Suricata 2.1.6 fails to install on pfSense 2.2.4



  • I’d like to successfully install Suricata with pfSense.  I have a full pfSense install on a Netgate RCC-VE 2440 to 128 GB mSATA SSD.

    I have not used any packages on pfSense before and this is a vanilla install of pfSense 2.2 with a few upgrades to 2.2.4.  I tried to install package Suricata 2.1.6, which fails to install.

    [Installing the Suricata package.  pfSense 2.2.4]
    Installation of suricata FAILED!
    Beginning package installation for suricata .
    Downloading package configuration file… done.
    Saving updated package information... done.
    Downloading suricata and its dependencies...
    Checking for package installation...
    Downloading https://files.pfsense.org/packages/10/All/suricata-2.0.8_1-amd64.pbi ...  (extracting)
    Loading package configuration... done.
    Configuring package components...
    Loading package configuration... done.
    Additional files... suricata.priv.inc failed.
    Loading package instructions...
    Include suricata.inc is missing!
    Removing package...
    Starting package deletion for suricata-2.0.8_1-amd64...done.
    Removing suricata components...
    Menu items... done.
    Services... done.
    Loading package instructions...
    Include file suricata.inc could not be found for inclusion.
    Deinstall commands...
    Not executing custom deinstall hook because an include is missing.
    Removing package instructions...done.
    Auxiliary files... done.
    Package XML... done.
    Configuration... done.
    done.
    Failed to install package.

    Installation halted.

    [SECOND INSTALL ATTEMPT]

    Beginning package installation for suricata .
    Downloading package configuration file… done.
    Saving updated package information... done.
    Downloading suricata and its dependencies...
    Checking for package installation...
    Downloading https://files.pfsense.org/packages/10/All/suricata-2.0.8_1-amd64.pbi ...  (extracting)
    Loading package configuration... done.
    Configuring package components...
    Loading package configuration... done.
    Additional files... suricata_check_for_rule_updates.php failed.
    Loading package instructions...

    _[reinstall suricata GUI]
    Downloading package configuration file… done.
    Loading package configuration... done.
    Additional files... suricata_libhtp_policy_engine.php failed.

    Suricata is not listed under Services.  I tried to uninstall, and that failed.  I rebooted the firewall and saw there was a bug submission pending for suricata, which I submitted.  I was then able to uninstall suricata._


  • Banned

    Your downloads are failing, so you missing required inc files. Not exactly a package issue.



  • Thanks.  It seems to have worked this time.  It looks like there's one download, with no integrity checking.  I've been downloading a variety of patches and updates recently and not aware of any other problems.

    The pfSense Package Manager states that Suricata 2.1.6 is installed, but the downloaded program below looks like 2.0.8.

    Beginning package installation for suricata .
    Downloading package configuration file… done.
    Saving updated package information... done.
    Downloading suricata and its dependencies...
    Checking for package installation...
    Downloading https://files.pfsense.org/packages/10/All/suricata-2.0.8_1-amd64.pbi ...  (extracting)
    Loading package configuration... done.
    Configuring package components...
    Loading package configuration... done.
    Additional files... done.
    Loading package instructions...
    Custom commands...
    Executing custom_php_install_command()...done.
    Executing custom_php_resync_config_command()...done.
    Menu items... done.
    Services... done.
    Writing configuration... done.

    Installation completed.  Please check to make sure that the package is configured from the respective menu then start the package.


  • Banned

    1/ There most certainly is not one download for this. The PBI is just the binary part. All of those PHP/XML files are downloaded separately one by one.
    2/ The package version (PHP/XML) has no relation to upstream binary version (PBI).



  • Never mind.  It looks like the versioning is correct.

    Thanks for explaining the downloads.

    "Services: Suricata 2.0.8 RELEASE pkg v2.1.6 - Intrusion Detection System"