4. Snort problem

Snort problem

  • S

    Hi, can anyone help me with Snort's problem? The problem started when the Snorta package was last updated.

    Since no correction has been made during this time, I wonder if anyone else has this problem. I myself have a problem at two locations.

    Error:
    PHP ERROR: Type: 1, File: /usr/local/pkg/snort/snort.inc, Line: 2478, Message: Allowed memory size of 402653184 bytes exhausted (tried to allocate 268435464 bytes) @ 2019-12-03 20:26:30

    The Rules update has finished.
Generating snort.conf configuration file from saved settings.
Generating configuration for WAN...
PHP ERROR: Type: 1, File: /usr/local/pkg/snort/snort.inc, Line: 2478, Message: Allowed memory size of 402653184 bytes exhausted (tried to allocate 268435464 bytes)pkg-static: POST-INSTALL script failed
=====
Message from python27-2.7.16_1:

--
===========================================================================

Note that some standard Python modules are provided as separate ports
as they require additional dependencies. They are available as:

bsddb           databases/py-bsddb
gdbm            databases/py-gdbm
sqlite3         databases/py-sqlite3
tkinter         x11-toolkits/py-tkinter

===========================================================================
=====
Message from barnyard2-1.13_4:

--
Read the notes in the barnyard2.conf file for how to configure
/usr/local/etc/barnyard2.conf after installation.  For addtional information
see the Securixlive FAQ at http://www.securixlive.com/barnyard2/faq.php.

In order to enable barnyard2 to start on boot, you must edit /etc/rc.conf
with the appropriate flags, etc.  See the FreeBSD Handbook for syntax:
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/configtuning-rcng.html

For the various options available, type % barnyard2 -h after install or read
the options in the startup script - in /usr/local/etc/rc.d.

Barnyard2 can process unified2 files from snort or suricata.  It can also
interact with snortsam firewall rules as well as the sguil-sensor. Those
ports must be installed separately if you wish to use them.
=====
Message from snort-2.9.15:

--
Snort uses rcNG startup script and must be enabled via /etc/rc.conf
Please see /usr/local/etc/rc.d/snort
for list of available variables and their description.
Configuration files are located in /usr/local/etc/snort directory.

Please note that, by default, snort will truncate packets larger than the
default snaplen of 15158 bytes.  Additionally, LRO may cause issues with
Stream5 target-based reassembly.  It is recommended to disable LRO, if
your card supports it.

This can be done by appending '-lro' to your ifconfig_ line in rc.conf.
=====
Message from pfSense-pkg-snort-4.0_10:

--
Please visit Services - Snort - Interfaces tab first to add an interface, then select your desired rules packages at the Services - Snort - Global tab. Afterwards visit the Updates tab to download your configured rulesets.
>>> Cleaning up cache... done.
Success
    1
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy