One specific Suricata instance/interface in pfSense Plus 23.09 intermittently ceases to function

tylerevers · November 14, 2023, 6:53pm

Please include the following information with your help request:

Suricata version: 7.0.0_2

Operating system and/or Linux distribution: pfSense Plus 23.09-RELEASE (FreeBSD 14.0-CURRENT)

How you installed Suricata (from source, packages, something else): From the native Package Manager → Available Packages inside pfSense Plus.

Experiencing sporadic Suricata interface issues on Suricata Instance for VLAN 30 (VL30) in a Router-on-a-Stick setup. Red “X” in Suricata Status, with service restart possible. No issues on VL50 or VL60. Tried reinstalling, clearing suppress list, rule updates, and system reboot without resolution.

Please see the attached suricata.log file for this particular Instance (Interface VL30).

Thank you for reading.
20231114-suricata-VL30-redacted.log (85.2 KB)

bmeeks · November 14, 2023, 8:42pm

I am the volunteer package maintainer for Suricata on pfSense. pfSense runs a customized version of Suricata. You need to report any issues associated with Suricata on pfSense over on the Netgate IDS/IPS forum here: IDS/IPS | Netgate Forum.

tylerevers · November 14, 2023, 9:31pm

Thank you, Bill. I shall do so now.

Topic		Replies	Views
Suricata on CARP VIP LAN on a pfSense HA Environment Help	1	12	November 12, 2024
Suricata compatibility with old pfsense versions Help pfsense , suricata	2	118	June 6, 2024
Suricata on pfSense blocking IPs on Pass List Help pfsense	16	7540	January 14, 2022
Inclusion of Suricata IPS and rules over LAN in pfsense firewall Help ips , rules , suricata	1	62	October 21, 2024
Suricata 5.0.5 with netmap and intel X520 on FreeBSD 12.2 Help pfsense	1	1144	March 29, 2021

One specific Suricata instance/interface in pfSense Plus 23.09 intermittently ceases to function

Related topics