From mboxrd@z Thu Jan 1 00:00:00 1970 From: Mentalic To: development@lists.ipfire.org Subject: RE: IPFire meets Suricata - Call for tester Date: Mon, 04 Mar 2019 13:54:37 -0600 Message-ID: <002301d4d2c4$1a446560$4ecd3020$@net> In-Reply-To: <001301d4d1e7$28b220c0$7a166240$@net> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============7432564057167309364==" List-Id: --===============7432564057167309364== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Ran three different installs of tarball over image 5c861701e52ead2620df36049c= 242255 ipfire-2.x-suricata-rc4_x86_64.tar.gz using a couple different backups= . All three had these two snort errors. ./install.sh: line 4: /etc/init.d/snort: No such file or directory /var/ipfire/snort/settings not found - Nothing to do. Exiting! 1)Built without internet access, restored core 128 backup from suricata editi= on. Tarball installs with allot of geoip errors apparently because file stru= cture and data did not yet exist due to being offline. Backup had Geoip and G= eoIP Groups in use.=20 Repeated error: "Could not open /usr/share/xt_geoip/CN.iv4: No such file or directory" After giving internet access and rebooting it cleared up these messages. 2)Built with internet access, restored core 128 backup from suricata edition.= Tarball installs with only the two snort errors. ./install.sh: line 4: /etc/init.d/snort: No such file or directory /var/ipfire/snort/settings not found - Nothing to do. Exiting! 3) Built with internet access, restored core 127 backup from guardian install= . IDS had this error: Setting up firewall [ OK = ] Stopping Collection daemon... [ OK = ] Starting Collection daemon... [ OK = ] Starting Intrusion Detection System... [ FAIL= ] chmod: cannot access '/var/run/suricata.pid': No such file or directory >>From IPS interface was able to do a save and IPS then service started. Regards Wayne -----Original Message----- From: Development [mailto:development-bounces(a)lists.ipfire.org] On Behalf O= f Mentalic Sent: Sunday, March 03, 2019 11:33 AM To: 'Stefan Schantl'; development(a)lists.ipfire.org Subject: RE: IPFire meets Suricata - Call for tester Loaded up the Tarball, reports build 5d04cfe7. Running Blue and orange. Noticed that the Blue network no longer requires a firewall rule to enable in= ternet access. Only had to add device in Blue Access interface. I like this c= hange. Regards Wayne -----Original Message----- From: Development [mailto:development-bounces(a)lists.ipfire.org] On Behalf O= f Stefan Schantl Sent: Sunday, March 03, 2019 8:39 AM To: development(a)lists.ipfire.org Subject: Re: IPFire meets Suricata - Call for tester Hello list, Recently I've uploaded the fourth release candidate. It fixes the issue of non working IPSec tunnels and tunes the main suricata c= onfiguration to better use available system resources. The new tarball (currently x86_64 only) can be found here: https://people.ipfire.org/~stevee/suricata/ To start testing download the tarball and place it on your IPFire system. Ext= ract the tarball and launch the install (install.sh) script. If you already have installed a previous test version or image, with the same= steps as noted above you can update the the new version. As always, if you prefer a fresh installation, the latest image can be grabbe= d from here (Please note the delay of at least one day until the new ISO is b= uilt by the service): https://nightly.ipfire.org/next-suricata/latest/x86_64/ Thanks for downloading and testing. There are no known bugs so far, as usual = please file any bugs to our bugtracker ( https://bugzilla.ipfire.org) and share your feedback on the list. Best regards, -Stefan --===============7432564057167309364==--