Cannot Get Suricata To Start Using pfSense

  • Team,

    Good Afternoon.

    Suricata will not start using pfsense. I currently have the SG-1100 appliance.

    1. Added the Suricata package with no issues.
    2. Configured Global Setting using the ETOpen Emerging Threats rules only. No Issues
    3. Performed the Emerging Threats Open Rules update with no issues.
    4. Enabled emerging rules. No Issues
    5. The SG-1100 appliance only has 2 CPU's with 1GB of Ram. It should still run the Suricata application.
    6. When i go to start the service on the WAN interface, it runs for 3 seconds then stops.
    7. Log View message is below

    5/4/2020 -- 18:34:18 - <Notice> -- This is Suricata version 5.0.2 RELEASE running in SYSTEM mode
    5/4/2020 -- 18:34:18 - <Info> -- CPUs/cores online: 2
    5/4/2020 -- 18:34:18 - <Info> -- HTTP memcap: 67108864
    5/4/2020 -- 18:34:18 - <Notice> -- using flow hash instead of active packets

    Any assistance will be appreciated.


  • I see you tagged onto another thread here: That thread tells you what the problem likely is and what the only short-term solution is.