Bug #3850: Snort "add a new interface based on this" creates a bad configuration - pfSense Packages - pfSense bugtracker

Actions

Copy link

Bug #3850

closed

Snort "add a new interface based on this" creates a bad configuration

Added by Braden Del More over 11 years ago. Updated almost 11 years ago.

Status:

Resolved

Priority:

Low

Assignee:

Category:

Snort

Target version:

Start date:

09/06/2014

Due date:

% Done:

Estimated time:

Plus Target Version:

Affected Version:

2.1.x

Affected Plus Version:

Affected Architecture:

amd64

Description

pfSense 2.1.5-RELEASE (amd64)
Snort 2.9.6.2 pkg v3.1.2

Using the "add a new interface based on this one" button causes the new interface to inherit the same -R argument to the snort command. This results in bad behaviour when shutting down/starting up.

For example, when starting cold, the first interface starts fine, but the next (created based on the first) is issued a soft restart for process that doesn't exist.

SnortStartup⁶⁴¹²⁰: Snort STOP WAN
SnortStartup⁶¹³⁵: Snort SOFT RESTART for WAN2...

The workaround is to destroy the cloned interface and manually re-create it, and then everything is fine.

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense » pfSense Packages

Custom queries

Bug #3850

Snort "add a new interface based on this" creates a bad configuration

Updated by Braden Del More over 11 years ago

Updated by Bill Meeks over 11 years ago

Updated by Chris Buechler about 11 years ago

Updated by Renato Botelho almost 11 years ago