Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Snort 3.0

    Scheduled Pinned Locked Moved IDS/IPS
    6 Posts 4 Posters 2.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      simby
      last edited by

      Hi,  can we have support for snort 3.0 in pfsense 2.3?

      1 Reply Last reply Reply Quote 0
      • F
        fragged
        last edited by

        When it hits release or at earliest when the RCs come out.

        1 Reply Last reply Reply Quote 0
        • bmeeksB
          bmeeks
          last edited by

          Yeah, things don't get in pfSense until they are in the FreeBSD ports tree.  Right now Snort 2.9.8.0 is current in FreeBSD ports.  They likely won't take Snort 3.0 in the ports tree until it goes at least to Release Candidate status.

          Snort on pfSense 2.3-BETA has been updated to the 2.9.8.0 binary.  I will see about bumping the binary version for pfSense 2.2.x users as well.

          Bill

          1 Reply Last reply Reply Quote 0
          • V
            vbentley
            last edited by

            Hopefully, in response to CVE-2016-1345 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160330-fp it will get bumped to 2.9.8.2

            Trademark Attribution and Credit
            pfSense® and pfSense Certified® are registered trademarks of Electric Sheep Fencing, LLC in the United States and other countries.

            1 Reply Last reply Reply Quote 0
            • S
              simby
              last edited by

              bmeeks: can we upgrade this? PF 2.3?

              1 Reply Last reply Reply Quote 0
              • bmeeksB
                bmeeks
                last edited by

                @vbentley:

                Hopefully, in response to CVE-2016-1345 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160330-fp it will get bumped to 2.9.8.2

                Snort on pfSense is NOT compiled with the "–enable-file-inspect" flag, so it should not be vulnerable according to the security bulletin.

                Updates to the pfSense binaries for Snort and Suricata only happen after those updates are posted in FreeBSD ports.

                Bill

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.