Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Snort update to 2.9.7.0 pkg v3.2.1 - no GUI

    Scheduled Pinned Locked Moved pfSense Packages
    5 Posts 3 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • ?
      Guest
      last edited by

      Hi again!

      Me idiot pressed the update button for Snort and as usual - afterwards the GUI shows no sign of Snort any more, although I can access it via

      https://<router ip="">/snort/snort_interfaces.php

      Any help or do I have to do a reinstall of the CF-card?

      Happy New Year in advance….

      chemlud

      Update: removing Snort - reboot - installation of Snort led to another nightmare

      Dec 31 19:21:14 php: /pkg_mgr_install.php: The command '/usr/bin/sed -I '' -f /tmp/sedcmd /usr/pbi/snort-i386/etc/snort/snort_18807_re2/preproc_rules/sensitive-data.rules' returned exit code '1', the output was 'sed: /usr/pbi/snort-i386/etc/snort/snort_18807_re2/preproc_rules/sensitive-data.rules: No such file or directory'
      Dec 31 19:21:14 php: /pkg_mgr_install.php: [Snort] Updating rules configuration for: LAN …
      Dec 31 19:21:14 php: /pkg_mgr_install.php: [Snort] Seems preprocessor and/or decoder rules are missing, enabling autogeneration of them in conf file.
      Dec 31 19:21:14 php: /pkg_mgr_install.php: Could not find the libsf_imap_preproc file. Snort might error out!
      Dec 31 19:21:14 php: /pkg_mgr_install.php: Could not find the libsf_pop_preproc file. Snort might error out!
      Dec 31 19:21:14 php: /pkg_mgr_install.php: Could not find the libsf_dns_preproc file. Snort might error out!
      Dec 31 19:21:14 php: /pkg_mgr_install.php: Could not find the libsf_dce2_preproc file. Snort might error out!
      Dec 31 19:21:14 php: /pkg_mgr_install.php: Could not find the libsf_ssh_preproc file. Snort might error out!
      Dec 31 19:21:14 php: /pkg_mgr_install.php: Could not find the libsf_sip_preproc file. Snort might error out!
      Dec 31 19:21:14 php: /pkg_mgr_install.php: Could not find the libsf_ssl_preproc file. Snort might error out!
      Dec 31 19:21:14 php: /pkg_mgr_install.php: Could not find the libsf_smtp_preproc file. Snort might error out!
      Dec 31 19:21:14 php: /pkg_mgr_install.php: Could not find the libsf_ftptelnet_preproc file. Snort might error out!
      Dec 31 19:17:30 php: /pkg_mgr_install.php: [Snort] Building new sig-msg.map file for WAN…
      Dec 31 19:17:28 php: /pkg_mgr_install.php: [Snort] Enabling any flowbit-required rules for: WAN…
      Dec 31 19:13:20 php: /pkg_mgr_install.php: The command '/usr/bin/sed -I '' -f /tmp/sedcmd /usr/pbi/snort-i386/etc/snort/snort_27736_re1/preproc_rules/sensitive-data.rules' returned exit code '1', the output was 'sed: /usr/pbi/snort-i386/etc/snort/snort_27736_re1/preproc_rules/sensitive-data.rules: No such file or directory'
      Dec 31 19:13:20 php: /pkg_mgr_install.php: [Snort] Updating rules configuration for: WAN …
      Dec 31 19:13:20 php: /pkg_mgr_install.php: [Snort] Seems preprocessor and/or decoder rules are missing, enabling autogeneration of them in conf file.
      Dec 31 19:13:20 php: /pkg_mgr_install.php: Could not find the libsf_imap_preproc file. Snort might error out!
      Dec 31 19:13:20 php: /pkg_mgr_install.php: Could not find the libsf_pop_preproc file. Snort might error out!
      Dec 31 19:13:20 php: /pkg_mgr_install.php: Could not find the libsf_dns_preproc file. Snort might error out!
      Dec 31 19:13:20 php: /pkg_mgr_install.php: Could not find the libsf_dce2_preproc file. Snort might error out!
      Dec 31 19:13:20 php: /pkg_mgr_install.php: Could not find the libsf_ssh_preproc file. Snort might error out!
      Dec 31 19:13:20 php: /pkg_mgr_install.php: Could not find the libsf_sip_preproc file. Snort might error out!
      Dec 31 19:13:20 php: /pkg_mgr_install.php: Could not find the libsf_ssl_preproc file. Snort might error out!
      Dec 31 19:13:20 php: /pkg_mgr_install.php: Could not find the libsf_smtp_preproc file. Snort might error out!
      Dec 31 19:13:20 php: /pkg_mgr_install.php: Could not find the libsf_ftptelnet_preproc file. Snort might error out!
      Dec 31 19:13:20 check_reload_status: Syncing firewall
      Dec 31 19:13:19 php: /pkg_mgr_install.php: [Snort] The Rules update has finished.
      Dec 31 19:12:44 php: /pkg_mgr_install.php: [Snort] Emerging Threats Open rules file update downloaded successfully
      Dec 31 19:12:42 php: /pkg_mgr_install.php: [Snort] There is a new set of Emerging Threats Open rules posted. Downloading emerging.rules.tar.gz…
      Dec 31 19:12:41 php: /pkg_mgr_install.php: [Snort] Snort GPLv2 Community Rules file update downloaded successfully
      Dec 31 19:12:39 php: /pkg_mgr_install.php: [Snort] There is a new set of Snort GPLv2 Community Rules posted. Downloading community-rules.tar.gz…
      Dec 31 19:12:39 php: /pkg_mgr_install.php: [Snort] Server returned error code 422…
      Dec 31 19:12:39 php: /pkg_mgr_install.php: [Snort] Snort VRT rules md5 download failed…
      Dec 31 19:12:38 php: /pkg_mgr_install.php: [Snort] Downloading and updating configured rule types…
      Dec 31 19:12:38 php: /pkg_mgr_install.php: [Snort] Settings successfully migrated to new configuration format…
      Dec 31 19:12:38 php: /pkg_mgr_install.php: [Snort] Checking configuration settings version…
      Dec 31 19:12:37 php: /pkg_mgr_install.php: [Snort] Saved settings detected… rebuilding installation with saved settings...</router>

