Suricata on CARP VIP LAN on a pfSense HA Environment

Is there a way I can choose the interface to a CARP VIP LAN on a CARP Failover environment?

pfSense+ Version: 24.03
Suricata Version: 7.0.7

All questions about Suricata on pfSense should be posted on the Netgate IDS/IPS forum here: IDS/IPS | Netgate Forum.

The Suricata package used on pfSense is customized with specific binary patches for that platform.

The short answer to your question is “no”. Suricata on pfSense only supports physical interfaces when used in the Inline IPS Mode there. This is due to limitations of the netmap kernel device within FreeBSD.