ASL 4.0.1 issues right after upgrade

[hostingguy]

Started getting mass spammed by psmon, right around the time of your update, 25 minutes now and still going....

Command executed: /sbin/service tortixd restart Exit value: 1 Signal number: 0 Dumped core?: 0

Stopping tortixd: [FAILED]
Starting tortixd: Syntax error on line 25 of /var/asl/etc/httpd/modsecurity.d/tortix_waf.conf:
Invalid command '1024', perhaps misspelled or defined by a module not included in the server configuration [FAILED]

also this

Stopping tortixd: [FAILED]
Starting tortixd: SecReadStateLimit is depricated, use SecConnReadStateLimit instead.
SecWriteStateLimit is depricated, use SecConnWriteStateLimit instead.
[ OK ]

(Additionally, deprecated may be misspelled )

and this

Stopping tortixd: [FAILED]
Starting tortixd: SecReadStateLimit is depricated, use SecConnReadStateLimit instead.
SecWriteStateLimit is depricated, use SecConnWriteStateLimit instead.
Syntax error on line 31 of /var/asl/etc/httpd/modsecurity.d/00_asl_whitelist.conf:
Error creating rule: Could not add entry "/e" in line 2 of file /etc/asl/whitelist to IP list [FAILED]

and seeing this frequently during aum

2 9901 ASLCommon::cmd_system ERROR: '/var/asl/bin/load-geoip-db (1)'

ran aum -uf and asl -f -s

[hostingguy]

Tortix also doesnt appear to like the cidr blocks anymore either.

[root@box.com ~]# service tortixd start
Starting tortixd: Syntax error on line 31 of /var/asl/etc/httpd/modsecurity.d/00_asl_whitelist.conf:
Error creating rule: Could not add entry "10.0.0.0/8" in line 1 of file /etc/asl/whitelist to IP list
[FAILED]

[scott]

Looks like an upstream issue with CIDR blocks:

https://github.com/SpiderLabs/ModSecurity/issues/706

[hostingguy]

So the solution would be to either not use cidr blocks, or disable the whitelist?

[scott]

From what Im looking at right now a /24 and a /16 are acceptd but its not actually processing it like its supposed to.