Snort Whitelist Problem (2.9.2.3 pkg v. 2.5.1)



  • I have just reinstalled the 2.5.1 package as I was having the same problem with 2.5.0 .

    I get this error every time I try to save a Whitelist, which prevents saving:-

    Fatal error: Call to undefined function mb_convert_encoding() in /usr/local/www/snort/snort_interfaces_whitelist_edit.php on line 134

    I am using the United Kingdom settings.



  • Seeing a similar error when trying to update/save a whitelist:
    –-
    The following input errors were detected:

    A valid alias need to be provided

    Snort 2.9.2.3 pkg v. 2.5.1

    I am also seeing a whitelisted IP on the blocked IP list.



  • I've also upgraded to the latest package and recreated my white lists but  IPs from the white listed networks are still being blocked.
    I'm not seeing any issues loading the lists

    I'm using an alias list of type networks in the snort white list

    2.0.1-RELEASE (amd64)
    built on Mon Dec 12 18:43:51 EST 2011
    FreeBSD 8.1-RELEASE-p6

    Snort 2.9.2.3 pkg v. 2.5.1



  • My box is running the 32 bit distro.

    FreeBSD 8.1-RELEASE-p6 #1: Mon Dec 12 18:18:02 EST 2011 root@FreeBSD_8.0_pfSense_2.0-snaps.pfsense.org:/usr/obj./usr/pfSensesrc/src/sys/pfSense.8 i386
    Build Date Sep 20 2011 10:53:14

    I'm not an expert on this but for multibyte character encoding to work in PHP I think it needs to be configured with '–enable-mbstring'. When I ran phpinfo() to check the configuration options I couldn't find mbstring or any evidence of libmbfi being loaded. Is it loaded by another file from the config-file-scan-dir? Is this a configuration bug for the 32-bit build?

    Configure Command './configure' '–with-layout=GNU' '--with-config-file-scan-dir=/usr/local/etc/php' '--disable-all' '--enable-libxml' '--with-libxml-dir=/usr/local' '--enable-reflection' '--with-pcre-regex' '--program-prefix=' '--enable-fastcgi' '--with-regex=php' '--with-zend-vm=CALL' '--prefix=/usr/local' '--mandir=/usr/local/man' '--infodir=/usr/local/info/' '--build=i386-portbld-freebsd8.1'



  • I don't have a spare 64-bit machine that I can test this on. If you are running 64-bit pfSense, can you create a PHP file containing the following code that will confirm a configuration difference between architectures if there is one.

    Create /usr/local/www/phpinfo.php containing the following code:

    phpinfo()
    ?>

    Visit the page in your browser to view the PHP configuration.



  • @vbentley:

    I don't have a spare 64-bit machine that I can test this on. If you are running 64-bit pfSense, can you create a PHP file containing the following code that will confirm a configuration difference between architectures if there is one.

    Create /usr/local/www/phpinfo.php containing the following code:

    phpinfo()
    ?>

    Visit the page in your browser to view the PHP configuration.

    Works fine everything displays



  • Great!

    Please post here what it reports for System, Build Date and Configure Command. Thanks.
    Edit out your hostname if you wish. I only want to check the configuration commands are the same.



  • @vbentley:

    Great!

    Please post here what it reports for System, Build Date and Configure Command. Thanks.
    Edit out your hostname if you wish. I only want to check the configuration commands are the same.

    PHP Version 5.2.17

    System FreeBSD XXXXXXXXXXXXXXXXXXXX 8.1-RELEASE-p6 FreeBSD 8.1-RELEASE-p6 #0: Mon Dec 12 18:15:35 EST 2011 root@FreeBSD_8.0_pfSense_2.0-AMD64.snaps.pfsense.org:/usr/obj./usr/pfSensesrc/src/sys/pfSense_SMP.8 amd64
    Build Date Sep 20 2011 10:53:32
    Configure Command './configure' '–with-layout=GNU' '--with-config-file-scan-dir=/usr/local/etc/php' '--disable-all' '--enable-libxml' '--with-libxml-dir=/usr/local' '--enable-reflection' '--with-pcre-regex' '--program-prefix=' '--enable-fastcgi' '--with-regex=php' '--with-zend-vm=CALL' '--prefix=/usr/local' '--mandir=/usr/local/man' '--infodir=/usr/local/info/' '--build=amd64-portbld-freebsd8.1'
    Server API CGI/FastCGI
    Virtual Directory Support disabled
    Configuration File (php.ini) Path /usr/local/etc
    Loaded Configuration File /usr/local/etc/php.ini
    Scan this dir for additional .ini files /usr/local/etc/php
    additional .ini files parsed (none)
    PHP API 20041225
    PHP Extension 20060613
    Zend Extension 220060519
    Debug Build no
    Thread Safety disabled
    Zend Memory Manager enabled
    IPv6 Support enabled
    Registered PHP Streams https, ftps, php, file, data, http, ftp, compress.zlib, ssh2.shell, ssh2.exec, ssh2.tunnel, ssh2.scp, ssh2.sftp
    Registered Stream Socket Transports tcp, udp, unix, udg, ssl, sslv3, sslv2, tls
    Registered Stream Filters string.rot13, string.toupper, string.tolower, string.strip_tags, convert., consumed, zlib.

    This server is protected with the Suhosin Patch 0.9.7
    Copyright (c) 2006 Hardened-PHP Project

    This program makes use of the Zend Scripting Language Engine:
    Zend Engine v2.2.0, Copyright (c) 1998-2010 Zend Technologies
        with Suhosin v0.9.27, Copyright (c) 2007, by SektionEins GmbH

