Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Snort 2.9.4.6 pkg v. 2.5.9 starting disabled on interface

    pfSense Packages
    4
    8
    2.5k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      Craigusoz
      last edited by

      I'm running 2.0.1 on an older Celeron 2GHz system, only 1G RAM (I know), big house with teenagers.

      Since updating snort, it always starts diabled after a reboot. The users have discovered this, and just reboot to disable games blocking,etc.

      The system log shows a couple of these:

      php: : Could not open RCFILEPREFIX/snort.sh for writing.

      I'm not sure if that's normal. Snort does run, updates rules, etc, but disabled on the interface (WAN) and has to be enabled from the GUI.

      1 Reply Last reply Reply Quote 0
      • K
        kejianshi
        last edited by

        Is corporal punishment allowed in this big house of yours?
        Actually, you could do something about this. 
        Put the pfsense box in a locked box with air vents and a fan along with a very very large UPS since if they are brazen enough to touch it they will probably eventually figure out how to issue command to put its firewall to sleep altogether…  (pfctl -d)
        Or see first line...

        1 Reply Last reply Reply Quote 0
        • C
          Craigusoz
          last edited by

          Well, it's not my house and they're not my teenagers … edit: .. and I don't live there.

          Before I upgraded snort, it did start up in the state it was in before reboot, so any tips on troubleshooting ? (rather than kid shooting, that is)

          If there is a command I can run with cron to enable if not enabled, I'd be happy with that for now.

          1 Reply Last reply Reply Quote 0
          • F
            fragged
            last edited by

            You will most likely have to update pfSense to 2.0.3 or 2.1 to get the latest Snort binary to work.

            1 Reply Last reply Reply Quote 0
            • bmeeksB
              bmeeks
              last edited by

              @fragged:

              You will most likely have to update pfSense to 2.0.3 or 2.1 to get the latest Snort binary to work.

              I agree, update to either 2.0.3, or better yet, 2.1.  The update should be painless and you won't lose any settings.

              Bill

              1 Reply Last reply Reply Quote 0
              • C
                Craigusoz
                last edited by

                update to either 2.0.3, or better yet, 2.1

                Thanks guys, I've gone up to 2.0.3 for now. It was painless. I'll see if that fixes it.

                1 Reply Last reply Reply Quote 0
                • K
                  kejianshi
                  last edited by

                  I still suggest a box and a ups.
                  If you could get your hands on the "duck blind" they hid the camera in on "Enemy of the State" that would be perfect.  PFsense is crazy easy to get around if you have direct access to the box.  I think those kids will just do an end run around you again.

                  1 Reply Last reply Reply Quote 0
                  • C
                    Craigusoz
                    last edited by

                    Yep - that seems fine now, snort starts up enabled as expected - thanks again.

                    I think those kids will just do an end run around you again.

                    You're probably right. I'll see what can be done.

                    Perhaps your first suggestion might work  :'(

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.