I have configured Barnyard2 (v2.1.13) to communicate using FWsam with my OpenBSD 6.1 firewall in order to automatically block traffic generated by a few specific signatures. Unfortunately I see the following error message in the SnortSam log file on my firewall:
2017/07/26, 17:16:57, 192.168.1.222, 1, snortsam, Snort station 192.168.1.222 using wrong password, trying to re-sync.
My passwords should be correct as I have the following config in my Barnyard2 config file:
and the following line in my SnortSam config file on the firewall:
accept 192.168.1.222, mysuperpassword
In the Barnyard2 log file I see the following relevant info/errors:
...
INFO => [Alert_FWsam] Had to use initial key!
INFO => [Alert_FWsam](FWsamCheckIn) Connected to host .
INFO => [Alert_FWsam] Had to use initial key!
ERROR => [Alert_FWsam] Could not renegotiate key! Ignoring host .
So the password should be correct. Any clue here what might be going wrong here?
Hi,
I have configured Barnyard2 (v2.1.13) to communicate using FWsam with my OpenBSD 6.1 firewall in order to automatically block traffic generated by a few specific signatures. Unfortunately I see the following error message in the SnortSam log file on my firewall:
2017/07/26, 17:16:57, 192.168.1.222, 1, snortsam, Snort station 192.168.1.222 using wrong password, trying to re-sync.
My passwords should be correct as I have the following config in my Barnyard2 config file:
output alert_fwsam: 192.168.1.1:898/mysuperpassword
and the following line in my SnortSam config file on the firewall:
accept 192.168.1.222, mysuperpassword
In the Barnyard2 log file I see the following relevant info/errors:
So the password should be correct. Any clue here what might be going wrong here?
Thanks!