I have 2 smoothwall 1.0 systems that I have updated to fixes5 and now the Intrusion Detection System (snort) will not start (i.e. the status page shows it as stopped and it has always been enabled in the IDS tab). It was running before I uploaded fixes1-5.
I suspect that it was fixes4 that caused the problem since that updates to snort2.0 but I can't be sure since I applied all the fixes at once.
I am a Linux novice.
Any suggestions on how to track this down?

Thanks,
Steve

Did you reboot between fixes? There were kernel changes as well that need the new modules running

There was a problem with fixes 4 incorrectly addressing the rules files.
I turned snort off before applying fixes 5 and all went well.
There are also a lot of mailing list comments about making sure there is sufficient ram available to install fixes 5, hence turning services off before applying the fix.

Maybe you can try re-installing fixes 5...
If you ssh -p 222 into the box as root and do ps -ax you will see if snort is actually running or not.

Peter,
Thanks for the reply.
I uploaded all the fixes and then rebooted. Did that screw things up? If so, should I just reinstall or is there an easy way to recover?

One system is a P200 with 192M RAM. Web proxy, VPN, secure shell server, and DHCP server are stopped.
The other is a P75 with 64M RAM. Web proxy, VPN, and secure shell server are stopped.
Do you know what is considered to be "sufficient" RAM?

I have not yet learned what goes on during the patch process. Would uploading the fixes 5 update again, re-install it?

I ran the process status command on one system and snort is definitely not running.

Thanks,
Steve

Have never done this myself, but you can always try re-installing fixes5.
Also visit www.quarkav.com for extra advice.