Search found 113 matches

by JonM
June 6th, 2019, 5:01 pm
Forum: IPFire in General
Topic: enabling suricata in ipfire 2.23
Replies: 5
Views: 353

Re: enabling suricata in ipfire 2.23

Those errors I do not know. Hopefully one of the IPS suricata experts will answer!
by JonM
June 5th, 2019, 7:57 pm
Forum: IPFire in General
Topic: yum update times out after upgrade to 131
Replies: 21
Views: 725

Re: yum update times out after upgrade to 131

I'll add a wild guess. Do you have IPS turned on?

I experienced issues with ET.Policy and apt-get (another installer package). My fault!
viewtopic.php?f=27&t=22848

I noticed there is a YUM component also:
Screen Shot 2019-05-31 at 1.37.16 PM 2.png
by JonM
June 5th, 2019, 7:42 pm
Forum: IPFire in General
Topic: enabling suricata in ipfire 2.23
Replies: 5
Views: 353

Re: enabling suricata in ipfire 2.23

This might help turn on IPS.
viewtopic.php?f=27&t=22752&p=124595#p124595

Once you click Save then things will look similar to the image on the Wiki:
https://wiki.ipfire.org/configuration/f ... /ips/start

Hope this helps!
by JonM
June 1st, 2019, 8:17 pm
Forum: IPFire in General
Topic: Can Guardian Still Be Used in Core 131?
Replies: 1
Views: 219

Re: Can Guardian Still Be Used in Core 131?

This might help answer your question:

https://wiki.ipfire.org/addons/guardian/start
Guardian will still provide means against SSH brute-force attacks and brute-force attacks against the IPFire Web UI.
by JonM
June 1st, 2019, 2:49 am
Forum: IPFire in General
Topic: How can we improve the IPFire Forums?
Replies: 39
Views: 4746

Re: How can we improve the IPFire Forums?

Is Discourse still in the plans? Or maybe a move to a different forum? Just curious!
by JonM
May 31st, 2019, 8:20 pm
Forum: IPFire in General
Topic: apt-get update error with IPS Suricata
Replies: 3
Views: 278

Re: apt-get update error with IPS Suricata

Hey Tim! Thank you for this info - I did not realize. Based on a conversation in the past, I thought there were base rules (probably not the right term) and sub-rules that need the base rules to be present. ET POLICY was one of the base rules. ET EXPLOIT would be an example of a sub-rule that relies...
by JonM
May 31st, 2019, 7:04 pm
Forum: IPFire in General
Topic: apt-get update error with IPS Suricata
Replies: 3
Views: 278

apt-get update error with IPS Suricata

I've been trying to update & upgrade my Raspberry Pi for the past few days but I kept getting lots of errors: pi@raspi:~ $ sudo apt-get update Ign:1 http://archive.raspberrypi.org/debian stretch InRelease Ign:2 http://raspbian.raspberrypi.org/raspbian stretch InRelease Err:3 http://archive.raspberry...
by JonM
May 27th, 2019, 4:11 am
Forum: Addons
Topic: Tshark on IPFire
Replies: 8
Views: 574

Re: Tshark on IPFire

All else works great! I've been using it to do some network troubleshooting. Thank you for adding TShark!
by JonM
May 26th, 2019, 4:54 pm
Forum: Addons
Topic: Tshark on IPFire
Replies: 8
Views: 574

Re: Tshark on IPFire

where comes it from and how did you installed it ? I installed it from the nightly builds: https://nightly.ipfire.org/next/latest/x86_64/packages/tshark-3.0.1-1.ipfire using these steps: cd /opt/pakfire/tmp wget https://nightly.ipfire.org/next/latest/x86_64/packages/tshark-3.0.1-1.ipfire tar xvf ts...
by JonM
May 26th, 2019, 3:34 am
Forum: Addons
Topic: Tshark on IPFire
Replies: 8
Views: 574

Re: Tshark on IPFire

The Wiki looks good to me! I've been using tshark on core 131 for the past few days (I have not tried core 132 yet). The only odd error I've found is below. [root@ipfire ~]# tshark -G protocols Running as user "root" and group "root". This could be dangerous. tshark: radius: Could not open file: '/u...
by JonM
May 20th, 2019, 11:17 pm
Forum: IPFire in General
Topic: Upgraded to Core 131 - can't enable IPS
Replies: 8
Views: 601

Re: Upgraded to Core 131 - can't enable IPS

@t8383 - you may want to delete this post and start a new thread just for your issue. Otherwise it may get ignored here.

Also, look in the IPFire wiki for articles on how to flash an image.
by JonM
May 20th, 2019, 6:18 pm
Forum: IPFire in General
Topic: Core 131 with unbound error
Replies: 2
Views: 303

Re: Core 131 with unbound error

The above seems to be related to the new IPS. If I turn IPS off then all works OK. Once I turn IPS back on then I start getting the validation failure errors. Below is what I see once IPS is on for RED only: [root@ipfire ~]# grep validation /var/log/messages May 20 12:31:09 ipfire unbound: [1507:2] ...
by JonM
May 18th, 2019, 8:00 pm
Forum: IPFire in General
Topic: Upgraded to Core 131 - can't enable IPS
Replies: 8
Views: 601

Re: Upgraded to Core 131 - can't enable IPS

on that same page pick your favorite Ruleset and then click Save.

ipfire_ips.PNG

And then wait a few moments... (and yes, it is confusing!)
by JonM
May 18th, 2019, 2:47 am
Forum: IPFire in General
Topic: Core 131 with unbound error
Replies: 2
Views: 303

Core 131 with unbound error

I updated from Core 130 to Core 131 yesterday and I am getting lots of unbound errors. (No unbound errors in Core 130). Most are related to NTP but some are related to other sites and some are related to rDNS. [root@ipfire ~]# grep validation /var/log/messages . . . May 17 14:55:16 ipfire unbound: [...