[Snort-users] OPENFPC Proxy merge

Kevin Ross kevross33 at ...14012...
Tue Dec 17 16:06:35 EST 2013


Hi,

I restarted the daemons on the query machine with the web interface and the
2 nodes too. I never had too much time to look into it in detail but I will
provide logs of the error. I am not sure when it actually stopped working,
last thing I did was update ELSA although I am sure it was working after
then too (even though it did various updates as part of the process. I have
tried to get PCAP from Snorby and also from openfpc web interface.

I will provide more detailed info tomorrow and will probably restart all
the machines involved to see if that makes them happy again and check
permissions and things. Also SELINUX is disabled on this machine (not on
the capture machines though) because with Snorby, ELSA and other things it
was getting a bit much to manage.

Thanks,
Kevin


On 17 December 2013 17:20, Leon Ward <lward at ...1935...> wrote:

> Yeah, that would be me - although I'm fighting to find any time to look at
> it right now.
>
> Any logs you could share off-list?
> Start up the openfpc daemon with --debug and make the request again
>
>
> On 17 December 2013 12:09, Joel Esler (jesler) <jesler at ...589...> wrote:
>
>> Forwarded to the developer.
>>
>> On Dec 17, 2013, at 11:25 AM, Kevin Ross <kevross33 at ...14012...>
>> wrote:
>>
>> > Hi,
>> >
>> > Running openfpc. Was working fine for months and months and now this
>> when I try and get a PCAP (nothing changed aside from maybe updates: unable
>> to proxy-merge
>> >
>> > Has anyone run into this (I am asking on this userlist as it was a
>> sourcefire employee made tool :)
>> >
>> > Thanks,
>> > Kevin
>> >
>> ------------------------------------------------------------------------------
>> > Rapidly troubleshoot problems before they affect your business. Most IT
>> > organizations don't have a clear picture of how application performance
>> > affects their revenue. With AppDynamics, you get 100% visibility into
>> your
>> > Java,.NET, & PHP application. Start your 15-day FREE TRIAL of
>> AppDynamics Pro!
>> >
>> http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk_______________________________________________
>> > Snort-users mailing list
>> > Snort-users at lists.sourceforge.net
>> > Go to this URL to change user options or unsubscribe:
>> > https://lists.sourceforge.net/lists/listinfo/snort-users
>> > Snort-users list archive:
>> > http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>> >
>> > Please visit http://blog.snort.org to stay current on all the latest
>> Snort news!
>>
>>
>>
>> ------------------------------------------------------------------------------
>> Rapidly troubleshoot problems before they affect your business. Most IT
>> organizations don't have a clear picture of how application performance
>> affects their revenue. With AppDynamics, you get 100% visibility into your
>> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics
>> Pro!
>>
>> http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk
>> _______________________________________________
>> Snort-users mailing list
>> Snort-users at lists.sourceforge.net
>> Go to this URL to change user options or unsubscribe:
>> https://lists.sourceforge.net/lists/listinfo/snort-users
>> Snort-users list archive:
>> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>>
>> Please visit http://blog.snort.org to stay current on all the latest
>> Snort news!
>>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20131217/9999a443/attachment.html>


More information about the Snort-users mailing list