Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Snort 2.9.2.3 pkg v. 2.5.4 Issues

    Scheduled Pinned Locked Moved pfSense Packages
    11 Posts 4 Posters 2.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      Cino
      last edited by

      Some issues I've noticed on my box with this build.

      1: One of my sensors wont start, its bind to the LAN interface and noticed it not putting the correct subnet for the LAN IP.

      
Jan 30 14:40:56 	snort[62809]: FATAL ERROR: /usr/local/etc/snort/snort_5622_em2/snort.conf(220) => Invalid ip_list to 'ignore_scanners' option.

      snort.conf line 220, only a snip of it. the subnet is wrong for pfsense lan IP.

      
var HOME_NET [127.0.0.1,192.168.0.1,/,68.172.xx.xx]

      2: barnyard2 dies right after an auto rules update. looks like it tries to start but 3 out of 4 sensors wont stay started, have to manually start them

      
Feb 3 12:07:32 	barnyard2[75369]: Waiting for new data
Feb 3 12:07:32 	barnyard2[75369]: Opened spool file '/var/log/snort/snort_em359292/snort_59292_em3.u2.1359911144'
Feb 3 12:07:32 	barnyard2[75369]: Closing spool file '/var/log/snort/snort_em359292/snort_59292_em3.u2.1359894845'. Read 18 records
Feb 3 12:07:31 	barnyard2[75369]: Opened spool file '/var/log/snort/snort_em359292/snort_59292_em3.u2.1359894845'
Feb 3 12:07:31 	barnyard2[75369]: Using waldo file '/var/log/snort/snort_em359292/barnyard2/59292_em3.waldo': spool directory = /var/log/snort/snort_em359292 spool filebase = snort_59292_em3.u2 time_stamp = 1359894845 record_idx = 1
Feb 3 12:07:31 	barnyard2[75369]: Barnyard2 initialization completed successfully (pid=75369)
Feb 3 12:07:31 	barnyard2[75369]: --== Initialization Complete ==--
Feb 3 12:07:31 	barnyard2[75369]:
Feb 3 12:07:31 	barnyard2[75369]: database: using the "log" facility
Feb 3 12:07:31 	barnyard2[75369]: database: ignore_bpf = no
Feb 3 12:07:31 	barnyard2[75369]: database: detail level = full
Feb 3 12:07:31 	barnyard2[75369]: database: data encoding = hex
Feb 3 12:07:31 	barnyard2[75369]: database: sensor cid = 509
Feb 3 12:07:31 	barnyard2[75369]: database: sensor id = 5
Feb 3 12:07:31 	barnyard2[75369]: database: sensor name = pfsense.cino.homeip.net:em3
Feb 3 12:07:31 	barnyard2[75369]: database: database name = snort
Feb 3 12:07:31 	barnyard2[75369]: database: user = snort
Feb 3 12:07:31 	barnyard2[75369]: database: host = 192.168.0.100
Feb 3 12:07:31 	barnyard2[75369]: database: schema version = 107
Feb 3 12:07:31 	barnyard2[75369]: database: configured to use mysql
Feb 3 12:07:31 	barnyard2[75369]: database: compiled support for (mysql)
Feb 3 12:06:09 	php: : The Rules update has finished...
Feb 3 12:06:09 	php: : Snort has restarted with your new set of rules...
Feb 3 12:05:49 	barnyard2[97651]: ===============================================================================
Feb 3 12:05:49 	barnyard2[97651]: Total: 3
Feb 3 12:05:49 	barnyard2[97651]: S5 G 2: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: S5 G 1: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: InvChkSum: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: DISCARD: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: OTHER: 3 (100.000%)
Feb 3 12:05:49 	barnyard2[97651]: MPLS: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: GRE LOOP: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: GRE IPX: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: GRE ARP: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: GRE PPTP: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: GRE IP6 E: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: GRE IPv6: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: GRE IPv4: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: GRE VLAN: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: GRE ETH: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: GRE: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: IPv6/IPv6: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: IPv6/IPv4: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: IPv4/IPv6: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: IPv4/IPv4: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: IPX: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: ETHLOOP: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: EAPOL: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: ARP: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: FRAG 6: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: FRAG: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: ICMPdis: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: UDPdisc: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: TCPdisc: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: ICMP: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: UDP: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: TCP: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: ICMP-IP: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: ICMP6: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: UDP 6: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: TCP 6: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: IP4disc: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: IP4: 3 (100.000%)
Feb 3 12:05:49 	barnyard2[97651]: IP6disc: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: IP6opts: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: IP6 EXT: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: IPV6: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: VLAN: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: ETHdisc: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: ETH: 3 (100.000%)
Feb 3 12:05:49 	barnyard2[97651]: Packet breakdown by protocol (includes rebuilt packets):
Feb 3 12:05:49 	barnyard2[97651]: ===============================================================================
Feb 3 12:05:49 	barnyard2[97651]: Unknown: 0 (0.000%)
Feb 3 12:05:49 	barnyard2[97651]: Packets: 3 (75.000%)
Feb 3 12:05:49 	barnyard2[97651]: Events: 1 (25.000%)
Feb 3 12:05:49 	barnyard2[97651]: Records: 4
Feb 3 12:05:49 	barnyard2[97651]: Record Totals:
Feb 3 12:05:49 	barnyard2[97651]: ===============================================================================
Feb 3 12:05:49 	barnyard2[97651]: database: Closing connection to database "snort"
Feb 3 12:05:47 	barnyard2[95856]: ===============================================================================
Feb 3 12:05:47 	barnyard2[95856]: Total: 0
Feb 3 12:05:47 	barnyard2[95856]: S5 G 2: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: S5 G 1: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: InvChkSum: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: DISCARD: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: OTHER: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: MPLS: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: GRE LOOP: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: GRE IPX: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: GRE ARP: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: GRE PPTP: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: GRE IP6 E: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: GRE IPv6: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: GRE IPv4: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: GRE VLAN: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: GRE ETH: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: GRE: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: IPv6/IPv6: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: IPv6/IPv4: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: IPv4/IPv6: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: IPv4/IPv4: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: IPX: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: ETHLOOP: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: EAPOL: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: ARP: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: FRAG 6: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: FRAG: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: ICMPdis: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: UDPdisc: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: TCPdisc: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: ICMP: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: UDP: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: TCP: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: ICMP-IP: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: ICMP6: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: UDP 6: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: TCP 6: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: IP4disc: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: IP4: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: IP6disc: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: IP6opts: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: IP6 EXT: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: IPV6: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: VLAN: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: ETHdisc: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: ETH: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: Packet breakdown by protocol (includes rebuilt packets):
Feb 3 12:05:47 	barnyard2[95856]: ===============================================================================
Feb 3 12:05:47 	barnyard2[95856]: Unknown: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: Packets: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: Events: 0 (0.000%)
Feb 3 12:05:47 	barnyard2[95856]: Records: 0
Feb 3 12:05:47 	barnyard2[95856]: Record Totals:
Feb 3 12:05:47 	barnyard2[95856]: ===============================================================================
Feb 3 12:05:47 	barnyard2[95856]: database: Closing connection to database "snort"
Feb 3 12:05:47 	SnortStartup[77732]: Snort SOFT START For WLAN Guest Alerting(63656_em0_vlan5)...
Feb 3 12:05:46 	barnyard2[75369]: database: [SynchronizeEventId()]: Problems executing [SELECT MAX(cid) FROM icmphdr WHERE sid='5';]
Feb 3 12:05:46 	barnyard2[75369]: Node unique name is: pfsense.cino.homeip.net:em3
Feb 3 12:05:45 	SnortStartup[76680]: Snort START For LAN Alerting(5622_em2)...
Feb 3 12:05:45 	snort[76349]: FATAL ERROR: /usr/local/etc/snort/snort_5622_em2/snort.conf(224) => Invalid ip_list to 'ignore_scanners' option.
Feb 3 12:05:44 	barnyard2[75369]: Writing PID "75369" to file "/var/run/barnyard2_em359292.pid"
Feb 3 12:05:44 	barnyard2[75369]: PID path stat checked out ok, PID path set to /var/run
Feb 3 12:05:44 	barnyard2[75313]: Daemon parent exiting
Feb 3 12:05:44 	barnyard2[75369]: Daemon initialized, signaled parent pid: 75313
Feb 3 12:05:44 	barnyard2[75313]: Initializing daemon mode
Feb 3 12:05:44 	barnyard2[75313]: INFO database: Defaulting Reconnect sleep time to 5 second
Feb 3 12:05:44 	barnyard2[75313]: INFO database: Defaulting Reconnect/Transaction Error limit to 10
Feb 3 12:05:44 	barnyard2[75313]: Log directory = /var/log/snort/snort_em359292
Feb 3 12:05:44 	barnyard2[75313]: Barnyard2 spooler: Event cache size set to [2048]
