[pfSense Support] s2c_parse_load_wl() => Invalid data in whitelist file
Dear Support, i have installed pfsense 1.2.3 and snort package Snort 2.8.6.1 pkg v. 1.34, but it won' t run when i try to start it, here's the error message in the system.log / s2c_parse_load_wl/() => Invalid data in whitelist file can u tell me what exactly went wrong ? thanks -- /Regards, Indrajaya Pitra Perdana/
[pfSense Support] Maximum Download Size Not Working ?
Dear all, I try to limit maximum download size to 5 MB using squid reply_body_max_size in pfsense, but i still can download file more that 5 MB, is there any other configuration that i must do to make it work? below here are my config reply_body_max_size 512 allow all I'm using pfsense *1.2.2 * and squid 2.7.8 , thanks before -- Regards, Indrajaya Pitra Perdana
Re: [pfSense Support] Add Threshold in Snort PFsense
Thanks a lot mayak for your information Regards, Indrajaya Pitra Perdana On 4/13/2010 1:36 PM, mayak-cq wrote: On Tue, 2010-04-13 at 08:20 +0700, Indrajaya Pitra Perdana wrote: Hello guys, can somebody help me? thanks Regards, Indrajaya Pitra Perdana On 4/12/2010 11:11 AM, Indrajaya Pitra Perdana wrote: Dear all, I try to add a suppress rule in the threshold.conf like this: suppress gen_id 122, sig_id 1, track by_dst, 10.10.10.0/24 But snort won't start with this kind of error: /usr/local/etc/snort/threshold.conf(4) => Suppress-Parse: argument pairing error Can somobody help me where exactly i'm doing wrong? thanks alot Note: i'm using Snort 2.8.4.1_5 pkg v. 1.6 hi indrajaya, imho, you should probably consider snort as experimental, as far as the pfsense release goes. i have also had very bad luck -- i decided to block offending hosts, and after accumulating several hundred, the router blocked wan access. i cleared, de-installed, and eventually had to reboot in order to let packets through. there is no persistance -- if the router is restarted, the blocked list is lost, if you upgrade the package, the configuration files are wiped out, so you need to reboot to restore original config. barnyard2 is not working either, so there's no way to achieve persistence on the rule violations. i would play with it on a non-production router only. cheers m - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Add Threshold in Snort PFsense
Hello guys, can somebody help me? thanks Regards, Indrajaya Pitra Perdana On 4/12/2010 11:11 AM, Indrajaya Pitra Perdana wrote: Dear all, I try to add a suppress rule in the threshold.conf like this: suppress gen_id 122, sig_id 1, track by_dst, 10.10.10.0/24 But snort won't start with this kind of error: /usr/local/etc/snort/threshold.conf(4) => Suppress-Parse: argument pairing error Can somobody help me where exactly i'm doing wrong? thanks alot Note: i'm using Snort 2.8.4.1_5 pkg v. 1.6 - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] Add Threshold in Snort PFsense
Dear all, I try to add a suppress rule in the threshold.conf like this: suppress gen_id 122, sig_id 1, track by_dst, 10.10.10.0/24 But snort won't start with this kind of error: /usr/local/etc/snort/threshold.conf(4) => Suppress-Parse: argument pairing error Can somobody help me where exactly i'm doing wrong? thanks alot Note: i'm using Snort 2.8.4.1_5 pkg v. 1.6 -- Regards, Indrajaya Pitra Perdana - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Command in Crontab Missing
Ok thanks Aarno, i'll give it a try Regards, Indrajaya Pitra Perdana On 1/29/2010 11:38 PM, Aarno Aukia wrote: The more helpful suggestion IMHO: use the "Cron" package to manage the - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] Command in Crontab Missing
Dear all, I try to insert several command in the /etc/crontab file, but after sometimes (around 30 days) the command that i manually insert is gone, is there something that made the crontab reset as it was before ? i use *1.2.2* version , thx before -- Regards, Indrajaya Pitra Perdana
Re: [pfSense Support] pfsense package system down ?
php: /pkg_mgr.php: XMLRPC request failed with error 2: Invalid return payload: enable debugging to examine incoming payload" Regards, ~ipp~ Indrajaya Pitra Perdana wrote: is pfsense packages system down ? i'm unable to communicate with it to install packages fresh install pfsense 1.2.2 - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] pfsense package system down ?
