Pfsense error libnet

Hi,
I’m using suricata in pfsense 2.4.5 and my log file is being spammed with this error and don’t know how to fix it hoping someone can help me out here
ERRCODE: SC_ERR_LIBNET_WRITE_FAILED(147)] - libnet_write failed: libnet_write_raw_ipv4(): -1 bytes written (Permission denied)

Kind Regards,
Genine Collin

Hi Genine, this error is generated as Suricata tries to send TCP RST or ICMP reachable packets after a reject rule has matched. As the error indicates, it doesn’t have the permission to do so.

I don’t know how pfSense works well enough to comment on why it gets this error. Possible causes could be that Suricata runs as a user that does not have permission to send packets on a raw socket. Another option is that local firewall rules block the sending of these packets.

I think it would be best to ask through the pfSense support channels.