From mboxrd@z Thu Jan 1 00:00:00 1970 From: Stefan Schantl To: development@lists.ipfire.org Subject: Re: IPFire meets Suricata - Call for tester Date: Fri, 15 Feb 2019 08:54:51 +0100 Message-ID: In-Reply-To: <003b01d4c4c1$d13ec0f0$73bc42d0$@net> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============3894706050168387399==" List-Id: --===============3894706050168387399== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hello Wayne, thanks for the additional feedback, I answered the first part in the previous mail. > Reinstalled, IPS ran until I poked a few rule sets active then it > blocked all red regardless if I unchecked the rules. Un-checking IPS > box's no good, had to reboot. > IPS service listings under Status>services never go green. >=20 Of course, this is a bug, because the CGI script needs to be adjusted too, to work with suricata instead of snort. Thanks for reporting it. Best regards, -Stefan > Regards > Wayne >=20 > -----Original Message----- > From: Mentalic [mailto:mentalic(a)cox.net]=20 > Sent: Thursday, February 14, 2019 5:37 PM > To: 'Stefan Schantl'; 'development(a)lists.ipfire.org' > Subject: RE: IPFire meets Suricata - Call for tester >=20 > Used the download image link and loaded on my test box, noticed a few > issues with it. =20 >=20 > -When Intrusion monitoring is enabled on red interface all traffic to > red stops with empty IDS log. > -Intrusion detection Seems to be limited to one rules list source at > a time. Maybe feature of Suricata? > -Under "status" tab, any graphic trend display fails to load with > "contains errors" >=20 > Regards > Wayne >=20 > -----Original Message----- > From: Development [mailto:development-bounces(a)lists.ipfire.org] On > Behalf Of Stefan Schantl > Sent: Thursday, February 14, 2019 8:29 AM > To: development(a)lists.ipfire.org > Subject: Re: IPFire meets Suricata - Call for tester >=20 > Hello list, >=20 > suricata development goes on, so I'm happy to announce the first > release candidate on this list. >=20 > The biggest difference to any previous versions is, this time an > update tarball for any IPFire installations is available. So anybody > now easily can download and install it on an existing system without > doing a fresh installation. >=20 > The tarball (currently only x86_64) can be grabbed from here: >=20 > https://people.ipfire.org/~stevee/suricata/ >=20 > To start testing download the tarball and place it on your IPFire > system. Extract the tarball and launch the install (install.sh) > script. >=20 > During installation snort will be stopped (if running), new files > will be placed on the system, your taken snort settings will be > converted to get used by suricata and finally suricata will be > started (if snort was used before) to start protecting the configured > networks. >=20 > If you prefer a fresh installation, the latest image can be grabbed > from here: >=20 > https://nightly.ipfire.org/next-suricata/latest/x86_64/ >=20 > Direct link for downloading the ISO image: >=20 > https://nightly.ipfire.org/next-suricata/latest/x86_64/ipfire-2.21.x86_64-f= ull-core128.iso >=20 > Thanks for downloading and testing. There are no known bugs so far, > as usual please file any bugs to our bugtracker ( > https://bugzilla.ipfire.org) and share your feedback on the list. >=20 > Best regards, >=20 > -Stefan >=20 --===============3894706050168387399== Content-Type: application/pgp-signature Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="signature.asc" MIME-Version: 1.0 LS0tLS1CRUdJTiBQR1AgU0lHTkFUVVJFLS0tLS0KCmlRSXpCQUFCQ2dBZEZpRUVXTzBOWHRTcnZo YXN5dERuVHRkT0ZZK1RzdDRGQWx4bWNFc0FDZ2tRVHRkT0ZZK1QKc3Q0VDdBLy9hUXgwZ1RaNCs0 SnlHNjBEZ0k1TjRIeWs0UlN6WEV5bTAxRk1Fc041TVIxdXBZTUZqUkw2eU01eQpSQklVWE9rbUU3 N3lmdXRxcFpjbnRWQXBJN3NWNWhyVTJ6WXYyL20rVmZPYmZvWnF5dTFlQnJ1RVdpWnk3SFRHCjBu YXNoN3o3dEtPN2xmSHVmTVhibFRuT2lnOGZQOHhSZTdzNHpFK25xQmxXZ0lRb0NhTS9GM0laN2kx bll3bzgKREJtQTlDUWI1bXB6dTZxOXorMUhndUdRVmtZa1pOUTAyenRJTVhTWElKVGFSZXBPVUZN RFB2SlpTT0o5RE04YwoycUFZT2pYM282QisxQ2pNb2liNGRpTDY4R0tmbWVWM3VTNjB3cnl2QWNH cS9vcXBKTFplT1pVbHpPb2M1ZGZTClZDdWxSa3VJcUVxU1MwZEQyanl2SUhaWms5bFduaUxJaFNr N05NTDdobXFYVEhFTG5PN0srZnlYd3NjWHMvRXIKc0lWL3EzZzZWRWd6MStLc21SbE5HY0ZsTktj UHlIR0xwQm5WMmJpanBiZlA1dEI2OE1pV0t4YXVHTDlLM3lWRApSQ003V0hZK0JvMG4xOURKUC9s eDgwZDZUblFLL3ZyMW5uMlM3aEVOcXhnOEV1ZGVuTkpreHovRDVMRmxhNS9pCnRvMTl6bnQ4c3Zy R1BpMkFwaE5wUm1pdi9GTldLc0h1cFlmRUdwWk90ZUxURklJRVArYzZPL3lyRnBMME9YUmMKWUhV ZlpwbFczdFJWNllacTFmV3lTZDBYckF5RFFzSHdiSzZURWtrakFrdHdzTTZDbWl4NE1CVzRjMll3 eDdkegorS3FqQllyemxUc3BPSmtVYmlnWklxMldKYjNjZVdoeVVYT0lGc1EzVXMxMmlMdFQwQm89 Cj16VDNmCi0tLS0tRU5EIFBHUCBTSUdOQVRVUkUtLS0tLQo= --===============3894706050168387399==--