Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
344 posts
|
Hi working with LEDE OpenWrt developer on getting The Shield's updated to latest snort version I have limit technical skills in this area and want to find out how can I backup my shield to send developer a complete copy of all the files or only certain directories that snort runs? the developer will not have physical possession of the device any of the experienced users can you please get back to me appreciate that also if you have any other update requeste you like to see i could forward that to the developers awell
Thanks |
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
344 posts
|
There is some of the question the developer has
1- What are you planning to update - Snort rules - Snort service? - Whole firmware 2- Do you have SSH access to the box? 3- Do you have serial access to the box? 4- How many devices do you have? 5- Do you have a firmware backup? I was going to share it with everyone user8446 has been kind to assist me and has agreed to do testing on the update once it develop and I'll be happy to share it with everyone else thats want to do testing stability to make it work i,m out of my league and appreciate all the help |
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
262 posts
|
Great work breda in getting a developer from the LEDE Openwrt to help with snort.
The easiest way in getting the file is by using the windows programs winscp (also works in via wine on a linux computer) and just copying the files from the Shield to a folder on your computer. Some of the question the developer has 1- What are you planning to update - Snort rules Snort rules are updated daily automatically - Snort service? needs updating to latest version - Whole firmware Could be a tricky one as not sure how Itus Network forked from the main Openwrt source code 2- Do you have SSH access to the box? Access is via dropbear 3- Do you have serial access to the box? Via USB RJ45 serial cable 4- How many devices do you have? 5- Do you have a firmware backup? I have two devices and will be willing to test any updates out on one of these devices, I think the first port of call would be to get snort updated, as the many program of IDS.I did try updating snort from the openwrt web site but just stopped the shield working, so just done a reset and gave up as. Think it was because the config files are in different places on the shield Any question or help just ask. Roadrunnere42 |
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
344 posts
|
Thanks, Roadrunnere42 trying to copy all the files via winscp but getting this error
|
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
344 posts
|
In reply to this post by Roadrunnere42
some more questions from the developer
Thanks for taking the time to answer all my questions. As I can see you have some spare boards to tests, with both, ssh and serial, that is really good! So, if I understand you correctly you have Snort 2.9.7.2 and you would like to run a newer version, probably Snort 2.9.9.0? Or which version? As far as I know/check Snort 2.9.7.2 is the latest version supported by OpenWRT, so you would like to cross compile the new version for your board and install it. Is this correct? |
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
Administrator
288 posts
|
Hi Breda,
All of the files on our box are here: https://github.com/ItusShield/Shield-Master Please share w/ your contact. As for your personal backup of your box, have you done this fix from user @Gnomad ? It fixes System>Backup Config where you can put in anything you want to backup and restore anytime. Let us know if you need help.
Running the latest OpenWrt stable release
|
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
344 posts
|
Hi, user8446 thanks for the help
the developer sent me some questions if you can please let me know So, if I understand you correctly you have Snort 2.9.7.2 and you would like to run a newer version, probably Snort 2.9.9.0? Or which version? https://wiki.openwrt.org/doc/howto/snort As far as I know/check Snort 2.9.7.2 is the latest version supported by OpenWRT, so you would like to cross compile the new version for your board and install it. Is this correct? |
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
262 posts
|
Hi
Cross compiling snort 2.9.9.0 for the Shield and allowing to install would be great. Roadrunnere42 |
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
262 posts
|
Heres the version and some details you may find useful (for the developer)
opkg info snort Package: snort Version: 2.9.7.2-1 Depends: libc, librt, libpthread, libdaq, libdnet, libopenssl, libpcap, libpcre, libuuid, zlib Status: install user installed Architecture: cn70xx Conffiles: /etc/config/snort 1f4e6b5ff28e9c5e0acd788dc04b220429 Roadrunnere42 |
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
344 posts
|
In reply to this post by Roadrunnere42
Hi, Roadrunnere42 thanks, I will email him back can you confirm the files on https://github.com/ItusShield are up to date I going to send him link and wanted to make sure all firmware bugfix and any update are all there
|
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
344 posts
|
In reply to this post by Roadrunnere42
Hi, Roadrunnere42 got this email from the developer
We could check this from the snort site or the rpm for i386. |
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
344 posts
|
In reply to this post by Roadrunnere42
Hi, here new email (form the developer)
Please correct me if I'm wrong but you told me that you have already done some tests with the new version. Isn't it? Have you check the dependencies and their version? We could check this from the snort site or the rpm for i386 |
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
262 posts
|
Hi
all i did was try and install snort and failed, i have done no testing on snort. Roadrunnere42 |
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
344 posts
|
HI, the developer said since snort 2.9.9.0 it not version is not yet supported by OpenWrt, so you will need to check any issue if we update to 2.9.9.0 with the project maintainer, and the project mail list. This or any other issue can arise, of course.
|
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
344 posts
|
In reply to this post by Roadrunnere42
Hi, still waiting for the developer to get back to me
|
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
344 posts
|
In reply to this post by Roadrunnere42
Hi, Roadrunnere42@ user8446 Here is what one of the developers said I'm checking with few different one's developers
Ok, so here is what I will provide: The patches/Makefile for the updated snort The opkg which you should be able to install directly The build artefacts (which includes the binaries) Obviously I won't be able to test this, and I'm not familiar with snort myself, so any configuration items, etc etc are out of scope, and there's no documentation as such. |
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
344 posts
|
This post was updated on Jun 27, 2017; 6:02pm.
In reply to this post by Roadrunnere42
Hi, Roadrunnere42 just got to the file from the developer please email me he said we must do testing to make sure it works with Shield
|
Loading... |
Reply to author |
Edit post |
Move post |
Delete this post |
Delete this post and replies |
Change post date |
Print post |
Permalink |
Raw mail |
344 posts
|
In reply to this post by Roadrunnere42
Hi, installed the update but seeing a lot of errors
Sat Jun 17 10:31:00 2017 cron.info crond[3182]: line sh /sbin/fw_upgrade Sat Jun 17 10:31:00 2017 cron.info crond[3182]: line /usr/sbin/ntpclient -s -p 123 -h 0.us.pool.ntp.org || /etc/init.d/ntpclient restart Sat Jun 17 10:31:04 2017 daemon.err uhttpd[13908]: cat: can't open '/.do_date': No such file or directory Sat Jun 17 10:31:04 2017 daemon.err uhttpd[13908]: ls: /etc/snort/rules/snort.rules: No such file or directory Sat Jun 17 10:31:11 2017 daemon.err uhttpd[13908]: ls: /etc/snort/rules/snort.rules: No such file or directory Sat Jun 17 10:31:11 2017 daemon.err uhttpd[13908]: cat: can't open '/.do_date': No such file or directory Sat Jun 17 10:31:11 2017 daemon.info dnsmasq[13979]: query[A] yourhost.example.com from 127.0.0.1 Sat Jun 17 10:31:11 2017 daemon.info dnsmasq[13979]: cached yourhost.example.com is NXDOMAIN Sat Jun 17 10:31:11 2017 daemon.info dnsmasq[13979]: query[AAAA] yourhost.example.com from 127.0.0.1 Sat Jun 17 10:31:11 2017 daemon.info dnsmasq[13979]: cached yourhost.example.com is NXDOMAIN |
Free forum by Nabble | Edit this page |