Hello,
IPFire 2.25 (i586) - Core Update 154
I’m using IPfire at a low bandwith connection and I’m runnning into a timeout when downloading the Talos ruleset subscription.
Manually downloading with wget https://www.snort.org/rules/snortrules-snapshot-29161.tar.gz?oinkcode=… works well
However when I start the download via the IPfire GUI it always stops after 300 secs, leaving a *.var.gz trash in /var/tmp and the IPfire GUI page doesn’t reloads.When refreshing, no rules are available.
/var/ipfire/ids-functions.pl: editing “$downloader->timeout(10)” has no effect
Couldn’t find any other timeout parameter in the config files
Any idea?
Hi @guenterratz
Welcome to the IPFire Community.
I also can’t find any other timeout in the IPFire code. The timeout(10) setting means that the LWP::UserAgent has had no response on the connection for that time.
The only other things I can think of is that your ISP connection is timing out because it thinks the LWP::UserAgent process is not doing anything compared to when you run a wget process, or the Talos website is timing out with the LWP::UserAgent process compared to the wget one.
There is a call to the HTTP::Request function which then does the GET of the url. This functions seems to have a Keep-Alive element in its connection but I have not been able to find out what the default is
When you do the successful wget download how long does that take with your connection?
Hello Adolf,
I need roughly 10 mins for the download with wget from IPfire
Hi Guenter,
That is quite a long time isn’t it.
Try looking at what the log file says if you grep it for suricata. The system will have been logging until it got stopped so after refreshing you should be able to grep the log and see if there is any clue in the messages just before it stopped. As the WUI seems to stop as well you could also look at what the httpd error log shows (/var/log/httpd/error_log)