    Configuration
    PHP Core
    Directive Local Value Master Value
    allow_call_time_pass_reference On On
    allow_url_fopen On On
    allow_url_include Off Off
    always_populate_raw_post_data Off Off
    arg_separator.input & &
    arg_separator.output & &
    asp_tags Off Off
    auto_append_file no value no value
    auto_globals_jit On On
    auto_prepend_file no value no value
    browscap no value no value
    default_charset no value no value
    default_mimetype text/html text/html
    define_syslog_variables Off Off
    disable_classes no value no value
    disable_functions no value no value
    display_errors On On
    display_startup_errors Off Off
    doc_root no value no value
    docref_ext no value no value
    docref_root no value no value
    enable_dl On On
    error_append_string no value no value
    error_log /tmp/PHP_errors.log /tmp/PHP_errors.log
    error_prepend_string no value no value
    error_reporting no value no value
    expose_php Off Off
    extension_dir /usr/local/lib/php/20060613/ /usr/local/lib/php/20060613/
    file_uploads On On
    highlight.bg #FFFFFF #FFFFFF
    highlight.comment #FF8000 #FF8000
    highlight.default #0000BB #0000BB
    highlight.html #000000 #000000
    highlight.keyword #007700 #007700
    highlight.string #DD0000 #DD0000
    html_errors Off Off
    ignore_repeated_errors Off Off
    ignore_repeated_source Off Off
    ignore_user_abort Off Off
    implicit_flush On On
    include_path .:/etc/inc:/usr/local/www:/usr/local/captiveportal:/usr/local/pkg .:/etc/inc:/usr/local/www:/usr/local/captiveportal:/usr/local/pkg
    log_errors On On
    log_errors_max_len 1024 1024
    magic_quotes_gpc Off Off
    magic_quotes_runtime Off Off
    magic_quotes_sybase Off Off
    mail.force_extra_parameters no value no value
    max_execution_time 99999999 99999999
    max_file_uploads 20 20
    max_input_nesting_level 64 64
    max_input_time 99999999 99999999
    memory_limit 128M 128M
    open_basedir no value no value
    output_buffering 0 0
    output_handler no value no value
    post_max_size 100M 100M
    precision 14 14
    realpath_cache_size 16K 16K
    realpath_cache_ttl 120 120
    register_argc_argv On On
    register_globals Off Off
    register_long_arrays On On
    report_memleaks On On
    report_zend_debug On On
    safe_mode Off Off
    safe_mode_exec_dir /usr/local/php/bin /usr/local/php/bin
    safe_mode_gid Off Off
    safe_mode_include_dir no value no value
    sendmail_from no value no value
    sendmail_path /usr/sbin/sendmail -t -i /usr/sbin/sendmail -t -i
    serialize_precision 100 100
    short_open_tag On On
    SMTP localhost localhost
    smtp_port 25 25
    sql.safe_mode Off Off
    suhosin.log.phpscript.is_safe Off Off
    track_errors Off Off
    unserialize_callback_func no value no value
    upload_max_filesize 100M 100M
    upload_tmp_dir /tmp /tmp
    user_dir no value no value
    variables_order EGPCS EGPCS
    xmlrpc_error_number 0 0
    xmlrpc_errors Off Off
    y2k_compliance On On
    zend.ze1_compatibility_mode Off Off

    apc
    APC Support enabled
    Version 3.1.6
    APC Debugging Disabled
    MMAP Support Enabled
    MMAP File Mask no value
    Locking type File Locks
    Revision $Revision: 303642 $
    Build Date Aug 11 2011 13:58:09

    Directive Local Value Master Value
    apc.cache_by_default On On
    apc.canonicalize On On
    apc.coredump_unmap Off Off
    apc.enable_cli Off Off
    apc.enabled On On
    apc.file_md5 Off Off
    apc.file_update_protection 2 2
    apc.filters no value no value
    apc.gc_ttl 3600 3600
    apc.include_once_override Off Off
    apc.lazy_classes Off Off
    apc.lazy_functions Off Off
    apc.max_file_size 1M 1M
    apc.mmap_file_mask no value no value
    apc.num_files_hint 1000 1000
    apc.preload_path no value no value
    apc.report_autofilter Off Off
    apc.rfc1867 Off Off
    apc.rfc1867_freq 0 0
    apc.rfc1867_name APC_UPLOAD_PROGRESS APC_UPLOAD_PROGRESS
    apc.rfc1867_prefix upload_ upload_
    apc.rfc1867_ttl 3600 3600
    apc.shm_segments 1 1
    apc.shm_size 35M 35M
    apc.slam_defense On On
    apc.stat On On
    apc.stat_ctime Off Off
    apc.ttl 0 0
    apc.use_request_time On On
    apc.user_entries_hint 4096 4096
    apc.user_ttl 0 0
    apc.write_lock On On

    cgi-fcgi
    Directive Local Value Master Value
    cgi.check_shebang_line 1 1
    cgi.fix_pathinfo 1 1
    cgi.nph 0 0
    cgi.rfc2616_headers 0 0
    fastcgi.logging 1 1

    ctype
    ctype functions enabled

    curl
    cURL support enabled
    cURL Information libcurl/7.21.3 OpenSSL/0.9.8n zlib/1.2.3

    date
    date/time support enabled
    "Olson" Timezone Database Version 2010.9
    Timezone Database internal
    Default timezone America/Chicago

    Directive Local Value Master Value
    date.default_latitude 31.7667 31.7667
    date.default_longitude 35.2333 35.2333
    date.sunrise_zenith 90.583333 90.583333
    date.sunset_zenith 90.583333 90.583333
    date.timezone no value no value

    gettext
    GetText Support enabled

    ldap
    LDAP Support enabled
    RCS Version $Id: ldap.c 293036 2010-01-03 09:23:27Z sebastian $
    Total Links 0/unlimited
    API Version 3001
    Vendor Name OpenLDAP
    Vendor Version 20426

    libxml
    libXML support active
    libXML Version 2.7.8
    libXML streams enabled

    mbstring
    Multibyte Support enabled
    Multibyte string engine libmbfl
    Multibyte (japanese) regex support enabled
    Multibyte regex (oniguruma) version 4.4.4
    Multibyte regex (oniguruma) backtrack check On

    mbstring extension makes use of "streamable kanji code filter and converter", which is distributed under the GNU Lesser General Public License version 2.1.

    Directive Local Value Master Value
    mbstring.detect_order no value no value
    mbstring.encoding_translation Off Off
    mbstring.func_overload 0 0
    mbstring.http_input pass pass
    mbstring.http_output pass pass
    mbstring.internal_encoding no value no value
    mbstring.language neutral neutral
    mbstring.strict_detection Off Off
    mbstring.substitute_character no value no value

    mhash
    MHASH support Enabled
    MHASH API Version 20060101

    openssl
    OpenSSL support enabled
    OpenSSL Version OpenSSL 0.9.8n 24 Mar 2010

    pcntl
    pcntl support enabled

    pcre
    PCRE (Perl Compatible Regular Expressions) Support enabled
    PCRE Library Version 8.02 2010-03-19

    Directive Local Value Master Value
    pcre.backtrack_limit 100000 100000
    pcre.recursion_limit 100000 100000

    PDO
    PDO support enabled
    PDO drivers no value

    posix
    Revision $Revision: 293036 $

    Reflection
    Reflection enabled
    Version $Id: php_reflection.c 300129 2010-06-03 00:43:37Z felipe $

    session
    Session Support enabled
    Registered save handlers files user
    Registered serializer handlers php php_binary

    Directive Local Value Master Value
    session.auto_start Off Off
    session.bug_compat_42 On On
    session.bug_compat_warn On On
    session.cache_expire 180 180
    session.cache_limiter nocache nocache
    session.cookie_domain no value no value
    session.cookie_httponly Off Off
    session.cookie_lifetime 0 0
    session.cookie_path / /
    session.cookie_secure Off Off
    session.entropy_file no value no value
    session.entropy_length 0 0
    session.gc_divisor 100 100
    session.gc_maxlifetime 1440 1440
    session.gc_probability 1 1
    session.hash_bits_per_character 4 4
    session.hash_function 0 0
    session.name PHPSESSID PHPSESSID
    session.referer_check no value no value
    session.save_handler files files
    session.save_path no value no value
    session.serialize_handler php php
    session.use_cookies On On
    session.use_only_cookies Off Off
    session.use_trans_sid 0 0

    shmop
    shmop support enabled

    SimpleXML
    Simplexml support enabled
    Revision $Revision: 299016 $
    Schema support enabled

    SPL
    SPL support enabled
    Interfaces Countable, OuterIterator, RecursiveIterator, SeekableIterator, SplObserver, SplSubject
    Classes AppendIterator, ArrayIterator, ArrayObject, BadFunctionCallException, BadMethodCallException, CachingIterator, DirectoryIterator, DomainException, EmptyIterator, FilterIterator, InfiniteIterator, InvalidArgumentException, IteratorIterator, LengthException, LimitIterator, LogicException, NoRewindIterator, OutOfBoundsException, OutOfRangeException, OverflowException, ParentIterator, RangeException, RecursiveArrayIterator, RecursiveCachingIterator, RecursiveDirectoryIterator, RecursiveFilterIterator, RecursiveIteratorIterator, RecursiveRegexIterator, RegexIterator, RuntimeException, SimpleXMLIterator, SplFileInfo, SplFileObject, SplObjectStorage, SplTempFileObject, UnderflowException, UnexpectedValueException

    SQLite
    SQLite support enabled
    PECL Module version 2.0-dev $Id: sqlite.c 298697 2010-04-28 12:10:10Z iliaa $
    SQLite Library 2.8.17
    SQLite Encoding iso8859

    Directive Local Value Master Value
    sqlite.assoc_case 0 0

    ssh2
    libssh2 version 1.2.8
    banner SSH-2.0-libssh2_1.2.8
    remote forwarding enabled
    hostbased auth enabled
    polling support enabled
    publickey subsystem enabled

    standard
    Regex Library Bundled library enabled
    Dynamic Library Support enabled
    Path to sendmail /usr/sbin/sendmail -t -i

    Directive Local Value Master Value
    assert.active 1 1
    assert.bail 0 0
    assert.callback no value no value
    assert.quiet_eval 0 0
    assert.warning 1 1
    auto_detect_line_endings 0 0
    default_socket_timeout 60 60
    safe_mode_allowed_env_vars PHP_ PHP_
    safe_mode_protected_env_vars LD_LIBRARY_PATH LD_LIBRARY_PATH
    url_rewriter.tags a=href,area=href,frame=src,form=,fieldset= a=href,area=href,frame=src,form=,fieldset=
    user_agent no value no value

    suhosin
    Suhosin logo This server is protected with the Suhosin Extension 0.9.27

    Copyright (c) 2006-2007 Hardened-PHP Project
    Copyright (c) 2007-2008 SektionEins GmbH

    Directive Local Value Master Value
    suhosin.apc_bug_workaround Off Off
    suhosin.cookie.checkraddr 0 0
    suhosin.cookie.cryptdocroot On On
    suhosin.cookie.cryptkey [ protected ] [ protected ]
    suhosin.cookie.cryptlist no value no value
    suhosin.cookie.cryptraddr 0 0
    suhosin.cookie.cryptua On On
    suhosin.cookie.disallow_nul 1 1
    suhosin.cookie.disallow_ws 1 1
    suhosin.cookie.encrypt Off Off
    suhosin.cookie.max_array_depth 50 50
    suhosin.cookie.max_array_index_length 64 64
    suhosin.cookie.max_name_length 64 64
    suhosin.cookie.max_totalname_length 256 256
    suhosin.cookie.max_value_length 10000 10000
    suhosin.cookie.max_vars 100 100
    suhosin.cookie.plainlist no value no value
    suhosin.coredump Off Off
    suhosin.disable.display_errors Off Off
    suhosin.executor.allow_symlink Off Off
    suhosin.executor.disable_emodifier Off Off
    suhosin.executor.disable_eval Off Off
    suhosin.executor.eval.blacklist no value no value
    suhosin.executor.eval.whitelist no value no value
    suhosin.executor.func.blacklist no value no value
    suhosin.executor.func.whitelist no value no value
    suhosin.executor.include.blacklist no value no value
    suhosin.executor.include.max_traversal 0 0
    suhosin.executor.include.whitelist no value no value
    suhosin.executor.max_depth 0 0
    suhosin.filter.action no value no value
    suhosin.get.disallow_nul 1 1
    suhosin.get.disallow_ws 0 0
    suhosin.get.max_array_depth 5000 5000
    suhosin.get.max_array_index_length 256 256
    suhosin.get.max_name_length 64 64
    suhosin.get.max_totalname_length 256 256
    suhosin.get.max_value_length 500000 500000
    suhosin.get.max_vars 5000 5000
    suhosin.mail.protect 0 0
    suhosin.memory_limit 512435456 512435456
    suhosin.mt_srand.ignore On On
    suhosin.multiheader Off Off
    suhosin.perdir 0 0
    suhosin.post.disallow_nul 1 1
    suhosin.post.disallow_ws 0 0
    suhosin.post.max_array_depth 5000 5000
    suhosin.post.max_array_index_length 256 256
    suhosin.post.max_name_length 64 64
    suhosin.post.max_totalname_length 256 256
    suhosin.post.max_value_length 500000 500000
    suhosin.post.max_vars 5000 5000
    suhosin.protectkey On On
    suhosin.request.disallow_nul 1 1
    suhosin.request.disallow_ws 0 0
    suhosin.request.max_array_depth 5000 5000
    suhosin.request.max_array_index_length 256 256
    suhosin.request.max_totalname_length 256 256
    suhosin.request.max_value_length 500000 500000
    suhosin.request.max_varname_length 64 64
    suhosin.request.max_vars 5000 5000
    suhosin.server.encode On On
    suhosin.server.strip On On
    suhosin.session.checkraddr 0 0
    suhosin.session.cryptdocroot On On
    suhosin.session.cryptkey [ protected ] [ protected ]
    suhosin.session.cryptraddr 0 0
    suhosin.session.cryptua On On
    suhosin.session.encrypt On On
    suhosin.session.max_id_length 128 128
    suhosin.simulation Off Off
    suhosin.sql.bailout_on_error Off Off
    suhosin.sql.comment 0 0
    suhosin.sql.multiselect 0 0
    suhosin.sql.opencomment 0 0
    suhosin.sql.union 0 0
    suhosin.sql.user_postfix no value no value
    suhosin.sql.user_prefix no value no value
    suhosin.srand.ignore On On
    suhosin.stealth On On
    suhosin.upload.disallow_binary 0 0
    suhosin.upload.disallow_elf 1 1
    suhosin.upload.max_uploads 25 25
    suhosin.upload.remove_binary 0 0
    suhosin.upload.verification_script no value no value

