berny
(First Name Last Name)
1
When looking at the IPS management page I see that the IPS should be activ, there is a green ‘Running’.
But there is no ruleset configured. And it is not possible to configure a ruleset. And I am missing the settings area (see wiki)
If I choose one ruleset from the list, I get a blank page. Same if I choose ‘visite website’
Any hints
pmueller
(Peter Müller)
2
Hi,
are there any messages logged in /var/log/httpd/error_log
when you try to add rulesets? If so, please post them here.
Thanks, and best regards,
Peter Müller
berny
(First Name Last Name)
3
Hi Peter,
please have a look to the following lines from the log.
[Sun May 01 00:01:00.078661 2022] [mpm_event:notice] [pid 5398:tid 133951972067200] AH00489: Apache/2.4.53 (Unix) OpenSSL/1.1.1n configured -- resuming normal operations
[Sun May 01 00:01:00.078766 2022] [core:notice] [pid 5398:tid 133951972067200] AH00094: Command line: '/usr/sbin/httpd'
[Sun May 01 10:18:04.154397 2022] [cgid:error] [pid 15833:tid 133951674889792] [client 192.168.250.101:34992] AH01264: script not found or unable to stat: /srv/web/ipfire/cgi-bin/logs.cgi/17.57.163.28:443, refere
r: https://192.168.250.2:444/
Unable to write to file /var/ipfire/suricata/providers-settings at /var/ipfire/general-functions.pl line 902.
(edit): But this file exits (owner root:root) and has the rights 644.
644 is correct but the owner:group should be nobody:nobody
1 Like
berny
(First Name Last Name)
5
That does the trick … seems that ipfire created this file with the wrong user …
Thx