4 VLAN - SNORT 2.8.5.3 pkg v. 1.25 ERROR INVALID PIDFILE SUFFIX
-
Hi, i've PFSENSE Version 2.0-BETA1 05/06/10 with 4 vlan and snort error
WAN interface (rl0_vlan2)
LAN interface (rl0_vlan1)
WANB interface (rl0_vlan3)
WIFI interface (rl0_vlan4)snort e squid installed.
I've installed snort 2.8.5.3 pkg v. 1.25, i installed new rules, but when i try to start,i've this error in the system log and SNORT not start:May 7 13:26:18 snort[21706]: FATAL ERROR: Invalid pidfile suffix: 29010rl0_vlan2. Suffix must less than 11 characters and not have ".." or "/" in the name.
May 7 13:26:18 snort[21706]: FATAL ERROR: Invalid pidfile suffix: 29010rl0_vlan2. Suffix must less than 11 characters and not have ".." or "/" in the name.
May 7 13:26:17 SnortStartup[15664]: Toggle for 29010_rl0_vlan2…with PFSENSE version 1.2.3 snort work ok. Version 1.2.3 have different name for interface vlan.
help me!
Bye
Simone -
Hi, i've PFSENSE Version 2.0-BETA1 05/06/10 with 4 vlan and snort error
WAN interface (rl0_vlan2)
LAN interface (rl0_vlan1)
WANB interface (rl0_vlan3)
WIFI interface (rl0_vlan4)snort e squid installed.
I've installed snort 2.8.5.3 pkg v. 1.25, i installed new rules, but when i try to start,i've this error in the system log and SNORT not start:May 7 13:26:18 snort[21706]: FATAL ERROR: Invalid pidfile suffix: 29010rl0_vlan2. Suffix must less than 11 characters and not have ".." or "/" in the name.
May 7 13:26:18 snort[21706]: FATAL ERROR: Invalid pidfile suffix: 29010rl0_vlan2. Suffix must less than 11 characters and not have ".." or "/" in the name.
May 7 13:26:17 SnortStartup[15664]: Toggle for 29010_rl0_vlan2…with PFSENSE version 1.2.3 snort work ok. Version 1.2.3 have different name for interface vlan.
help me!
Bye
SimoneI'll fix it next release. The name for the pid file is not less than 11 characters.
James
-
thank you
Simone -
Hi, I updated snort to 2.8.6 pkg v. 1.27 pfsense 2.0-BETA1
built on Sun May 16 03:24:28 EDT 2010I did upgrade the package 'snort' to 2.8.6 pkg v. 1.27, but the error remained:
Jun 8 11:08:50 snort[5758]: FATAL ERROR: Invalid pidfile suffix: 3370em1_vlan3. Suffix must less than 11 characters and not have ".." or "/" in the name.
Jun 8 11:08:50 snort[5758]: FATAL ERROR: Invalid pidfile suffix: 3370em1_vlan3. Suffix must less than 11 characters and not have ".." or "/" in the name.
Jun 8 11:08:49 SnortStartup[61604]: Toggle for 3370_em1_vlan3… -
Same problem here .. I'm guessing there's probably not a workaround either, as the vlan interface names are automatically generated?
-
Is this problem being acknowledged at all? I'm getting this as well with PPPoE.
-
same here on 2.0-BETA3 Jun 29 17:52:01 EDT 2010, snort2.8.6 pkg v. 1.27;
Jul 2 01:11:50 pfsense snort[1736]: FATAL ERROR: Invalid pidfile suffix: 38749pppoe0. Suffix mus
t less than 11 characters and not have ".." or "/" in the name.
Jul 2 01:11:50 pfsense snort[1736]: FATAL ERROR: Invalid pidfile suffix: 38749pppoe0. Suffix mus
t less than 11 characters and not have ".." or "/" in the name.
Jul 2 01:11:50 pfsense SnortStartup[3737]: Snort HARD Reload For 38749_pppoe0…hope any fixes committed soon.
cheers,
-
any news on this matter? my snort stops working since beg of June…
or shall I post in package forum?cheers,
-
any news on this matter? my snort stops working since beg of June…
or shall I post in package forum?cheers,
No idea, but this totally SUCKS. My Snort has been dead for a while now.
I reported this bug to http://redmine.pfsense.org/issues/692 . I suggest all others do as well until this is resolved.
-
Read this link
http://forum.pfsense.org/index.php/topic,26382.15.html
;)
-
nope, that is different issue. the thing here is that snort won't start due to naming convention, your link above is, some issues while updating rules which means snort is running.
-
Utterly ridiculous, not so much as a reply >:(
-
Utterly ridiculous, not so much as a reply >:(
There was a reply, 2+ months ago. This:
I'll fix it next release. The name for the pid file is not less than 11 characters.