      1 Reply Last reply Reply Quote 0
      • S
        Supermule Banned
        last edited by

        I dont have that issue at all. Seems to be some issues when running CF and 32 bit versions of PF.

        Save your config and inst. a vanilla 64bit, import backup config and try inst. Snort again.

        1 Reply Last reply Reply Quote 0
        • ?
          Guest
          last edited by

          hardware is 32 bit, i guess… no hdd/ssd...

          Update 2:

          after new un/reinstall of snort:

          php: /snort/snort_interfaces.php: The command '/usr/bin/sed -I '' -f /tmp/sedcmd /usr/pbi/snort-i386/etc/snort/snort_27736_re1/preproc_rules/sensitive-data.rules' returned exit code '1', the output was 'sed: /usr/pbi/snort-i386/etc/snort/snort_27736_re1/preproc_rules/sensitive-data.rules: No such file or directory'

          adds up to the fuck up listed above, Snort is in GUI but fails to start, even after reboot...

          Dec 31 19:56:28 php: /snort/snort_interfaces.php: The command '/usr/bin/sed -I '' -f /tmp/sedcmd /usr/pbi/snort-i386/etc/snort/snort_27736_re1/preproc_rules/sensitive-data.rules' returned exit code '1', the output was 'sed: /usr/pbi/snort-i386/etc/snort/snort_27736_re1/preproc_rules/sensitive-data.rules: No such file or directory'
          Dec 31 19:56:28 php: /snort/snort_interfaces.php: [Snort] Updating rules configuration for: WAN …
          Dec 31 19:56:28 php: /snort/snort_interfaces.php: [Snort] Seems preprocessor and/or decoder rules are missing, enabling autogeneration of them in conf file.
          Dec 31 19:56:28 php: /snort/snort_interfaces.php: Could not find the libsf_imap_preproc file. Snort might error out!
          Dec 31 19:56:28 php: /snort/snort_interfaces.php: Could not find the libsf_pop_preproc file. Snort might error out!
          Dec 31 19:56:28 php: /snort/snort_interfaces.php: Could not find the libsf_dns_preproc file. Snort might error out!
          Dec 31 19:56:28 php: /snort/snort_interfaces.php: Could not find the libsf_dce2_preproc file. Snort might error out!
          Dec 31 19:56:28 php: /snort/snort_interfaces.php: Could not find the libsf_ssh_preproc file. Snort might error out!
          Dec 31 19:56:28 php: /snort/snort_interfaces.php: Could not find the libsf_sip_preproc file. Snort might error out!
          Dec 31 19:56:28 php: /snort/snort_interfaces.php: Could not find the libsf_ssl_preproc file. Snort might error out!
          Dec 31 19:56:28 php: /snort/snort_interfaces.php: Could not find the libsf_smtp_preproc file. Snort might error out!
          Dec 31 19:56:28 php: /snort/snort_interfaces.php: Could not find the libsf_ftptelnet_preproc file. Snort might error out!
          Dec 31 19:56:28 php: /snort/snort_interfaces.php: Toggle (snort starting) for WAN(re1)…

          Update 3:

          Manual update of rules fails for VRT with error code 422....

