Snort Won't Start After Upgrade
-
Runnin' a RC, things like this are to be expected.
Ok and what do you say about this? http://blog.pfsense.org/?p=589
There are considerably fewer open issues on 2.0 right now than there were on 1.2.3 when it was released, and no major outstanding problems. 2.0 has gotten widespread use in production environments over the last year plus including in our most critical networks, and looks to be ready for release. We expect final release within a month, and consider RC3 the preferred release for all new installs.
I used it in a critical network too..
If Snort is part of your mission critical usage of RC3, how are you dealing with the fact it ain't working? I have several problems trying to deploy RC3's Snort and am patiently waiting for a fix ( after going back and forth between versions, not a joy ) - and don't find it to be a big surprise that Release Candidates have issues, you are surprised?
For me Snort is critical, maybe for others it isn't - if it is critical, waiting and listening are an option.
-
What was the point of fixing snort if it worked perfect .I did a stupid thing and updated from a perfect working pfsense and snort now i have a broken snort and a half assed working pfsense .Why fix a package that worked perfect ?????? >:( >:( >:(
-
What was the point of fixing snort if it worked perfect .I did a stupid thing and updated from a perfect working pfsense and snort now i have a broken snort and a half assed working pfsense .Why fix a package that worked perfect ?????? >:( >:( >:(
+1
-
Any update on this? The developer initially indicted, "A couple of days". This, almost 3 weeks ago.
Kind regards
Aubrey Kloppers -
I guess I can't complain because pfsense is free and has always been an excellent system. But, I am starting to get the impression this project may be coming to an end. I hope not, but I find it odd that the last snapshot was from July 4 2011 and it is now July 21st 2011. Also the release for 2.0 which was a major overhaul took more than 2 years to get an RC. I am not sure if the main people involved are tied up on other projects or what. James Dean has done a great job with his work on the snort package, but this day and age I would agree that snort should not be considered a optional package to install, it should be part of the base install and have the option to enable or disable it if needed.
I personally am glad now I took extra percautions with having an Untangle system in bridge mode behind my pfsense box. Stateful firewalls are not enough these days. I love the fine granular rules that can be used in pfsense, but hate that certain packages that I would consider are important break when updated versions come out. If I knew that snort was going to break on RC3, I would of rather stayed on RC2.
You can't get mad at James Dean for him using his own time to develope a package that should already be part of the base pfsense install.
No disrespect to pfsense, but people have options: Example: Astaro Home, Astaro Free Business edition, Endian, Untangle, ClearOS, Smoothwall, Ipfire, IPCOP, Zeroshell, SME server, vyatta, zentyal, ect… The list goes on. I only speak of what I have used and they all have snort as part of the base install and they are free. How can so many projects be wrong. But in defense to pfsense, they have a lot of packages that these others don't have. It all depends on your needs, but I think everyone here would say Snort in very important. To me the most important features are snort and country block. I am just glad country block is still working. That only takes away alot of threats.
I can honestly say that after using pfsense since 2005, I am starting to consider moving to either Endian, ClearOS, or Vyatta. I am thinking maybe Vyatta because it does everything pfsense can do and has all the base features. Again no disrespect to pfsense, it is just that after using the project for almost 6 years now. I don't think that you guys will get basic features in a stable format that will be handled by main developers.
I still appreciate all the years of using your project firewall, and thanks for that.
-
I find it odd that the last snapshot was from July 4 2011 and it is now July 21st 2011.
See this sticky thread in the 2.0 forum: http://forum.pfsense.org/index.php/topic,38687.0.html
-
Thanks for pointing this out to me. I had no idea. I would say this is something that should of been posted on the main pfsense site. Kind of important info don't you think?
Again something to think about? It can be somewhat exhausting when you are always searching for what went wrong.
But yet it's people like you that make pfsense wonderful. Someone who is always willing to help free of charge such as the pfsense team.
Maybe my outspoken mind from my last commit should of been silence, who knows. I just wish there were some considerations on widely used packages that the pfsense team would consider making a primary intergarted solution. Unless you are an ISP, VPN solution, or using pfsense to be a basic network router; why would you not consider SNORT to be a must have base application.
-
Hey,
yes, I agree that Snort is an important package its lack is causing problems.But the problems about Snort and the update URL is just because we are all now installing a Release Candidate software… and because of that, if you (as me) dare to use a RC in a production environment you should also to find the way to compensate... for example, I always update first my secondary pfSense machine, then if everything goes fine I update the primary machine... if in your environment there is no way to install a secondary machine, maybe would be a good idea to use a virtual machine instead, just to test the install of the system and the packages before installing a new RC release...
I guess now it's a little too late for this considerations, also, it's easy and not nice at all to talk when the damage is done... maybe consider what I wrote for the future...
Both problems are related to the need to branch the project, and this is related to the fact that it is not a stable release. I am sure this two problems will never occur on a stable release.
