Ipfire 167: No ruleset

When looking at the IPS management page I see that the IPS should be activ, there is a green ‘Running’.

But there is no ruleset configured. And it is not possible to configure a ruleset. And I am missing the settings area (see wiki)

If I choose one ruleset from the list, I get a blank page. Same if I choose ‘visite website’

Any hints

Hi,

are there any messages logged in /var/log/httpd/error_log when you try to add rulesets? If so, please post them here.

Thanks, and best regards,
Peter Müller

Hi Peter,

please have a look to the following lines from the log.

[Sun May 01 00:01:00.078661 2022] [mpm_event:notice] [pid 5398:tid 133951972067200] AH00489: Apache/2.4.53 (Unix) OpenSSL/1.1.1n configured -- resuming normal operations
[Sun May 01 00:01:00.078766 2022] [core:notice] [pid 5398:tid 133951972067200] AH00094: Command line: '/usr/sbin/httpd'
[Sun May 01 10:18:04.154397 2022] [cgid:error] [pid 15833:tid 133951674889792] [client 192.168.250.101:34992] AH01264: script not found or unable to stat: /srv/web/ipfire/cgi-bin/logs.cgi/17.57.163.28:443, refere
r: https://192.168.250.2:444/
Unable to write to file /var/ipfire/suricata/providers-settings at /var/ipfire/general-functions.pl line 902.

(edit): But this file exits (owner root:root) and has the rights 644.

644 is correct but the owner:group should be nobody:nobody

1 Like

That does the trick … seems that ipfire created this file with the wrong user …

Thx