SYSTEM WARNING: 'date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.' in '/usr/share/mantis/www/core.php' line 264
| Anonymous | Login | 2022-11-27 08:43 UTC |  |
| Main | My View | View Issues | Change Log | Roadmap |
| View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||||
| ID | Project | Category | View Status | Date Submitted | Last Update | ||||||
| 0002350 | Endian Firewall | Other Scripts | public | 2009-10-31 15:44 | 2010-09-23 15:25 | ||||||
| Reporter | Renee | ||||||||||
| Assigned To | |||||||||||
| Priority | normal | Severity | minor | Reproducibility | have not tried | ||||||
| Status | acknowledged | Resolution | open | ||||||||
| Platform | OS | OS Version | |||||||||
| Product Version | 2.3 | ||||||||||
| Target Version | future | Fixed in Version | |||||||||
| Summary | 0002350: Snort rules editor can´t set custom rules to drop | ||||||||||
| Description | I can´t set the custom rules under rules Action to drop the editor ignores the changes when I write the rules set in the config file /var/efw/snort/policies by hand to drop it works and the rules editor show the changes.And if she takes over then to the processed.rules file. | ||||||||||
| Tags | No tags attached. | ||||||||||
| Attached Files | |||||||||||
 Relationships |
|
 Relationships |
|
Notes |
|
|
(0003205) Renee (reporter) 2009-11-01 14:21 |
I have found one more mistake namely if custom rules were high loaded and the heels with rules SNORT automatically download out is made the existing automatic rules are not written any more in /etc/snort/processed.rules. |
|
(0003387) peter-endian (administrator) 2009-11-25 16:08 |
cannot reproduce this. Can you please explain step by step what exactly you did and what exactly does not work correctly then thereafter? can it be that you have rules with the same sids as automatically downloaded rules and as custom rules? In this case the automatically downloaded rules will be used. If you change the setting for one of these rules it will always affect both of them. can you confirm this? |
|
(0003401) Renee (reporter) 2009-11-25 19:34 |
I used the rules from http://www.emergingthreats.net/ [^] and as custom rules the rules set from snort.org when I uploaded the Custom rules the rules have under rules action the policy alert when I would change the rules set to drop the editor ignores the change and the policy are alert again.If I look in the processed.rules the new rules are written but only alert not drop the sids are not the same then when I wrote the custom rules under /var/efw/snort/policies to drop it works the editor show it as drop but I can´t change the set back to alert this goes only under the option editor but I can´t wrote any custom rule only to drop or alert. |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2009-10-31 15:44 | Renee | New Issue | |
| 2009-11-01 14:21 | Renee | Note Added: 0003205 | |
| 2009-11-25 16:08 | peter-endian | Note Added: 0003387 | |
| 2009-11-25 16:08 | peter-endian | Status | new => feedback |
| 2009-11-25 16:08 | peter-endian | Target Version | => future |
| 2009-11-25 19:34 | Renee | Note Added: 0003401 | |
| 2010-09-23 15:25 | peter-endian | Status | feedback => acknowledged |
|
Issue History |
| Copyright © 2000 - 2012 MantisBT Group |
 |