Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Suricata-5.0.4 Package Release Notes -- for pfSense-2.4.5 users

    Scheduled Pinned Locked Moved IDS/IPS
    1 Posts 1 Posters 253 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • bmeeksB
      bmeeks
      last edited by bmeeks

      Suricata-5.0.4
      An updated Suricata package has been posted for pfSense-2.4.5 users. The new package updates the Suricata binary to 5.04 from 5.0.3. The package update also includes the following new features and bug fixes.

      New Features:

      1. Added a rule Action column with appropriate icons to the ALERTS tab to show the action set for the triggered rule. Note that for Reject actions, the DROP icon will be shown unless the user forced the rule action to reject by clicking a "change action" icon on the ALERTS or RULES tab. Due to logging limitations in the Suricata binary, a rule whose action is changed to Reject via SID MGMT functions will not show the Reject icon under this column.

      Bug Fixes:

      1. Check that LRO, TSO and all Hardware Checksumming is disabled in pfSense config.xml when user enables and saves "IPS Inline" mode configuration.

      2. Potential YAML key indentation issue with libhtp policy settings in suricata.yaml conf file.

      3. Add input validation to prevent users from choosing Netmap Inline IPS Mode with incompatible physical NICs. See Redmine Issue #10950 from Snort for details. Suricata needs the same input validation.

      4. Complete implementation of fix for Redmine Issue 9789 (from Snort) since Suricata is susceptible to the same issues.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.