Snort problem

  • Hi, can anyone help me with Snort's problem? The problem started when the Snorta package was last updated.

    Since no correction has been made during this time, I wonder if anyone else has this problem. I myself have a problem at two locations.

    PHP ERROR: Type: 1, File: /usr/local/pkg/snort/, Line: 2478, Message: Allowed memory size of 402653184 bytes exhausted (tried to allocate 268435464 bytes) @ 2019-12-03 20:26:30

    The Rules update has finished.
    Generating snort.conf configuration file from saved settings.
    Generating configuration for WAN...
    PHP ERROR: Type: 1, File: /usr/local/pkg/snort/, Line: 2478, Message: Allowed memory size of 402653184 bytes exhausted (tried to allocate 268435464 bytes)pkg-static: POST-INSTALL script failed
    Message from python27-2.7.16_1:
    Note that some standard Python modules are provided as separate ports
    as they require additional dependencies. They are available as:
    bsddb           databases/py-bsddb
    gdbm            databases/py-gdbm
    sqlite3         databases/py-sqlite3
    tkinter         x11-toolkits/py-tkinter
    Message from barnyard2-1.13_4:
    Read the notes in the barnyard2.conf file for how to configure
    /usr/local/etc/barnyard2.conf after installation.  For addtional information
    see the Securixlive FAQ at
    In order to enable barnyard2 to start on boot, you must edit /etc/rc.conf
    with the appropriate flags, etc.  See the FreeBSD Handbook for syntax:
    For the various options available, type % barnyard2 -h after install or read
    the options in the startup script - in /usr/local/etc/rc.d.
    Barnyard2 can process unified2 files from snort or suricata.  It can also
    interact with snortsam firewall rules as well as the sguil-sensor. Those
    ports must be installed separately if you wish to use them.
    Message from snort-2.9.15:
    Snort uses rcNG startup script and must be enabled via /etc/rc.conf
    Please see /usr/local/etc/rc.d/snort
    for list of available variables and their description.
    Configuration files are located in /usr/local/etc/snort directory.
    Please note that, by default, snort will truncate packets larger than the
    default snaplen of 15158 bytes.  Additionally, LRO may cause issues with
    Stream5 target-based reassembly.  It is recommended to disable LRO, if
    your card supports it.
    This can be done by appending '-lro' to your ifconfig_ line in rc.conf.
    Message from pfSense-pkg-snort-4.0_10:
    Please visit Services - Snort - Interfaces tab first to add an interface, then select your desired rules packages at the Services - Snort - Global tab. Afterwards visit the Updates tab to download your configured rulesets.
    >>> Cleaning up cache... done.

Log in to reply