is pfsense packages system down ? i'm unable to communicate with it to install packages fresh install pfsense 1.2.2 -- regards, ~ipp~ - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Snort Whitelist still blocking
Thanks Chris i gonna upgrade it first Regards ~Indrajaya Pitra Perdana~ Chris Buechler wrote: On Wed, Oct 14, 2009 at 10:59 PM, Indrajaya Pitra Perdana wrote: dear support, I try to whitelist all of google site that have IP address 216.239.32.0/19 , and then i restarted the snort services, but somehow it keeps blocking them, is there anything that i should do to make this whitelist work ? thx in advance My snort package is 2.8.2.6_1 That's extremely outdated, you should upgrade the package. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] Snort Whitelist still blocking
dear support, I try to whitelist all of google site that have IP address 216.239.32.0/19 , and then i restarted the snort services, but somehow it keeps blocking them, is there anything that i should do to make this whitelist work ? thx in advance My snort package is 2.8.2.6_1 Ppsense 1.2.2 -- Regards ~Indrajaya Pitra Perdana~ - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] Re: snort2c error
Dear Robert, Currently i'm using Pfsense 1.2.2 with Quadcore processor 2.4 GHz, 4 GB RAM, 500 GB SATA, 2x3COM NIC, thx Regards, Indrajaya Pitra Perdana robrob2...@yahoo.com wrote: Dear Sir I'm one of the maintainers of the snort package for pfsense and would like to help you with your problem. Please answer theses question so I can provide a answer. What version of pfsense do you have ? What are the system specs of the machine ruining the snort package ? robert - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] Snort2c failed to run
Dear Support, I'm using pfsense with snort package version 2.8.4.1, but when it try to run snort2c, snort2c suddenly stop with this error: snort2c[28049]: DIOCRADDADDRS - ioctl error - exit So the snort cannot autoblock the intrusion, can somebody help me with this ? , thanks in advance -- Regards ~Indrajaya Pitra Perdana~ - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Snort Updates - How to stop one in progress?
Yup i agree with that, or you can try watching the states at the diagnostic menu, and than remove the states that related to snort update Regards ~ipp~ RB wrote: On Tue, May 19, 2009 at 11:47, Chuck Mariotti wrote: Navigated to the snort tabs, so now it’s trying to run a huge update (never been updated before) and has brought the network to it’s knees. How can I stop the update that’s already been started? Quick answer: ssh + kill - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] SquidGuard Transparent Proxy - Bridge Mode
Hello Guys, Can i run SquidGuard Transparent Proxy using Bridge Mode ? i already tested but it seems that SquidGuard is not blocking any sites when running in Bridge Mode, thx -- Regards ~ipp~ - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] rsync in pfsense
Oke i'll try, but after i commented out the max connections, rsync runs normaly :D , thx Regards ~Indrajaya Pitra Perdana~ Paul Mansfield wrote: Indrajaya Pitra Perdana wrote: Dear all, i have installed rsync in my pfsense 1.2.2* *with pkg_add and succeeded but when i try to grab a file to it, it keeps telling me this error: @ERROR: max connections (10) reached -- try again later rsync: connection unexpectedly closed (0 bytes received so far) [receiver] rsync error: error in rsync protocol data stream (code 12) at io.c(359) i've increased the max connection to whatever the number is and the problem persist these are the rsync version that i already tried rsync-3.0.0.tbz, rsync-3.0.4.tbz,rsync-3.0.5.tbz Need your help on this, thx add a couple of "v"'s into the args, e.g. "rsync -avvz dir1 host:/dir2" and see what it says. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] rsync in pfsense
Dear all, i have installed rsync in my pfsense 1.2.2* *with pkg_add and succeeded but when i try to grab a file to it, it keeps telling me this error: @ERROR: max connections (10) reached -- try again later rsync: connection unexpectedly closed (0 bytes received so far) [receiver] rsync error: error in rsync protocol data stream (code 12) at io.c(359) i've increased the max connection to whatever the number is and the problem persist these are the rsync version that i already tried rsync-3.0.0.tbz, rsync-3.0.4.tbz,rsync-3.0.5.tbz Need your help on this, thx -- Regards, Indrajaya Pitra Perdana - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org