Copy snort config to new interface?
-
I've added a second interface to my system and want to have it monitored by Snort much as my WAN interface is. Is there an easy way to copy all the configuration settings I have on the working interface to the new one? Guess I was hoping for something line the "+" option under Rules.
Rick
-
Hi Rick this will be available in the next release of snort. Bill has already added the functionality to duplicate the settings of an existing interface. We are waiting for the devs to approve the changes and release the package.
See the following thread:
-
WooHOO! Thanks!
I'll just sit tight and wait for that.
Rick
-
WooHOO! Thanks!
I'll just sit tight and wait for that.
Rick
The Pull Request is still waiting for approval and merging by the pfSense Core Team. Hopefully they can get to it soon.
Bill
-
hi
how to install snortsam?
keep in touch
-
hi
how to install snortsam?
keep in touch
snortsam is not currently supported AFIK on pfSense. There was some early work done by a prior package developer, but I don't think it ever even became an ALPHA package.
Bill
-
Bill, I just installed the lastest update. Not seeing the interface add option with duplication. Is it something I have to enable? Looked around but just don't see it. I still just have "add", "edit" or "nix" icons. Did the Devs kill that piece?
rick
-
Bill, I just installed the lastest update. Not seeing the interface add option with duplication. Is it something I have to enable? Looked around but just don't see it. I still just have "add", "edit" or "nix" icons. Did the Devs kill that piece?
rick
That update was not mine. The pfSense team bumped the version number because they recompiled all the PBIs with an updated OpenSSL. It's exactly the same GUI code as 3.0.8.
My Pull Request with the feature you want is still pending their approval and merge. Just in case someone gets around to it, I bumped it up to 3.10.
Bill
-
ahhhhh….
Thanks Bill, I'll keep waiting
Rick
-
ahhhhh….
Thanks Bill, I'll keep waiting
Rick
I'll send the team another e-mail and ask if they can expedite the review.
Bill
-
another week…. Obviously, you are more highly thought of on the forum than by the "core team"
Rick
-
another week…. Obviously, you are more highly thought of on the forum than by the "core team"
Rick
I sent the e-mail and received no response at all. Getting discouraging… :'(.
Bill
-
another week…. Obviously, you are more highly thought of on the forum than by the "core team"
Rick
I sent the e-mail and received no response at all. Getting discouraging… :'(.
Bill
Keep up the good work Bill… Without you there would be no "us" in here…
To put it into perspective the Snort/Suricata Packages have come such a long way since you have taken over its Management! :)
I hope the Devs realize that..... We all do.. :) :)
-
Keep up the good work Bill… Without you there would be no "us" in here…
To put it into perspective the Snort/Suricata Packages have come such a long way since you have taken over its Management! :)
I hope the Devs realize that..... We all do.. :) :)
Agreed!!!
-
Bill,
Looks like 3.10 finally got the nod. I'm spent, I'll attack it in the morning.Thank you!
Rick
-
Bill,
Looks like 3.10 finally got the nod. I'm spent, I'll attack it in the morning.Thank you!
Rick
Unfortunately this update still does not contain my GUI code changes to add the DUP (copy interface) function. This was instead some additional security tweaks to the PHP code for passed parameters.
Bill
-
#$%?!!#$%&(#@!!!!!!
-
#$%?!!#$%&(#@!!!!!!
I did hear from the pfSense developers this afternoon. They apologized for being so far behind with packages review. They have been very busy with 2.1.4 of pfSense. I have a few edits to make to the Pull Request that I will do this weekend, and then hopefully we can get it merged into production early next week.
Bill
-
Is there a user accessible page for versioning information?
I ask because it seems to have ramped up several versions the last couple of days?Rick
-
Is there a user accessible page for versioning information?
I ask because it seems to have ramped up several versions the last couple of days?Rick
You can look at the Commits history on the Github repository for pfsense-packages here: https://github.com/pfsense/pfsense-packages/commits/master.
Each code update will be posted there. For example, you can see that one of the devs merged two of my recent Pull Request commits this morning. The others are still under review and outstanding. You can see open Pull Requests on the same repository at this link: https://github.com/pfsense/pfsense-packages/pulls.
My other changes are under review. The guys are working down some backlogged requests, so let's give them a bit of extra time.
Bill
