|Anonymous | Login||2017-03-26 03:36 CEST|
|Main | My View | View Issues | Change Log | Roadmap|
|View Issue Details|
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0002350||Endian Firewall||Other Scripts||public||2009-10-31 16:44||2010-09-23 17:25|
|Priority||normal||Severity||minor||Reproducibility||have not tried|
|Target Version||future||Fixed in Version|
|Summary||0002350: Snort rules editor can´t set custom rules to drop|
|Description||I can´t set the custom rules under rules Action to drop the editor ignores the changes when I write the rules set in the config file /var/efw/snort/policies by hand to drop it works and the rules editor show the changes.And if she takes over then to the processed.rules file.|
|Tags||No tags attached.|
|I have found one more mistake namely if custom rules were high loaded and the heels with rules SNORT automatically download out is made the existing automatic rules are not written any more in /etc/snort/processed.rules.|
cannot reproduce this.
Can you please explain step by step what exactly you did and what exactly does not work correctly then thereafter?
can it be that you have rules with the same sids as automatically downloaded rules and as custom rules? In this case the automatically downloaded rules will be used.
If you change the setting for one of these rules it will always affect both of them.
can you confirm this?
|I used the rules from http://www.emergingthreats.net/ [^] and as custom rules the rules set from snort.org when I uploaded the Custom rules the rules have under rules action the policy alert when I would change the rules set to drop the editor ignores the change and the policy are alert again.If I look in the processed.rules the new rules are written but only alert not drop the sids are not the same then when I wrote the custom rules under /var/efw/snort/policies to drop it works the editor show it as drop but I can´t change the set back to alert this goes only under the option editor but I can´t wrote any custom rule only to drop or alert.|
|2009-10-31 16:44||Renee||New Issue|
|2009-11-01 15:21||Renee||Note Added: 0003205|
|2009-11-25 17:08||peter-endian||Note Added: 0003387|
|2009-11-25 17:08||peter-endian||Status||new => feedback|
|2009-11-25 17:08||peter-endian||Target Version||=> future|
|2009-11-25 20:34||Renee||Note Added: 0003401|
|2010-09-23 17:25||peter-endian||Status||feedback => acknowledged|
|Copyright © 2000 - 2012 MantisBT Group|