When looking at the IPS management page I see that the IPS should be activ, there is a green ‘Running’.
But there is no ruleset configured. And it is not possible to configure a ruleset. And I am missing the settings area (see wiki)
If I choose one ruleset from the list, I get a blank page. Same if I choose ‘visite website’
are there any messages logged in
/var/log/httpd/error_log when you try to add rulesets? If so, please post them here.
Thanks, and best regards,
please have a look to the following lines from the log.
[Sun May 01 00:01:00.078661 2022] [mpm_event:notice] [pid 5398:tid 133951972067200] AH00489: Apache/2.4.53 (Unix) OpenSSL/1.1.1n configured -- resuming normal operations
[Sun May 01 00:01:00.078766 2022] [core:notice] [pid 5398:tid 133951972067200] AH00094: Command line: '/usr/sbin/httpd'
[Sun May 01 10:18:04.154397 2022] [cgid:error] [pid 15833:tid 133951674889792] [client 192.168.250.101:34992] AH01264: script not found or unable to stat: /srv/web/ipfire/cgi-bin/logs.cgi/220.127.116.11:443, refere
Unable to write to file /var/ipfire/suricata/providers-settings at /var/ipfire/general-functions.pl line 902.
(edit): But this file exits (owner root:root) and has the rights 644.
644 is correct but the owner:group should be nobody:nobody
That does the trick … seems that ipfire created this file with the wrong user …