Bug #15035
closedSystem GUI unaccessable
0%
Description
/head.inc, Line: 535, Message: Uncaught TypeError: count): Argument #1 (Svalue) must be of type Countable|array, bool given in /usr/local/www/head.inc:535 Stack trace: #0 /usr/local/www/index.php(309): include() #1 {main} thrown
My system has be depreciated
Files
Updated by Jonathan Lee about 1 year ago
I noticed this after some snort changes when this GUI access was removed
Changes marked unknown...
Updated by Jonathan Lee about 1 year ago
Errors that are listed in logs
Updated by Jim Pingle about 1 year ago
- Status changed from New to Rejected
- Priority changed from High to Normal
There is no code like that on line 535 in a current version of head.inc. On 23.05.1 it would imply that the content of the notices variable isn't an array somehow, but we can't accept problem reports from past releases, only current versions.
Unless you or someone else can replicate that bug on 23.09 or 24.03 snapshots somehow then we can only assume it's already been fixed. If it can be replicated we need to know the exact steps taken to replicate the issue.
Updated by Jonathan Lee about 1 year ago
Steps to reproduce.
1. Use boot environments I went to test out 23.09 again with the latest Snort update. I started that environment and installed my latest config file. Once packages installed and Snort activated I lost access to the GUI menu. I rebooted and disabled Snort blocking and it worked.
2. Go back to the stable version 23.05.01 the version where snort works with the old .12 snort without core dumps.
3. Attempted to change a rule from wifi interface pcie card to block guest WiFi to secure side interference from address to subnet.
4. Safe and go back to snort check blocks restarted snort on WAN.
5. Log out
6. I logged in and lost GUI it would not log in anymore for 23.05.01.
7. Restore old config fix ACL rule and GUI restored for stable version 23.05.01 with Snort .12
Updated by Jonathan Lee about 1 year ago
23.09 is not stable for Snort it just doesn't work with it on ARM.
Updated by Jonathan Lee about 1 year ago
- File Screenshot 2023-11-27 at 8.23.33 AM.png Screenshot 2023-11-27 at 8.23.33 AM.png added
- File Screenshot 2023-11-27 at 8.23.52 AM.png Screenshot 2023-11-27 at 8.23.52 AM.png added
- File Screenshot 2023-11-27 at 8.23.59 AM.png Screenshot 2023-11-27 at 8.23.59 AM.png added
- File Screenshot 2023-11-27 at 8.24.08 AM.png Screenshot 2023-11-27 at 8.24.08 AM.png added
- File Screenshot 2023-11-27 at 8.24.29 AM.png Screenshot 2023-11-27 at 8.24.29 AM.png added
- File Screenshot 2023-11-27 at 8.25.07 AM.png Screenshot 2023-11-27 at 8.25.07 AM.png added
- File custom.rtf custom.rtf added
- File Screenshot 2023-11-27 at 8.31.51 AM.png Screenshot 2023-11-27 at 8.31.51 AM.png added
- File Screenshot 2023-11-27 at 8.32.58 AM.png Screenshot 2023-11-27 at 8.32.58 AM.png added
- File Screenshot 2023-11-27 at 8.33.33 AM.png Screenshot 2023-11-27 at 8.33.33 AM.png added
Attached is information on how my system works in 23.05.01. This is stable and runs for days without issues even with users on the Guest WiFi
Updated by Jonathan Lee about 1 year ago
- File Screenshot 2023-11-27 at 8.34.11 AM.png Screenshot 2023-11-27 at 8.34.11 AM.png added
- File Screenshot 2023-11-27 at 8.35.17 AM.png Screenshot 2023-11-27 at 8.35.17 AM.png added
- File Screenshot 2023-11-27 at 8.36.06 AM.png Screenshot 2023-11-27 at 8.36.06 AM.png added
- File Screenshot 2023-11-27 at 8.36.39 AM.png Screenshot 2023-11-27 at 8.36.39 AM.png added
- File Screenshot 2023-11-27 at 8.36.45 AM.png Screenshot 2023-11-27 at 8.36.45 AM.png added
- File Screenshot 2023-11-27 at 8.38.11 AM.png Screenshot 2023-11-27 at 8.38.11 AM.png added
- File Screenshot 2023-11-27 at 8.39.04 AM.png Screenshot 2023-11-27 at 8.39.04 AM.png added
- File custom.rtf custom.rtf added
- File Screenshot 2023-11-27 at 8.40.10 AM.png Screenshot 2023-11-27 at 8.40.10 AM.png added
- File Screenshot 2023-11-27 at 8.41.02 AM.png Screenshot 2023-11-27 at 8.41.02 AM.png added
Updated by Jonathan Lee about 1 year ago
- File Screenshot 2023-11-27 at 8.41.10 AM.png Screenshot 2023-11-27 at 8.41.10 AM.png added
- File Screenshot 2023-11-27 at 8.42.18 AM.png Screenshot 2023-11-27 at 8.42.18 AM.png added
- File Screenshot 2023-11-27 at 8.43.28 AM.png Screenshot 2023-11-27 at 8.43.28 AM.png added
- File led.rtf led.rtf added
- File Screenshot 2023-11-27 at 8.45.00 AM.png Screenshot 2023-11-27 at 8.45.00 AM.png added
- File Screenshot 2023-11-27 at 8.45.42 AM.png Screenshot 2023-11-27 at 8.45.42 AM.png added
- File Screenshot 2023-11-27 at 8.46.19 AM.png Screenshot 2023-11-27 at 8.46.19 AM.png added
- File Screenshot 2023-11-27 at 8.47.09 AM.png Screenshot 2023-11-27 at 8.47.09 AM.png added
Updated by Jonathan Lee about 1 year ago
- File Screenshot 2023-11-27 at 8.48.12 AM.png Screenshot 2023-11-27 at 8.48.12 AM.png added
- File Screenshot 2023-11-27 at 8.48.44 AM.png Screenshot 2023-11-27 at 8.48.44 AM.png added
- File Screenshot 2023-11-27 at 8.49.26 AM.png Screenshot 2023-11-27 at 8.49.26 AM.png added
backups/patched custom
Updated by Jonathan Lee about 1 year ago
took from 2019 until 23.05.01 for this to be stable
23.09 on arm processor is not stable with Snort active .14 version
Updated by Jim Pingle about 1 year ago
None of that is relevant if you cannot reproduce the PHP error while you are on a stock/unmodified 23.09. If you only see the PHP error on 23.05.1 then it's probably already been fixed.