    xml
    XML Support active
    XML Namespace Support active
    libxml2 Version 2.7.8

    xmlreader
    XMLReader enabled

    xmlwriter
    XMLWriter enabled

    zlib
    ZLib Support enabled
    Stream Wrapper support compress.zlib://
    Stream Filter support zlib.inflate, zlib.deflate
    Compiled Version 1.2.3
    Linked Version 1.2.3

    Directive Local Value Master Value
    zlib.output_compression Off Off
    zlib.output_compression_level 1 1
    zlib.output_handler no value no value

    zmq
    ZMQ extension enabled
    ZMQ extension version @PACKAGE_VERSION@
    libzmq version 2.1.7

    Directive Local Value Master Value

    Additional Modules
    Module Name
    pfSense
    readline

    Environment
    Variable Value
    HOME /
    OLDPWD /
    PATH /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
    PWD /usr/local/www
    PHP_FCGI_CHILDREN 2
    PHP_FCGI_MAX_REQUESTS 500

    PHP Variables
    Variable Value
    _REQUEST["PHPSESSID"] 51d05d436402dbda27dd022a7032efbb
    _COOKIE["PHPSESSID"] 51d05d436402dbda27dd022a7032efbb
    _SERVER["HOME"] /
    _SERVER["OLDPWD"] /
    _SERVER["PATH"] /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
    _SERVER["PWD"] /usr/local/www
    _SERVER["PHP_FCGI_CHILDREN"] 2
    _SERVER["PHP_FCGI_MAX_REQUESTS"] 500
    _SERVER["FCGI_ROLE"] RESPONDER
    _SERVER["SERVER_SOFTWARE"] lighttpd/1.4.29
    _SERVER["SERVER_NAME"] 10.0.0.3
    _SERVER["GATEWAY_INTERFACE"] CGI/1.1
    _SERVER["SERVER_PORT"] 80
    _SERVER["SERVER_ADDR"] 10.0.0.3
    _SERVER["REMOTE_PORT"] 29520
    _SERVER["REMOTE_ADDR"] 10.0.0.2
    _SERVER["SCRIPT_NAME"] /phpinfo.php
    _SERVER["PATH_INFO"] no value
    _SERVER["SCRIPT_FILENAME"] /usr/local/www/phpinfo.php
    _SERVER["DOCUMENT_ROOT"] /usr/local/www/
    _SERVER["REQUEST_URI"] /phpinfo.php
    _SERVER["QUERY_STRING"] no value
    _SERVER["REQUEST_METHOD"] GET
    _SERVER["REDIRECT_STATUS"] 200
    _SERVER["SERVER_PROTOCOL"] HTTP/1.0
    _SERVER["HTTP_HOST"] 10.0.0.3
    _SERVER["HTTP_USER_AGENT"] Mozilla/5.0 (Windows NT 6.1; rv:14.0) Gecko/20100101 Firefox/14.0.1
    _SERVER["HTTP_ACCEPT"] text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
    _SERVER["HTTP_ACCEPT_LANGUAGE"] en-us,en;q=0.5
    _SERVER["HTTP_ACCEPT_ENCODING"] identity,gzip,deflate
    _SERVER["HTTP_COOKIE"] PHPSESSID=51d05d436402dbda27dd022a7032efbb
    _SERVER["HTTP_VIA"] 1.0 localhost:3128 (squid/2.7.STABLE9)
    _SERVER["HTTP_X_FORWARDED_FOR"] 127.0.0.1
    _SERVER["HTTP_CACHE_CONTROL"] max-age=259200
    _SERVER["HTTP_CONNECTION"] keep-alive
    _SERVER["PHP_SELF"] /phpinfo.php
    _SERVER["REQUEST_TIME"] 1343138776
    _SERVER["argv"]

    Array
    (
    )

    _SERVER["argc"] 0
    _ENV["HOME"] /
    _ENV["OLDPWD"] /
    _ENV["PATH"] /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
    _ENV["PWD"] /usr/local/www
    _ENV["PHP_FCGI_CHILDREN"] 2
    _ENV["PHP_FCGI_MAX_REQUESTS"] 500
    _ENV["FCGI_ROLE"] RESPONDER
    _ENV["SERVER_SOFTWARE"] lighttpd/1.4.29
    _ENV["SERVER_NAME"] 10.0.0.3
    _ENV["GATEWAY_INTERFACE"] CGI/1.1
    _ENV["SERVER_PORT"] 80
    _ENV["SERVER_ADDR"] 10.0.0.3
    _ENV["REMOTE_PORT"] 29520
    _ENV["REMOTE_ADDR"] 10.0.0.2
    _ENV["SCRIPT_NAME"] /phpinfo.php
    _ENV["PATH_INFO"] no value
    _ENV["SCRIPT_FILENAME"] /usr/local/www/phpinfo.php
    _ENV["DOCUMENT_ROOT"] /usr/local/www/
    _ENV["REQUEST_URI"] /phpinfo.php
    _ENV["QUERY_STRING"] no value
    _ENV["REQUEST_METHOD"] GET
    _ENV["REDIRECT_STATUS"] 200
    _ENV["SERVER_PROTOCOL"] HTTP/1.0
    _ENV["HTTP_HOST"] 10.0.0.3
    _ENV["HTTP_USER_AGENT"] Mozilla/5.0 (Windows NT 6.1; rv:14.0) Gecko/20100101 Firefox/14.0.1
    _ENV["HTTP_ACCEPT"] text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
    _ENV["HTTP_ACCEPT_LANGUAGE"] en-us,en;q=0.5
    _ENV["HTTP_ACCEPT_ENCODING"] identity,gzip,deflate
    _ENV["HTTP_COOKIE"] PHPSESSID=51d05d436402dbda27dd022a7032efbb
    _ENV["HTTP_VIA"] 1.0 localhost:3128 (squid/2.7.STABLE9)
    _ENV["HTTP_X_FORWARDED_FOR"] 127.0.0.1
    _ENV["HTTP_CACHE_CONTROL"] max-age=259200
    _ENV["HTTP_CONNECTION"] keep-alive



  • Thanks for confirming that. Your amd64 PHP installation has mbstring loaded, my i386 build does not. Anyone else have the same outcome of mbstring present on amd64 build and not on i386?



