Suricata package update coming soon (now posted, so this is old news)
-
I have posted a Pull Request for the pfSense team to review and merge that makes some updates to the Suricata package. The update contains some bug fixes, adds three new features and restores the functionality of Pass Lists when running with the new inline IPS mode enabled. Details of what's in the package update can be seen here: https://github.com/pfsense/FreeBSD-ports/pull/256.
The pfSense team is also going to update the Suricata binary in the current pfSense stable production branch to version 3.1.2. This will match the binary version currently being used in the pfSense 2.4-BETA branch. The 3.1.2 version of the Suricata binary contains several upstream fixes that should help with some of the Netmap issues. Please note this does not fix some known issues with Traffic Shaping on pfSense! It also does not add any additional network card support. If your particular network card does not work now with inline IPS mode, it still will not work with the 3.1.2 release. Netmap compatibility is NIC driver specific and has nothing to do with the Suricata binary or pfSense. Netmap is a kernel-level technology in FreeBSD.
Once these changes are merged and available for download, I will post some additional information along with official release notes.
Bill
-
suricata 3.1.2 is now available on pfSense 2.3.2.