OPNsense Forum
English Forums => Intrusion Detection and Prevention => Topic started by: soundie on November 02, 2019, 06:13:17 pm
-
Hi.
I'm new to OPNsense - very very impressed, and donation sent :)
I've been running OPNsense for about a week without issues, during this time IDS also has been working fine.
Unsure if its related, but yesterday i installed Sensei - and the OPN lost network connection - i was unable to log on to the webgui at all (of course).
Switching to the console monitor directly on the OPN hardware there was thousands of these flowing over the screen:
[1766] netmap_ring_init called for em2 RX1
[1721] nm rxsync prologue
I was struggling since these messages occupied the whole screen while scrolling.
Rebooting the FW i was able to ping internet from my pc a couple of seconds before the messages broke loose again - blocking me out.
"blinded" i logged on to the console - typed "service suricata stop".
All communication returned to normal.
Starting suricata service - all error messages returned.
I'm now running with IDS deactivated.
Question:
Are there conflicts running IDS and Sensei together - could that be the fault i made?
PS: The IDS log-file has a lot of these, when i try to activate it:
suricata[67911]: [100552] <Error> -- [ERRCODE: SC_ERR_NETMAP_READ(264)] - Error reading data from iface 'em2': (0u) No error: 0
Any advice or tips are appreciated :)
Today i upgraded to 19.7.6 - issue unresolved.
-
Normally you should get a warning from Sensei when you try to start it on an Interface running IPS. It's not supported
-
Aha!
Should be noted on the installation guide...
Thank you for replying - and solving :)
-
It should already: https://snipboard.io/z3a5QD.jpg
-
Never seen that one before...
Anyhow - understood now :)