Netgate SG-1000 microFirewall

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - revengineer

Pages: [1] 2 3 4 5
IDS/IPS / Re: Snort Package Notes
« on: February 09, 2018, 11:44:25 am »
+1. I too encountered the "manual remove" messages and I never touched the automated installation. I do not recall whether I had the fatal error. Snort seems to work just fine but I may follow the instruction to remove and reinstall for good measure.

Packages / Re: snort turning itself OFF
« on: February 04, 2018, 08:05:54 am »
This happened to me yesterday as well. When I checked the interface, snort was stopped. I simply restarted and all is well. These issue happen so rarely and typically fix themselves, so that I am neither worried nor inclined to start a research project over this issue.


PM me your portal username and we will extend it. We are doing this for all SG-1000 owners.

PM sent. Thank you!

We are working on exactly that. However due technical issue we are expanding Gold subscriptions until we sort out downloads access from portal.
Fantastic, thank you again.

If you are on ARM, you'll apparently have to wait for the 2.4 release. After that, they presumably should be available at (If not, I'd never ever buy any ARM-based product from Netgate again.)

On anything else, download the CE images now from the above link and move on. The "tuning" plus 3 very much useless Azure/EC2 packages simply are not worth paying. And yeah, if you ask me, this HPE-like model is disgusting. Shame on Netgate.
I do not see any CE ARM firmware images in the downlink section. Am I looking in the wrong place?

I too am interested if my SG-1000 will receive updates after my Gold subscription expires in two months.

Yes, it will. Gold subscription is not required to use your device.
My Gold subscription expired today, and I no longer have access to the SG-1000 images. This somewhat sucks because the the software for this device is barely out of beta and fixes are still being worked. I understand that I can do incremental updates via the interface but the right thing by netgate to do would have been to allow firmware image access for one year following final release. To be clear, I am not talking about extended access to other Gold subscription features, just the firmware.

General Questions / Re: SG-1000 High CPU Usage with Netstat Command?
« on: December 30, 2017, 05:45:17 pm »

That patch is in 2.4.3 snapshots and it looks good to me, netstat is behaving much better.
Any idea when this will be released? My Gold membership expires in 3 weeks and I wasted 80% of my membership in beta status. I realize I can always update from the dashboard, but I would like a well functioning image.

IDS/IPS / Re: Snort - Release Notes
« on: December 12, 2017, 08:06:21 pm »

The problem is given in the error message.  The MD5 checksum check failed.  That means either your download got corrupted, or the MD5 file on the pfSense site is not correct for the current gzip rules archive.  Usually these kinds of errors auto-correct if you just wait a few hours or a day for things to get sorted out on the hosting site.

Thank you for the response. I just checked and the problem indeed fixed itself. The rules have loaded and I can start experimenting with application blocking.

IDS/IPS / Re: Snort - Release Notes
« on: December 09, 2017, 03:18:46 pm »
I wanted to test the OpenAppID feature, but I cannot get the rules to download. The log entries are shown below. I have no problems downloading the rule files directly using the URL Does anyone know what I am missing?

Code: [Select]
Downloading Snort OpenAppID RULES detectors md5 file appid_rules.tar.gz.md5...
Checking Snort OpenAppID RULES detectors md5 file...
There is a new set of Snort OpenAppID RULES detectors posted.
Downloading file 'appid_rules.tar.gz'...
Done downloading rules file.
Snort OpenAppID RULES detectors file download failed.  Bad MD5 checksum.
Downloaded Snort OpenAppID RULES detectors file MD5: 4a919586ee271f633a04b406b1332bf9
Expected Snort OpenAppID RULES detectors file MD5: d4539caec45fdb0484ded9de593e0dc4
Snort OpenAppID RULES detectors file download failed.  Snort OpenAppID RULES detectors will not be updated.

Official pfSense Hardware / Re: SG-1000 <--> SG-3100 ..... Gap
« on: November 13, 2017, 02:09:49 pm »
Thank you for the details re the HDMI connection.

Official pfSense Hardware / Re: SG-1000 <--> SG-3100 ..... Gap
« on: November 12, 2017, 07:24:31 am »
They were supposed to be official appliances, however due the HDMI bug that would take too long to fix in FreeBSD we were forced to sell hardware only. Read here

I have quad core model, pfSense works perfect on it. It's even recognized as SG-2340 or SG-2320 as pfSense.
Can you elaborate (or give a link) on what the HDMI issue is? The netgate post is vague and describes the issue as a show-stopper. However, you seem to have it running pfsense well.

Installation and Upgrades / Re: 2.4 Upgrade Fail
« on: November 12, 2017, 07:13:27 am »
If you have your config file, a complete reinstall barely takes longer than an upgrade install. It does not seem worth spending extensive time on troubleshooting unless you run into the same issue after the reinstall. In the process, switch to ZFS file system for added resilience and reduced risk of future disk issues after power outages.

IDS/IPS / Re: pfsense reinstall hangin on rules download
« on: November 04, 2017, 07:34:49 am »
This has been solved. I had to remove the package lock file via the GUI and then hit the reinstall package button. This then completed the snort install but omitted all other packages. So I restored the config file one more time via the GUI. Upon reboot, the remaining packages were installed. All good but not straight forward.

IDS/IPS / pfsense reinstall hangin on rules download
« on: November 03, 2017, 09:22:52 pm »
I have reinstalled pfsense 2.4.1 to get the zfs file system. On restore of the config, pfsense hangs on "Downloading snortrules-snapshot-2990.tar.gz". I can download these rules manually just fine. Any help to get my pfsense back up and running is greatly appreciated. Thank you!

Official pfSense Hardware / Re: SG-1000 shows 100% CPU.
« on: October 30, 2017, 11:45:43 am »
I agree with everything kejianshi said. Problem is that CPU usage sticks out when the GUI is up and folks may not know how to check it without it and hence do not know that CPU usage goes down when GUI is closed. So, yes the light does go off when you close the fridge.  :)

Pages: [1] 2 3 4 5