Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

X-Windows and Director 2.2.3

When I try to set up filters with the newest Director software, my text fields for ip addresses are truncated. I can't see what I am keying in. The fields where you select the signature that you want to filter is also truncated. The machine is Win NT with all option paks etc. This doesn't seem to be a problem with Win 2k. Is there a fix?

2 REPLIES
Cisco Employee

Re: X-Windows and Director 2.2.3

If it works fine when logged on locally to the Unix Director, and it works when using an X-Windows client on your Win2K, then this is likely a problem with the X-Windows software you are running on your Windows NT machine. The many different X-Windows software varies between vendor and OS, and it is impossible to test Unix Director with each of them. Many times there are bugs or defficiencies in the X-Windows software which couldn't be worked around by changing the nrConfigure code.

Our team validates that it works on the standard X-windowing environments used by Solaris and HP since those are the platforms supported by the Unix Director.

Try using a different X-Windows software on your machine. We use "Reflexction X" as our X windows software on Win 2K machines and it works fine. We also used to use it on Windows NT back with the older 2.2.1 Unix Director software. We had already changed over to Win 2K before the 2.2.3 Director was released so I don't know if Reflection X running on WIn NT would have the same problem you are seeing?

You could try the following, to do manually what you could have done through the GUI:

1) In nrConfigure double click on the sensor.

2) Open the Intrusion Detection configuration of the currently applied version.

3) Don't make any changes

4) Close the Intrusion Detection window that opened.

5) Save the new temporary version that had been created. (Remember the number)

6) Close the sensor version window and close down nrConfigure.

7) Telnet to the director

8) Login as user netrangr

9) cd /usr/nr/var/nrConfigure (NOTE: DO NOT enter this directory while nrConfigure is running. This a dynamically created and modified directory. Making changes in here while nrConfigure is running will cause problems with nrConfigure)

10) cd to the org directory that matches your sensor's orgid

11) cd to the host directory that matches your sensor's hostid

12) cd to the config directory for the sensor

13) cd to the version directory that matches the new version you created for the sensor

14) Use vi (or your favorite editor) to edit the packetd.conf (or SigSettings.conf) file to add in or edit the RecordOfExcludedPattern (or RecordOfIncludedPattern) lines for the filters.

15) Save the edited file(s)

16) cd /usr/nr

17) Start back up nrConfigure.

18) Double click on the sensor

19) Now open the version you just edited

20) Make any other changes you want

21) Now apply that version

Your filters should now be sent down to the sensor.

For information on manually adding the RecordOfExcludedPattern token refer to:

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/csids4/11657_02.htm#94819

New Member

Re: X-Windows and Director 2.2.3

I have used X-32 from StarNet and Xcursion from Compaq.

Both are experiencing the same problems. It seems that the text field lengths are not being read correctly.

81
Views
0
Helpful
2
Replies