Unable to create whitelist within SNORT



  • pfSense: 1.2.3-RELEASE
    SNORT: 2.8.6.1 pkg v. 1.35

    I am unable to create a whitelist.  I navigate to SERVICES, SNORT, WHITELISTS, click "+" for ADD NEW.  I enter a name (no spaces), short description, and then click the "+" under "Add your own custom ips" to add an IP address and nothing happens.  Link is trying to go to: https://<censored>:<port>/snort/snort_interfaces_whitelist_edit.php?id=0# and no errors are thrown.  Nothing happens.  Shouldn't a text box or something be on the page so I can enter an IP address?

    I've used IE 8, IE9, Firefox, Chrome, Dolphin HD (Android) and Browser (Android) (all current as of this date) and the results are the same - notta.

    What am I doing wrong?

    Thanks.

    AWS</port></censored>



  • Am I missing a text box on this page where I should be allowed to enter an IP/CIDR or am I just using this form incorrectly?

    Thx,
    AWS



  • Can you try this at pfsense 2?



  • I've been toying with the idea of upgrading.  One concern I have is the OpenVPN configuration.  I really cannot afford to have to re-config all the remote users.  I read over the upgrade guide and PF recommends uninstalling all packages, upgrading then re-installing the packages.  So long as no re-config is needed in my OpenVPN server-side, I'd be ok with upgrading.

    Any OpenVPN upgrade ppl out there?  Can anyone comment if the upgrade, to the users, is seamless?  I don't want to have to regen all certs/keys and re-setup on the laptops.

    Thx.



  • If you have an extra machine or a vmware machine. put your current version on it and load a backup config. then upgrade it an see if you are going to be fine with your config.



  • We too have seen this issue on the same Snort and pfsense 1.2.3. My guess is that the package has been modified to work on 2.0, and this has broken the Whitelist add + entry button.



  • change browser.



  • @ugur:

    change browser.

    LOL, did you not see in the opening post he tried like 6 different ones? Mabye you should suggest a different browser for him since he's already tried 6. Not just "change browser".

    +1 If you have an extra machine. Do a vmware install of a 2.0. Take your config backup from your current machine & try to load it onto the "virtual" install & see if everything is setup as it is before. That will be the best solution. I could somehow see, that even if another user tells you it does work, things have a way of happening different for different people.

    One case, & point. Many snort users (me included) are having problems getting it to work. Everyone is throwing different error codes. I'm having an error code which was solved months ago, but the fix posted is not fixing mine & it's back for some reason. So just because someone says "it will transfer settings correctly" doesn't mean on your particular setup it will. To be safe try to do a virtual install & run your backup file from your 1.2.3 box to see if everything is brought up correctly. That will tell you for 100%.

    Edit:A little more insight is to actually see if you could get snort running on that virtual 2.0 install. It may not even work as of this time. My snort was operating flawlessly until a power outage last night. Short story, pfSense died & had to issue a backup config. Therefore snort was reinstalled from the package list. My guess is developer was working on it, & it auto-updates & now it has bad code that needs to be fixed. My previous install was from about 3 weeks ago. It did not generate the error i'm getting now. For my problem there is no known fix. Guess i'm out of luck until it's fixed. I can't run snort in "alert" or "block offender" mode. Both modes are completely fudged.

    And yes, you are right the whitelist feature does work in 2.0. It does add a drop down box to type the IP into. I did verify this.


Log in to reply