https://redmine.pfsense.org/https://redmine.pfsense.org/favicon.ico?16780521162018-08-27T06:46:37ZpfSense bugtrackerpfSense Packages - Bug #8828: Keep settings checkbox under Global Settings does not behave as expectedhttps://redmine.pfsense.org/issues/8828?journal_id=380582018-08-27T06:46:37ZAnonymous
<ul><li><strong>Priority</strong> changed from <i>Normal</i> to <i>Normal-package</i></li></ul> pfSense Packages - Bug #8828: Keep settings checkbox under Global Settings does not behave as expectedhttps://redmine.pfsense.org/issues/8828?journal_id=381722018-08-30T11:17:00ZAnonymous
<ul></ul><p>I found that the code to remove the package forgot to use 'write_config()' after removing the Suricata configurations. This should now work in the next update. 94e42115f911f6aec94de44cd52b2ebd99fbee40<br />Version 4.0.13_8</p> pfSense Packages - Bug #8828: Keep settings checkbox under Global Settings does not behave as expectedhttps://redmine.pfsense.org/issues/8828?journal_id=381732018-08-30T11:17:09ZAnonymous
<ul><li><strong>Status</strong> changed from <i>New</i> to <i>Feedback</i></li></ul> pfSense Packages - Bug #8828: Keep settings checkbox under Global Settings does not behave as expectedhttps://redmine.pfsense.org/issues/8828?journal_id=381742018-08-30T11:17:25ZAnonymous
<ul><li><strong>Assignee</strong> set to <i>Anonymous</i></li></ul> pfSense Packages - Bug #8828: Keep settings checkbox under Global Settings does not behave as expectedhttps://redmine.pfsense.org/issues/8828?journal_id=381842018-08-30T17:50:04ZAnonymous
<ul></ul><p>On version 4.0.13_8, installed suricata, configured some settings, unchecked the Keep settings checkbox, uninstalled the package and received the following output:</p>
<pre>
>>> Removing pfSense-pkg-suricata...
Checking integrity... done (0 conflicting)
Deinstallation has been requested for the following 1 packages (of 0 packages in the universe):
Installed packages to be REMOVED:
pfSense-pkg-suricata-4.0.13_8
Number of packages to be removed: 1
[1/1] Deinstalling pfSense-pkg-suricata-4.0.13_8...
Removing suricata components...
Menu items... done.
Services... done.
Loading package instructions...
[1/1] Deleting files for pfSense-pkg-suricata-4.0.13_8: .........
pfSense-pkg-suricata-4.0.13_8: missing file /var/db/suricata/sidmods/disablesid-sample.conf
[1/1] Deleting files for pfSense-pkg-suricata-4.0.13_8...
pfSense-pkg-suricata-4.0.13_8: missing file /var/db/suricata/sidmods/dropsid-sample.conf
[1/1] Deleting files for pfSense-pkg-suricata-4.0.13_8...
pfSense-pkg-suricata-4.0.13_8: missing file /var/db/suricata/sidmods/enablesid-sample.conf
[1/1] Deleting files for pfSense-pkg-suricata-4.0.13_8...
pfSense-pkg-suricata-4.0.13_8: missing file /var/db/suricata/sidmods/modifysid-sample.conf
[1/1] Deleting files for pfSense-pkg-suricata-4.0.13_8... done
Removing suricata components...
Configuration... done.
pkg-static: unlinkat(var/db/suricata/sidmods): No such file or directory
pkg-static: unlinkat(var/db/suricata): No such file or directory
>>> Removing stale packages... done.
Success
</pre>
<p>Upon reinstalling the package, the output looked normal, no unusual messages and the settings in the package are not kept from the previous install.</p> pfSense Packages - Bug #8828: Keep settings checkbox under Global Settings does not behave as expectedhttps://redmine.pfsense.org/issues/8828?journal_id=381872018-08-30T21:49:01ZAnonymous
<ul></ul><p>On a fresh install of 2.4.4.a.20180830.1356, when suricata 4.0.13_8 is installed the output is :</p>
<pre>
>>> Installing pfSense-pkg-suricata...
Updating pfSense-core repository catalogue...
pfSense-core repository is up to date.
Updating pfSense repository catalogue...
pfSense repository is up to date.
All repositories are up to date.
The following 10 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
pfSense-pkg-suricata: 4.0.13_8 [pfSense]
suricata: 4.0.5 [pfSense]
libyaml: 0.1.6_2 [pfSense]
nss: 3.38 [pfSense]
nspr: 4.19 [pfSense]
libnet: 1.1.6_5,1 [pfSense]
libhtp: 0.5.27 [pfSense]
jansson: 2.11 [pfSense]
hyperscan: 4.6.0 [pfSense]
hiredis: 0.13.3 [pfSense]
Number of packages to be installed: 10
The process will require 32 MiB more space.
6 MiB to be downloaded.
[1/10] Fetching pfSense-pkg-suricata-4.0.13_8.txz: .......... done
[2/10] Fetching suricata-4.0.5.txz: .......... done
[3/10] Fetching libyaml-0.1.6_2.txz: ......... done
[4/10] Fetching nss-3.38.txz: .......... done
[5/10] Fetching nspr-4.19.txz: .......... done
[6/10] Fetching libnet-1.1.6_5,1.txz: .......... done
[7/10] Fetching libhtp-0.5.27.txz: .......... done
[8/10] Fetching jansson-2.11.txz: ..... done
[9/10] Fetching hyperscan-4.6.0.txz: .......... done
[10/10] Fetching hiredis-0.13.3.txz: .......... done
Checking integrity... done (0 conflicting)
[1/10] Installing nspr-4.19...
[1/10] Extracting nspr-4.19: .......... done
[2/10] Installing libyaml-0.1.6_2...
[2/10] Extracting libyaml-0.1.6_2: ......... done
[3/10] Installing nss-3.38...
[3/10] Extracting nss-3.38: .......... done
[4/10] Installing libnet-1.1.6_5,1...
[4/10] Extracting libnet-1.1.6_5,1: .......... done
[5/10] Installing libhtp-0.5.27...
[5/10] Extracting libhtp-0.5.27: .......... done
[6/10] Installing jansson-2.11...
[6/10] Extracting jansson-2.11: .......... done
[7/10] Installing hyperscan-4.6.0...
[7/10] Extracting hyperscan-4.6.0: .......... done
[8/10] Installing hiredis-0.13.3...
[8/10] Extracting hiredis-0.13.3: .......... done
[9/10] Installing suricata-4.0.5...
[9/10] Extracting suricata-4.0.5: .......... done
[10/10] Installing pfSense-pkg-suricata-4.0.13_8...
[10/10] Extracting pfSense-pkg-suricata-4.0.13_8: .......... done
Saving updated package information...
done.
Loading package configuration... done.
Configuring package components...
Loading package instructions...
Custom commands...
Executing custom_php_install_command()...
Setting up initial configuration.
Setting package version in configuration file.
done.
Executing custom_php_resync_config_command()...done.
Menu items... done.
Services... done.
Writing configuration... done.
Message from suricata-4.0.5:
===========================================================================
If you want to run Suricata in IDS mode, add to /etc/rc.conf:
suricata_enable="YES"
suricata_interface="<if>"
NOTE: Declaring suricata_interface is MANDATORY for Suricata in IDS Mode.
However, if you want to run Suricata in Inline IPS Mode in divert(4) mode,
add to /etc/rc.conf:
suricata_enable="YES"
suricata_divertport="8000"
NOTE:
Suricata won't start in IDS mode without an interface configured.
Therefore if you omit suricata_interface from rc.conf, FreeBSD's
rc.d/suricata will automatically try to start Suricata in IPS Mode
(on divert port 8000, by default).
Alternatively, if you want to run Suricata in Inline IPS Mode in high-speed
netmap(4) mode, add to /etc/rc.conf:
suricata_enable="YES"
suricata_netmap="YES"
NOTE:
Suricata requires additional interface settings in the configuration
file to run in netmap(4) mode.
RULES: Suricata IDS/IPS Engine comes without rules by default. You should
add rules by yourself and set an updating strategy. To do so, please visit:
http://www.openinfosecfoundation.org/documentation/rules.html
http://www.openinfosecfoundation.org/documentation/emerging-threats.html
You may want to try BPF in zerocopy mode to test performance improvements:
sysctl -w net.bpf.zerocopy_enable=1
Don't forget to add net.bpf.zerocopy_enable=1 to /etc/sysctl.conf
===========================================================================
>>> Cleaning up cache... done.
Success
</pre>
<p>Looks good.</p> pfSense Packages - Bug #8828: Keep settings checkbox under Global Settings does not behave as expectedhttps://redmine.pfsense.org/issues/8828?journal_id=381882018-08-30T21:49:14ZAnonymous
<ul><li><strong>Status</strong> changed from <i>Feedback</i> to <i>Resolved</i></li></ul>