PacketFence - BTS - PacketFence
View Issue Details
IDProjectCategoryView StatusDate SubmittedLast Update
0000581PacketFencepublic2009-02-10 12:342011-01-26 15:43
Reporteruser4 
Assigned Toobilodeau 
PrioritynormalSeverityfeatureReproducibilityalways
StatusclosedResolutionfixed 
PlatformOSOS Version
Product Version 
Target VersionFixed in Version 
fixed in git revision
fixed in mtn revision
Summary0000581: enhance snort 2.8 compatibility
Descriptionsnort 2.8 compatibility
Steps To Reproduce
Additional Information
TagsNo tags attached.
Relationships
related to 0000716closed user4 Snort and pfdetect don't start 
Attached Files
Issue History
Date ModifiedUsernameFieldChange
2009-02-10 12:34user4New Issue
2009-02-10 13:22maikelNote Added: 0001094
2009-02-10 13:45user4Note Added: 0001095
2009-02-10 13:46user4Note Added: 0001096
2009-02-10 13:46user4Summarysnort 2.8 compatibility => enhance snort 2.8 compatibility
2009-03-03 15:22user4Category1.8.1 => 1.8.2
2009-03-12 16:56maikelNote Added: 0001136
2009-04-13 13:34user4Category1.8.2 => 1.8.3
2009-06-05 08:53user4ProjectPacketFence => PacketFence 1.9
2009-06-08 08:51user4Relationship addedrelated to 0000716
2009-11-19 11:44obilodeauStatusnew => assigned
2009-11-19 11:44obilodeauAssigned To => obilodeau
2009-11-19 14:41obilodeauNote Added: 0001405
2009-11-19 14:41obilodeauStatusassigned => resolved
2009-11-19 14:41obilodeauResolutionopen => fixed
2010-04-15 17:43obilodeauProjectPacketFence 1.9 => PacketFence
2011-01-26 15:43obilodeauStatusresolved => closed

Notes
(0001094)
maikel   
2009-02-10 13:22   
Isnt packetfence already running snort 2.8 since 1.7(even 1.6.2) I runn 1.7 on a system with snort 2.8 already for more then a year without problems, except the custom pfdetect tail
(0001095)
user4   
2009-02-10 13:45   
I am trying to use Snort 2.8 which is throwing ‘Cannot check flow connection for non-TCP traffic’ in the event logs. I looked up the reason for this error and 99% of the time the solution was an old snort.conf file.


Josh Moon
(0001096)
user4   
2009-02-10 13:46   
The issue seems to go away when we use the settings in the default snort configuration file shipped with snort 2.8
(0001136)
maikel   
2009-03-12 16:56   
Actually thats because of the flow preprocessor. It should be replaced by stream5 for non tcp traffic.
(0001405)
obilodeau   
2009-11-19 14:41   
fixed in 1.8 branch: http://mtn.inverse.ca/revision/info/4035cca68326bfae23143f7b9eb036233d3bf6fa [^]
will be ported to 1.9