Snort Package Missing in downgrade to 2.1.1? Using pbi_add?



  • Hi Everyone,

    I've been pulling my hair out for the last couple days.  Long story short.  I upgraded my 2.1.1 build to the current stable 2.2.6 only to find out that there are issues with IPSEC that causes regular crashes on the system and causes our firewalls to be unstable.  I tried going to the current 2.3 snapshot to see if that would work, but to no avail.  Still having instability issues.

    Unfortunately given our config, I had to downgrade back to our tried and true 2.1.1 until I can test a version that is stable and suits our needs for IPSEC.  switching to OpenVPN or something else is not an option for us as of now.  All in all 2.1.1 has been rock solid.    Sadly, the package reinstallation failed and the snort package is no longer anywhere to be seen in the Available Packages list.

    I've read this:
    https://forum.pfsense.org/index.php?topic=74486.0

    and This:
    https://forum.pfsense.org/index.php?topic=74833.0

    They helped me track down the latest snort package from https://files.pfsense.org/packages/amd64/8/All/snort-2.9.7.2-amd64.pbi

    I've downloaded the latest snort package from the above link, and installed it successfully using

    "pbi_add –no-checksig -f snort-2.9.7.2-amd64.pbi"

    But to no avail as I still have no way to run the xml portion for webui configuration.  So I'm kind of stuck right now.  Sadly I have no other options available to me except to get pfsense 2.1.1 working with snort.

    I've tried using pfSsh.php to also install snort by running :

    #pfSsh.php playback installpkg "snort"

    but as expected I get "Package not found."

    So my questions are:

    What am I missing that would cause snort to be removed from the list?
    IS there a way to refresh or redirect the available packages list to something that can help me install snort?
    If I'm on the right path using pbi_add.  What do I need to do for the webui config?

    If anyone can shed some light on what I'm missing or point me into a new direction, I'd very appreciative.

    Thanks!



  • The last supported version of Snort for 2.1.x hasn't been supported by Cisco for signature updates in quite some time and hence the package was removed, since it could no longer function.

    There are no known stability issues with IPsec in 2.3. There is still a status problem we're working on where sometimes the status pages hang, but it doesn't affect functionality. Starting a thread on what you were seeing there would be your best bet.


Log in to reply