Snort Package Update - 2.9.7.3 pkg v3.2.6



  • Snort 2.9.7.3 pkg v3.2.6

    This update to the Snort package fixes six reported bugs and adds one new feature. The underlying Snort binary version remains at 2.9.7.3.

    New Features

    • A new GUI option has been added to the GLOBAL SETTINGS tab to allow the user to hide deprecated rules categories found in the Snort VRT and Emerging Threats/ET-Pro rules packages. A number of rules categories in the Snort VRT rules package are now empty and their rules transferred to other newer categories. The old empty files were left so as not to break legacy Snort configurations. Two rules categories have been deprecated in the Emerging Threats/ET-Pro rules package. This new GUI option allows these deprecated files to be removed so they no longer display on the CATEGORIES tab. The specific files to be removed are contained in a deprecated_rules text file in the Snort directory tree. The new GUI option defaults to off (deprecated rules categories will be displayed). Setting the new option to on will remove and hide the deprecated categories.

    Bug Fixes

    • Save of OpenAppID preprocessor config changes does not trigger CARP SYNC.

    • FQDN aliases are allowed on VARIABLES tab and should instead be flagged and ignored since Snort does not support use of FQDN aliases at this time.

    • IPREP IP Lists not syncing with CARP replication partners.

    • PHP Warning error in PREPROCESSORS tab code due to string/array mismatch.

    • Snort Alerts Widget can sometimes fail to get a valid file handle but will continue anyway producing a swarm of PHP warnings in the system log.

    • On some installs, if Snort takes a long time to start, the package installation PHP process can time out and consequently the Snort package installation fails to complete. Changed restart of Snort at end of installation to launch as a background task to prevent this.

    Bill


  • Banned

    Its running as of now Bill!

    Thanks for all the great work you have done for this community!



  • Hello,

    Is this update only newer versions of pfsense?  I'm still on 2.1.5 (32bit) and my Snort under packages is not showing an update available.  Currently installed with 2.9.7.2 pkg v3.2.4

    Cheers


  • Banned

    @FlashPan:

    Is this update only newer versions of pfsense?  I'm still on 2.1.5 (32bit) and my Snort under packages is not showing an update available.  Currently installed with 2.9.7.2 pkg v3.2.4

    Yes. You won't see any new updates of 2.1.x because it does not even compile any more there.



  • Okey dokey, thanks for the clarification :)


Log in to reply