Snort 2.9.6.2 pkg v3.1.1 Update – Release Notes
-
Exactly why I would like the release available on 2.0.x…
I just dont believe that 2.1.x is "done" since lots of bugs is still coming in.
-
Bill was thinking that its a mirror issue as NA doesn't seem to have those issues?
Maybe you guys can try to point your DNS to NA Mirror Servers instead?
-
Bill was thinking that its a mirror issue as NA doesn't seem to have those issues?
Maybe you guys can try to point your DNS to NA Mirror Servers instead?
I'm done now with the actual "production systems" but still some backup systems to go in the near future… Any suggestions on what to do excatly ;-)
btw: I tried the updates in two different countries, both in Europe.
-
@chemlud:
Any suggestions on what to do excatly ;-)
The packages download from:
Downloading https://files.pfsense.org/packages/amd64/8/All/snort-2.9.6.2-amd64.pbi … [ repository]
When I ping files.pfsense.org
This is what IP it resolves to:
PING files.pfsense.org (208.123.73.81): 56 data bytes
64 bytes from 208.123.73.81: icmp_seq=0 ttl=55 time=55.767 msTry editing your DNS Forwarder (Host Over ride)
and point files.pfsense.org to this IP and see if it works? If you ping files.pfsense.org, you will receive an IP for a mirror that is closer to you. But obviously that ip/mirror is having issues.
-
@chemlud:
Any suggestions on what to do excatly ;-)
The packages download from:
Downloading https://files.pfsense.org/packages/amd64/8/All/snort-2.9.6.2-amd64.pbi … [ repository]
When I ping files.pfsense.org
This is what IP it resolves to:
PING files.pfsense.org (208.123.73.81): 56 data bytes
64 bytes from 208.123.73.81: icmp_seq=0 ttl=55 time=55.767 msTry editing your DNS Forwarder (Host Over ride)
and point files.pfsense.org to this IP and see if it works? If you ping files.pfsense.org, you will receive an IP for a mirror that is closer to you. But obviously that ip/mirror is having issues.
I agree with this approach. I think something is wrong on a mirror. If the package itself was messed up, then all of the North American folks would be impacted. I have performed three installs since the last update with no issues at all. My systems resolve the ULR to the same IP as BBcan177 posted.
Bill
-
When pinging from Scandinavia we get this:
PING files.pfsense.org (208.123.73.81): 56 data bytes
64 bytes from 208.123.73.81: icmp_seq=0 ttl=50 time=152.243 msSo we dont get a mirror on the package files…
-
When pinging from Scandinavia we get this:
PING files.pfsense.org (208.123.73.81): 56 data bytes
64 bytes from 208.123.73.81: icmp_seq=0 ttl=50 time=152.243 msSo we dont get a mirror on the package files…
Then I truly don't know what's wrong. If the Snort package itself was messed up, you would expect it to fail for everyone. Some (or a lot of) people have successfully installed the update. I myself have installed it three times since it was posted – twice to virtual machines and once to my production box. No problems encountered at all. BBcan177 stated he has done multiple installs with no issues. Others have posted success here as well. This is a really perplexing problem.
Bill
-
Not sure if anyone else noticed this or if its an issue with my box only.. I run both snort and suricata but only have blocking enable with suricata. When I reboot my box, snort doesn't start:
snort[55775]: FATAL ERROR: /usr/pbi/snort-i386/etc/snort/snort_60770_em3//usr/pbi/snort-i386/etc/snort/snort_60770_em3/rules/suricata.rules(0) Unable to open rules file "/usr/pbi/snort-i386/etc/snort/snort_60770_em3//usr/pbi/snort-i386/etc/snort/snort_60770_em3/rules/suricata.rules": No such file or directory.I'm puzzled why its looking for suricata.rules.
Now if I go and re-save each interface, i'm able to manually start them
-
Hollander had the same issue in another thread. He uninstall Suricata and re-installed it.
-
I did search this thread before posting, next time I'll search the board. As always, thank you for all your support and hard work.
-
I did search this thread before posting, next time I'll search the board. As always, thank you for all your support and hard work.
I'm thinking the root of this error might be the problem I found with an extra backslash in some paths in the Suricata and Snort PHP code. However, as part of my testing for the upcoming Suricata update, I will test in my VM lab with both Suricata and Snort enabled on a box.
Bill
-
When pinging from Scandinavia we get this:
PING files.pfsense.org (208.123.73.81): 56 data bytes
64 bytes from 208.123.73.81: icmp_seq=0 ttl=50 time=152.243 msSo we dont get a mirror on the package files…
My ping goes to the same IP.
…to me this whole story is kind of VERY disturbing...
-
@chemlud:
When pinging from Scandinavia we get this:
PING files.pfsense.org (208.123.73.81): 56 data bytes
64 bytes from 208.123.73.81: icmp_seq=0 ttl=50 time=152.243 msSo we dont get a mirror on the package files…
My ping goes to the same IP.
…to me this whole story is kind of VERY disturbing...
For Nano image boxes, make sure you have at least 200 MB of free space in /tmp. The package manager code gets tripped up if it runs out of space to unpack and install a package. That might be what's happening to you.
There was also a problem a few days ago with the SHA256 checksum files not getting uploaded to the packages servers. The developer team pushed a fix for that I noticed a few days ago.
Bill
