Uninstall suricata package then system down



  • i start uninstall suricata package then system down.



  • close suricata interface or any other still the PF system down.



  • i have submit the log in system.

    amd64
    11.0-RELEASE-p10
    FreeBSD 11.0-RELEASE-p10 #119 d53e46d0c71(RELENG_2_4): Fri Jun  9 07:40:39 CDT 2017    root@buildbot2.netgate.com:/builder/ce/tmp/obj/builder/ce/tmp/FreeBSD-src/sys/pfSense

    Crash report details:

    PHP Errors:
    [10-Jun-2017 09:34:14 Asia/Shanghai] PHP Warning:  rename(/usr/local/etc/tinc,/usr/local/etc/tinc.old): No such file or directory in /usr/local/pkg/tinc.inc on line 35
    [10-Jun-2017 09:34:14 Asia/Shanghai] PHP Stack trace:
    [10-Jun-2017 09:34:14 Asia/Shanghai] PHP  1. {main}() /etc/rc.start_packages:0
    [10-Jun-2017 09:34:14 Asia/Shanghai] PHP  2. sync_package() /etc/rc.start_packages:58
    [10-Jun-2017 09:34:14 Asia/Shanghai] PHP  3. eval() /etc/inc/pkg-utils.inc:661
    [10-Jun-2017 09:34:14 Asia/Shanghai] PHP  4. tinc_save() /etc/inc/pkg-utils.inc(661) : eval()'d code:1
    [10-Jun-2017 09:34:14 Asia/Shanghai] PHP  5. rename() /usr/local/pkg/tinc.inc:35

    Filename: /var/crash/bounds
    1

    Filename: /var/crash/info.0
    Dump header from device: /dev/gptid/55b2a058-4d78-11e7-b029-003067e088a4
      Architecture: amd64
      Architecture Version: 1
      Dump Length: 156160
      Blocksize: 512
      Dumptime: Sat Jun 10 09:32:30 2017



  • Filename: /var/crash/textdump.tar.0
    ddb.txt06000014000013116647003  7073 ustarrootwheeldb:0:kdb.enter.default>  run lockinfo
    db:1:lockinfo> show locks
    No such command
    db:1:locks>  show alllocks
    No such command
    db:1:alllocks>  show lockedvnods
    Locked vnodes
    db:0:kdb.enter.default>  show pcpu
    cpuid        = 2
    dynamic pcpu = 0xfffffe026bb46200
    curthread    = 0xfffff800b2306000: pid 18623 "RX#01-(null)"
    curpcb      = 0xfffffe024e855cc0
    fpcurthread  = 0xfffff800b2306000: pid 18623 "RX#01-(null)"
    idlethread  = 0xfffff8000623b500: tid 100005 "idle: cpu2"
    curpmap      = 0xfffff8008aff8138
    tssp        = 0xffffffff82a1ebe0
    commontssp  = 0xffffffff82a1ebe0
    rsp0        = 0xfffffe024e855cc0
    gs32p        = 0xffffffff82a25438
    ldt          = 0xffffffff82a25478
    tss          = 0xffffffff82a25468
    db:0:kdb.enter.default>  bt
    Tracing pid 18623 tid 100301 td 0xfffff800b2306000
    netmap_default_mbuf_destructor() at netmap_default_mbuf_destructor+0x30/frame 0xfffffe024e855890
    mb_free_ext() at mb_free_ext+0xab/frame 0xfffffe024e8558c0
    m_freem() at m_freem+0x38/frame 0xfffffe024e8558e0
    generic_netmap_register() at generic_netmap_register+0x41f/frame 0xfffffe024e855930
    netmap_do_unregif() at netmap_do_unregif+0x111/frame 0xfffffe024e855960
    netmap_dtor() at netmap_dtor+0xa7/frame 0xfffffe024e855990

    ![Screenshot of - System- Package Manager- Package Installer.jpg](/public/imported_attachments/1/Screenshot of - System- Package Manager- Package Installer.jpg)
    ![Screenshot of - System- Package Manager- Package Installer.jpg_thumb](/public/imported_attachments/1/Screenshot of - System- Package Manager- Package Installer.jpg_thumb)



  • newest version dead again. no ways remove suricata, cant stop.why?




  • who can tell me how delete the suricata package? it is can't work and system down. :'(



  • @yon:

    who can tell me how delete the suricata package? it is can't work and system down. :'(

    The clean, fast and easy way ?
    Sure.
    Save config.
    Re install
    Import config.
    Done.



  • @Gertjan:

    @yon:

    who can tell me how delete the suricata package? it is can't work and system down. :'(

    The clean, fast and easy way ?
    Sure.
    Save config.
    Re install
    Import config.
    Done.

    This way has been tried many times and can not solve the problem



  • :o
    A new, fresh install will NOT include "suricata package".

    (ok, granted, before I import the saved config.xml, I would remove all references to "suricata" ;) - using a good editor like notepad++ or comparable)



  • @Gertjan:

    :o
    A new, fresh install will NOT include "suricata package".

    (ok, granted, before I import the saved config.xml, I would remove all references to "suricata" ;) - using a good editor like notepad++ or comparable)

    haha.. good. now i deleted it.  ;D



  • My first guess is you have a system whose NIC hardware driver is incompatible with the Netmap kernel driver utilized by Suricata when it is configured to use Inline IPS Mode.  I see messages in the crash dump related to netmap.

    When attempting to remove the package, the Suricata GUI code will signal any running Suricata binary process to shutdown.  The GUI code then will continue with removing the configuration from the config.xml file and cleaning up certain things on the disk.  The pkg utility takes care of removing all the files it installed as part of the Suricata package.

    Did Suricata install and successsfully start up for you?

    Bill



  • @bmeeks:

    My first guess is you have a system whose NIC hardware driver is incompatible with the Netmap kernel driver utilized by Suricata when it is configured to use Inline IPS Mode.  I see messages in the crash dump related to netmap.

    When attempting to remove the package, the Suricata GUI code will signal any running Suricata binary process to shutdown.  The GUI code then will continue with removing the configuration from the config.xml file and cleaning up certain things on the disk.  The pkg utility takes care of removing all the files it installed as part of the Suricata package.

    Did Suricata install and successsfully start up for you?

    Bill

    I think it should not be NIC card reasons, WAN using Intel82576 pci-e. Suricata seem can start but it is can't stop or unstall.


Log in to reply