Search found 104 matches

by Edwin
May 6th, 2018, 2:44 pm
Forum: Addons
Topic: Guardian not logging or blocking, how to troubleshoot?
Replies: 30
Views: 9186

Re: Guardian not logging or blocking, how to troubleshoot?

I don't get VRT log-entries either, and I have a lot of VRT rules selected. I'm afraid it's not working since a long time, but I don't know how to test this.
by Edwin
May 5th, 2018, 11:29 pm
Forum: Development
Topic: ntopng for IPFire
Replies: 126
Views: 32806

Re: ntopng for IPFire

Downloaded the latest redis and ntopng packages and did a re-inststall. It all works as expected.
Thanks!
by Edwin
May 5th, 2018, 8:06 am
Forum: Development
Topic: ntopng for IPFire
Replies: 126
Views: 32806

Re: ntopng for IPFire

Good morning gokart, Just re-downloaded and re-installed. ntopng is running now, thank you so much! Regards, Edwin. Edit: It sees only the red and green interface.. Edit2: found the ntopng.conf. Stopped ntopng in the Webiif, enabled blue in config and restart ntopng in Webif. ntopnf refuses to resta...
by Edwin
May 4th, 2018, 6:36 pm
Forum: Development
Topic: ntopng for IPFire
Replies: 126
Views: 32806

Re: ntopng for IPFire

Yesterday evening I installed ntopng for the first time via Erik's script and it worked right away. Wow, that's nice! After happily clicking around in it for like an hour or so, it stopped responding, the process had stopped. Restarting the service didn't work, restarting the firewall didn't work ei...
by Edwin
May 2nd, 2018, 6:24 pm
Forum: Addons
Topic: Segfaults in 'squidclamav' after upgrading to Core120
Replies: 8
Views: 1418

Re: Segfaults in 'squidclamav' after upgrading to Core120

Hi Matthias,
I know it shouldn't just download the eicar file. More strange is that I could not find any "crash-messages" in /var/log/messages.
I'll test a bit further.
Regards,
Edwin.
by Edwin
May 1st, 2018, 9:02 pm
Forum: Addons
Topic: Segfaults in 'squidclamav' after upgrading to Core120
Replies: 8
Views: 1418

Re: Segfaults in 'squidclamav' after upgrading to Core120

Just updated my second firewall (and again no problem with the WUI). ClamAV and SquidClamav seem to be running. When I try to download the eicar file when browsing via the proxy, nothing crashes, I just download the file.... Don't know if it's relevant info in this thread, just thought I mention it....
by Edwin
April 30th, 2018, 9:05 pm
Forum: IPFire in General
Topic: Core Update 120
Replies: 16
Views: 2838

Core Update 120

Earlier this evening I updated my Core 119 firewall to Core Update 120. I understand that this update was a big one.
The process went smooth and all is working well as far as I can tell.
Great job guys, thank you very much!

Regards,
Edwin.
by Edwin
April 27th, 2018, 7:09 am
Forum: IPFire in General
Topic: Snort Rules Update
Replies: 81
Views: 27628

Re: Snort Rules Update

Okay, thanks.
And yes, a pakfire package would be great!
by Edwin
April 26th, 2018, 9:09 pm
Forum: IPFire in General
Topic: Snort Rules Update
Replies: 81
Views: 27628

Re: Snort Rules Update

Hi, Thanks for your work! The new script gives me: [root@ipfire snort]# ./update.sh Use of uninitialized value $vnumer in substitution (s///) at /var/ipfire/snort/snortupdate.pl line 140. Use of uninitialized value $vnumer in numeric gt (>) at /var/ipfire/snort/snortupdate.pl line 141. No updates fo...
by Edwin
April 15th, 2018, 12:46 pm
Forum: IPFire in General
Topic: Snort Rules Update
Replies: 81
Views: 27628

Re: Snort Rules Update

Ah, now I see.
The WebIF doesn't get a proper update of all rules that exists in /etc/snort/rules.
Thanks for pointing that out!

edit:
When I update the snort.conf with a missing rule, the WebIF gets updated.

Regards,
Edwin.
by Edwin
April 15th, 2018, 9:08 am
Forum: IPFire in General
Topic: Snort Rules Update
Replies: 81
Views: 27628

Re: Snort Rules Update

Hi H&M,

The VRT and ET rules I choose in the WebIF match exactly with the include lines in snort.conf.
Isn't that okay?

Regards,
Edwin.
by Edwin
April 12th, 2018, 7:59 pm
Forum: IPFire in General
Topic: Snort Rules Update
Replies: 81
Views: 27628

Re: Snort Rules Update

I have been running this script for a few day's now without any problem. It's great!
The script checks every hour for updates and gets me the ET and VRT rules when updates are available.
Thanks so much.

Regards,
Edwin.
by Edwin
April 8th, 2018, 8:35 pm
Forum: IPFire in General
Topic: Snort Rules Update
Replies: 81
Views: 27628

Re: Snort Rules Update

Okay, here it is. All seems to work as expected, I only get some wget message I don't understand. [root@ipfire snort]# ./update.sh Update found! Downloading... https://www.snort.org/rules/snortrules-snapshot-29111.tar.gz?oinkcode=xxxxxxxxxxxx Update Successfull for https://www.snort.org/rules/snortr...
by Edwin
April 8th, 2018, 4:58 pm
Forum: IPFire in General
Topic: Snort Rules Update
Replies: 81
Views: 27628

Re: Snort Rules Update

Looking great now, thanks. I will let it run, with an hourly update check, on my firewall I use for testing and will report back later. One little thing; In your install-script you set a symbolic link in fcron.hourly and later you do a chmod +x on a link in frcon.daily, which isn't there. Minor thin...
by Edwin
April 7th, 2018, 8:20 pm
Forum: IPFire in General
Topic: Snort Rules Update
Replies: 81
Views: 27628

Re: Snort Rules Update

The interfaces have standard names. So in /var/run the files snort_blue0.pid, snort_green0.pid and snort_red0.pid are present. cat /var/ipfire/red/iface gives red0 (with no carriage return after the 0). Don't know why it's not working. So, this is what happens [root@ipfire snort]# ./update.sh No upd...