Snort problem
-
Hi, can anyone help me with Snort's problem? The problem started when the Snorta package was last updated.
Since no correction has been made during this time, I wonder if anyone else has this problem. I myself have a problem at two locations.
Error:
PHP ERROR: Type: 1, File: /usr/local/pkg/snort/snort.inc, Line: 2478, Message: Allowed memory size of 402653184 bytes exhausted (tried to allocate 268435464 bytes) @ 2019-12-03 20:26:30The Rules update has finished. Generating snort.conf configuration file from saved settings. Generating configuration for WAN... PHP ERROR: Type: 1, File: /usr/local/pkg/snort/snort.inc, Line: 2478, Message: Allowed memory size of 402653184 bytes exhausted (tried to allocate 268435464 bytes)pkg-static: POST-INSTALL script failed ===== Message from python27-2.7.16_1: -- =========================================================================== Note that some standard Python modules are provided as separate ports as they require additional dependencies. They are available as: bsddb databases/py-bsddb gdbm databases/py-gdbm sqlite3 databases/py-sqlite3 tkinter x11-toolkits/py-tkinter =========================================================================== ===== Message from barnyard2-1.13_4: -- Read the notes in the barnyard2.conf file for how to configure /usr/local/etc/barnyard2.conf after installation. For addtional information see the Securixlive FAQ at http://www.securixlive.com/barnyard2/faq.php. In order to enable barnyard2 to start on boot, you must edit /etc/rc.conf with the appropriate flags, etc. See the FreeBSD Handbook for syntax: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/configtuning-rcng.html For the various options available, type % barnyard2 -h after install or read the options in the startup script - in /usr/local/etc/rc.d. Barnyard2 can process unified2 files from snort or suricata. It can also interact with snortsam firewall rules as well as the sguil-sensor. Those ports must be installed separately if you wish to use them. ===== Message from snort-2.9.15: -- Snort uses rcNG startup script and must be enabled via /etc/rc.conf Please see /usr/local/etc/rc.d/snort for list of available variables and their description. Configuration files are located in /usr/local/etc/snort directory. Please note that, by default, snort will truncate packets larger than the default snaplen of 15158 bytes. Additionally, LRO may cause issues with Stream5 target-based reassembly. It is recommended to disable LRO, if your card supports it. This can be done by appending '-lro' to your ifconfig_ line in rc.conf. ===== Message from pfSense-pkg-snort-4.0_10: -- Please visit Services - Snort - Interfaces tab first to add an interface, then select your desired rules packages at the Services - Snort - Global tab. Afterwards visit the Updates tab to download your configured rulesets. >>> Cleaning up cache... done. Success