Snort LAN interface will not start up unless manually started and sometimes stop
-
I recently changed the pattern algorithm on both LAN and WAN interfaces as found in this thread here to AC-BNFA-NQ: https://forum.pfsense.org/index.php?topic=78151.15
I'm not sure if the LAN interface will automatically stop now or continue once running but after making the change above I restarted SNORT and the LAN interface does not start back up. Could I be overlooking a setting or something? I made some changes yesterday in that I added the LAN interface on top of the WAN interface (which always starts back up). I also added some additional pfblockng lists and removed those corresponding rules from the Snort interfaces (Dshield, etc).
For reference, I am running the pcengines APU4 with 4GB of RAM. I was only using 30% of the RAM previously. I also have a Wireless interface card installed acting as an AP and I connect to the pfSense router using OpenVPN.
-
Changing the pattern matcher to the value you specified is good and should not cause any problems.
I'm not sure what you mean by this statement, though –
I made some changes yesterday in that I added the LAN interface on top of the WAN interface (which always starts back up)
Could you elaborate a bit more on exactly what steps you performed in relation to the statement above?
Thanks,
Bill -
Could you elaborate a bit more on exactly what steps you performed in relation to the statement above?
Thanks,
BillSorry, coffee hasn't fully kicked in yet. I was only using a WAN interface setup until yesterday when I added the LAN interface to my setup. I will follow up this afternoon when I get home early from work and reconnect my LAN cable which seems to not be connected at the moment. Damn cat!
