OPNsense Forum

English Forums => Intrusion Detection and Prevention => Topic started by: wkoch on February 26, 2021, 08:30:18 pm

Title: Suricata 5.0.5_1 - SIP fax transmission failing
Post by: wkoch on February 26, 2021, 08:30:18 pm

Here my observation with 5.0.5_1 version.

Updated suricata 5.0.5_1 by installing OPNsense 21.1.2 update.
(Suricata monitors WAN1 (of 2 available WAN ports) only in IPS mode.  Asterisk Fax Server and physical Fax machine with ATA are connected to a separate LAN and traffic of these devices is routed through WAN2 (both LAN and WAN2 are not monitored with suricata)).

Almost all attempts to send or receive faxes failed with various error messages on the fax server and the real fax machine shows "communication error". Only few faxes could be sent, with some lines missing. SIP telephony works flawless (without hearable glitches).

I suspect UDP packet loss or delay (maybe high system load?).

Reverting back to 5.0.5 immediately solves the problem.

Walter

Title: Re: Suricata 5.0.5_1 - SIP fax transmission failing
Post by: smyers119 on February 26, 2021, 08:46:27 pm

Do you happen to know where to find the change log.  I did a quick search couldn't find it.

Title: Re: Suricata 5.0.5_1 - SIP fax transmission failing
Post by: wkoch on February 27, 2021, 09:44:22 am

https://www.freshports.org/security/suricata/

See "Commit History".