Rob (jamesdean) is the maintainer of the package. I'm not sure when he plans on "next release". Don't expect packages to work perfectly on a beta release, and don't expect prompt fixes unless you're willing to pay for them.
-
it can temporarily make a symbolic link or alias to the interface name in order to have a name shorter than 11 characters?
bye bye
Simone -
@cmb:
There was a reply, 2+ months ago…
...and don't expect prompt fixes unless you're willing to pay for them.
2+ months ago he stated he would fix it, and you think that is still within the realm of "prompt"? Really
I've been a pfsense user for sometime. Jamesdean's Snort package has always been sub-par with very strong evidence of weak QA. Now that you have made this very clear statement, I get it: you guys are in it for the $. We must pay for fixes.
We get it now.
-
Mow that you have made this very clear statement, I get it: you guys are in it for the $. We must pay for fixes.
I think I understand your sense of frustration but that remark is over the top. Lots of people have downloaded pfSense for no charge. I don't see how that would happen if "those guys" were in it for the $.
Its my understanding that a number of the pfSense developers work on pfSense in their "spare" time for love. Since they have to eat, to at least some degree paying work has to take priority.
-
@cmb:
There was a reply, 2+ months ago…
...and don't expect prompt fixes unless you're willing to pay for them.
2+ months ago he stated he would fix it, and you think that is still within the realm of "prompt"? Really
I've been a pfsense user for sometime. Jamesdean's Snort package has always been sub-par with very strong evidence of weak QA. Mow that you have made this very clear statement, I get it: you guys are in it for the $. We must pay for fixes.
We get it now.
There are many people on this forum including myself that would disagree with you. The package has come a long way over the last few years and has dramatically improved since James took it over. If you feel that the package is weak or not maintained to your satisfaction, then you're free to use something else. Most of the work is done using their donated time and will fix issues when it's available. Since most people work for a living for the almighty $$, don't expect them to push aside their living to do something that they are not getting paid for just to satisfy your needs.
James, take your time and keep up the good work.
-
I've been a pfsense user for sometime. Jamesdean's Snort package has always been sub-par with very strong evidence of weak QA.
I wouldn't disagree entirely with that. I've cleaned up the fall out where it impacts the way our customers use it a few times. Though I believe the only major issues it has right now are 2.0-specific (like this, due to longer interface names).
Now that you have made this very clear statement, I get it: you guys are in it for the $. We must pay for fixes.
I have to make sure we're bringing in enough to keep people paid, we have multiple people who make a full time living working on the project. If you can convince everyone's banks that their mortgages should be wiped out, their utility companies that all their utilities should be free, stores to give away food, cars, computers, etc. etc. because we write open source software, we'll stop following the money. Until then, this is what makes this project work. Progress would have slowed to a crawl long ago if people couldn't make a living working on it. The bulk of what happens in this project happens because someone is paying for it, either paying us directly, or one of our other developers is getting paid by their employer to do it. If you pay attention to open source in general, you'll know that there is not a single major project with long term success that doesn't have people making a full time living working on it.
No you don't have to pay for anything. But if you want something done immediately, in some cases that may be your only option. Providing open source software somehow gives a sense of entitlement to you and many others that everything must be free, and your every want, need and desire must be addressed by people not getting paid for their time, on the timeline you want it. That's unrealistic and not fair to those of us who spend SO much unpaid time in addition to paid time on the project.
My thanks to those of you who make it possible for us to make a living on the project, and those who may not contribute financially but are supportive of our efforts and respectful.
-
Utterly uncalled for!
"2+ months ago he stated he would fix it, and you think that is still within the realm of "prompt"? Really
I've been a pfsense user for sometime. Jamesdean's Snort package has always been sub-par with very strong evidence of weak QA. Now that you have made this very clear statement, I get it: you guys are in it for the $. We must pay for fixes.
We get it now."
This is the kind of things people will never understand about opensource. pfSense has given you without asking anything in return and all you do is mock, you are an arrogant person who don't deserve help from anyone. People are sacrificing to fight for freedom and you think they are doing this for themselves WOW! I thought asians were stupid but you have utterly disgraced whatever race you are.
-
I installed the new version 2.8.6 pkg see 1.31, but still does not work
here's the log:
Aug 9 21:11:28 SnortStartup [45354]: START RULE Interface for 1_35187_em1_vlan2 …
Aug 9 21:11:28 snort [45329]: FATAL ERROR: Invalid pidfile suffix: 35187em1_vlan2. Suffix Less Than 11 characters and must not Have '..' or '/' in the name.
Aug 9 21:11:28 snort [45329]: FATAL ERROR: Invalid pidfile suffix: 35187em1_vlan2. Suffix Less Than 11 characters and must not Have '..' or '/' in the name.someone managed to get it to work?
greetingsSimone