  • I have been investigating further and the configuration option –with-config-file-scan-dir=/usr/local/etc/php suggests that there may be more configuration files to process in /usr/local/etc/php . Perhaps this is where mbstring is loaded? This subdirectory is not present on my machine.



  • @vbentley:

    I have been investigating further and the configuration option –with-config-file-scan-dir=/usr/local/etc/php suggests that there may be more configuration files to process in /usr/local/etc/php . Perhaps this is where mbstring is loaded? This subdirectory is not present on my machine.

    No /usr/local/etc/php directory here either.

    My whitelist error is different than what you are seeing (Services: Snort: Whitelist: Edit 63463; The following input errors were detected: A valid alias need to be provided), but for what it's worth, the phpinfo output I have (i386) is below:

    –--------------------------------------------------------
    PHP Version 5.2.17

    System FreeBSD pfsense.localdomain 8.1-RELEASE-p6 FreeBSD 8.1-RELEASE-p6 #0: Mon Dec 12 17:53:00 EST 2011 root@FreeBSD_8.0_pfSense_2.0-snaps.pfsense.org:/usr/obj./usr/pfSensesrc/src/sys/pfSense_SMP.8 i386
    Build Date Sep 20 2011 10:53:14
    Configure Command './configure' '--with-layout=GNU' '--with-config-file-scan-dir=/usr/local/etc/php' '--disable-all' '--enable-libxml' '--with-libxml-dir=/usr/local' '--enable-reflection' '--with-pcre-regex' '--program-prefix=' '--enable-fastcgi' '--with-regex=php' '--with-zend-vm=CALL' '--prefix=/usr/local' '--mandir=/usr/local/man' '--infodir=/usr/local/info/' '--build=i386-portbld-freebsd8.1'
    Server API CGI/FastCGI
    Virtual Directory Support disabled
    Configuration File (php.ini) Path /usr/local/etc
    Loaded Configuration File /usr/local/etc/php.ini
    Scan this dir for additional .ini files /usr/local/etc/php
    additional .ini files parsed (none)
    PHP API 20041225
    PHP Extension 20060613
    Zend Extension 220060519
    Debug Build no
    Thread Safety disabled
    Zend Memory Manager enabled
    IPv6 Support enabled
    Registered PHP Streams https, ftps, php, file, data, http, ftp, compress.zlib, ssh2.shell, ssh2.exec, ssh2.tunnel, ssh2.scp, ssh2.sftp
    Registered Stream Socket Transports tcp, udp, unix, udg, ssl, sslv3, sslv2, tls
    Registered Stream Filters string.rot13, string.toupper, string.tolower, string.strip_tags, convert., consumed, zlib.

    This server is protected with the Suhosin Patch 0.9.7
    Copyright (c) 2006 Hardened-PHP Project

    This program makes use of the Zend Scripting Language Engine:
    Zend Engine v2.2.0, Copyright (c) 1998-2010 Zend Technologies
        with Suhosin v0.9.27, Copyright (c) 2007, by SektionEins GmbH

    Configuration

    PHP Core

    Directive Local Value Master Value
    allow_call_time_pass_reference On On
    allow_url_fopen On On
    allow_url_include Off Off
    always_populate_raw_post_data Off Off
    arg_separator.input & &
    arg_separator.output & &
    asp_tags Off Off
    auto_append_file no value no value
    auto_globals_jit On On
    auto_prepend_file no value no value
    browscap no value no value
    default_charset no value no value
    default_mimetype text/html text/html
    define_syslog_variables Off Off
    disable_classes no value no value
    disable_functions no value no value
    display_errors On On
    display_startup_errors Off Off
    doc_root no value no value
    docref_ext no value no value
    docref_root no value no value
    enable_dl On On
    error_append_string no value no value
    error_log /tmp/PHP_errors.log /tmp/PHP_errors.log
    error_prepend_string no value no value
    error_reporting no value no value
    expose_php Off Off
    extension_dir /usr/local/lib/php/20060613/ /usr/local/lib/php/20060613/
    file_uploads On On
    highlight.bg #FFFFFF #FFFFFF
    highlight.comment #FF8000 #FF8000
    highlight.default #0000BB #0000BB
    highlight.html #000000 #000000
    highlight.keyword #007700 #007700
    highlight.string #DD0000 #DD0000
    html_errors Off Off
    ignore_repeated_errors Off Off
    ignore_repeated_source Off Off
    ignore_user_abort Off Off
    implicit_flush On On
    include_path .:/etc/inc:/usr/local/www:/usr/local/captiveportal:/usr/local/pkg .:/etc/inc:/usr/local/www:/usr/local/captiveportal:/usr/local/pkg
    log_errors On On
    log_errors_max_len 1024 1024
    magic_quotes_gpc Off Off
    magic_quotes_runtime Off Off
    magic_quotes_sybase Off Off
    mail.force_extra_parameters no value no value
    max_execution_time 99999999 99999999
    max_file_uploads 20 20
    max_input_nesting_level 64 64
    max_input_time 99999999 99999999
    memory_limit 128M 128M
    open_basedir no value no value
    output_buffering 0 0
    output_handler no value no value
    post_max_size 100M 100M
    precision 14 14
    realpath_cache_size 16K 16K
    realpath_cache_ttl 120 120
    register_argc_argv On On
    register_globals Off Off
    register_long_arrays On On
    report_memleaks On On
    report_zend_debug On On
    safe_mode Off Off
    safe_mode_exec_dir /usr/local/php/bin /usr/local/php/bin
    safe_mode_gid Off Off
    safe_mode_include_dir no value no value
    sendmail_from no value no value
    sendmail_path /usr/sbin/sendmail -t -i /usr/sbin/sendmail -t -i
    serialize_precision 100 100
    short_open_tag On On
    SMTP localhost localhost
    smtp_port 25 25
    sql.safe_mode Off Off
    suhosin.log.phpscript.is_safe Off Off
    track_errors Off Off
    unserialize_callback_func no value no value
    upload_max_filesize 100M 100M
    upload_tmp_dir /tmp /tmp
    user_dir no value no value
    variables_order EGPCS EGPCS
    xmlrpc_error_number 0 0
    xmlrpc_errors Off Off
    y2k_compliance On On
    zend.ze1_compatibility_mode Off Off

    apc

    APC Support enabled
    Version 3.1.6
    APC Debugging Disabled
    MMAP Support Enabled
    MMAP File Mask no value
    Locking type File Locks
    Revision $Revision: 303642 $
    Build Date Aug 11 2011 14:06:10

