Suricata 3.1.1 released… Freshports is still on 3.0_2

Tantamount

https://suricata-ids.org/2016/07/13/suricata-3-1-1-released/

Freshports is still on 3.0_2.

https://www.freshports.org/security/suricata/

bmeeks

The FreeBSD port maintainer for Suricata is supposed to be working on updating the port to 3.1.  As soon as that posts, I can start the update process on the pfSense side.

Bill

AsgardianFW

Yeah…I'm actually a little disappointed in how long it takes to get an update of Suricata into FreeBSD ports.  I actually like Suricata better than Snort, but Snort definitely seems to get more attention and love much quicker than Suricata.  I've actually been experimenting with compiling Suricata on a separate FreeBSD system and copying binaries and configuration over to pfSense.  It seems to work OK in a VM environment that isn't really doing anything (i.e., it will run and pass minor internet connectivity tests).  However, I'm a Windows programmer without much experience in FreeBSD, so I know enough that what I'm doing could be dangerous and/or highly unstable...so not sure if that approach is suitable in a production environment.

bmeeks

@AsgardianFW:

Yeah…I'm actually a little disappointed in how long it takes to get an update of Suricata into FreeBSD ports.  I actually like Suricata better than Snort, but Snort definitely seems to get more attention and love much quicker than Suricata.  I've actually been experimenting with compiling Suricata on a separate FreeBSD system and copying binaries and configuration over to pfSense.  It seems to work OK in a VM environment that isn't really doing anything (i.e., it will run and pass minor internet connectivity tests).  However, I'm a Windows programmer without much experience in FreeBSD, so I know enough that what I'm doing could be dangerous and/or highly unstable...so not sure if that approach is suitable in a production environment.

You can set up your own package builder virtual machine if you want to.  With it, you can build the complete package.  Rudimentary instructions are in the Development sub-forum.  You just need to set up two Github repo clones.  One from pfSense (https://github.com/pfsense/pfsense) and one from FreeBSD-ports (https://github.com/pfsense/FreeBSD-ports).  You won't find any ready-made how-to documentation, but if you can read shell scripts and follow their logic, you should have no trouble getting things working for building packages.

Bill

ntct

3.1.1 freshports is coming.

Looking forward.

Wisiwyg

Released in FreshPorts today!

bmeeks

@Wisiwyg:

Released in FreshPorts today!

OK.  The ball is in my court now to start working on the pfSense update.

Bill

mikesamo

any update on that ? Thanks,

Wisiwyg

Bill just popped back up and said he's been tied up for awhile with a paying project.

@bmeeks:

I have been very busy with other work outside of my volunteer package maintainer duties for Suricata and Snort.  The other work pays me, the volunteer maintainer duties do not …  ;).

I am testing the latest 3.1.1 binary this weekend and hope to have a pull request posted very soon.

Bill

I hope everyone realizes he does this on a voluntary basis without any pay. No one should begrudge him if he needs to step back from this for some time to put effort into something that pays the bills. Let's give him the time he needs, and be thankful.

dcol

Possibly inline working with the new version?

Where can I find the release notes?

bmeeks

@dcol:

Possibly inline working with the new version?

Where can I find the release notes?

There are no release notes related to pfSense.  You can visit the Suricata Redmine site at https://redmine.openinfosecfoundation.org/projects/suricata to see what bugs were identified and fixed there related to netmap.  Netmap is the technology used to provide inline mode on pfSense.

Bill