I'm running the latest opnsense along with the latest suricata. When I enable IDS with or without enabled rule sets, the available RAM quickly decreases. Once it reaches about 81% used, the web ui and the router become completely unresponsive. I am only able to recover with a hard reboot. Processor is a J1800 w/ 2GB RAM. Intel 1 gig nics.
Any thoughts on what might be causing this? I started out with 18.7, and then quickly upgraded to 19.1. 18.7 was only running for a few hours, with both IDS and IPS enabled (no freeze/RAM issues).
Hello,
Not a real answer neither an explanation for your issue, but , try Hyperscan for pattern research (for suricata).
It could work better with Intel NIC and claim less ram (at least for my system).
Hope it could help you.