Snort - upgrade to nanobsd 1.2.3 stops working. -> SOLVED



  • its on an alix and works fine with a few rules. i did the upgrade and reinstalled snort but it is not blocking anything.
    an update of the rules presents me with:

    Warning: mkdir(/root/snort_rules_up): Read-only file system in /usr/local/www/snort_download_rules.php on line 186 Warning: fopen(/root/snort_rules_up/snortrules-snapshot-2.8.tar.gz.md5): failed to open stream: No such file or directory in /usr/local/www/snort_download_rules.php on line 202 Warning: fwrite(): supplied argument is not a valid stream resource in /usr/local/www/snort_download_rules.php on line 203 Warning: fclose(): supplied argument is not a valid stream resource in /usr/local/www/snort_download_rules.php on line 204 Warning: fopen(/root/snort_rules_up/pfsense_rules.tar.gz.md5): failed to open stream: No such file or directory in /usr/local/www/snort_download_rules.php on line 229 Warning: fwrite(): supplied argument is not a valid stream resource in /usr/local/www/snort_download_rules.php on line 230 Warning: fclose(): supplied argument is not a valid stream resource in /usr/local/www/snort_download_rules.php on line 231 Warning: filesize(): Stat failed for /root/snort_rules_up/snortrules-snapshot-2.8.tar.gz.md5 (errno=2 - No such file or directory) in /usr/local/www/snort_download_rules.php on line 240

    rules are in etc but it's the read only part etc that i'm struggling with. would love to get it running again.


  • Rebel Alliance Developer Netgate

    I moved a read/write call up a bit higher. Try upgrading the package again in about 5 minutes.



  • hi,
    did an uninstall and then a reinstall which went flawlessy (or appeared to)
    rules updated etc and snort starts using lowmem or ac-bnfa and smtp, iis & scan rules only
    everything appears and looks right but there are no alerts or blocking eg grc scan does not block anymore or alert.

    when i go to settings under snort and change anything, i get:

    Warning: fopen(/usr/local/etc/snort/threshold.conf): failed to open stream: Read-only file system in /usr/local/pkg/snort.inc on line 999 Warning: Cannot modify header information - headers already sent by (output started at /usr/local/pkg/snort.inc:999) in /usr/local/www/pkg_edit.php on line 35

    when i go back to settings after the above, it appears to have taken the new settings but still no joy.


  • Rebel Alliance Developer Netgate

    I added a couple more checks to be sure it's in read/write mode. Try updating it one more time…



  • you dah man!!!
    installs & works perfectly on an alix!
    thank you very much. really appreciated.


Log in to reply