Suricata Starts then STOP - Crash
-
Glad to help and happy that fixed it for you.
Bill
-
I notice that i have to re-run the command every time i reboot pfsense.
pfctl -t snort2c -T add 1.1.1.1
Is there a way to make it stick? Maybe a cron job?
-
I notice that i have to re-run the command every time i reboot pfsense.
pfctl -t snort2c -T add 1.1.1.1
Is there a way to make it stick? Maybe a cron job?
Posted this reply to you in another thread as well. I think your box may have after effects of a Traffic Shaper bug. See if the steps in this thread help – https://forum.pfsense.org/index.php?topic=82268.msg450204#msg450204
Bill
-
Traffic shaper is not enabled.
-
Was it ever in the past perhaps? There is something in your pfSense configuration that is preventing the boot up code from creating the <snort2c>table automatically like it is supposed to. That table is created way before any packages are loaded and started. Look in /tmp for any PHP errors file and see what's in them.
Bill</snort2c>
-
No traffic shaper was never touched.
Is there a way to edit this code? If so where is it located? Is it in the config file?
Below is the only error in the php error log.
[06-Aug-2015 05:02:26 EST5EDT] PHP Warning: Invalid argument supplied for foreach() in /usr/local/pkg/patches.inc on line 159
-
No traffic shaper was never touched.
Is there a way to edit this code? If so where is it located? Is it in the config file?
Below is the only error in the php error log.
[06-Aug-2015 05:02:26 EST5EDT] PHP Warning: Invalid argument supplied for foreach() in /usr/local/pkg/patches.inc on line 159
This error has nothing to do with Suricata. That file is not part Suricata's collection. Do you have other packages installed that may be trying to include this file?
Bill
-
Below are the list of the only services that i have installed on pfsense.
FYI: i have re-installed pfsense 2.2.4 on a new box and used the restore feature to restore my config on it. Suricata is not even starting now even after running the command.
apinger
bandwidthd
c-icap
clamd
cron
dnsmasq
ntopng
ntpd
squid
squidGuard
sshd
suricata
vhosts-http -
Below are the list of the only services that i have installed on pfsense.
FYI: i have re-installed pfsense 2.2.4 on a new box and used the restore feature to restore my config on it. Suricata is not even starting now even after running the command.
apinger
bandwidthd
c-icap
clamd
cron
dnsmasq
ntopng
ntpd
squid
squidGuard
sshd
suricata
vhosts-httpThat would indicate one of two things. First, the configuration itself might be corrupt, so when restored onto a new install it could be killing the new install. Another possibility is that the new box has different NIC hardware. That would change the physical interface names Suricata needs in order to function correctly. For example, if you old box had older Intel NICs using the em0 driver, but now your new box has Realtek NICs using the re0 driver. The change in physical NIC names will trip up Suricata (and Snort as well). In that case I would recommend configuring Suricata again from scratch and not importing an old configuration.
Bill
-
I have since uninstalled it but have not been install it back. The installation never completes. I am able to install it via ssh though but not through the web console.
Please see the attached. That is where it get stuck.
Any ideas?
