Messages

1

18.1 Legacy Series / [Bug Report] ***** Small typo in ClamAV service page

« on: February 08, 2018, 01:03:44 am »

In the ClamAV service configuration screen the word executable appears as "executeable" in two of the options:

"Scan portable executeable"
"Scan executeable and linking format"

The help files seem to be right.

Just a small error, low priority but very easy to fix...

2

18.1 Legacy Series / Re: Aliases dosen't work(?)

« on: January 16, 2018, 11:19:24 pm »

Hi.

By the way, I had this bug in 18.1.r1 but now it seems to be working.  I had to create the /var/db/aliastable directory manually and perform the alias refresh after each reboot.  Now with 18.1.r2 it seems to be working with my current configuration.  I will test it a bit more and let you know if the issue appears again.

3

18.1 Legacy Series / Re: [18.1.r2] ***** is Insight working?

« on: January 16, 2018, 04:19:52 pm »

No I didn't.  Rebooted and now I confirm it working.  Fixed.  Thank you.

4

18.1 Legacy Series / Re: [18.1.r2] ***** is Insight working?

« on: January 16, 2018, 03:34:38 pm »

Hello.

I installed the flowd 0.9.1_3 but this didn't fix the error.  The previous version of flowd seemed to work too.  I checked with flowd-reader /var/log/flowd.log and I can confirm data is being captured, but the Insight views don't seem to get the data from the captures.

Just to let you know that the problem persists.

5

18.1 Legacy Series / [18.1.r2] ***** is Insight working?

« on: January 16, 2018, 12:09:50 am »

Hi.

I have been unable to see any report in the Insight since 18.1.  Netflow is enabled (interfaces: WAN,LAN, egress:WAN, capture local, v9, dest: 127.0.0.1:2056), Netflow data and RRD data has been reset and firewall rebooted.  Data is being captured (/var/log/flowd.log is being updated) but no graphics nor detail appear when entering in Reporting->Insight.  flowd.conf is:

Code: [Select]

logfile "/var/log/flowd.log"
listen on 127.0.0.1:2056
flow source 0.0.0.0/0
store ALL

I am just in OPNsense 18.1.r2-amd64 (FreeBSD 11.1-RELEASE-p6, OpenSSL 1.0.2n 7 Dec 2017) upgraded from 18.1.r1 (no patches).

Any hints how to debug this?

6

Intrusion Detection and Prevention / [opnsense 18.1.r1 & suricata 4.0.3] issues with listAlertLogs.py

« on: January 13, 2018, 03:18:05 am »

Just found similar error with listAlertLogs.py.  Patched code as:

Code: [Select]

import datetime
from lib import suricata_alert_log
#from lib.log import reverse_log_reader

import sys
sys.path.insert(0, "/usr/local/opnsense/site-python")
from log_helper import reverse_log_reader
Seems to work now also.

7

Intrusion Detection and Prevention / [opnsense 18.1.r1 & suricata 4.0.3] issues with queryInstalledRules.py

« on: January 13, 2018, 02:58:48 am »

Hi.  I couldn't find this issue in the forums so I am reporting here with a possible fix.  I am testing opnsense 18.1.r1 which have suricata 4.0.3.  When using the GUI to check the rules the system reports:

Code: [Select]

configd.py: [53df30fd-d29a-4b39-98f9-3dd8c2171b76] Script action failed with Command '/usr/local/opnsense/scripts/suricata/queryInstalledRules.py /limit '10' /offset '0' /filter '' /sort_by 'sid'' returned non-zero exit status 1
While debugging the issue I found that the queryInstalledRules.py imports update_params from lib.params which doesn't exist.  I patched the code to:

Code: [Select]

import ujson
from lib.rulecache import RuleCache
#from lib.params import update_params

import sys
sys.path.insert(0, "/usr/local/opnsense/site-python")
from params import update_params
which seems to work.

I couldn't find a bug reporter for the 18.1 series so I am posting here the fix so far.

Regards,

nas7