Le 22 févr. 2013 à 21:00, [email protected] a écrit : > > Le 22 févr. 2013 à 20:49, "[email protected]" <[email protected]> a écrit : > >> >> Le 22 févr. 2013 à 20:46, [email protected] a écrit : >> >>> >>> Le 22 févr. 2013 à 17:43, David Burgess <[email protected]> a écrit : >>> >>>> On Fri, Feb 22, 2013 at 9:22 AM, [email protected] <[email protected]> wrote: >>>>> Hi, >>>>> >>>>> I was wondering if It is normal that snort takes ages to reload after >>>>> each modification we are doing ? >>>>> It takes an average of 1 to 5 minutes to reload and give back the control >>>>> through the GUI. >>>> >>>> Which version of pfsense and snort are you using? >>>> >>>> db >>>> >>> >>> >>> I am using 2.0.2 with the latest port (stable). >> >> To be very precise : Snort 2.9.2.3 pkg v.2.5.4 >> >>> >>> It is running on an Intel based device (Hamakua like) with 2Gb of RAM and >>> an Atom D410 1.6GHz - should be more than enough considering the fact that >>> we are only 25 persons behind this FW. >>> >>> ? >> > > I have these error reported in the log : > > > Feb 22 20:53:36 php: /snort/snort_interfaces.php: Interface Rule START > for Free_Snort(em2)... > Feb 22 20:53:36 snort[35374]: FATAL ERROR: > /usr/local/etc/snort/snort_44792_em2/rules/snort.rules(7314) Unknown rule > option: 'dce_iface'. > Feb 22 20:53:36 snort[35374]: FATAL ERROR: > /usr/local/etc/snort/snort_44792_em2/rules/snort.rules(7314) Unknown rule > option: 'dce_iface'. > > > What is dcd_iface ? > Where is it coming from ?
Ok sorry, a little search proved that this is due to pre-processor settings that must be enabled in order for certain rules to work properly. So I enabled some pre-processor rules and It is now working ok (though the speed of rule processing and startup is quite slow). ________________________________________________ «?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§ ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ BSD - BSD - BSD - BSD - BSD - BSD - BSD - BSD - ________________________________________________ «?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§ ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ PGP ID --> 0x1BA3C2FD _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
