SYSTEM WARNING: 'date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.' in '/usr/share/mantis/www/core.php' line 264

0000406: snort and pop3-spam filter not working - MantisBT Endian Bugtracker
Endian Issue Tracker





Please see now our new Bugtracker system: JIRA








View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0000406Endian FirewallOther Servicespublic2008-01-02 19:302008-02-02 07:28
Reporterbodo olschewski 
Assigned Tora-endian 
PrioritynormalSeveritymajorReproducibilityalways
StatusclosedResolutionfixed 
PlatformOSOS Version
Product Version2.2-beta2 
Target VersionFixed in Version2.2-beta3 
Summary0000406: snort and pop3-spam filter not working
DescriptionI installed 2.2 beta 2 two times under vmware, first with settings backup, second time complete fresh.

Snort:
All three interfaces (green/blue/orange) are red, red interface is not shown (like at 2.12). Loading snort rules works, but nothing changes;
snort seems not to run in V2.2 beta 2.

Pop3 spam-filter:
I use transparent on orange and pyzor; everything shows "green" and also restarts when I save the dialog, but no incomming mail gets marked.
TagsNo tags attached.
Attached Files

- Relationships

-  Notes
(0000716)
biganton (reporter)
2008-01-03 10:45

same here - fresh install of 2.2b2 on a machine with 4 nics (1xrtl8069 + 3x rtl8139). services view shows orange,blue,green (no red) all as not running. also no snort log produced overnight.

maybe there is something wrong with ids.cgi: it stores the checkbox settings for the interfaces but it forgets the radio button settings for sourcefire vrt rules and my impression is that the page updates too quick ...
(0000722)
ra-endian (administrator)
2008-01-07 11:48

This bug has been fixed in the next release.


changes:
File: /usr/local/bin/restartpopscan.py

from:
def insert_rule(device,address,virtual_address):
    if config_value.get('LOG_FIREWALL', '0') == '1':
        debug("Insert p3scan log rules for device %s"%device)
        run("/sbin/iptables -t nat -A P3SCAN -p tcp -i %s -m state --state NEW -j ULOG --ulog-prefix 'P3SCAN ' " % (device) )
        debug("Insert p3scan DNAT rules for device %s"%device)
        run("/sbin/iptables -t nat -A P3SCAN -j DNAT -p tcp -i %s --to-destination %s:8110 " %(device,config_value["GREEN_ADDRESS"]) )


to;
def insert_rule(device,address,virtual_address):
    if config_value.get('LOG_FIREWALL', '0') == '1':
        debug("Insert p3scan log rules for device %s"%device)
        run("/sbin/iptables -t nat -A P3SCAN -p tcp -i %s -m state --state NEW -j ULOG --ulog-prefix 'P3SCAN ' " % (device) )
    debug("Insert p3scan DNAT rules for device %s"%device)
    run("/sbin/iptables -t nat -A P3SCAN -j DNAT -p tcp -i %s --to-destination %s:8110 " %(device,config_value["GREEN_ADDRESS"]) )

- Issue History
Date Modified Username Field Change
2008-01-02 19:30 bodo olschewski New Issue
2008-01-03 10:45 biganton Note Added: 0000716
2008-01-07 11:41 ra-endian Status new => assigned
2008-01-07 11:41 ra-endian Assigned To => ra-endian
2008-01-07 11:41 ra-endian Status assigned => confirmed
2008-01-07 11:48 ra-endian Status confirmed => resolved
2008-01-07 11:48 ra-endian Fixed in Version => 2.2-beta3
2008-01-07 11:48 ra-endian Resolution open => fixed
2008-01-07 11:48 ra-endian Note Added: 0000722
2008-02-02 07:28 raphael-endian Status resolved => closed

Copyright © 2005-2008 Endian, SRL. All rights reserved.


Copyright © 2000 - 2012 MantisBT Group
Powered by Mantis Bugtracker