Feature #14689
closed
Warn users about the risks of using snort in a netgate pfsense device
0%
Description
Hello
I installed pfsense in a computer, running snort, protecting my network, it was awesome.... I decided to purchase a dedicated firewall for that purpose (netgate 2100), but it turns out that the netgate will die (literally) if you run snort the way it's meant to run.
It simply doesn't have by default the necessary type of memory to support the read/write stress of snort.
Now I have to stick with the device and purchase an extra SSD if I want to keep using it.
It would've been very productive for me to know prior to the purchase, that this hardware was not the right one for the job I wanted it to do.
Please change the UI to warn the users when they install snort, that they could excessively strees the internal memory, leading to malfunctions and additional costs.
Updated by Jim Pingle about 2 years ago
- Status changed from New to Rejected
There are already warnings in place in various locations about this.
For example: https://www.netgate.com/supported-pfsense-plus-packages
There are also documents about checking/monitoring the disk lifetime:
- https://docs.netgate.com/pfsense/en/latest/troubleshooting/disk-lifetime.html
- https://docs.netgate.com/pfsense/en/latest/monitoring/status/smart.html
(The exact methods vary by hardware)
Also it largely depends on the user's logging configuration and settings. Lots of packages or even the base system can generate lots of logs if the user tells them to in various ways, it's not viable to warn about every possible path for that to happen.