Updated by Jonathan Lee about 1 year ago
Squid uses both splice for some and intercept for others
Updated by Jonathan Lee about 1 year ago
Updated by Jonathan Lee about 1 year ago
- File Screenshot 2023-11-27 at 8.55.00 AM.png Screenshot 2023-11-27 at 8.55.00 AM.png added
- File Screenshot 2023-11-27 at 8.54.54 AM.png Screenshot 2023-11-27 at 8.54.54 AM.png added
- File Screenshot 2023-11-27 at 8.56.09 AM.png Screenshot 2023-11-27 at 8.56.09 AM.png added
- File Screenshot 2023-11-27 at 8.57.15 AM.png Screenshot 2023-11-27 at 8.57.15 AM.png added
- File Screenshot 2023-11-27 at 8.58.44 AM.png Screenshot 2023-11-27 at 8.58.44 AM.png added
Updated by Jonathan Lee about 1 year ago
- File Screenshot 2023-11-27 at 8.59.38 AM.png Screenshot 2023-11-27 at 8.59.38 AM.png added
- File Screenshot 2023-11-27 at 9.00.42 AM.png Screenshot 2023-11-27 at 9.00.42 AM.png added
- File Screenshot 2023-11-27 at 9.00.15 AM.png Screenshot 2023-11-27 at 9.00.15 AM.png added
- File Screenshot 2023-11-27 at 9.01.54 AM.png Screenshot 2023-11-27 at 9.01.54 AM.png added
ACLs
Updated by Jonathan Lee about 1 year ago
- File Screenshot 2023-11-27 at 9.03.08 AM.png Screenshot 2023-11-27 at 9.03.08 AM.png added
- File Screenshot 2023-11-27 at 9.04.52 AM.png Screenshot 2023-11-27 at 9.04.52 AM.png added
- File Screenshot 2023-11-27 at 9.07.02 AM.png Screenshot 2023-11-27 at 9.07.02 AM.png added
Packages running
23.05.01 final ARM SG2100 stable version time to stable config 2019->2023
I hope that provides background if ever needed. Snort also uses paid subscription rule set non-free
Updated by Jonathan Lee about 1 year ago
- File Screenshot 2023-11-27 at 9.10.05 AM.png Screenshot 2023-11-27 at 9.10.05 AM.png added
- File Screenshot 2023-11-27 at 9.10.58 AM.png Screenshot 2023-11-27 at 9.10.58 AM.png added
23.09 is not stable when Snort is used with blocking enabled it will depreciate a firewall to no gui access with blocking kill states enabled.
Updated by Jonathan Lee about 1 year ago
Thank you open source community for all you do.
Updated by Marcos M about 1 year ago
wrt snort, the issue with killing states is resolved; see https://forum.netgate.com/topic/184112/important-snort-and-suricata-package-announcement-probable-bug-in-legacy-blocking-module
Updated by Jonathan Lee about 1 year ago
I had to uninstall Snort to access the web GUI. It does not work for my configuration you see above at all. I am stuck with 23.05.01 that's ok that is the most stable version I have ever had on the SG2100. I think that is where my system will die at. I can not get past the SNORT issues, they are so bad it blocks me from even accessing the GUI. I accessed it with console I was able to remove SNORT package and it has GUI access again. However many devices will no longer connect to the firewall with the 23.09 version. Thanks for looking into this I suspect this is an ARM processor issue for SNORT. I can no longer move past 23.05.01 that is it for me. I posted this to showcase how good it was and how the new version no longer is functional at all.
Updated by Jonathan Lee about 1 year ago
NogBadTheBad
also stated issues with the ".14 fix" Snort update however the thread was locked right after he reported it. I also state it is not fixed
Updated by Jonathan Lee about 1 year ago
23.05.01 with squid was the everything bagel of open source community firewall software... 🥯