    Directive Local Value Master Value
    apc.cache_by_default On On
    apc.canonicalize On On
    apc.coredump_unmap Off Off
    apc.enable_cli Off Off
    apc.enabled On On
    apc.file_md5 Off Off
    apc.file_update_protection 2 2
    apc.filters no value no value
    apc.gc_ttl 3600 3600
    apc.include_once_override Off Off
    apc.lazy_classes Off Off
    apc.lazy_functions Off Off
    apc.max_file_size 1M 1M
    apc.mmap_file_mask no value no value
    apc.num_files_hint 1000 1000
    apc.preload_path no value no value
    apc.report_autofilter Off Off
    apc.rfc1867 Off Off
    apc.rfc1867_freq 0 0
    apc.rfc1867_name APC_UPLOAD_PROGRESS APC_UPLOAD_PROGRESS
    apc.rfc1867_prefix upload_ upload_
    apc.rfc1867_ttl 3600 3600
    apc.shm_segments 1 1
    apc.shm_size 35M 35M
    apc.slam_defense On On
    apc.stat On On
    apc.stat_ctime Off Off
    apc.ttl 0 0
    apc.use_request_time On On
    apc.user_entries_hint 4096 4096
    apc.user_ttl 0 0
    apc.write_lock On On

    cgi-fcgi

    Directive Local Value Master Value
    cgi.check_shebang_line 1 1
    cgi.fix_pathinfo 1 1
    cgi.nph 0 0
    cgi.rfc2616_headers 0 0
    fastcgi.logging 1 1

    ctype

    ctype functions enabled

    curl

    cURL support enabled
    cURL Information libcurl/7.21.3 OpenSSL/0.9.8n zlib/1.2.3

    date

    date/time support enabled
    "Olson" Timezone Database Version 2010.9
    Timezone Database internal
    Default timezone America/New_York

    Directive Local Value Master Value
    date.default_latitude 31.7667 31.7667
    date.default_longitude 35.2333 35.2333
    date.sunrise_zenith 90.583333 90.583333
    date.sunset_zenith 90.583333 90.583333
    date.timezone no value no value

    gettext

    GetText Support enabled

    ldap

    LDAP Support enabled
    RCS Version $Id: ldap.c 293036 2010-01-03 09:23:27Z sebastian $
    Total Links 0/unlimited
    API Version 3001
    Vendor Name OpenLDAP
    Vendor Version 20426

    libxml

    libXML support active
    libXML Version 2.7.8
    libXML streams enabled

    mbstring

    Multibyte Support enabled
    Multibyte string engine libmbfl
    Multibyte (japanese) regex support enabled
    Multibyte regex (oniguruma) version 4.4.4
    Multibyte regex (oniguruma) backtrack check On

    mbstring extension makes use of "streamable kanji code filter and converter", which is distributed under the GNU Lesser General Public License version 2.1.

    Directive Local Value Master Value
    mbstring.detect_order no value no value
    mbstring.encoding_translation Off Off
    mbstring.func_overload 0 0
    mbstring.http_input pass pass
    mbstring.http_output pass pass
    mbstring.internal_encoding no value no value
    mbstring.language neutral neutral
    mbstring.strict_detection Off Off
    mbstring.substitute_character no value no value

    mhash

    MHASH support Enabled
    MHASH API Version 20060101

    openssl

    OpenSSL support enabled
    OpenSSL Version OpenSSL 0.9.8n 24 Mar 2010

    pcntl

    pcntl support enabled

    pcre

    PCRE (Perl Compatible Regular Expressions) Support enabled
    PCRE Library Version 8.02 2010-03-19

    Directive Local Value Master Value
    pcre.backtrack_limit 100000 100000
    pcre.recursion_limit 100000 100000

    PDO

    PDO support enabled
    PDO drivers no value

    posix

    Revision $Revision: 293036 $

    Reflection

    Reflection enabled
    Version $Id: php_reflection.c 300129 2010-06-03 00:43:37Z felipe $

    session

    Session Support enabled
    Registered save handlers files user
    Registered serializer handlers php php_binary

    Directive Local Value Master Value
    session.auto_start Off Off
    session.bug_compat_42 On On
    session.bug_compat_warn On On
    session.cache_expire 180 180
    session.cache_limiter nocache nocache
    session.cookie_domain no value no value
    session.cookie_httponly Off Off
    session.cookie_lifetime 0 0
    session.cookie_path / /
    session.cookie_secure Off Off
    session.entropy_file no value no value
    session.entropy_length 0 0
    session.gc_divisor 100 100
    session.gc_maxlifetime 1440 1440
    session.gc_probability 1 1
    session.hash_bits_per_character 4 4
    session.hash_function 0 0
    session.name PHPSESSID PHPSESSID
    session.referer_check no value no value
    session.save_handler files files
    session.save_path no value no value
    session.serialize_handler php php
    session.use_cookies On On
    session.use_only_cookies Off Off
    session.use_trans_sid 0 0

    shmop

    shmop support enabled

    SimpleXML

    Simplexml support enabled
    Revision $Revision: 299016 $
    Schema support enabled

    SPL

    SPL support enabled
    Interfaces Countable, OuterIterator, RecursiveIterator, SeekableIterator, SplObserver, SplSubject
    Classes AppendIterator, ArrayIterator, ArrayObject, BadFunctionCallException, BadMethodCallException, CachingIterator, DirectoryIterator, DomainException, EmptyIterator, FilterIterator, InfiniteIterator, InvalidArgumentException, IteratorIterator, LengthException, LimitIterator, LogicException, NoRewindIterator, OutOfBoundsException, OutOfRangeException, OverflowException, ParentIterator, RangeException, RecursiveArrayIterator, RecursiveCachingIterator, RecursiveDirectoryIterator, RecursiveFilterIterator, RecursiveIteratorIterator, RecursiveRegexIterator, RegexIterator, RuntimeException, SimpleXMLIterator, SplFileInfo, SplFileObject, SplObjectStorage, SplTempFileObject, UnderflowException, UnexpectedValueException

