New version snort/ suricata?



  • Hi,.. do we have snort/suricata upgrade data?



  • What do you mean? If you are talking about snort and suricata for pfSense 2.3, which is currently in beta, both are being worked on.



  • Snort  2.9.8.0 or.  last suricata?  :-)



  • Snort 2.9.8.0 will be along soon.  Working on converting the GUI to Bootstrap, and was trying to get that finished before updating the binary.  If the Bootstrap conversion drags out too long, I can post a Pull Request to update the binary to 2.9.8.0.

    As for Suricata, it too is being converted to Bootstrap.  One of the pfSense developers is helping with (actually he is doing) the work.  He also has other responsibilities, and the Suricata conversion is a bit behind schedule.  I have tested Suricata 3.0RC3 and it works in pfSense.  The goal is to release the updated GUI along with the new Suricata 3.0RC3 binary (or whatever is current at the time).  We are also planning to provide the long-awaited inline IPS mode with Suricata 3.0 using Netmap.  I have tested it and it works.  We just need to modify the GUI a bit to provide the necessary configuration fields.  Suricata will sport two IPS/IDS modes:  (1) legacy mode using libpcap and the custom blocking plugin (what it uses today); and (2) true inline IPS mode using Netmap.

    Bill


Log in to reply