/ids/python_ml/syslog_parser.py", line 215, in <module>
+    main()
+  File "/opt/ids/python_ml/syslog_parser.py", line 203, in main
+    parser.connect_db()
+  File "/opt/ids/python_ml/syslog_parser.py", line 48, in connect_db
+    self.conn = psycopg2.connect(**self.db_config)
+                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+  File "/home/ids/.local/lib/python3.11/site-packages/psycopg2/__init__.py", line 122, in connect
+    conn = _connect(dsn, connection_factory=connection_factory, **kwasync)
+           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+psycopg2.OperationalError: connection to server at "localhost" (::1), port 5432 failed: FATAL:  password authentication failed for user "ids_user"
+
+[1]+  Exit 1                  sudo -u ids nohup python3.11 syslog_parser.py > /var/log/ids/syslog_parser.log 2>&1
+[root@ids python_ml]# tail -20 /var/log/ids/syslog_parser.log
+nohup: ignoring input
+=== SYSLOG PARSER PER ROUTER MIKROTIK ===
+Pressione Ctrl+C per interrompere
+
+[ERROR] Connessione database fallita: connection to server at "localhost" (::1), port 5432 failed: FATAL:  password authentication failed for user "ids_user"
+
+[INFO] Disconnesso da PostgreSQL
+Traceback (most recent call last):
+  File "/opt/ids/python_ml/syslog_parser.py", line 215, in <module>
+    main()
+  File "/opt/ids/python_ml/syslog_parser.py", line 203, in main
+    parser.connect_db()
+  File "/opt/ids/python_ml/syslog_parser.py", line 48, in connect_db
+    self.conn = psycopg2.connect(**self.db_config)
+                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+  File "/home/ids/.local/lib/python3.11/site-packages/psycopg2/__init__.py", line 122, in connect
+    conn = _connect(dsn, connection_factory=connection_factory, **kwasync)
+           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+psycopg2.OperationalError: connection to server at "localhost" (::1), port 5432 failed: FATAL:  password authentication failed for user "ids_user"