    SQLite

    SQLite support enabled
    PECL Module version 2.0-dev $Id: sqlite.c 298697 2010-04-28 12:10:10Z iliaa $
    SQLite Library 2.8.17
    SQLite Encoding iso8859

    Directive Local Value Master Value
    sqlite.assoc_case 0 0

    ssh2

    libssh2 version 1.2.8
    banner SSH-2.0-libssh2_1.2.8
    remote forwarding enabled
    hostbased auth enabled
    polling support enabled
    publickey subsystem enabled

    standard

    Regex Library Bundled library enabled
    Dynamic Library Support enabled
    Path to sendmail /usr/sbin/sendmail -t -i

    Directive Local Value Master Value
    assert.active 1 1
    assert.bail 0 0
    assert.callback no value no value
    assert.quiet_eval 0 0
    assert.warning 1 1
    auto_detect_line_endings 0 0
    default_socket_timeout 60 60
    safe_mode_allowed_env_vars PHP_ PHP_
    safe_mode_protected_env_vars LD_LIBRARY_PATH LD_LIBRARY_PATH
    url_rewriter.tags a=href,area=href,frame=src,form=,fieldset= a=href,area=href,frame=src,form=,fieldset=
    user_agent no value no value

    suhosin

    This server is protected with the Suhosin Extension 0.9.27

    Copyright (c) 2006-2007 Hardened-PHP Project
    Copyright (c) 2007-2008 SektionEins GmbH

    Directive Local Value Master Value
    suhosin.apc_bug_workaround Off Off
    suhosin.cookie.checkraddr 0 0
    suhosin.cookie.cryptdocroot On On
    suhosin.cookie.cryptkey [ protected ] [ protected ]
    suhosin.cookie.cryptlist no value no value
    suhosin.cookie.cryptraddr 0 0
    suhosin.cookie.cryptua On On
    suhosin.cookie.disallow_nul 1 1
    suhosin.cookie.disallow_ws 1 1
    suhosin.cookie.encrypt Off Off
    suhosin.cookie.max_array_depth 50 50
    suhosin.cookie.max_array_index_length 64 64
    suhosin.cookie.max_name_length 64 64
    suhosin.cookie.max_totalname_length 256 256
    suhosin.cookie.max_value_length 10000 10000
    suhosin.cookie.max_vars 100 100
    suhosin.cookie.plainlist no value no value
    suhosin.coredump Off Off
    suhosin.disable.display_errors Off Off
    suhosin.executor.allow_symlink Off Off
    suhosin.executor.disable_emodifier Off Off
    suhosin.executor.disable_eval Off Off
    suhosin.executor.eval.blacklist no value no value
    suhosin.executor.eval.whitelist no value no value
    suhosin.executor.func.blacklist no value no value
    suhosin.executor.func.whitelist no value no value
    suhosin.executor.include.blacklist no value no value
    suhosin.executor.include.max_traversal 0 0
    suhosin.executor.include.whitelist no value no value
    suhosin.executor.max_depth 0 0
    suhosin.filter.action no value no value
    suhosin.get.disallow_nul 1 1
    suhosin.get.disallow_ws 0 0
    suhosin.get.max_array_depth 5000 5000
    suhosin.get.max_array_index_length 256 256
    suhosin.get.max_name_length 64 64
    suhosin.get.max_totalname_length 256 256
    suhosin.get.max_value_length 500000 500000
    suhosin.get.max_vars 5000 5000
    suhosin.mail.protect 0 0
    suhosin.memory_limit 512435456 512435456
    suhosin.mt_srand.ignore On On
    suhosin.multiheader Off Off
    suhosin.perdir 0 0
    suhosin.post.disallow_nul 1 1
    suhosin.post.disallow_ws 0 0
    suhosin.post.max_array_depth 5000 5000
    suhosin.post.max_array_index_length 256 256
    suhosin.post.max_name_length 64 64
    suhosin.post.max_totalname_length 256 256
    suhosin.post.max_value_length 500000 500000
    suhosin.post.max_vars 5000 5000
    suhosin.protectkey On On
    suhosin.request.disallow_nul 1 1
    suhosin.request.disallow_ws 0 0
    suhosin.request.max_array_depth 5000 5000
    suhosin.request.max_array_index_length 256 256
    suhosin.request.max_totalname_length 256 256
    suhosin.request.max_value_length 500000 500000
    suhosin.request.max_varname_length 64 64
    suhosin.request.max_vars 5000 5000
    suhosin.server.encode On On
    suhosin.server.strip On On
    suhosin.session.checkraddr 0 0
    suhosin.session.cryptdocroot On On
    suhosin.session.cryptkey [ protected ] [ protected ]
    suhosin.session.cryptraddr 0 0
    suhosin.session.cryptua On On
    suhosin.session.encrypt On On
    suhosin.session.max_id_length 128 128
    suhosin.simulation Off Off
    suhosin.sql.bailout_on_error Off Off
    suhosin.sql.comment 0 0
    suhosin.sql.multiselect 0 0
    suhosin.sql.opencomment 0 0
    suhosin.sql.union 0 0
    suhosin.sql.user_postfix no value no value
    suhosin.sql.user_prefix no value no value
    suhosin.srand.ignore On On
    suhosin.stealth On On
    suhosin.upload.disallow_binary 0 0
    suhosin.upload.disallow_elf 1 1
    suhosin.upload.max_uploads 25 25
    suhosin.upload.remove_binary 0 0
    suhosin.upload.verification_script no value no value

    xml

    XML Support active
    XML Namespace Support active
    libxml2 Version 2.7.8

    xmlreader

    XMLReader enabled

    xmlwriter

    XMLWriter enabled

    zlib

    ZLib Support enabled
    Stream Wrapper support compress.zlib://
    Stream Filter support zlib.inflate, zlib.deflate
    Compiled Version 1.2.3
    Linked Version 1.2.3

    Directive Local Value Master Value
    zlib.output_compression Off Off
    zlib.output_compression_level 1 1
    zlib.output_handler no value no value

    zmq

    ZMQ extension enabled
    ZMQ extension version @PACKAGE_VERSION@
    libzmq version 2.1.7

    Directive Local Value Master Value

    Additional Modules

    Module Name
    pfSense
    readline

    Environment

    Variable Value
    HOME /
    OLDPWD /
    PATH /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
    PWD /usr/local/www
    PHP_FCGI_CHILDREN 2
    PHP_FCGI_MAX_REQUESTS 500

