Pfsense 2.2 snort install issues



  • Hi Team,

    I had snort running and saw an update.

    Went for it and now I can not install it agaiin.

    I keep getting the following error:

    Beginning package installation for snort .
    Downloading package configuration file… done.
    Saving updated package information... done.
    Downloading snort and its dependencies...
    Checking for package installation...
    Downloading https://files.pfsense.org/packages/10/All/snort-2.9.7.2-amd64.pbi ...  (extracting)
    mkdir: /tmp/.PBI.32679: Input/output error
    mkdir: /tmp/.PBI.32679: Input/output error
    mkdir: /tmp/.PBI.32679: Input/output error
    ERROR: Failed to read PBI header! Possible corrupt PBI, or wrong PBI version for this OS.
    of snort-2.9.7.2-amd64 failed!

    Installation aborted.Removing package...
    Starting package deletion for snort-2.9.7.2-amd64...done.
    Removing snort components...
    Menu items... done.
    Services... done.
    Loading package instructions...
    Include file snort.inc could not be found for inclusion.
    Deinstall commands...
    Not executing custom deinstall hook because an include is missing.
    Removing package instructions...done.
    Auxiliary files... done.
    Package XML... done.
    Configuration... done.
    done.
    Failed to install package.

    Installation halted.

    I am running :

    2.2-RELEASE (amd64)
    built on Thu Jan 22 14:03:54 CST 2015
    FreeBSD 10.1-RELEASE-p4

    Can anyone please help.

    Cheers,

    Raj



  • OK, the source of the failed install is probably this error:

     mkdir: /tmp/.PBI.32679: Input/output error
    

    Are you running a NanoBSD install or a full install with a conventional hard disk?  That error means during the unpacking of the PBI file as part of the installation process, the creation of a required temp directory on the /tmp partition failed.  If you are running a Nano install on Compact Flash, then likely the partition's free RAM disk space is being exhausted.

    If you are not running Nano, then report back and I'll conjecture some more.  Can say I've never seen that error on any conventional full installs, though.

    If you are running Nano, try manually increasing the size of the /tmp partition to at least 100 MB (even more if you have enough RAM to create a larger RAM disk).

    Bill



  • I'm having the same issue.  In case I had a one off problem, I actually downloaded the latest 2.2.1.  I picked the Live CD with installer for AMD64 and Serial Console, so I assume that is full rather than embedded.  I have a 256Gb SSD and 8Gb of RAM on an i7-3770 dedicated firewall.

    My process was:
    Update the package normally.  It failed, and showed as installed, but clearly wasn't.
    Tried to uninstall the package normally.  No luck.
    Downloaded a full backup, and removed the SNORT portion of the packages.  No luck
    Downloaded the latest pfSense to USB, and reinstalled.  Restored the files not including the packages.
    Tried installing snort again.  No joy.
    Reinstall pfSense and restore from the backups, and all is good.

    I can reproduce the problem so if need be I could go through the process again in off-hours and either report back on logs, or even go as far as sharing my PC with the firewall on Putty through the process.



  • Just be sure I understand your process, permit me to ask a few questions:

    1. You are using the LiveCD but then doing a full install from the CD such that after the install you remove the CD, reboot and pfSense starts up.  Is that part correct?

    2. Are you trying to install/update Snort while still booted into the LiveCD version, or are you attempting the Snort install after the reboot with the CD removed?

    The LiveCD is essentially a read-only file system, so nothing done there is persistent.  You have to remove the CD and boot from the hard disk that has pfSense written to the boot sector.  How you answer my two questions above will help me steer the troubleshooting a little better.

    Bill



  • I am installing from the USB Live CD image, using the Quick Install.  Once complete I remove the USB, and boot from SSD.  I then change the LAN (it picks em1, but it's em5.)  I restore the Interfaces, NAT and Rules from backup.  I skipped all others while trying to do the smallest possible set of variables for this.

    After a reboot and a test to make sure all is well, I go to Packages and install Snort as I normally would.

    I'm trying the same setup on an Atom based firewall I use to run, but it's x86 rather than x64.  If the result is the same I can use that for testing since it has no impact on my internet connection.



  • The old firewall didn't load, but didn't give the same error.  I re-downloaded the AMD image and tried to load again.  The previous error is gone, but now it's stopping at "Additional Files…" with a failed message.  Since it's a new problem I'll look for a new thread that is related.

    Thanks for the help.



  • @RayP:

    The old firewall didn't load, but didn't give the same error.  I re-downloaded the AMD image and tried to load again.  The previous error is gone, but now it's stopping at "Additional Files…" with a failed message.  Since it's a new problem I'll look for a new thread that is related.

    Thanks for the help.

    If it fails at the "additional files…" part, that would indicate some kind of problem downloading files from the package repository server.

    Bill


Log in to reply