From: Mentalic <mentalic@cox.net>
To: development@lists.ipfire.org
Subject: RE: IPFire meets Suricata - Call for tester
Date: Thu, 14 Feb 2019 18:03:01 -0600 [thread overview]
Message-ID: <003b01d4c4c1$d13ec0f0$73bc42d0$@net> (raw)
In-Reply-To: <1258fb12b260c7b89d88c6eb68e25102aea55cb9.camel@ipfire.org>
[-- Attachment #1: Type: text/plain, Size: 2509 bytes --]
Reinstalled, IPS ran until I poked a few rule sets active then it blocked all red regardless if I unchecked the rules. Un-checking IPS box's no good, had to reboot.
IPS service listings under Status>services never go green.
Regards
Wayne
-----Original Message-----
From: Mentalic [mailto:mentalic(a)cox.net]
Sent: Thursday, February 14, 2019 5:37 PM
To: 'Stefan Schantl'; 'development(a)lists.ipfire.org'
Subject: RE: IPFire meets Suricata - Call for tester
Used the download image link and loaded on my test box, noticed a few issues with it.
-When Intrusion monitoring is enabled on red interface all traffic to red stops with empty IDS log.
-Intrusion detection Seems to be limited to one rules list source at a time. Maybe feature of Suricata?
-Under "status" tab, any graphic trend display fails to load with "contains errors"
Regards
Wayne
-----Original Message-----
From: Development [mailto:development-bounces(a)lists.ipfire.org] On Behalf Of Stefan Schantl
Sent: Thursday, February 14, 2019 8:29 AM
To: development(a)lists.ipfire.org
Subject: Re: IPFire meets Suricata - Call for tester
Hello list,
suricata development goes on, so I'm happy to announce the first release candidate on this list.
The biggest difference to any previous versions is, this time an update tarball for any IPFire installations is available. So anybody now easily can download and install it on an existing system without doing a fresh installation.
The tarball (currently only x86_64) can be grabbed from here:
https://people.ipfire.org/~stevee/suricata/
To start testing download the tarball and place it on your IPFire system. Extract the tarball and launch the install (install.sh) script.
During installation snort will be stopped (if running), new files will be placed on the system, your taken snort settings will be converted to get used by suricata and finally suricata will be started (if snort was used before) to start protecting the configured networks.
If you prefer a fresh installation, the latest image can be grabbed from here:
https://nightly.ipfire.org/next-suricata/latest/x86_64/
Direct link for downloading the ISO image:
https://nightly.ipfire.org/next-suricata/latest/x86_64/ipfire-2.21.x86_64-full-core128.iso
Thanks for downloading and testing. There are no known bugs so far, as usual please file any bugs to our bugtracker (
https://bugzilla.ipfire.org) and share your feedback on the list.
Best regards,
-Stefan
next prev parent reply other threads:[~2019-02-15 0:03 UTC|newest]
Thread overview: 53+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-11-29 19:43 Stefan Schantl
2018-12-11 20:53 ` Peter Müller
2018-12-12 20:54 ` Peter Müller
2018-12-16 20:28 ` Peter Müller
2018-12-17 14:21 ` Stefan Schantl
2018-12-17 17:05 ` Michael Tremer
2018-12-17 19:08 ` Stefan Schantl
2018-12-19 16:30 ` Michael Tremer
2018-12-20 13:03 ` Stefan Schantl
2018-12-20 14:05 ` Michael Tremer
2018-12-21 16:03 ` Tim FitzGeorge
2018-12-25 19:17 ` Stefan Schantl
2018-12-25 21:56 ` Michael Tremer
2018-12-25 19:03 ` Stefan Schantl
2019-01-01 13:32 ` Stefan Schantl
2019-01-02 15:54 ` Michael Tremer
2019-02-06 8:58 ` Stefan Schantl
2019-02-14 14:28 ` Stefan Schantl
2019-02-14 15:20 ` ummeegge
2019-02-14 18:01 ` Matthias Fischer
2019-02-14 21:49 ` Stefan Schantl
2019-02-14 23:16 ` Matthias Fischer
2019-02-14 23:36 ` Mentalic
2019-02-15 7:51 ` Stefan Schantl
2019-02-15 0:03 ` Mentalic [this message]
2019-02-15 7:54 ` Stefan Schantl
2019-02-17 11:58 ` Stefan Schantl
2019-02-17 12:59 ` Michael Tremer
2019-02-17 19:57 ` Stefan Schantl
2019-02-18 11:44 ` Michael Tremer
2019-02-18 13:09 ` Stefan Schantl
2019-03-03 11:37 ` ummeegge
2019-03-03 18:48 ` Stefan Schantl
2019-03-04 6:28 ` ummeegge
2019-02-18 13:16 ` Stefan Schantl
2019-02-18 22:11 ` Mentalic
2019-02-19 11:33 ` Stefan Schantl
2019-02-19 22:12 ` Mentalic
2019-02-19 23:22 ` Mentalic
2019-02-20 7:55 ` Stefan Schantl
2019-02-21 21:56 ` Mentalic
2019-02-22 10:21 ` Michael Tremer
2019-02-22 11:08 ` Stefan Schantl
2019-02-22 10:59 ` Stefan Schantl
2019-02-22 18:40 ` Mentalic
2019-02-20 7:19 ` Stefan Schantl
2019-03-03 14:39 ` Stefan Schantl
2019-03-03 17:33 ` Mentalic
2019-03-04 19:54 ` Mentalic
2019-03-05 9:31 ` Michael Tremer
[not found] <E1gf64O-0003zJ-Kt@smtprelay03.ispgateway.de>
2019-01-06 13:26 ` IPFire meets Suricata - Call for Tester Stefan Schantl
[not found] <79FF884C-B36B-42F5-A620-F2636E3706FC@gmail.com>
2019-02-06 9:57 ` IPFire meets Suricata - Call for tester Stefan Schantl
2019-02-06 10:43 ` Michael Tremer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='003b01d4c4c1$d13ec0f0$73bc42d0$@net' \
--to=mentalic@cox.net \
--cc=development@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox