4. Snort XMLRPC Sync

Snort XMLRPC Sync

  • ?

    I'm using Snort on two pfSense HA firewalls (CARP) and sync the Snort config (Snort XMLRPC Sync) between them. Unfortunately it seems there is no indicator when the last sync happened, so there is no guarantee that both are in sync.

    I noticed that when I enabled the Open AppID support on an interface. The change was not synced to the second Snort instance for days till I manually pushed the save button on the Snort sync tab.

    Is there any documentation (beside looking at the source) how the sync should work or what can be expected?

    0

  • There should be sync messages written to the system logs (especially on the destination machine).

    I probably forgot to add a "sync trigger" to the new OpenAppID code. I will check that so that when it is enabled/disabled, a sync is forced.

    Bill

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy