Suppress List is defined for this interface, but it could not be found!

tnedor

Hi.

On a new pfSense 2.3.2-RELEASE-p1 (amd64) installation on Netgate SG-4860 with snort 3.2.9.1_14

When I try to add a false positive to the suppression list, I get the following error:

Suppress List 'opt1suppress_58*********75' is defined for this interface, but it could not be found!

I found a previous forum entry also dealing with this problem, but I cannot figure out what was done to resolve the issue.
Any assistance / advise would be much appreciated :)

Let me know if there is any additional information required.

bmeeks

This means the config file (config.xml) has gotten messed up.  The error literally means a configuration entry exists in the file that gives a name for a suppress list for that interface, but there is no matching entry with that name in the config.xml file.

You should be able to fix this by going to the SUPPRESS tab and just creating a new list for the interface.  You can manually paste in the first entry, or I think it will also let you just save an empty list.  Once you do that, the proper areas in config.xml will get initialized.

Bill

Theo1

This worked for me, but I had to go through the additional step of assigning my new list to the interface that was generating the error (LAN in my case). I went to Services, Snort, Interfaces, edited the interface, scrolled down to "Choose a Suppression or Filter List (Optional) and added my newly created list then clicked Save.