Feb 3 12:05:44 	barnyard2[75313]: Found pid path directive (/var/run)
Feb 3 12:05:44 	barnyard2[75313]: Parsing config file "/usr/local/etc/snort/snort_59292_em3/barnyard2.conf"
Feb 3 12:05:44 	barnyard2[75313]: Initializing Output Plugins!
Feb 3 12:05:44 	barnyard2[75313]: Initializing Input Plugins!
Feb 3 12:05:44 	barnyard2[75313]: --== Initializing Barnyard2 ==--
Feb 3 12:05:44 	barnyard2[75313]:
Feb 3 12:05:44 	barnyard2[75313]: Running in Continuous mode
Feb 3 12:05:44 	barnyard2[75313]: Found pid path directive (/var/run)
Feb 3 12:05:42 	barnyard2[29288]: ===============================================================================
Feb 3 12:05:42 	barnyard2[29288]: Total: 22
Feb 3 12:05:42 	barnyard2[29288]: S5 G 2: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: S5 G 1: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: InvChkSum: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: DISCARD: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: OTHER: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: MPLS: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: GRE LOOP: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: GRE IPX: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: GRE ARP: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: GRE PPTP: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: GRE IP6 E: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: GRE IPv6: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: GRE IPv4: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: GRE VLAN: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: GRE ETH: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: GRE: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: IPv6/IPv6: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: IPv6/IPv4: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: IPv4/IPv6: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: IPv4/IPv4: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: IPX: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: ETHLOOP: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: EAPOL: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: ARP: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: FRAG 6: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: FRAG: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: ICMPdis: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: UDPdisc: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: TCPdisc: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: ICMP: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: UDP: 15 (68.182%)
Feb 3 12:05:42 	barnyard2[29288]: TCP: 7 (31.818%)
Feb 3 12:05:42 	barnyard2[29288]: ICMP-IP: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: ICMP6: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: UDP 6: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: TCP 6: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: IP4disc: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: IP4: 22 (100.000%)
Feb 3 12:05:42 	barnyard2[29288]: IP6disc: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: IP6opts: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: IP6 EXT: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: IPV6: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: VLAN: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: ETHdisc: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: ETH: 22 (100.000%)
Feb 3 12:05:42 	barnyard2[29288]: Packet breakdown by protocol (includes rebuilt packets):
Feb 3 12:05:42 	barnyard2[29288]: ===============================================================================
Feb 3 12:05:42 	barnyard2[29288]: Unknown: 0 (0.000%)
Feb 3 12:05:42 	barnyard2[29288]: Packets: 22 (50.000%)
Feb 3 12:05:42 	barnyard2[29288]: Events: 22 (50.000%)
Feb 3 12:05:42 	barnyard2[29288]: Records: 44
Feb 3 12:05:42 	barnyard2[29288]: Record Totals:
Feb 3 12:05:42 	barnyard2[29288]: ===============================================================================
Feb 3 12:05:42 	barnyard2[29288]: database: Closing connection to database "snort"
Feb 3 12:05:42 	SnortStartup[74667]: Snort SOFT START For WAN Alerting(59292_em3)...
Feb 3 12:05:40 	SnortStartup[73251]: Snort SOFT START For WAN Blocking(60770_em3)...
Feb 3 12:05:38 	php: : Checking for and disabling any rules dependent upon disabled preprocessors for WLAN_GUEST...
Feb 3 12:05:37 	php: : Updating rules configuration for: WLAN_GUEST ...
Feb 3 12:05:34 	php: : Checking for and disabling any rules dependent upon disabled preprocessors for LAN...
Feb 3 12:05:34 	php: : Updating rules configuration for: LAN ...
Feb 3 12:05:29 	php: : Resolving and auto-enabling flowbit required rules for WAN...
Feb 3 12:05:26 	php: : Checking for and disabling any rules dependent upon disabled preprocessors for WAN...
Feb 3 12:05:26 	php: : Updating rules configuration for: WAN ...
Feb 3 12:05:15 	php: : Resolving and auto-enabling flowbit required rules for WAN...
Feb 3 12:05:09 	php: : Checking for and disabling any rules dependent upon disabled preprocessors for WAN...
Feb 3 12:05:07 	php: : Updating rules configuration for: WAN ...
Feb 3 12:04:55 	php: : Emergingthreats rules file update downloaded succsesfully
Feb 3 12:04:53 	php: : There is a new set of Emergingthreats rules posted. Downloading...
Feb 3 12:04:53 	php: : Snort Rules Attempts: 1
Feb 3 12:03:29 	php: : There is a new set of Snort.org rules posted. Downloading...
Feb 3 12:03:29 	php: : Snort MD5 Attempts: 1
      1 Reply Last reply Reply Quote 0
      • bmeeksB
        bmeeks
        last edited by

        A change was made in the code that builds the $HOME_NET variable to include the LAN subnet.  It was not formerly included.  Ermal made the tweak a few days ago.  Apparently it has problems on some installations.  Mine works fine, but others have posted with some issues.

        It appears the function that is supposed to return the subnet mask length sometimes returns an empty string.  Hopefully Ermal can take a look in the next day or so.

        1 Reply Last reply Reply Quote 0
        • C
          Cino
          last edited by

          thanks bmeeks! It properly creates the $HOME_NET variable for my WAN interface (I have 2 sensors, 1 for blocking and another for alerting/testing) and an OPT interface (VLAN).

          1 Reply Last reply Reply Quote 0
          • E
            eri--
            last edited by

            Cino you are on 2.1?
            If yes, just upgrade to a more recent snapshot where some fixes have been done related to that.
            Probably those are ipv6 addresses.

            1 Reply Last reply Reply Quote 0
            • C
              Cino
              last edited by

              @ermal:

              Cino you are on 2.1?
              If yes, just upgrade to a more recent snapshot where some fixes have been done related to that.
              Probably those are ipv6 addresses.

              I'm on 2.1.. I did do a sync this morning with the same results… Last firmware was Jan 24th, were these fixes binary related and/or code?

              1 Reply Last reply Reply Quote 0
              • JSmoradaJ
                JSmorada
                last edited by

                I noticed that the package is showing that there's an updated version on the installed packages screen but doesn't show up as available in the services status dashboard widget like previous updates had. Does this mean that the updated Snort package isn't yet stable?

                1 Reply Last reply Reply Quote 0
                • C
                  Cino
                  last edited by

                  @ermal:

                  Cino you are on 2.1?
                  If yes, just upgrade to a more recent snapshot where some fixes have been done related to that.
                  Probably those are ipv6 addresses.

                  Completed a full update on my 2.1 box and my LAN still doesn't up…

                  same error as before where the lan subnet is not being formatted correctly.. btw my lan does have ipv4 and ipv6 address

                  1 Reply Last reply Reply Quote 0
                  • E
                    eri--
                    last edited by

                    Should be fixed just reinstall.

                    1 Reply Last reply Reply Quote 0
                    • C
                      Cino
                      last edited by

                      lan sensor still wont start. noticed my ipv6 address are no longer in the HOME_NET variable

                      [127.0.0.1,192.168.0.1,/,x.x.x.x/22…....

                      1 Reply Last reply Reply Quote 0
                      • E
                        eri--
                        last edited by

                        I pushed another small fix.
                        You are sure that the latest fixes have been installed?

                        1 Reply Last reply Reply Quote 0
                        • C
                          Cino
                          last edited by

                          i did a deinstall and reinstall… life is good... both ipv4 and ipv6 addresses are there now.. thank you again for all your hard work on this package!!!

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.