Internet will break when I enable suricata.

  • Hello,
    My system is pfsense 2.4.4-p2 and install suricata 4.1.4.
    I set WAN to suricata interface and not enable any rules. But it's internet will disconnect BOTH WAN and LAN. I have not enable block any IP. Could have any another miss setting?

  • Make sure you acutally have not enabled any blocking yet. Go to the INTERFACES SETTINGS tab for your WAN and verify the Block Offenders checkbox is unchecked. Save that change and then start or restart Suricata on that interface. See if it starts successfully.

    Look in the suricata.log file to see if any errors are printed. That file can be found on the LOGS VIEW tab. Select the WAN interface in the Interface drop-down and then choose the suricata.log entry in the Log drop-down.

    Post back the content of thesuricata.log and also look in the pfSense system log to see what errors may be logged there.

Log in to reply