I just installed OPNsense on my Proxmox with the NIC passthrough.
The NIC is an old Intel 1000 pt dual NIC card.
The OPNsense VM has 1G of RAM, and when I am trying to config the Intrusion Detection with IPS enable I got
2020-05-12T10:05:49 suricata: [100154] <Error> -- [ERRCODE: SC_ERR_INITIALIZATION(45)] - Engine initialization failed, aborting...
2020-05-12T10:05:49 suricata: [100154] <Error> -- [ERRCODE: SC_ERR_THREAD_INIT(49)] - thread "W#01-em0" failed to initialize: flags 0145
2020-05-12T10:05:49 suricata: [100555] <Error> -- [ERRCODE: SC_ERR_NETMAP_CREATE(263)] - Couldn't register em0 with netmap: Cannot allocate memory
2020-05-12T10:05:49 suricata: [100547] <Error> -- [ERRCODE: SC_ERR_NETMAP_CREATE(263)] - Couldn't register em0 with netmap: Cannot allocate memory
2020-05-12T10:05:49 suricata: [100154] <Warning> -- [ERRCODE: SC_ERR_NO_RULES_LOADED(43)] - 1 rule files specified, but no rule was loaded at all!
2020-05-12T10:05:49 suricata: [100154] <Warning> -- [ERRCODE: SC_WARN_DEFAULT_WILL_CHANGE(317)] - in 5.0 the default for decoder event stats will go from 'decoder.<proto>.<event>' to 'decoder.event.<proto>.<event>'. See ticket #2225. To suppress this message, set stats.decoder-events-prefix in the yaml.
2020-05-12T10:05:49 suricata: [100413] <Notice> -- This is Suricata version 4.1.8 RELEASE
please point me to the right direction, thanks.
No idea what really the problem might be.
I'm using KVM with i440FX UEFI with virtIO NICs and it works. Maybe give the virtIO NICs a try...