SYSTEM WARNING: 'date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.' in '/usr/share/mantis/www/core.php' line 264

0001043: snort: freezes the machine sometimes when snort is enabled on green interface - MantisBT
MantisBT - Endian Firewall
View Issue Details
0001043Endian FirewallOther Servicespublic2008-06-30 13:422009-10-13 17:20
peter-endian 
 
normalblocksometimes
closedsuspended 
2.2-rc1 
 
0001043: snort: freezes the machine sometimes when snort is enabled on green interface
snort freezes the machine sometimes when it is enabled also on the green interface.
some sort of traffic which is causing this (?)

happens also on lukas viennae machine
heavy
child of 0001927confirmed  Reports to be checked - collecting ticket 
Issue History
2008-06-30 13:42peter-endianNew Issue
2008-07-03 17:02AnonymousNote Added: 0001408
2008-07-03 17:02AnonymousStatusnew => feedback
2008-07-24 16:05ra-endianTarget Version2.2-rc2 => 2.2-rc3
2008-07-30 15:31luca-endianNote Added: 0001487
2008-08-01 10:10peter-endianTag Attached: heavy
2008-08-27 19:50peter-endianTarget Version2.2-rc3 =>
2008-08-29 16:31peter-endianNote Added: 0001561
2009-06-09 19:52peter-endianRelationship addedchild of 0001927
2009-10-13 17:20peter-endianStatusfeedback => closed
2009-10-13 17:20peter-endianResolutionopen => suspended

Notes
(0001408)
Anonymous   
2008-07-03 17:02   
To debug this problem, iptables rules like the following one need to be added for all Endian Network ports, so the firewall is still accessible from Endian Network.

iptables -A SNORT -p tcp --dport 22 -i br0 -j RETURN

(0001487)
luca-endian   
2008-07-30 15:31   
I've noted that if you kill snort nothing pass through the interface.
It's related to inline mode because snort take packets from the ip_queue of iptable.
This could cause an efw freezing? Maybe after an unexpected exit of Snort process.
(0001561)
peter-endian   
2008-08-29 16:31   
could be this:
http://www.nabble.com/Snort:-emerging-scan.rules-FAULTY-td19215999.html [^]