Suricata 3.1.1 released… Freshports is still on 3.0_2



  • The FreeBSD port maintainer for Suricata is supposed to be working on updating the port to 3.1.  As soon as that posts, I can start the update process on the pfSense side.

    Bill


  • Yeah…I'm actually a little disappointed in how long it takes to get an update of Suricata into FreeBSD ports.  I actually like Suricata better than Snort, but Snort definitely seems to get more attention and love much quicker than Suricata.  I've actually been experimenting with compiling Suricata on a separate FreeBSD system and copying binaries and configuration over to pfSense.  It seems to work OK in a VM environment that isn't really doing anything (i.e., it will run and pass minor internet connectivity tests).  However, I'm a Windows programmer without much experience in FreeBSD, so I know enough that what I'm doing could be dangerous and/or highly unstable...so not sure if that approach is suitable in a production environment.


  • @AsgardianFW:

    Yeah…I'm actually a little disappointed in how long it takes to get an update of Suricata into FreeBSD ports.  I actually like Suricata better than Snort, but Snort definitely seems to get more attention and love much quicker than Suricata.  I've actually been experimenting with compiling Suricata on a separate FreeBSD system and copying binaries and configuration over to pfSense.  It seems to work OK in a VM environment that isn't really doing anything (i.e., it will run and pass minor internet connectivity tests).  However, I'm a Windows programmer without much experience in FreeBSD, so I know enough that what I'm doing could be dangerous and/or highly unstable...so not sure if that approach is suitable in a production environment.

    You can set up your own package builder virtual machine if you want to.  With it, you can build the complete package.  Rudimentary instructions are in the Development sub-forum.  You just need to set up two Github repo clones.  One from pfSense (https://github.com/pfsense/pfsense) and one from FreeBSD-ports (https://github.com/pfsense/FreeBSD-ports).  You won't find any ready-made how-to documentation, but if you can read shell scripts and follow their logic, you should have no trouble getting things working for building packages.

    Bill


  • 3.1.1 freshports is coming.

    Looking forward.


  • Released in FreshPorts today!


  • @Wisiwyg:

    Released in FreshPorts today!

    OK.  The ball is in my court now to start working on the pfSense update.

    Bill


  • any update on that ? Thanks,


  • Bill just popped back up and said he's been tied up for awhile with a paying project.

    @bmeeks:

    I have been very busy with other work outside of my volunteer package maintainer duties for Suricata and Snort.  The other work pays me, the volunteer maintainer duties do not …  ;).

    I am testing the latest 3.1.1 binary this weekend and hope to have a pull request posted very soon.

    Bill

    I hope everyone realizes he does this on a voluntary basis without any pay. No one should begrudge him if he needs to step back from this for some time to put effort into something that pays the bills. Let's give him the time he needs, and be thankful.

  • Banned

    Possibly inline working with the new version?

    Where can I find the release notes?


  • @dcol:

    Possibly inline working with the new version?

    Where can I find the release notes?

    There are no release notes related to pfSense.  You can visit the Suricata Redmine site at https://redmine.openinfosecfoundation.org/projects/suricata to see what bugs were identified and fixed there related to netmap.  Netmap is the technology used to provide inline mode on pfSense.

    Bill