Snort - upgrade to nanobsd 1.2.3 stops working. -> SOLVED
-
its on an alix and works fine with a few rules. i did the upgrade and reinstalled snort but it is not blocking anything.
an update of the rules presents me with:Warning: mkdir(/root/snort_rules_up): Read-only file system in /usr/local/www/snort_download_rules.php on line 186 Warning: fopen(/root/snort_rules_up/snortrules-snapshot-2.8.tar.gz.md5): failed to open stream: No such file or directory in /usr/local/www/snort_download_rules.php on line 202 Warning: fwrite(): supplied argument is not a valid stream resource in /usr/local/www/snort_download_rules.php on line 203 Warning: fclose(): supplied argument is not a valid stream resource in /usr/local/www/snort_download_rules.php on line 204 Warning: fopen(/root/snort_rules_up/pfsense_rules.tar.gz.md5): failed to open stream: No such file or directory in /usr/local/www/snort_download_rules.php on line 229 Warning: fwrite(): supplied argument is not a valid stream resource in /usr/local/www/snort_download_rules.php on line 230 Warning: fclose(): supplied argument is not a valid stream resource in /usr/local/www/snort_download_rules.php on line 231 Warning: filesize(): Stat failed for /root/snort_rules_up/snortrules-snapshot-2.8.tar.gz.md5 (errno=2 - No such file or directory) in /usr/local/www/snort_download_rules.php on line 240
rules are in etc but it's the read only part etc that i'm struggling with. would love to get it running again.
-
I moved a read/write call up a bit higher. Try upgrading the package again in about 5 minutes.
-
hi,
did an uninstall and then a reinstall which went flawlessy (or appeared to)
rules updated etc and snort starts using lowmem or ac-bnfa and smtp, iis & scan rules only
everything appears and looks right but there are no alerts or blocking eg grc scan does not block anymore or alert.when i go to settings under snort and change anything, i get:
Warning: fopen(/usr/local/etc/snort/threshold.conf): failed to open stream: Read-only file system in /usr/local/pkg/snort.inc on line 999 Warning: Cannot modify header information - headers already sent by (output started at /usr/local/pkg/snort.inc:999) in /usr/local/www/pkg_edit.php on line 35
when i go back to settings after the above, it appears to have taken the new settings but still no joy.
-
I added a couple more checks to be sure it's in read/write mode. Try updating it one more timeโฆ
-
you dah man!!!
installs & works perfectly on an alix!
thank you very much. really appreciated.
