@genuine said in Suricata wont Start after updating pfSense to 2.4.5-RELEASE:
sorry for the short explication
well after upgrading pfsense 2.4.5 he did also upgraded suricata with was not starting anymore.
so I did a clean uninstall and removed also the settings and did a reinstall
it was not starting I was looking in the log and there was a packet missing I think it was libluajit I'm not sure
so I installed the lib and suricata was starting up configured as inline mode
the error appear with drops and rejects
for the firewall it is configured as normal nothing exotic also not in bridge mode everything was working before the upgrade
without problems.
if i have a hodge-podge of library versions how can i check and fixed this
You very likely have a mixture of FreeBSD 11.2 and FreeBSD 11.3 libraries as a result of how you updated. That missing libjuit package is one example. I suspect your libdnet package might also be the wrong version and hence you are getting your current Suricata error. From your symptoms, I'm going to guess you were on pfSense 2.4.4 and saw an update for Suricata posted. But that Suricata update was for the 2.4.5 version of pfSense and has new shared library versions/dependencies that can only be satisfied when pfSense-2.4.5 is already installed. You installed the new Suricata onto a pfSense-2.4.4 system and it would not start (that missing libjuit package is a classic symptom of this upgrade path). So then you updated to pfSense-2.4.5, but that still will not properly update all of the dependent libraries that third-party packages might use. So now you are experiencing weird errors because of the library problems.
I would recommend you do this. You should reinstall pfSense itself from a clean install and then put your packages back. That will guarantee that you get the correct versions of all the supporting libraries.
If you don't want to perform a complete reinstall of pfSense, then try this series of commands to refresh the pkg database.
pkg-static clean -ay; pkg-static install -fy pkg pfSense-repo pfSense-upgrade
The commands above came from this link in the pfSense documentation: https://docs.netgate.com/pfsense/en/latest/install/upgrade-troubleshooting.html.
And next time you see a pfSense version upgrade notice on the Dashboard, DO NOT update any packages until AFTER you have upgraded pfSense to the new version!