Back to list
Re: problems with yum and roo
Feb 01 2007 03:20AM
Earl (esammons hush com)
-----BEGIN PGP SIGNED MESSAGE-----
I have to admit that my communication / release engineering skills
have been a bit lax... Sorry about that.
Long story short: There are no updates for roo-1.0.hw-189. I
cleared the update repos (that brok roo anyway) because we were
just about to release roo-1.1.hw-1... Then our upstream OS update
feed dried up.
We decided to hold the release and do a "quick" (yeah right) OS
update which we are working on now. If anyone wants to play with
roo-1.1.hw-1, which is essentially 189 plus 5,000 or so bug fixes
<grin>, feel free, however, please be advised, there will not be
any updates to anything until we do a full release of roo-1.2.hw-1.
Nothing worng with FC, just a bit tough keeping up with the
release cycle :)
Sorry about not being able to support what we create... I'm
looking very hard at moving to CentOS for an underlying OS later in
the year to give us a _much_ longer support tail.
Below is the important part of what would have been an official
release message for 1.1. You can find the roo-1.1.hw-1 ISO, sigs,
changelog and the default honeywall.conf it ships with here:
Bug reports (https://bugs.honeynet.org/) on things like the new
snort update process and things unrelated to old OS layer stuff
will help us clean up any loose ends for the official release of
1.2 when were ready for it.
Stay tuned for info on when 1.2 is ready and thanks for your
ROO-1.1.hw-1 Release Mesage notes:
Unfortunately, there is NO upgrade path from previous versions of
roo to roo-1.1x. The only way to run roo-1.1x is to do a complete
install (which will erase all existing data). The reason for this
is due to the tremendous number of bug fixes, updates, and overall
stability added. We are working on a data export/import process to
transfer data from an existing roo to a new (or other) roo but its
not quite ready for prime time yet.
NOTE: This version is still based on Fedora Core 3, which recently
confirmed no longer has legacy support. We intend to soon release
another version (Honeywall 1.2) based on Fedora Core 6.
Aside from numerous bug fixes that were listed in our bugserver (see
also changelog), the following list highlights most of the major
since version 1.0.hw-189:
o Thanks to Sourcefire, the Honeywall CDROM is now distributed with
latest version of the Sourcefire VRT Certified Rules for Snort and
o We added Oinkmaster and Snortconfig to automate Snort(IDS) and
Snort-inline (IPS) rule updates.
o We updated Snort from version 2.3.3 to 184.108.40.206.
o We have updated the functionality of Snort-Inline. In versions of
prior to version 1.1.hw-1 there were a limited number of IPS rules
that were hand picked for versatility. They were all known to
function well with the 'Action' field set to either of DROP,
REJECT, or REPLACE. Now that we are utilizing the entire VRT
set for both IDS and IPS rules this is no longer true. We have
removed the ability to set all IPS rules to either of
DROP/REJECT/REPLACE. Instead the decision on
which action is appropriate for each IPS rule is being passed off
'snortconfig' which was written and is maintained by Brian
who has written a snort rule or two ;P
o Since the Ethereal Core development team is now working on
which is of the same code base, we have made the move from
0.10.14 -> Wireshark 0.99.3. We really only "require" the
utility but we also include the very handy cli capture tool
known as tethereal (now tshark).
o Changed the update process so that, by default, ALL updates for
will come from the Honeynet Project yum repo instead of the
independent OS and application repos. This will enable us to test
updates before they are received to ensure that updates don't
Roo. Optionally, one can use the tool 'hwrepoconf' to enable OS /
application repos if you desire quicker (but untested) updates as
they become available. Be warned, however, that updates from
other than the Honeynet repo may break your Honeywall!
On Wed, 31 Jan 2007 10:50:41 -0500 "Erin L. Johnson"
<tenbris (at) gmail (dot) com [email concealed]> wrote:
>I loaded a fresh install of roo 1.0 189 and tried to run 'yum
>roo-base' to avoid bug 423
>(https://bugs.honeynet.org/show_bug.cgi?id=423). This gave me an
> [Errno 4] IOError: HTTP Error 404: Not Found
>After poking around the roo directory on honeynet.org I did find a
>repo2 directory. However, when I modify
>/etc/yum.repos.d/honeynet.repo to point to
>http://www.honeynet.org/tools/cdrom/roo/repo2/ and then run 'yum
>update roo-base' it says that roo-base does not need to be
>Yet, when I run 'yum update' I get the same behaviour as bug 423.
>Time does not change us. It just unfolds us.
> - Max Frisch
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.5
-----END PGP SIGNATURE-----
[ reply ]
Copyright 2010, SecurityFocus