One specific Suricata instance/interface in pfSense Plus 23.09 intermittently ceases to function

tylerevers · November 14, 2023, 6:53pm

Please include the following information with your help request:

Suricata version: 7.0.0_2

Operating system and/or Linux distribution: pfSense Plus 23.09-RELEASE (FreeBSD 14.0-CURRENT)

How you installed Suricata (from source, packages, something else): From the native Package Manager → Available Packages inside pfSense Plus.

Experiencing sporadic Suricata interface issues on Suricata Instance for VLAN 30 (VL30) in a Router-on-a-Stick setup. Red “X” in Suricata Status, with service restart possible. No issues on VL50 or VL60. Tried reinstalling, clearing suppress list, rule updates, and system reboot without resolution.

Please see the attached suricata.log file for this particular Instance (Interface VL30).

Thank you for reading.
20231114-suricata-VL30-redacted.log (85.2 KB)

bmeeks · November 14, 2023, 8:42pm

I am the volunteer package maintainer for Suricata on pfSense. pfSense runs a customized version of Suricata. You need to report any issues associated with Suricata on pfSense over on the Netgate IDS/IPS forum here: IDS/IPS | Netgate Forum.

tylerevers · November 14, 2023, 9:31pm

Thank you, Bill. I shall do so now.

Topic		Replies	Views
Suricata on pfSense blocking IPs on Pass List Help pfsense	16	6815	January 14, 2022
Can Suricata(on PFSense) send log report by email? Help suricata	3	693	February 6, 2023
Suricata, pfSense and Google Voice Help pfsense	1	560	January 26, 2021
Suricata not showing logs from windows Help ips , community , suricata	1	594	June 26, 2022
Suricata inline mode - works so well and then crashes Help pfsense	5	1891	December 26, 2022

One specific Suricata instance/interface in pfSense Plus 23.09 intermittently ceases to function

Related Topics