Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpSyslog_Alert(): Invoked with Packet[0x3c89000] Event[0x0] Event Type [0] Context pointer[0x3c96700]

    Scheduled Pinned Locked Moved pfSense Packages
    2 Posts 1 Posters 444 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      hkjarral
      last edited by hkjarral

      Barnyard stopped working after enabling Public IP REP list on snort interface.

      barnyard2 -V

      ______ -> Barnyard2 <-
      / ,,_ \ Version 2.1.13 (Build 327) IPv6
      |o" )~| By Ian Firns (SecurixLive): http://www.securixlive.com/

      • '''' + (C) Copyright 2008-2013 Ian Firns firnsy@securixlive.com

      This is the error message in log

      barnyard2 OpSyslog_Alert(): Invoked with Packet[0x3c89000] Event[0x0] Event Type [0] Context pointer[0x3c96700]

      System pfSense

      BIOS Vendor: Dell Inc.
      Version: A09
      Release Date: Thu Jan 31 2013
      Version 2.4.3-RELEASE-p1 (amd64)
      built on Thu May 10 15:02:52 CDT 2018
      FreeBSD 11.1-RELEASE-p10

      The system is on the latest version.
      Version information updated at Thu Sep 20 20:18:42 MST 2018
      CPU Type Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
      4 CPUs: 1 package(s) x 4 core(s)
      AES-NI CPU Crypto: Yes (inactive)

      cat /usr/local/etc/snort/snort_38898_igb3/barnyard2.conf

      barnyard2.conf

      barnyard2 can be found at http://www.securixlive.com/barnyard2/index.php

      General Barnyard2 settings

      config quiet
      config daemon
      config decode_data_link
      config alert_with_interface_name
      config event_cache_size: 8192
      config show_year
      config archivedir: /var/log/snort/snort_igb338898/barnyard2/archive
      config reference_file: /usr/local/etc/snort/snort_38898_igb3/reference.config
      config classification_file: /usr/local/etc/snort/snort_38898_igb3/classification.config
      config sid_file: /usr/local/etc/snort/snort_38898_igb3/sid-msg.map
      config gen_file: /usr/local/etc/snort/snort_38898_igb3/gen-msg.map
      config hostname: firewall.cybridllc.com
      config interface: igb3
      config waldo_file: /var/log/snort/snort_igb338898/barnyard2/38898_igb3.waldo
      config logdir: /var/log/snort/snort_igb338898

      START user pass through

      END user pass through

      Setup input plugins

      input unified2

      Setup output plugins

      syslog_full: log to a remote syslog receiver

      output log_syslog_full: sensor_name snort, server 192.168.1.241, protocol udp, port 5514, operation_mode default, payload_encoding hex, log_facility LOG_LOCAL0, log_priority LOG_INFO

      1 Reply Last reply Reply Quote 0
      • H
        hkjarral
        last edited by

        It started to work after I turned snort off for few hours. I dont know reason just for anyone out there who saw the issue.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.