3. Possible BUG in Snort custom.rules

Possible BUG in Snort custom.rules

  • Moderator

    I am noticing an issue in Snort custom.rules

    1. create a new rule(s) in custom.rules, and restart the Snort Interface
    2. go back to custom.rules and delete the rules, leaving no rules defined and Click "Save"

    The custom.rules will not clear.
    To save the custom.rule (with no rules), you need to enter a "single space" to be able to save the custom.rules.

    0

  • @BBcan17:

    I am noticing an issue in Snort custom.rules

    1. create a new rule(s) in custom.rules, and restart the Snort Interface
    2. go back to custom.rules and delete the rules, leaving no rules defined and Click "Save"

    The custom.rules will not clear.
    To save the custom.rule (with no rules), you need to enter a "single space" to be able to save the custom.rules.

    Thanks for the report.  I will check into this.

    Bill

    0

  • @BBcan17:

    I am noticing an issue in Snort custom.rules

    1. create a new rule(s) in custom.rules, and restart the Snort Interface
    2. go back to custom.rules and delete the rules, leaving no rules defined and Click "Save"

    The custom.rules will not clear.
    To save the custom.rule (with no rules), you need to enter a "single space" to be able to save the custom.rules.

    I submitted the fix for this problem in the current Snort 2.9.5.6 pkg v3.0.4 Pull Request that is posted on GitHub now.  So as soon as the Core Team guys review and approve the request, this fix will be posted.  Here is the link to the request:  https://github.com/pfsense/pfsense-packages/pull/582

    Bill

    0
  • Moderator

    @bmeeks:

    I submitted the fix for this problem in the current Snort 2.9.5.6 pkg v3.0.4 Pull Request that is posted on GitHub now.  So as soon as the Core Team guys review and approve the request, this fix will be posted.  Here is the link to the request:  https://github.com/pfsense/pfsense-packages/pull/582

    Bill

    Thanks Bill. I guess there is the changelog.

    Unfortunately after this upgrade, I dont see any of these changes. There are no new icons in the Alerts Tab, Clicking on a remove Block still brings it to the Lan interface. The Rules tab is not updated.

    Maybe this is still the previous release? Let me know if you want me to test anything.

    Thanks.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy