SYSTEM WARNING: 'date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.' in '/usr/share/mantis/www/core.php' line 264
Anonymous | Login | 2022-05-20 23:14 UTC | ![]() |
Main | My View | View Issues | Change Log | Roadmap |
View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||
ID | Project | Category | View Status | Date Submitted | Last Update | ||||
0003302 | Endian Firewall | Intrusion Prevention | public | 2010-11-16 02:12 | 2010-11-19 14:37 | ||||
Reporter | ytech | ||||||||
Assigned To | lorenzo-endian | ||||||||
Priority | normal | Severity | crash | Reproducibility | always | ||||
Status | closed | Resolution | fixed | ||||||
Platform | OS | OS Version | |||||||
Product Version | 2.4 | ||||||||
Target Version | Fixed in Version | 2.4.1 | |||||||
Summary | 0003302: Fail to initialize and update Snort | ||||||||
Description | Fail when we tried to intialize the snort after the upgrade to the 2.4.1 version. It is giving the following error: Nov 16 00:06:51 snort[19111] Warning: /etc/snort/processed.rules(30) => threshold (in rule) is deprecated; use detection_filter instead. | ||||||||
Tags | No tags attached. | ||||||||
Attached Files | |||||||||
![]() |
||||||
|
![]() |
|
(0005130) lorenzo-endian (manager) 2010-11-16 09:30 |
Hi ytech, Are you sure that the problem is not the same as this one? http://bugs.endian.com/view.php?id=3295 [^] Thanks in advance! Lo |
(0005136) ytech (reporter) 2010-11-16 13:09 |
Hi Lo, I also saw this bug code but just today gmar_87 has inserted the same comments that is the same problem that i m having. |
(0005138) lorenzo-endian (manager) 2010-11-16 14:38 |
Hi ytec, while waiting for a definitive solution, here is a workaround: http://bugs.endian.com/view.php?id=3292 [^] Thanks Lo |
(0005141) lorenzo-endian (manager) 2010-11-16 16:30 |
Hello ytech, there are new rules available on Emerging Threats, which run fine for me. Please donwload them using the "Automatically fetch SNORT rules" flag. Thanks for a feedback! Lo |
(0005143) ytech (reporter) 2010-11-16 17:43 |
Lo Thanks but the same error appears An error occured while starting SNORT! Please check the logs for further information and at the system log: Nov 16 15:41:42 snort[32486] Initializing rule chains... Nov 16 15:41:42 snort[32486] Warning: /etc/snort/processed.rules(30) => threshold (in rule) is deprecated; use detection_filter instead. Nov 16 15:41:47 snort[32486] FATAL ERROR: /etc/snort/processed.rules(6637): Couldn't resolve hostname 208.73.210.74.52 |
(0005144) pwizard (reporter) 2010-11-17 01:39 |
Hello ytech, The same problem. |
(0005151) lorenzo-endian (manager) 2010-11-17 11:09 |
Hi ytech and pwizard, are you using the Automatically fetch SNORT rules" flag? Other users who were experiencing the same problem solved it with this trick... |
(0005155) ytech (reporter) 2010-11-17 16:02 |
Hello Lo. I solve the problem doing these steps bellow : 1- Turno off the IDS at the web menu and/or and command line. 2- Download mannualy the latest rules. 3- Turn on the service trought the web painel without mark the flag to automatically fech the rules. 4- Import the rule downloaded at the step 2. 5- Reboot the firewall. 6- Mark the flag to fech automatically and click down to upgrade and restart. I could repeat these steps to have sure that the things will work. Just one extra bug. everything at the proxy, ids and firewall tabs that i change when i apply it appears for infite time for exemple "IDS Service is restarting" and other services with the related messages. I think that is only a problem at the frontend because the services, rules and others are applied. |
(0005157) ardit-endian (developer) 2010-11-18 10:34 edited on: 2010-11-18 10:34 |
FATAL ERROR: /etc/snort/processed.rules(11) => 'fast_pattern' does not take an argument (reported 2 times until now with the last snort update) |
(0005158) lorenzo-endian (manager) 2010-11-18 11:12 |
hi ardit, i have completed now the update using the "automatic fetch rules" feature and snort restarts without errors. Are you still using the tar.gz downloaded from emergingthreats? thanks a lot Lo |
(0005159) ardit-endian (developer) 2010-11-18 11:17 |
Yes , can you release the update with the correct rules for the 2.3-1 also? Regards. |
(0005163) lorenzo-endian (manager) 2010-11-19 14:37 |
Hi ytech, we released this week an update which solve this problem even for the 2.3.1. Please feel free to open another ticket if the problem arises again. Thanks a lot! Lo |
![]() |
|||
Date Modified | Username | Field | Change |
2010-11-16 02:12 | ytech | New Issue | |
2010-11-16 09:30 | lorenzo-endian | Note Added: 0005130 | |
2010-11-16 09:30 | lorenzo-endian | Assigned To | => lorenzo-endian |
2010-11-16 09:30 | lorenzo-endian | Status | new => feedback |
2010-11-16 13:09 | ytech | Note Added: 0005136 | |
2010-11-16 14:38 | lorenzo-endian | Note Added: 0005138 | |
2010-11-16 14:38 | lorenzo-endian | Relationship added | duplicate of 0003292 |
2010-11-16 16:30 | lorenzo-endian | Note Added: 0005141 | |
2010-11-16 17:43 | ytech | Note Added: 0005143 | |
2010-11-17 01:39 | pwizard | Note Added: 0005144 | |
2010-11-17 11:09 | lorenzo-endian | Note Added: 0005151 | |
2010-11-17 16:02 | ytech | Note Added: 0005155 | |
2010-11-18 10:34 | ardit-endian | Note Added: 0005157 | |
2010-11-18 10:34 | ardit-endian | Note Edited: 0005157 | |
2010-11-18 11:12 | lorenzo-endian | Note Added: 0005158 | |
2010-11-18 11:17 | ardit-endian | Note Added: 0005159 | |
2010-11-19 14:37 | lorenzo-endian | Note Added: 0005163 | |
2010-11-19 14:37 | lorenzo-endian | Status | feedback => closed |
2010-11-19 14:37 | lorenzo-endian | Resolution | open => fixed |
2010-11-19 14:37 | lorenzo-endian | Fixed in Version | => 2.4.1 |
Copyright © 2000 - 2012 MantisBT Group |