1
24.1 Production Series / Re: Suricata 7 breaks outbound Wireguard connections on port 443
« on: February 22, 2024, 01:21:52 pm »
.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Hi,
Do I need to add any tunables or settings to make use of IIMB?
Given the latest info...unsure if this is fixable in software, seems coincidental.
Thanks for the reminder, I had it applied briefly before 24.1.1 and seemed fine
There is a change to enable scrub for All ifs but it shouldnt be in stable yet. Can you try disble it for ipsec in normalization?
Should be https://github.com/opnsense/core/commit/0168141566
# opnsense-patch 0168141566
Cheers,
Franco
I must report the same issues.
Having suricata running breaks the connection.
When connected to the opnsense console i can ping 1.1 through the igb interface. But not to lan (lacp lagg with ixl interfaces)
Adding:Code: [Select]stream.midstream-policy: ignore
http2:
enabled: yes
quic:
enabled: yes
to /usr/local/opnsense/service/templates/OPNsense/IDS/custom.yaml fixed the issue as described in the upper post.
Looks like a little hotfix must be released.
Even with the fix applied i have problems reaching my servers by http/https.
I disabled suricata for now.