Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Cannot Get Suricata To Start Using pfSense

    Scheduled Pinned Locked Moved IDS/IPS
    2 Posts 2 Posters 181 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      blaytrail
      last edited by

      Team,

      Good Afternoon.

      Suricata will not start using pfsense. I currently have the SG-1100 appliance.

      1. Added the Suricata package with no issues.
      2. Configured Global Setting using the ETOpen Emerging Threats rules only. No Issues
      3. Performed the Emerging Threats Open Rules update with no issues.
      4. Enabled emerging rules. No Issues
      5. The SG-1100 appliance only has 2 CPU's with 1GB of Ram. It should still run the Suricata application.
      6. When i go to start the service on the WAN interface, it runs for 3 seconds then stops.
      7. Log View message is below

      5/4/2020 -- 18:34:18 - <Notice> -- This is Suricata version 5.0.2 RELEASE running in SYSTEM mode
      5/4/2020 -- 18:34:18 - <Info> -- CPUs/cores online: 2
      5/4/2020 -- 18:34:18 - <Info> -- HTTP memcap: 67108864
      5/4/2020 -- 18:34:18 - <Notice> -- using flow hash instead of active packets

      Any assistance will be appreciated.

      Thanks.

      1 Reply Last reply Reply Quote 0
      • bmeeksB
        bmeeks
        last edited by

        I see you tagged onto another thread here: https://forum.netgate.com/topic/151936/suricata-core-dumping-after-2-4-5-upgrade/15. That thread tells you what the problem likely is and what the only short-term solution is.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.