    PHP Variables

    Variable Value
    _REQUEST["PHPSESSID"] e13cca999b4984b78514dc425c71271b
    _COOKIE["PHPSESSID"] e13cca999b4984b78514dc425c71271b
    _SERVER["HOME"] /
    _SERVER["OLDPWD"] /
    _SERVER["PATH"] /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
    _SERVER["PWD"] /usr/local/www
    _SERVER["PHP_FCGI_CHILDREN"] 2
    _SERVER["PHP_FCGI_MAX_REQUESTS"] 500
    _SERVER["FCGI_ROLE"] RESPONDER
    _SERVER["SERVER_SOFTWARE"] lighttpd/1.4.29
    _SERVER["SERVER_NAME"] 192.168.0.1
    _SERVER["GATEWAY_INTERFACE"] CGI/1.1
    _SERVER["SERVER_PORT"] 443
    _SERVER["SERVER_ADDR"] 192.168.0.1
    _SERVER["REMOTE_PORT"] 4457
    _SERVER["REMOTE_ADDR"] 192.168.2.186
    _SERVER["SCRIPT_NAME"] /phpinfo.php
    _SERVER["PATH_INFO"] no value
    _SERVER["SCRIPT_FILENAME"] /usr/local/www/phpinfo.php
    _SERVER["DOCUMENT_ROOT"] /usr/local/www/
    _SERVER["REQUEST_URI"] /phpinfo.php
    _SERVER["QUERY_STRING"] no value
    _SERVER["REQUEST_METHOD"] GET
    _SERVER["REDIRECT_STATUS"] 200
    _SERVER["SERVER_PROTOCOL"] HTTP/1.1
    _SERVER["HTTPS"] on
    _SERVER["HTTP_HOST"] 192.168.0.1
    _SERVER["HTTP_CONNECTION"] keep-alive
    _SERVER["HTTP_USER_AGENT"] Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.49 Safari/537.1
    _SERVER["HTTP_ACCEPT"] text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
    _SERVER["HTTP_ACCEPT_ENCODING"] gzip,deflate,sdch
    _SERVER["HTTP_ACCEPT_LANGUAGE"] en-US,en;q=0.8
    _SERVER["HTTP_ACCEPT_CHARSET"] ISO-8859-1,utf-8;q=0.7,;q=0.3
    _SERVER["HTTP_COOKIE"] PHPSESSID=e13cca999b4984b78514dc425c71271b
    _SERVER["PHP_SELF"] /phpinfo.php
    _SERVER["REQUEST_TIME"] 1343144697
    _SERVER["argv"]
    Array
    (
    )
    _SERVER["argc"] 0
    _ENV["HOME"] /
    _ENV["OLDPWD"] /
    _ENV["PATH"] /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
    _ENV["PWD"] /usr/local/www
    _ENV["PHP_FCGI_CHILDREN"] 2
    _ENV["PHP_FCGI_MAX_REQUESTS"] 500
    _ENV["FCGI_ROLE"] RESPONDER
    _ENV["SERVER_SOFTWARE"] lighttpd/1.4.29
    _ENV["SERVER_NAME"] 192.168.0.1
    _ENV["GATEWAY_INTERFACE"] CGI/1.1
    _ENV["SERVER_PORT"] 443
    _ENV["SERVER_ADDR"] 192.168.0.1
    _ENV["REMOTE_PORT"] 4457
    _ENV["REMOTE_ADDR"] 192.168.2.186
    _ENV["SCRIPT_NAME"] /phpinfo.php
    _ENV["PATH_INFO"] no value
    _ENV["SCRIPT_FILENAME"] /usr/local/www/phpinfo.php
    _ENV["DOCUMENT_ROOT"] /usr/local/www/
    _ENV["REQUEST_URI"] /phpinfo.php
    _ENV["QUERY_STRING"] no value
    _ENV["REQUEST_METHOD"] GET
    _ENV["REDIRECT_STATUS"] 200
    _ENV["SERVER_PROTOCOL"] HTTP/1.1
    _ENV["HTTPS"] on
    _ENV["HTTP_HOST"] 192.168.0.1
    _ENV["HTTP_CONNECTION"] keep-alive
    _ENV["HTTP_USER_AGENT"] Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.49 Safari/537.1
    _ENV["HTTP_ACCEPT"] text/html,application/xhtml+xml,application/xml;q=0.9,
    /;q=0.8
    _ENV["HTTP_ACCEPT_ENCODING"] gzip,deflate,sdch
    _ENV["HTTP_ACCEPT_LANGUAGE"] en-US,en;q=0.8
    _ENV["HTTP_ACCEPT_CHARSET"] ISO-8859-1,utf-8;q=0.7,
    ;q=0.3
    _ENV["HTTP_COOKIE"] PHPSESSID=e13cca999b4984b78514dc425c71271b

    PHP License

    This program is free software; you can redistribute it and/or modify it under the terms of the PHP License as published by the PHP Group and included in the distribution in the file: LICENSE

    This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

    If you did not receive a copy of the PHP license, or have any questions about PHP licensing, please contact license@php.net.

    –--------------------------------------------------------

    At this point, I have blocking disabled until I get the whitelist issue resolved.

    I am loading both the snort vrt and emergingthreats rules BTW.



  • Thanks. It appears that the failure to load mbstring is something my box does and is not necessarily a build issue as your i386 has no problem loading mbstring functions.

    I'm going to build another machine from a fresh CD just to be sure mine is not an upgrade fault. The one I am running was upgraded from the console on release 1.2.3 .



  • code brackets would help a lot for readability



  • I rebuilt my pfSense host today using a completely fresh install on another hard drive. After correcting a few typos for 'gettet' that should be 'gettext' in snort_interfaces_global.php and snort_preprocessors.php, this problem with whitelists has been resolved. I suspect that it may have been caused by upgrading from the console a 1.2.3 system with Snort already installed instead of installing 2.0.1 from CD.



  • The WhiteList don't works for me too. Neither with networks or single IP adress.
    I'm using PFSense 2.0.1 with Snort 2.9.2.3 pkg v.2.5.1.

    After some days searching for solution I found a workaround that worked for me.
    Add in Suppress List the networks in CIDR notation like that (example with 3 networks in supress list working as WhiteList):

    suppress gen_id 0, sig_id 0, track by_src, ip [xxx.xxx.xxx.xxx/29,yyy.yyy.yyy.yyy/28,zzz.zzz.zzz.zzz/28]


Log in to reply