Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Copy snort config to new interface?

    Scheduled Pinned Locked Moved pfSense Packages
    34 Posts 5 Posters 5.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      Ramosel
      last edited by

      I've added a second interface to my system and want to have it monitored by Snort much as my WAN interface is.  Is there an easy way to copy all the configuration settings I have on the working interface to the new one?  Guess I was hoping for something line the "+" option under Rules.

      Rick

      1 Reply Last reply Reply Quote 0
      • BBcan177B
        BBcan177 Moderator
        last edited by

        Hi Rick this will be available in the next release of snort. Bill has already added the functionality to duplicate the settings of an existing interface. We are waiting for the devs to approve the changes and release the package.

        See the following thread:

        https://forum.pfsense.org/index.php?topic=77092.0

        "Experience is something you don't get until just after you need it."

        Website: http://pfBlockerNG.com
        Twitter: @BBcan177  #pfBlockerNG
        Reddit: https://www.reddit.com/r/pfBlockerNG/new/

        1 Reply Last reply Reply Quote 0
        • R
          Ramosel
          last edited by

          WooHOO!  Thanks!

          I'll just sit tight and wait for that.

          Rick

          1 Reply Last reply Reply Quote 0
          • bmeeksB
            bmeeks
            last edited by

            @Ramosel:

            WooHOO!  Thanks!

            I'll just sit tight and wait for that.

            Rick

            The Pull Request is still waiting for approval and merging by the pfSense Core Team.  Hopefully they can get to it soon.

            Bill

            1 Reply Last reply Reply Quote 0
            • M
              magedtab
              last edited by

              hi

              how to install snortsam?

              keep in touch

              1 Reply Last reply Reply Quote 0
              • bmeeksB
                bmeeks
                last edited by

                @magedtab:

                hi

                how to install snortsam?

                keep in touch

                snortsam is not currently supported AFIK on pfSense.  There was some early work done by a prior package developer, but I don't think it ever even became an ALPHA package.

                Bill

                1 Reply Last reply Reply Quote 0
                • R
                  Ramosel
                  last edited by

                  Bill, I just installed the lastest update.  Not seeing the interface add option with duplication.  Is it something I have to enable?  Looked around but just don't see it.  I still just have "add", "edit" or "nix" icons.  Did the Devs kill that piece?

                  rick

                  1 Reply Last reply Reply Quote 0
                  • bmeeksB
                    bmeeks
                    last edited by

                    @Ramosel:

                    Bill, I just installed the lastest update.  Not seeing the interface add option with duplication.  Is it something I have to enable?  Looked around but just don't see it.  I still just have "add", "edit" or "nix" icons.  Did the Devs kill that piece?

                    rick

                    That update was not mine.  The pfSense team bumped the version number because they recompiled all the PBIs with an updated OpenSSL.  It's exactly the same GUI code as 3.0.8.

                    My Pull Request with the feature you want is still pending their approval and merge.  Just in case someone gets around to it, I bumped it up to 3.10.

                    Bill

                    1 Reply Last reply Reply Quote 0
                    • R
                      Ramosel
                      last edited by

                      ahhhhh….

                      Thanks Bill,  I'll keep waiting

                      Rick

                      1 Reply Last reply Reply Quote 0
                      • bmeeksB
                        bmeeks
                        last edited by

                        @Ramosel:

                        ahhhhh….

                        Thanks Bill,  I'll keep waiting

                        Rick

                        I'll send the team another e-mail and ask if they can expedite the review.

                        Bill

                        1 Reply Last reply Reply Quote 0
                        • R
                          Ramosel
                          last edited by

                          another week….  Obviously, you are more highly thought of on the forum than by the "core team"

                          Rick

                          1 Reply Last reply Reply Quote 0
                          • bmeeksB
                            bmeeks
                            last edited by

                            @Ramosel:

                            another week….  Obviously, you are more highly thought of on the forum than by the "core team"

                            Rick

                            I sent the e-mail and received no response at all.  Getting discouraging… :'(.

                            Bill

                            1 Reply Last reply Reply Quote 0
                            • BBcan177B
                              BBcan177 Moderator
                              last edited by

                              @bmeeks:

                              @Ramosel:

                              another week….  Obviously, you are more highly thought of on the forum than by the "core team"

                              Rick

                              I sent the e-mail and received no response at all.  Getting discouraging… :'(.

                              Bill

                              Keep up the good work Bill… Without you there would be no "us" in here…

                              To put it into perspective the Snort/Suricata Packages have come such a long way since you have taken over its Management!  :)

                              I hope the Devs realize that..... We all do.. :) :)

                              "Experience is something you don't get until just after you need it."

                              Website: http://pfBlockerNG.com
                              Twitter: @BBcan177  #pfBlockerNG
                              Reddit: https://www.reddit.com/r/pfBlockerNG/new/

                              1 Reply Last reply Reply Quote 0
                              • R
                                Ramosel
                                last edited by

                                @BBcan177:

                                Keep up the good work Bill… Without you there would be no "us" in here…

                                To put it into perspective the Snort/Suricata Packages have come such a long way since you have taken over its Management!  :)

                                I hope the Devs realize that..... We all do.. :) :)

                                Agreed!!!

                                1 Reply Last reply Reply Quote 0
                                • R
                                  Ramosel
                                  last edited by

                                  Bill,
                                  Looks like 3.10 finally got the nod.  I'm spent, I'll attack it in the morning.

                                  Thank you!

                                  Rick

                                  1 Reply Last reply Reply Quote 0
                                  • bmeeksB
                                    bmeeks
                                    last edited by

                                    @Ramosel:

                                    Bill,
                                    Looks like 3.10 finally got the nod.  I'm spent, I'll attack it in the morning.

                                    Thank you!

                                    Rick

                                    Unfortunately this update still does not contain my GUI code changes to add the DUP (copy interface) function.  This was instead some additional security tweaks to the PHP code for passed parameters.

                                    Bill

                                    1 Reply Last reply Reply Quote 0
                                    • R
                                      Ramosel
                                      last edited by

                                      #$%?!!#$%&(#@!!!!!!

                                      1 Reply Last reply Reply Quote 0
                                      • bmeeksB
                                        bmeeks
                                        last edited by

                                        @Ramosel:

                                        #$%?!!#$%&(#@!!!!!!

                                        I did hear from the pfSense developers this afternoon.  They apologized for being so far behind with packages review.  They have been very busy with 2.1.4 of pfSense.  I have a few edits to make to the Pull Request that I will do this weekend, and then hopefully we can get it merged into production early next week.

                                        Bill

                                        1 Reply Last reply Reply Quote 0
                                        • R
                                          Ramosel
                                          last edited by

                                          Is there a user accessible page for versioning information?
                                          I ask because it seems to have ramped up several versions the last couple of days?

                                          Rick

                                          1 Reply Last reply Reply Quote 0
                                          • bmeeksB
                                            bmeeks
                                            last edited by

                                            @Ramosel:

                                            Is there a user accessible page for versioning information?
                                            I ask because it seems to have ramped up several versions the last couple of days?

                                            Rick

                                            You can look at the Commits history on the Github repository for pfsense-packages here:  https://github.com/pfsense/pfsense-packages/commits/master.

                                            Each code update will be posted there.  For example, you can see that one of the devs merged two of my recent Pull Request commits this morning.  The others are still under review and outstanding. You can see open Pull Requests on the same repository at this link:  https://github.com/pfsense/pfsense-packages/pulls.

                                            My other changes are under review.  The guys are working down some backlogged requests, so let's give them a bit of extra time.

                                            Bill

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.