SYSTEM WARNING: 'date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.' in '/usr/share/mantis/www/core.php' line 264

0000406: snort and pop3-spam filter not working - MantisBT

Endian Issue Tracker

Please see now our new Bugtracker system: JIRA

View Issue Details [ Jump to Notes ]

[ Issue History ] [ Print ]

ID

Project

Category

View Status

Date Submitted

Last Update

0000406

Endian Firewall

Other Services

public

2008-01-02 19:30

2008-02-02 07:28

Reporter

bodo olschewski

Assigned To

ra-endian

Priority

normal

Severity

major

Reproducibility

always

Status

closed

Resolution

fixed

Platform

OS

OS Version

Product Version

2.2-beta2

Target Version

Fixed in Version

2.2-beta3

Summary

0000406: snort and pop3-spam filter not working

Description

I installed 2.2 beta 2 two times under vmware, first with settings backup, second time complete fresh.

Snort:
All three interfaces (green/blue/orange) are red, red interface is not shown (like at 2.12). Loading snort rules works, but nothing changes;
snort seems not to run in V2.2 beta 2.

Pop3 spam-filter:
I use transparent on orange and pyzor; everything shows "green" and also restarts when I save the dialog, but no incomming mail gets marked.

Tags

No tags attached.

Relationships

Notes
(0000716) biganton (reporter) 2008-01-03 10:45	same here - fresh install of 2.2b2 on a machine with 4 nics (1xrtl8069 + 3x rtl8139). services view shows orange,blue,green (no red) all as not running. also no snort log produced overnight. maybe there is something wrong with ids.cgi: it stores the checkbox settings for the interfaces but it forgets the radio button settings for sourcefire vrt rules and my impression is that the page updates too quick ...

(0000722) ra-endian (administrator) 2008-01-07 11:48	This bug has been fixed in the next release. changes: File: /usr/local/bin/restartpopscan.py from: def insert_rule(device,address,virtual_address): if config_value.get('LOG_FIREWALL', '0') == '1': debug("Insert p3scan log rules for device %s"%device) run("/sbin/iptables -t nat -A P3SCAN -p tcp -i %s -m state --state NEW -j ULOG --ulog-prefix 'P3SCAN ' " % (device) ) debug("Insert p3scan DNAT rules for device %s"%device) run("/sbin/iptables -t nat -A P3SCAN -j DNAT -p tcp -i %s --to-destination %s:8110 " %(device,config_value["GREEN_ADDRESS"]) ) to; def insert_rule(device,address,virtual_address): if config_value.get('LOG_FIREWALL', '0') == '1': debug("Insert p3scan log rules for device %s"%device) run("/sbin/iptables -t nat -A P3SCAN -p tcp -i %s -m state --state NEW -j ULOG --ulog-prefix 'P3SCAN ' " % (device) ) debug("Insert p3scan DNAT rules for device %s"%device) run("/sbin/iptables -t nat -A P3SCAN -j DNAT -p tcp -i %s --to-destination %s:8110 " %(device,config_value["GREEN_ADDRESS"]) )

Issue History
Date Modified	Username	Field	Change
2008-01-02 19:30	bodo olschewski	New Issue
2008-01-03 10:45	biganton	Note Added: 0000716
2008-01-07 11:41	ra-endian	Status	new => assigned
2008-01-07 11:41	ra-endian	Assigned To	=> ra-endian
2008-01-07 11:41	ra-endian	Status	assigned => confirmed
2008-01-07 11:48	ra-endian	Status	confirmed => resolved
2008-01-07 11:48	ra-endian	Fixed in Version	=> 2.2-beta3
2008-01-07 11:48	ra-endian	Resolution	open => fixed
2008-01-07 11:48	ra-endian	Note Added: 0000722
2008-02-02 07:28	raphael-endian	Status	resolved => closed

Copyright © 2005-2008 Endian, SRL. All rights reserved.

Copyright © 2000 - 2012 MantisBT Group