Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
61 posts
|
Ask @Roadrunnere42. The links are his and I have nothing to do with Github, I'm just another user on this forum posting what worked for me. I don't provide any warranty for anything I contribute. |
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
344 posts
|
Hi, @harpss1ngh thanks need help with your how to direction
http://itus.accessinnov.com/Guide-How-to-fix-resurrect-a-bricked-Shield-and-update-to-1-51SP1-w-hotfixes-amp-fw-upgrade-td931.html#a964 |
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
61 posts
|
I have updated my guide to incorporate @Gnomad's changes from Github.
Thanks @Gnomad |
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
344 posts
|
In reply to this post by Roadrunnere42
Hi, Roadrunnere42 I'm Seeing few errors in my system logs with snorts here the errors
Sun May 29 16:21:50 2016 daemon.notice snort[8347]: S5: Session exceeded configured max bytes to queue 1048576 using 1049358 bytes (server queue). 104.220.134.67 55106 --> 74.125.34.46 80 (0) : LWstate 0x9 LWFlags 0x6007 Sun May 29 17:17:26 2016 daemon.notice snort[8347]: S5: Pruned session from cache that was using 1107581 bytes (stale/timeout). 104.220.134.67 55106 --> 74.125.34.46 80 (0) : LWstate 0x9 LWFlags 0xe007 Sun May 29 17:24:03 2016 daemon.notice snort[8347]: S5: Session exceeded configured max bytes to queue 1048576 using 1049453 bytes (server queue). 104.220.134.67 57860 --> 74.125.34.46 80 (0) : LWstate 0x9 LWFlags 0x6007 Sun May 29 18:24:03 2016 daemon.notice snort[8347]: S5: Pruned session from cache that was using 1107913 bytes (stale/timeout). 104.220.134.67 57860 --> 74.125.34.46 80 (0) : LWstate 0x9 LWFlags 0xe007 Thanks |
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
262 posts
|
Hi breda
user8446 is the best person of this a he has done some work on optimizing snort and put some suggestion on the forum roadrunnere42 |
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
152 posts
|
This post was updated on May 31, 2016; 12:49am.
In reply to this post by Gnomad
.do_date is set by fw_upgrade when the update is run (see the line with 'date > /.do_date'. .version was intended to keep track of the version of fw_upgrade. So the correct line should have been luci.sys.exec("cat /.do_date | cut -c5-10") luci.sys.exec("cat /.version")however this usage of .version has been outdated on github already.
No more: Shield Pro v1, Chaos Calmer, FW 1.51 SP1
|
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
344 posts
|
In reply to this post by Roadrunnere42
Thanks Roadrunnere42 @user8446 when you have some time can you tell me if there is any setting I have to change for the snort
Take care |
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
Administrator
288 posts
|
Breda,
Here's the latest snort config for bridge mode which increases the memcaps for those errors. It's at /etc/snort/snort_bridge.conf or in the GUI at Services>Intrusion Prevention>Snort Config snort_bridge.conf
Running the latest OpenWrt stable release
|
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
344 posts
|
Hi user8446 thanks do I just overwrite the file with the one us posted?
|
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
61 posts
|
Yes.
|
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
94 posts
|
In reply to this post by hans2
Yes, understood all that, cheers :)
- gnomad (a.k.a. Dave on github)
OpenWrt SNAPSHOT, r10391-3d8d528939
|
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
344 posts
|
In reply to this post by user8446
Hi user8446 thanks just updated the file i did see this errors
Thu Jun 2 13:04:16 2016 daemon.crit dnsmasq[4364]: illegal repeated keyword at line 13 of /var/etc/dnsmasq.conf Thu Jun 2 13:04:16 2016 daemon.crit dnsmasq[4364]: FAILED to start up Thu Jun 2 13:04:16 2016 daemon.emerg procd: sed: /mnt/ramdisk/malicious: No such file or directory Thu Jun 2 13:04:16 2016 daemon.emerg procd: sed: /mnt/ramdisk/ads: No such file or directory Thu Jun 2 13:04:16 2016 daemon.emerg procd: sed: /mnt/ramdisk/illegal: No such file or directory Thu Jun 2 13:04:16 2016 daemon.emerg procd: Updated redirect ip address: 192.168.1.112: update_blacklist Thu Jun 2 13:04:16 2016 user.notice Updated redirect ip address: 192.168.1.112: update_blacklist Thu Jun 2 13:04:16 2016 daemon.emerg procd: copying new sorted rules....this may take a minute. Thu Jun 2 13:04:18 2016 daemon.crit dnsmasq[4474]: illegal repeated keyword at line 13 of /var/etc/dnsmasq.conf Thu Jun 2 13:04:18 2016 daemon.crit dnsmasq[4474]: FAILED to start up Thu Jun 2 13:04:20 2016 daemon.notice netifd: Interface 'blockdomain' is now down Thu Jun 2 13:04:20 2016 daemon.notice netifd: Interface 'blockdomain' is setting up now Thu Jun 2 13:04:20 2016 daemon.notice netifd: Interface 'blockdomain' is now up Thu Jun 2 13:04:21 2016 user.notice Updated redirect ip address: 192.168.1.112: update_blacklist Thu Jun 2 13:04:22 2016 user.notice Updated redirect ip address: 192.168.1.112: update_blacklist Thu Jun 2 13:04:22 2016 daemon.crit dnsmasq[4811]: illegal repeated keyword at line 13 of /var/etc/dnsmasq.conf Thu Jun 2 13:04:22 2016 daemon.crit dnsmasq[4811]: FAILED to start up hu Jun 2 13:04:23 2016 user.notice update_webfilter: updated dnsmasq blacklist Thu Jun 2 13:04:23 2016 user.notice update_webfilter: updated network.interface.blockdomain: 192.168.1.112 Thu Jun 2 13:04:23 2016 user.notice update_webfilter: updated firewall.@redirect[0].Itusfilter: 192.168.1.112 Thu Jun 2 13:04:23 2016 user.notice update_webfilter: updated firewall.@redirect[1]dns-traffic-to-shield: 192.168.1.112 Thu Jun 2 13:04:23 2016 user.notice update_webfilter: updated uhttpd.Itusfilter Thu Jun 2 13:04:23 2016 daemon.crit dnsmasq[4861]: illegal repeated keyword at line 13 of /var/etc/dnsmasq.conf Thu Jun 2 13:04:23 2016 daemon.crit dnsmasq[4861]: FAILED to start up Thu Jun 2 13:04:29 2016 daemon.crit dnsmasq[4870]: illegal repeated keyword at line 13 of /var/etc/dnsmasq.conf Thu Jun 2 13:04:29 2016 daemon.crit dnsmasq[4870]: FAILED to start up Thu Jun 2 13:04:34 2016 daemon.crit dnsmasq[4881]: illegal repeated keyword at line 13 of /var/etc/dnsmasq.conf Thu Jun 2 13:04:34 2016 daemon.crit dnsmasq[4881]: FAILED to start up Thu Jun 2 13:04:42 2016 kern.notice kernel: [ 106.063908] eth2: 1000 Mbps Full duplex, port 2 Thu Jun 2 13:04:42 2016 kern.info kernel: [ 106.063945] IPv6: ADDRCONF(NETDEV_CHANGE): eth2: link becomes ready Thu Jun 2 13:04:42 2016 user.notice firewall: Reloading firewall due to ifup of wan6 (eth2) Thu Jun 2 13:04:42 2016 daemon.notice snort[5105]: WARNING: /etc/snort/rules/snort.rules(1120) threshold (in rule) is deprecated; use detection_filter instead. Thu Jun 2 13:04:42 2016 user.notice Updated redirect ip address: 192.168.1.112: update_blacklist Thu Jun 2 13:04:44 2016 daemon.crit dnsmasq[5209]: illegal repeated keyword at line 13 of /var/etc/dnsmasq.conf Thu Jun 2 13:04:44 2016 daemon.crit dnsmasq[5209]: FAILED to start up Thu Jun 2 13:04:47 2016 daemon.notice snort[5105]: 4780 Snort rules read Thu Jun 2 13:04:47 2016 daemon.notice snort[5105]: 4780 detection rules Thu Jun 2 13:04:47 2016 daemon.notice snort[5105]: 0 decoder rules Thu Jun 2 13:04:47 2016 daemon.notice snort[5105]: 0 preprocessor rules Thu Jun 2 13:04:47 2016 daemon.notice snort[5105]: 4780 Option Chains linked into 953 Chain Headers Thu Jun 2 13:04:47 2016 daemon.notice snort[5105]: 0 Dynamic rules |
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
344 posts
|
In reply to this post by user8446
I also noticed that the total available and free went up 10% after I updated the file they are normally 37% on my shield and they our now 47% and 48%
|
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
152 posts
|
This post was updated on Jun 02, 2016; 9:04pm.
Thu Jun 2 13:04:16 2016 daemon.crit dnsmasq[4364]: illegal repeated keyword at line 13 of /var/etc/dnsmasq.conf Hi Breda, it looks like the DHCP cannot start. Can you shows us what is in /var/etc/dnsmasq.conf and /etc/config/dhcp ?
No more: Shield Pro v1, Chaos Calmer, FW 1.51 SP1
|
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
344 posts
|
Hi, Hans here the files
Thanks for the help # auto-generated config file from /etc/config/dhcp conf-file=/etc/dnsmasq.conf dhcp-authoritative domain-needed log-queries localise-queries read-ethers bogus-priv expand-hosts local-service domain=lan server=/lan/ dhcp-leasefile=/tmp/dhcp.leases resolv-file=/tmp/resolv.conf.auto addn-hosts=/tmp/hosts conf-dir=/tmp/dnsmasq.d stop-dns-rebind rebind-localhost-ok dhcp-broadcast=tag:needs-broadcast no-dhcp-interface=br-lan ------------------------------------------ config dnsmasq option domainneeded '1' option boguspriv '1' option localise_queries '1' option rebind_protection '1' option rebind_localhost '1' option local '/lan/' option domain 'lan' option expandhosts '1' option authoritative '1' option readethers '1' option leasefile '/tmp/dhcp.leases' option resolvfile '/tmp/resolv.conf.auto' option localservice '1' option logqueries '1' config dhcp 'lan' option interface 'lan' option ignore '1' config dhcp 'wan' option interface 'wan' option ignore '1' config odhcpd 'odhcpd' option maindhcp '0' option leasefile '/tmp/hosts/odhcpd' option leasetrigger '/usr/sbin/odhcpd-update' |
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
344 posts
|
In reply to this post by hans2
and here a few more errors that jut Pop-up
Thanks Thu Jun 2 13:05:10 2016 authpriv.info dropbear[3223]: Early exit: Terminated by signal Thu Jun 2 13:05:10 2016 authpriv.info dropbear[5264]: Not backgrounding Thu Jun 2 13:06:20 2016 daemon.emerg procd: 42521 72320.723 31821.0 2.4 59408320.5 0.0 0 Thu Jun 2 13:06:20 2016 user.notice root: Successful NTP clock adjust (0.us.pool.ntp.org). Thu Jun 2 13:06:20 2016 daemon.info procd: - init complete - Thu Jun 2 14:42:25 2016 authpriv.info dropbear[6247]: Child connection from 192.168.1.11:57376 Thu Jun 2 14:42:25 2016 authpriv.notice dropbear[6247]: Password auth succeeded for 'root' from 192.168.1.11:57376 Thu Jun 2 14:54:48 2016 authpriv.info dropbear[6247]: Exit (root): Exited normally Thu Jun 2 14:54:48 2016 authpriv.warn dropbear[6247]: Couldn't set SO_PRIORITY (Bad file descriptor) |
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
262 posts
|
breda
I only get this error when i'm in bridge mode Thu Jun 2 13:04:23 2016 daemon.crit dnsmasq[4861]: illegal repeated keyword at line 13 of /var/etc/dnsmasq.conf On investigating this I tracked it do to the file /etc/config/dhcp The line that’s causing the problem is option leasefile '/tmp/dhcp.leases' this line just creates a tmp file that holds a temporary list of ip address that the dnsmasq service can use if it's restarted, all i did to correct this error is comment out the line and type an exact new copy of the line, not copy and paste and now i don't get this error. I could not see anything wrong with the line but that's the world of computers. My file /etc/config/dhcp looks like this in bridge mode config dnsmasq option domainneeded '1' option boguspriv '1' option localise_queries '1' option rebind_protection '1' option rebind_localhost '1' option local '/lan/' option domain 'lan' option expandhosts '1' option authoritative '1' option readethers '1' # option leasefile '/tmp/dhcp.leases' option leasefile '/tmp/dhcp.leases' option resolvfile '/tmp/resolv.conf.auto' option localservice '1' option logqueries '1' config dhcp 'lan' option interface 'lan' option ignore '1' config dhcp 'wan'option leasefile '/tmp/dhcp.leases' option interface 'wan' option ignore '1' config odhcpd 'odhcpd' option maindhcp '0' option leasefile '/tmp/hosts/odhcpd' option leasetrigger '/usr/sbin/odhcpd-update' roadrunnere42 |
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
61 posts
|
In the Linux world it’s normally symbols, such as the wrong type of quotes (` instead of ‘). That’s why I recommend anyone who decides to modify their Shield with the information on this forum to learn Linux because most of
these issues are Linux related, not specific to the Shield, looking through the recent posts on the forum…… From: Roadrunnere42 [via Itus Networks Owners Forum] [mailto:ml-node+[hidden email]]
breda If you reply to this email, your message will be added to the discussion below: http://itus.accessinnov.com/Fw-upgrade-version-8-3-release-tp896p1016.html
To unsubscribe from Fw_upgrade version 8.3 release,
click here. |
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
262 posts
|
In reply to this post by harpss1ngh
harpss1ngh
Good point, I was brought up on windows and only recently started to use linux, when switching between operation systems i often get caught out and still make mistakes with / and \ slashes. roadrunnere42 |
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
Administrator
288 posts
|
Breda -
You memory available went up because the new snort config has some memory optimizations in it. You'll also notice snort loads faster too.
Running the latest OpenWrt stable release
|
Free forum by Nabble | Edit this page |