Topics

In the ClamAV service configuration screen the word executable appears as "executeable" in two of the options:

"Scan portable executeable"
"Scan executeable and linking format"

The help files seem to be right.

Just a small error, low priority but very easy to fix...

Hi.

I have been unable to see any report in the Insight since 18.1.  Netflow is enabled (interfaces: WAN,LAN, egress:WAN, capture local, v9, dest: 127.0.0.1:2056), Netflow data and RRD data has been reset and firewall rebooted.  Data is being captured (/var/log/flowd.log is being updated) but no graphics nor detail appear when entering in Reporting->Insight.  flowd.conf is:

Code Select Expand


logfile "/var/log/flowd.log"
listen on 127.0.0.1:2056
flow source 0.0.0.0/0
store ALL


I am just in OPNsense 18.1.r2-amd64 (FreeBSD 11.1-RELEASE-p6, OpenSSL 1.0.2n 7 Dec 2017) upgraded from 18.1.r1 (no patches).

Any hints how to debug this?

Hi.  I couldn't find this issue in the forums so I am reporting here with a possible fix.  I am testing opnsense 18.1.r1 which have suricata 4.0.3.  When using the GUI to check the rules the system reports:

Code Select Expand

configd.py: [53df30fd-d29a-4b39-98f9-3dd8c2171b76] Script action failed with Command '/usr/local/opnsense/scripts/suricata/queryInstalledRules.py /limit '10' /offset '0' /filter '' /sort_by 'sid'' returned non-zero exit status 1

While debugging the issue I found that the queryInstalledRules.py imports update_params from lib.params which doesn't exist.  I patched the code to:

Code Select Expand

import ujson
from lib.rulecache import RuleCache
#from lib.params import update_params

import sys
sys.path.insert(0, "/usr/local/opnsense/site-python")
from params import update_params

which seems to work.

I couldn't find a bug reporter for the 18.1 series so I am posting here the fix so far.

Regards,

nas7