          "Snort VRT rules will not be updated.
          Server returned error code 422."

          1 Reply Last reply Reply Quote 0
          • bmeeksB
            bmeeks
            last edited by

            @chemlud:

            hardware is 32 bit, i guess… no hdd/ssd...

            Update 2:

            after new un/reinstall of snort:

            php: /snort/snort_interfaces.php: The command '/usr/bin/sed -I '' -f /tmp/sedcmd /usr/pbi/snort-i386/etc/snort/snort_27736_re1/preproc_rules/sensitive-data.rules' returned exit code '1', the output was 'sed: /usr/pbi/snort-i386/etc/snort/snort_27736_re1/preproc_rules/sensitive-data.rules: No such file or directory'

            adds up to the fuck up listed above, Snort is in GUI but fails to start, even after reboot...

            Dec 31 19:56:28 php: /snort/snort_interfaces.php: The command '/usr/bin/sed -I '' -f /tmp/sedcmd /usr/pbi/snort-i386/etc/snort/snort_27736_re1/preproc_rules/sensitive-data.rules' returned exit code '1', the output was 'sed: /usr/pbi/snort-i386/etc/snort/snort_27736_re1/preproc_rules/sensitive-data.rules: No such file or directory'
            Dec 31 19:56:28 php: /snort/snort_interfaces.php: [Snort] Updating rules configuration for: WAN …
            Dec 31 19:56:28 php: /snort/snort_interfaces.php: [Snort] Seems preprocessor and/or decoder rules are missing, enabling autogeneration of them in conf file.
            Dec 31 19:56:28 php: /snort/snort_interfaces.php: Could not find the libsf_imap_preproc file. Snort might error out!
            Dec 31 19:56:28 php: /snort/snort_interfaces.php: Could not find the libsf_pop_preproc file. Snort might error out!
            Dec 31 19:56:28 php: /snort/snort_interfaces.php: Could not find the libsf_dns_preproc file. Snort might error out!
            Dec 31 19:56:28 php: /snort/snort_interfaces.php: Could not find the libsf_dce2_preproc file. Snort might error out!
            Dec 31 19:56:28 php: /snort/snort_interfaces.php: Could not find the libsf_ssh_preproc file. Snort might error out!
            Dec 31 19:56:28 php: /snort/snort_interfaces.php: Could not find the libsf_sip_preproc file. Snort might error out!
            Dec 31 19:56:28 php: /snort/snort_interfaces.php: Could not find the libsf_ssl_preproc file. Snort might error out!
            Dec 31 19:56:28 php: /snort/snort_interfaces.php: Could not find the libsf_smtp_preproc file. Snort might error out!
            Dec 31 19:56:28 php: /snort/snort_interfaces.php: Could not find the libsf_ftptelnet_preproc file. Snort might error out!
            Dec 31 19:56:28 php: /snort/snort_interfaces.php: Toggle (snort starting) for WAN(re1)…

            Update 3:

            Manual update of rules fails for VRT with error code 422....

            "Snort VRT rules will not be updated.
            Server returned error code 422."

            Try this.  Completely remove the Snort package by clicking the X icon on the System…Packages...Installed Packages tab.  Then install it again.  Your configuration settings will be saved so long as the checkbox on the GLOBAL SETTINGS tab is checked to save setting on uninstall.

            Give Snort a long…long time to restart after the install.  It can take it several minutes on some hardware and with lots of enabled rules.  Some earlier users were experiencing the same issue (no GUI menu option under SERVICES), but they were exiting the package installation screen too soon.  Wait until you get a message in the screen dialog that the package installation is complete before you navigate away from the page.

            Bill

            1 Reply Last reply Reply Quote 0
            • ?
              Guest
              last edited by

              Hi Bill! Many thanx for the extended service, after the tird uninstall-reinstall it finally works! :-D

              Had a nice fondue and some decent white wine in the meantime and that apparently helped…

              Cheers and nice party everybody

              chemlud

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.