Hello Wayne,
thanks for joining testing and sharing your feedback with this list.
Used the download image link and loaded on my test box, noticed a few issues with it.
-When Intrusion monitoring is enabled on red interface all traffic to red stops with empty IDS log.
Indeed this is not an expected behavior. Please provide some more details about the used version (did you updated the ISO-release with the tarball-based RC1 release? ) configuration etc. to figure out what happened here.
-Intrusion detection Seems to be limited to one rules list source at a time. Maybe feature of Suricata?
This works as designed, only one Ruleset-Vendor at the same time can be used.
-Under "status" tab, any graphic trend display fails to load with "contains errors"
This take some time to collect data and generate the graphs. Please be patient, if after one day still no graphs a generated please report back.
Best regards,
-Stefan
Regards Wayne
-----Original Message----- From: Development [mailto:development-bounces@lists.ipfire.org] On Behalf Of Stefan Schantl Sent: Thursday, February 14, 2019 8:29 AM To: development@lists.ipfire.org Subject: Re: IPFire meets Suricata - Call for tester
Hello list,
suricata development goes on, so I'm happy to announce the first release candidate on this list.
The biggest difference to any previous versions is, this time an update tarball for any IPFire installations is available. So anybody now easily can download and install it on an existing system without doing a fresh installation.
The tarball (currently only x86_64) can be grabbed from here:
https://people.ipfire.org/~stevee/suricata/
To start testing download the tarball and place it on your IPFire system. Extract the tarball and launch the install (install.sh) script.
During installation snort will be stopped (if running), new files will be placed on the system, your taken snort settings will be converted to get used by suricata and finally suricata will be started (if snort was used before) to start protecting the configured networks.
If you prefer a fresh installation, the latest image can be grabbed from here:
https://nightly.ipfire.org/next-suricata/latest/x86_64/
Direct link for downloading the ISO image:
https://nightly.ipfire.org/next-suricata/latest/x86_64/ipfire-2.21.x86_64-fu...
Thanks for downloading and testing. There are no known bugs so far, as usual please file any bugs to our bugtracker ( https://bugzilla.ipfire.org) and share your feedback on the list.
Best regards,
-Stefan