As subject suggest...
My Intrusion Prevention keeps stopping several times during a week and I have to start it manually again.
Any suggestion to what's wrong?
My Intrusion Prevention keeps stopping several times during a week and I have to start it manually again.
Any suggestion to what's wrong?
Share this post:
Responses (6)
-
Accepted Answer
HotRod wrote:
Philippe Eveleigh wrote:
Can you check /var/log/syswatch to see if you are getting any disconnections. The problem is not restricted to PPPoE interfaces but the solution is not as neat. I run an hourly cron job to check the services are still running and restart them if necessary.
Isn't this the old problem with snort leaving its lock file behind when a pppoe connection would die? HotRod what type of wan connection do you have?
I recall the solution for ClearOS 5... was to add to the following file: /etc/ppp/ip-up.local
/etc/init.d/snort restart
/etc/init.d/snortsam restart
I'm on a 60/60Mbit fiber connection trough a bridged fiber interface.
I did this change when I ran CO5, but it did not make any difference then.
I have changed hardware after that and installed CO6.3 64bit. -
Accepted Answer
Philippe Eveleigh wrote:
Isn't this the old problem with snort leaving its lock file behind when a pppoe connection would die? HotRod what type of wan connection do you have?
I recall the solution for ClearOS 5... was to add to the following file: /etc/ppp/ip-up.local
/etc/init.d/snort restart
/etc/init.d/snortsam restart
I'm on a 60/60Mbit fiber connection trough a bridged fiber interface.
I did this change when I ran CO5, but it did not make any difference then.
I have changed hardware after that and installed CO6.3 64bit. -
Accepted Answer
Ben Chambers wrote:
Your system is running out of memory? OOM killer is coming along and trying to free up resources. Try:
grep -i "Killed process" /var/log/*
Ben
I don't think the system should run out of mem. Got 8GB RAM in the system and 500GB harddrive.. Don't know how big the swap is, if there is one...
GUI states that there is 63% free memory.
I ran the command, did not see any change... What did this do?
I'll give it a few days to see if it makes any difference.
BTW, i'm running CO6.3 x64 -
Accepted Answer
Isn't this the old problem with snort leaving its lock file behind when a pppoe connection would die? HotRod what type of wan connection do you have?
I recall the solution for ClearOS 5... was to add to the following file: /etc/ppp/ip-up.local
/etc/init.d/snort restart
/etc/init.d/snortsam restart -
Accepted Answer
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »