Suricata 4.1.3 Update (posted for pfSense 2.5 Development) - Release Notes
-
Suricata-4.1.3
This update for the Suricata package introduces one modified new feature, fixes three bugs and brings the stats logging parameter settings in
suricata.yaml
inline with the newest Suricata release. In addition, the underlying binary portion of the package is also updated to version 4.1.3. The Change Log for that version is here.NOTE: this update is initially available only for the pfSense-2.5 DEVELOPMENT tree. It will be backported to the pfSense-2.4.x RELEASE tree after sufficient user testing.
New Features
- Provide separate enable checkboxes for controlling the logging of flow and netflow data. Formerly a single setting (Traffic Flows) was provided that either enabled or disabled both flow and netflow data logging simultaneously. These two parameters can now be set independently of each other. Reference Issue #9403 on the pfSense Redmine site.
Modified Features
- Adjust stats logging config parameters in suricata.yaml to bring them in ilne with the format expected by the Suricata 4.1.3 binary.
Bug Fixes
-
The sample conf files for SID MGMT provided in the package we not being read and installed properly on new green field installations of Suricata. Thus there were no sample conf files present on the SID MGMT tab.
-
On the CATEGORIES tab, status messages for the Snort GPLv2 Community Rules were showing the variable name used to hold the status message instead of the content of the variable and thus the acutal message.
-
Update Snort Subscriber Rules tarball filename in hint text to snortrules-snapshot-29120.tar.gz to reflect the most recent Snort 2.9.x rules release filename.
-
Hello @bmeeks
A new port version for Suricata is available 4.1.3_2 at Freshports . It's not a major update, but it includes an update for Rust language, which is used by Suricata.Maybe when you have time, can you update the package for the guys to test in pfSense-2.5 DEVELOPMENT ?
https://www.freshports.org/security/suricata/
Thank you
-
@NRgia said in Suricata 4.1.3 Update (posted for pfSense 2.5 Development) - Release Notes:
Hello @bmeeks
A new port version for Suricata is available 4.1.3_2 at Freshports . It's not a major update, but it includes an update for Rust language, which is used by Suricata.Maybe when you have time, can you update the package for the guys to test in pfSense-2.5 DEVELOPMENT ?
https://www.freshports.org/security/suricata/
Thank you
This will happen sort of auto-magically next quarter when the pfSense devs update FreeBSD-ports for pfSense to the latest version of the upstream FreeBSD ports tree. They sync the DEVEL tree to FreeBSD ports upstream each quarter. For example, just this past April 1st the DEVEL tree was updated. That means the Rust 1.34 and Suricata 4.1.3_2update was just missed, but it should get picked up with the June 1st sync. At that point Suricata will build with the new Rust version.