Best regards,
Michele -
I'm not trying to start an argument, but when a package is completely removed, it does not matter weather your on 1.2.3-RELEASE or not, testing really is not going to do you a whole lot of good with backup configurations. As far as VM goes, it has it place, just not when it comes to an edge security appliance.
I can agree with you that I should of taken some addtional percautions, but even if I did not upgrade and my system crashed, I still would not be able to get the stable version of snort on a stable release. As far as the issue not occuring on a stable release, "It Has"!, because it is not a primary developer package supported by the pfsense team. That is not a bash at James Dean. He has no way of knowing what will happen until the pfsense team deployes an update.
Besides it does not make sense that SNORT worked on betas, RC1, RC2, and then not on RC3. Safe assumsition it would work on RC3!
I was just stating that things would be smoother and much better if certain things were managed by the primary developers, THATS ALL.
If you think I am just some guy blowing off at the mouth, please look at all my post from the past and you will see I am not that way. I only state the obviouse.
Respectfully,
MDP
-
Yes Darklogic, I am not willing to start an argument too. Actually there's no reason, we are both users of this system, same side… what I didn't realize is that the package has been removed for all the versions, even the 1.2.3-release...
As for the branch, as software developer I can tell you that branching a feature or package at some part of the developing may happen. Expecially when huge modifications are in course. As for the concrete reason for this case, I am not in the development team so I don't know the exact reason, but if they took this decision there must be a good reason, because I am sure they evaluated that removing snort could cause problems, and removing it was the best solution.
Anyway, I understand your is not just a "guy blowing off", it's not a matter of complaining for itself but to give a hint to the devs about the priority... I hope it will be released asap, in the while I thank everyone for their work.
Best regards,
Michele -
mdima,
Thanks for understanding where I was coming from. And you may be very right on them to just completely remove it all together to avoid issues, not really sure? Maybe I need to sit tight and just see what happens.
Take Care,
MDP
-
The next time everything runs properly (pfsense ,Snort) i am going to make a disk image . >:(
-
It would be nice if the snort package would be made available, even if it's unstable…with the disclaimer that it may break your system (just remember to back up your configuration, which I already do before applying any changes).
-
do not rush developers, it is IDS, they must be verified before release, it's my only view, anyway, waiting working SNORT! :)
-
I'm fully aware of that and don't have a problem with the devs taking the time to iron out the bugs, but it was working flawlessly on the previous RC builds and now it's totally disappeared. It would be nice to at least be able to follow the progress of the dev as a passive observer…
-
@nipstech:
I'm fully aware of that and don't have a problem with the devs taking the time to iron out the bugs, but it was working flawlessly on the previous RC builds and now it's totally disappeared. It would be nice to at least be able to follow the progress of the dev as a passive observer…
It wasn't working flawlessly, it was starting. Shared rules weren't functional, invalidating a whole bunch of other rules.
-
@nipstech:
I'm fully aware of that and don't have a problem with the devs taking the time to iron out the bugs, but it was working flawlessly on the previous RC builds and now it's totally disappeared. It would be nice to at least be able to follow the progress of the dev as a passive observer…
It wasn't working flawlessly, it was starting. Shared rules weren't functional, invalidating a whole bunch of other rules.
Well it sure is not working now is it .Will it get fixed this year ????? >:( >:(
-
I have an idea…and this comment isn't directed toward anyone in particular...Why don't we stop the griping, whining and bitching and just let the dev's do their magic. No amount of complaining is gonna make a difference. It is what it is and none of us can do anything about it unless you're willing to back up your complaints and put your money where your mouth is with a bounty. Unfortunately, I can't afford to donate to the cause. So let's just be patient. I'm just gonna sit back and wait for snort to reappear on the package list.
Regards,
Jon -
@nipstech:
I have an idea…and this comment isn't directed toward anyone in particular...Why don't we stop the griping, whining and bitching and just let the dev's do their magic. No amount of complaining is gonna make a difference. It is what it is and none of us can do anything about it unless you're willing to back up your complaints and put your money where your mouth is with a bounty. Unfortunately, I can't afford to donate to the cause. So let's just be patient. I'm just gonna sit back and wait for snort to reappear on the package list.
Regards,
Jon+1
-
@nipstech:
I have an idea…and this comment isn't directed toward anyone in particular...Why don't we stop the griping, whining and bitching and just let the dev's do their magic. No amount of complaining is gonna make a difference. It is what it is and none of us can do anything about it unless you're willing to back up your complaints and put your money where your mouth is with a bounty. Unfortunately, I can't afford to donate to the cause. So let's just be patient. I'm just gonna sit back and wait for snort to reappear on the package list.
Regards,
JonI would like to know why thye played with snort when it work fine with zero problems .Now we have guy telling us to keep our mouths shut!!! Why should we !!!!! Plus it is on the package list NOT WORKING why is it they not working …....
