Suricata Package v6.0.0_7 -- Release Notes (for pfSense-2.5 DEVEL only)

  • pfSense-pkg-suricata-6.0.0_7
    This update to the GUI package provides support for the latest 5.0.5 binary from upstream. One bug fix and three new features are included.

    This update is released for the pfSense-2.5-DEVEL snapshot branch only. An update to 5.0.5 will be posted soon for the Suricata package on the pfSense-2.4.5-RELEASE branch.

    Note: this update corrects the auto-flowbits logic bug present in the previous v6.0.0_6 package update.

    New Features:

    1. When enabling required Flowbits rules, add the flowbits:noalert tag to rules that were not enabled initially. This will allow flowbits logic to function by pulling in required but disabled rules, but will suppress alerts for those rules not specifically enabled by the user.

    2. Add a checkbox selection for "Not Dropped" in the filtering section on the ALERTS tab. Of interest only when the engine mode is INLINE IPS.

    3. Add checkbox selections for "Drop" and "Reject" in the filtering section on the RULES tab when BLOCK_OFFENDERS is enabled. The "Reject" checkbox is only available when INLINE IPS mode is also enabled.

    Bug Fixes:

    1. Fix typo in Snort GPLv2 Community Rules MD5 file path. See Forum post here: