Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

pfSense-pkg-snort-4.0 -- Add support for Inline IPS mode and fix miscellaneous bugs #645

Merged
merged 1 commit into from
May 30, 2019
Merged

pfSense-pkg-snort-4.0 -- Add support for Inline IPS mode and fix miscellaneous bugs #645

merged 1 commit into from
May 30, 2019

Conversation

bmeeks8
Copy link
Contributor

@bmeeks8 bmeeks8 commented May 30, 2019

pfSense-pkg-snort-4.0

This update to the Snort GUI package introduces a new Inline IPS mode of operation using the DAQ netmap module. With Inline IPS operation, rules with the ALERT action will generate alerts but will not block the associated traffic. Rules with the DROP action will generate alerts and block the associated traffic by dropping the packet and not transmitting it on to the operating system stack. Rules with the REJECT action will generate an alert, drop the packet by not forwarding it to the OS stack, and will send a RST back to the sender for TCP traffic or a "Destination port unreachable" for UDP/ICMP traffic.

This update also includes a five bug fixes.

New Features:

  1. Support for Inline IPS mode operation using the DAQ netmap module. This mode is configured on the INTERFACE SETTINGS tab for an interface in the Block Settings area. You must have a supported NIC (network interface card) to use this new feature. Currently FreeBSD 12 supports netmap operation with the following NIC drivers: em, igb, ixgb, ixl, lem, re and cxgbe.
  2. Enabled the normalize preprocessor for Inline IPS mode operation. This preprocessor does nothing when Legacy Mode blocking is used.

Bug Fixes:

  1. Host Attribute Table XML file fails load. See Redmine issue #9546.
  2. Interface IP REP tab shows "invalid foreach parameter" error message if no blacklists or whitelists are assigned to the interface.
  3. The snort_prepare_rule_files() function does not process enabled or disabled preprocessor or decoder rules when no other rule categories nor an IPS Policy are selected.
  4. Config setting CONFIG FLOWBITS_SIZE now set to maximum value (2048). See this Netgate Forums post for details.
  5. Snort sometimes fails to live reload rule updates and logs a spurious "Snort Reload: Changes to dynamic preprocessors require a restart" error message in the system log.

@netgate-git-updates netgate-git-updates merged commit 6533294 into pfsense:devel May 30, 2019
netgate-git-updates pushed a commit that referenced this pull request May 30, 2019
@rbgarga
Merge pull request #645 from bmeeks8/pfSense-pkg-snort-4.0
12e553d
@bmeeks8 bmeeks8 deleted the pfSense-pkg-snort-4.0 branch May 30, 2019 12:24
netgate-git-updates pushed a commit that referenced this pull request Jan 8, 2024
comms/klog: update to 2.3.3
d090232 
- Changed handling of locale to accept "C"

Dec 2023 - 2.3.3
- WIP: Started to reduce the possibility of SQLi with the use of prepared statements.
- Bugfix: Sat QSO edit was not showing the worked SAT (Closes #645)
- Bugfix: After editing a QSO, the restore was not working properly. (Closes #649)
- Bugfix: In Sat QSO, still not selected band may make the QSO unusable. (Closes #651)
- Bugfix: All Gridsquares are now listed when Export to ADIF is used. (Closes #514)
- Bugfix: Selecting a sat with a new band made the bandcombobox unusable. #613
- Bugfix: F1 (online manual link fixed (Closes #627) (TNX ikbenkous)
- Bugfix: 'Usage' does not properly handle arguments, print newlines or return status codes (Closes #625) (TNX ikbenkous)

- Enhancement: Improved the Frequency entry. (Closes #622) (TNX ikbenkous)
- Enhancement: Use a good discriminator in header guards (Closes #624) (TNX ikbenkous)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rbgarga rbgarga rbgarga approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@bmeeks8 @rbgarga @netgate-git-updates