Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    [RESOLVED] Installing package on PC Engines ALIX.2 v0.99h CF 4G

    Scheduled Pinned Locked Moved 2.0-RC Snapshot Feedback and Problems - RETIRED
    18 Posts 4 Posters 8.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • JeanNoJ
      JeanNo
      last edited by

      Hello,

      Dashboard Widget: Snort not works.

      Warning: Invalid argument supplied for foreach() in /usr/local/www/widgets/widgets/snort_alerts.widget.php on line 38

      Regards

      JNL

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        That probably just means you have no snort alerts. (or they moved since the last time the widget was updated). Apparently the widget code doesn't check for that condition very well.

        I'd be very careful trying to run snort on an ALIX, too, it doesn't have very much RAM or CPU power to spare.

        Remember: Upvote with the šŸ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • JeanNoJ
          JeanNo
          last edited by

          Hello evrybody

          I have some alert like Portscan and the winget doesn't works.

          I see on the Snort Site than this program works on the PC engine and is only for Home Use.

          But i have a question you or any body.

          Wicth the best configuration for the snort on Alix.
          And if some body as answer i have one question more.

          I can't select than more of 2 rules… The interface can't start...

          My States

          System Information
          Version 2.0-BETA1
          built on Sat Apr 17 19:13:58 EDT 2010

          FreeBSD 8.0-STABLE

          Platform nanobsd
          NanoBSD Boot Slice pfsense0 / ad0s1a
          CPU Type Geode(TM) Integrated Processor by AMD PCS

          UptimeĀ  1 day

          Current date/time Wed Apr 21 7:34:09 CEST 2010

          Last config change Tue Apr 20 7:51:50 CEST 2010

          State table sizeĀ  467/23000

          MBUF Usage 260 /780Ā 
          CPU usageĀ  Ā  Ā  10%
          Memory usageĀ  Ā  Ā  52%
          Disk usageĀ  Ā  Ā  15%

          THX for answers

          Regards

          Jean-Noƫl

          1 Reply Last reply Reply Quote 0
          • jimpJ
            jimp Rebel Alliance Developer Netgate
            last edited by

            If you aren't seeing alerts, you may be running snort on the wrong interface. Some things like portscan would only show if you run on WAN and have the proper rules enabled to detect that (and also if the traffic was even allowed; if the traffic is blocked already by firewall rules, snort won't see it, since it's a non-issue)

            As for what to run, just pick a small number of rulesets (1-3 maybe) to start with and see what your RAM usage is. You can keep adding rules until your RAM usage gets uncomfortably high but that's really up to you. As long as the box pushed through data fast enough for your network, it should still be OK.

            If you want general guidance on snort more than I posted, you should start a new thread with a title that is specific to running snort on ALIX.

            Remember: Upvote with the šŸ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • JeanNoJ
              JeanNo
              last edited by

              Hi,

              I can't put more than 3 rules, after the service go down.

              My merory doen't exced 40% and cpu 10%

              I thing some wrong but where ?

              Regards

              Jean-Noƫl

              1 Reply Last reply Reply Quote 0
              • jimpJ
                jimp Rebel Alliance Developer Netgate
                last edited by

                I'm not sure what the issue might be there. Is that any 3 rules, or are you trying the same ones repeatedly?

                It may be an issue with one particular ruleset.

                Remember: Upvote with the šŸ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

                Need help fast? Netgate Global Support!

                Do not Chat/PM for help!

                1 Reply Last reply Reply Quote 0
                • JeanNoJ
                  JeanNo
                  last edited by

                  Hi,

                  • I start the snort with empty rules (ok)
                  • I check 3 rules (ok)
                    The service and interface are OK (up)
                  • I check one more rules (in total 4 rules checked).
                  • The interface and services go Down.

                  I can't only check 3 rules after the snort doesn't works.

                  My memory and CPU is not to busy (about 10-20% for the cpu and 30-40% of memory used)

                  I thing i do something false or the snort can works correctly to Alix.

                  But on the Snort site the minimum Hardware for works Snort is an Alix..

                  Regards

                  Jean-Noƫl

                  1 Reply Last reply Reply Quote 0
                  • jimpJ
                    jimp Rebel Alliance Developer Netgate
                    last edited by

                    Do you see any errors in the system log when it fails to load?

                    Remember: Upvote with the šŸ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

                    Need help fast? Netgate Global Support!

                    Do not Chat/PM for help!

                    1 Reply Last reply Reply Quote 0
                    • JeanNoJ
                      JeanNo
                      last edited by

                      Hi,

                      i make different setup and i can put many rulles.

                      the service is up.

                      Do you known if exist notification when the service go down via email

                      thx for your help

                      regards

                      jnl

                      1 Reply Last reply Reply Quote 0
                      • jimpJ
                        jimp Rebel Alliance Developer Netgate
                        last edited by

                        2.0 has e-mail notifications but as far as I know, there are no packages that support sending notifications in this way.

                        Remember: Upvote with the šŸ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

                        Need help fast? Netgate Global Support!

                        Do not Chat/PM for help!

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.