Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Change max_client_bytes in SSH preprocessor

    Scheduled Pinned Locked Moved IDS/IPS
    2 Posts 2 Posters 287 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      alchemyx
      last edited by

      Hi,

      How to change max_client_bytes in SSH preprocessor? If I put that in Advanced Configuration Pass-Through

      preprocessor ssh:
              max_client_bytes 19600

      Then SNORT won't start up. Probably because I have duplicated preprocessor ssh: with the one provided by pfsense. I tried disabling SSH altogether and putting it again but snort also refuses to come back up.

      pfsense version is 2.4.2-RELEASE-p1 and SNORT is 2.9.9.0

      Thanks!
      Michał

      1 Reply Last reply Reply Quote 0
      • bmeeksB
        bmeeks
        last edited by

        @alchemyx:

        Hi,

        How to change max_client_bytes in SSH preprocessor? If I put that in Advanced Configuration Pass-Through

        preprocessor ssh:
                max_client_bytes 19600

        Then SNORT won't start up. Probably because I have duplicated preprocessor ssh: with the one provided by pfsense. I tried disabling SSH altogether and putting it again but snort also refuses to come back up.

        pfsense version is 2.4.2-RELEASE-p1 and SNORT is 2.9.9.0

        Thanks!
        Michał

        At the moment that is not a configurable parameter within the GUI.  And using the Advanced Passthrough feature doesn't work with preprocessors because of how the internal GUI code works for now.

        I will add this parameter to the next Snort GUI update.  I'm working on some other Snort updates and hope to get an updated package posted in a couple of weeks or so.

        Bill

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.