The Intrusion-Prevention daemon stoped working and i am not able to restart it with the gui.
I am getting a error message "cannot access ‘/var/run/suricata.pid’ ".
There is no such file. I did not change or updated the firewall. Suricata was running, but now it stoped working.
Sorry for my bad english,
in der Datei /var/ipfire/suricata/suricata-dns-servers.yaml
habe ich den Eintrag ::
#Autogenerated file. Any custom changes will be overwritten!
DNS_SERVERS: “[194.150.168.168194.150.168.168]”
ich meine hier müssten die beiden DNS-Server Adressen mit einem Komma getrennt sein.
Those two DNS server have to be separated by a comma?
// there is no untouched example configuration - suricata-example.yaml
// i am using IPFire-Version: IPFire 2.23 (x86_64) - core139
=> for me it works now, i edited my suricata.yaml file
vars:
address-groups:
# Include HOME_NET declaration from external file.
# include: /var/ipfire/suricata/suricata-homenet.yaml
HOME_NET: "[192.168.178.46/32, 192.168.77.0/24, 192.168.18.0/24]"
# Include DNS_SERVERS declaration from external file.
# include: /var/ipfire/suricata/suricata-dns-servers.yaml
DNS_SERVERS: "[194.150.168.168, 194.150.168.168]"
EXTERNAL_NET: "any"
The ipfire generator file for suricata-homenet.yaml and suricata-dns-servers.yaml must be faulty.
Is there a topic for this in Bugzilla?
Hatte das selbe problem wurde hier gelöst
No, the issue already is fixed, which will be included in the core 140/141 doubble-release.
Best regards,
-Stefan