Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Suricata on Pfsense

    Scheduled Pinned Locked Moved IDS/IPS
    28 Posts 8 Posters 7.3k Views 10 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • tinfoilmattT Offline
      tinfoilmatt @btspce
      last edited by

      @btspce

      Why isn't the pfsense supplied version following Suricata releases more closely?

      The fading worthwhile use case of IDS/IPS aside, because it's not anyone-with-the-requisite-chops-to-keep-it-updated's priority, nor is it an official project package.

      @bmeeks

      I did send a detailed email a couple of weeks ago to the pfSense developer team letting them know of my retirement from package maintainer duties. They acknowledged receipt of the notice, so they are aware of the current package status (ditto for the Snort package, too).

      End of an era. Thanks for all your contributions, Bill. You've done well more than the average bear.

      1 Reply Last reply Reply Quote 0
      • fireodoF Online
        fireodo @bmeeks
        last edited by

        @bmeeks said in Suricata on Pfsense:

        P.S. -- I did send a detailed email a couple of weeks ago to the pfSense developer team letting them know of my retirement from package maintainer duties. They acknowledged receipt of the notice, so they are aware of the current package status (ditto for the Snort package, too).

        Hi Bill,

        sad to see you "go", all the best for you, and a big THANKS for all you've done for Snort & Suricata!

        Kind regards,
        fireodo

        Kettop Mi4300YL CPU: i5-4300Y @ 1.60GHz RAM: 8GB Ethernet Ports: 4
        SSD: SanDisk pSSD-S2 16GB (ZFS) WiFi: WLE200NX
        pfsense 2.8.1 CE
        Packages: Apcupsd, Cron, Iftop, Iperf, LCDproc, Nmap, pfBlockerNG, RRD_Summary, Shellcmd, Snort, Speedtest, System_Patches.

        1 Reply Last reply Reply Quote 0
        • bmeeksB Online
          bmeeks
          last edited by bmeeks

          Thanks guys! I'm not leaving pfSense nor the forum. I'm just retiring from active package maintenance.

          I retired from my real job 11 years ago and I've been away from the cybersecurity industry long enough to be "out of date" with some of my knowledge 😀. Time to turn over the reins to the younger generation.

          fireodoF JonathanLeeJ 2 Replies Last reply Reply Quote 2
          • fireodoF Online
            fireodo @bmeeks
            last edited by

            @bmeeks said in Suricata on Pfsense:

            Time to turn over the reins to the younger generation.

            I hope there will be a worthy successor 😉

            Kettop Mi4300YL CPU: i5-4300Y @ 1.60GHz RAM: 8GB Ethernet Ports: 4
            SSD: SanDisk pSSD-S2 16GB (ZFS) WiFi: WLE200NX
            pfsense 2.8.1 CE
            Packages: Apcupsd, Cron, Iftop, Iperf, LCDproc, Nmap, pfBlockerNG, RRD_Summary, Shellcmd, Snort, Speedtest, System_Patches.

            1 Reply Last reply Reply Quote 0
            • JonathanLeeJ Offline
              JonathanLee @bmeeks
              last edited by JonathanLee

              @bmeeks your work outclasses so many individuals and developers. Your stuff is amazing. Cheers

              Make sure to upvote

              S 1 Reply Last reply Reply Quote 1
              • S Offline
                SteveITS Rebel Alliance @JonathanLee
                last edited by

                FWIW there were two commits last week and 7.0.8_3 is available.

                Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
                When upgrading, allow 10-15 minutes to reboot, or more depending on packages, and device or disk speed.
                Upvote 👍 helpful posts!

                N 1 Reply Last reply Reply Quote 2
                • N Offline
                  NRgia @SteveITS
                  last edited by NRgia

                  @btspce your redmine ticket was closed. It seems..."this is the way".

                  Suricata binary 7.0.11 is now available. Thank you

                  B 1 Reply Last reply Reply Quote 1
                  • bmeeksB Online
                    bmeeks
                    last edited by

                    Just FYI -- upstream released 7.0.12 yesterday.

                    1 Reply Last reply Reply Quote 1
                    • B Offline
                      btspce @NRgia
                      last edited by

                      @NRgia Saw that pfblockerng, suricata (7.0.11) and other packages had updates availible yesterday but when I went to do the updates a few hours later there was none to be found? Netgate seems to have pulled the updates for one reason or another.

                      N 1 Reply Last reply Reply Quote 0
                      • N Offline
                        NRgia @btspce
                        last edited by NRgia

                        @btspce I noticed those updates also, and they were pulled after some time. Maybe the code from Develop was pulled by mistake, and quickly removed.

                        For Suricata, if you reinstall the package, 7.0.11 binary will be installed, instead of 7.0.8.

                        Also I think we will need yet another ticket, for Suricata 7.0.12 as @bmeeks pointed out.

                        B 1 Reply Last reply Reply Quote 0
                        • B Offline
                          btspce @NRgia
                          last edited by

                          @NRgia 7.0.12 has not landed in freshports yet. I will give Netgate a few days after that before creating a ticket.

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.