Login  Register

Re: Need Help testing.

Posted by Grommish on Apr 12, 2020; 3:45am
URL: https://itus.accessinnov.com/FIRMWARE-Itus-Networks-Shield-Firmware-Upgrade-WIP-tp1726p1939.html

Oh, I understand :)  Just remember me when you move on from the Shield :D

As for the firmware, I'm having a few issues, but nothing insurmountable yet.  The biggest issue I have is the fact the Shield uses a mips64 chip.  So it means having to fight with and cross-compile everything.  I DID get Snort3 working WITH the accompanying tools (including snort2lua!).  I had to get LuaJIT to work under mips64 (it won't without help) and then Snort3 itself - but it works.  See the pastes below..  During the run, i ran two simultaneous speedtests benchmarks.  One from speedtest.googlefiber.net and one from speedtest.net.  I never saw above a .50 load or less than 630MB RAM Free.

Now, this is running ONLY the very STOCK Snort config!  I do NOT know Firewall rules as well as I should, so, who wants to help? *beg*

root@OpenWrt:/etc/snort# snort --daq-dir /usr/lib/daq -c /etc/snort/snort.lua -i
 any -D
--------------------------------------------------
o")~   Snort++ 3.0.0-247
--------------------------------------------------
Loading /etc/snort/snort.lua:
        ips
        dce_http_proxy
        wizard
        pop
        ftp_server
        ssl
        stream_icmp
        ftp_data
        dnp3
        telnet
        latency
        dce_udp
        imap
        classifications
        references
        binder
        appid
        ftp_client
        smtp
        gtp_inspect
        port_scan
        back_orifice
        dce_tcp
        ssh
        rpc_decode
        stream_tcp
        normalizer
        modbus
        http2_inspect
        http_inspect
        arp_spoof
        stream_user
        stream_udp
        stream_ip
        stream_file
        stream
        dce_http_server
        dce_smb
        sip
        file_id
        dns
Finished /etc/snort/snort.lua.
--------------------------------------------------
pcap DAQ configured to passive.
initializing daemon mode
child process is 2347
Commencing packet processing
++ [0] any
root@OpenWrt:/etc/snort# ERROR: Unable to find a Codec with data link type 113


--------------------------------------------------
Packet Statistics
--------------------------------------------------
daq
                 received: 2658325
                 analyzed: 1872001
                  dropped: 786322
              outstanding: 786324
                    allow: 1872001
                     idle: 1
                 rx_bytes: 1970544795
--------------------------------------------------
codec
                    total: 1872001      (100.000%)
                    other: 1872001      (100.000%)
--------------------------------------------------
Module Statistics
--------------------------------------------------
detection
                 analyzed: 1872001
--------------------------------------------------
latency
            total_packets: 1872001
              total_usecs: 7083213
                max_usecs: 8430
          packet_timeouts: 44
--------------------------------------------------
Summary Statistics
--------------------------------------------------
process
                  signals: 1
--------------------------------------------------
timing
                  runtime: 00:08:32
                  seconds: 512.525329
                  packets: 2658325
                 pkts/sec: 5192
o")~   Snort exiting

 
Running Itus Shield v2 Firmware