I recently performed a few upgrades to 22.7.9 from 21.x. Then the computer immediately crashed.
The crash happens either immediately or after a few minutes the system has booted.
Reverting kernel or suricata to any older versions (within 22.7) did not work.
Basically opnsense becomes unusable when suricata is running.
Can somebody please help or share some insights?
Here is some crash msg and stack trace:
db:0:kdb.enter.default> bt
Tracing pid 0 tid 100171 td 0xfffffe00d58a41e0
kdb_enter() at kdb_enter+0x37/frame 0xfffffe00c15a8a50
vpanic() at vpanic+0x1b0/frame 0xfffffe00c15a8aa0
panic() at panic+0x43/frame 0xfffffe00c15a8b00
trap_fatal() at trap_fatal+0x385/frame 0xfffffe00c15a8b60
trap_pfault() at trap_pfault+0x4f/frame 0xfffffe00c15a8bc0
calltrap() at calltrap+0x8/frame 0xfffffe00c15a8bc0
--- trap 0xc, rip = 0xffffffff80dca4ac, rsp = 0xfffffe00c15a8c90, rbp = 0xfffffe00c15a8ce0 ---
ether_nh_input() at ether_nh_input+0x1c/frame 0xfffffe00c15a8ce0
netisr_dispatch_src() at netisr_dispatch_src+0xb9/frame 0xfffffe00c15a8d30
ether_input() at ether_input+0x69/frame 0xfffffe00c15a8d90
re_rxeof() at re_rxeof+0x2ad/frame 0xfffffe00c15a8e00
re_int_task_8125() at re_int_task_8125+0xba/frame 0xfffffe00c15a8e40
taskqueue_run_locked() at taskqueue_run_locked+0x181/frame 0xfffffe00c15a8ec0
taskqueue_thread_loop() at taskqueue_thread_loop+0xc2/frame 0xfffffe00c15a8ef0
fork_exit() at fork_exit+0x7e/frame 0xfffffe00c15a8f30
fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe00c15a8f30
--- trap 0x8038b000, rip = 0xffffffff80c313af, rsp = 0, rbp = 0xfffff80001b68100 ---
mi_startup() at mi_startup+0xdf/frame 0xfffff80001b68100
??() at 0/frame 0xfffff80001b5d000
null_method() at null_method/frame 0xffffffff81b03fb0
bus_generic_new_pass() at bus_generic_new_pass/frame 0xffffffff81b03fa8
bus_new_pass_desc() at bus_new_pass_desc
db:0:kdb.enter.default> ps
pid ppid pgrp uid state wmesg wchan cmd
53335 5493 5493 0 S nanslp 0xffffffff81ec02ee sleep
5493 1 5493 0 Ss wait 0xfffff80005787548 sh
4258 1 4258 59 Ss (threaded) unbound
100379 S kqread 0xfffff800059c7300 unbound
100434 S kqread 0xfffff80005a30600 unbound
100435 S kqread 0xfffff80005fb9900 unbound
100436 S kqread 0xfffff80031658900 unbound
100437 S kqread 0xfffff8003172d200 unbound
100438 S kqread 0xfffff80031731d00 unbound
100439 S kqread 0xfffff80005ff9800 unbound
100440 S kqread 0xfffff800028aee00 unbound
100441 S kqread 0xfffff800052dab00 unbound
100442 S kqread 0xfffff800b17c5e00 unbound
100443 S kqread 0xfffff80005001600 unbound
100444 S kqread 0xfffff80003fff900 unbound
100445 S kqread 0xfffff800b18e0100 unbound
100446 S kqread 0xfffff80031868200 unbound
100447 S kqread 0xfffff80031868300 unbound
100448 S kqread 0xfffff80005000400 unbound
741 1 741 0 Ss (threaded) ntpd
100427 S select 0xfffff800059ee0c0 ntpd
99922 1 99922 0 Ss+ ttyin 0xfffff80005206cb0 getty
99820 1 99820 0 Ss+ ttyin 0xfffff800052044b0 getty
99709 1 99709 0 Ss+ ttyin 0xfffff80005204cb0 getty
99650 1 99650 0 Ss+ ttyin 0xfffff800052034b0 getty
99565 1 99565 0 Ss+ ttyin 0xfffff80005203cb0 getty
99452 1 99452 0 Ss+ ttyin 0xfffff800052024b0 getty
99448 1 99448 0 Ss+ ttyin 0xfffff80005202cb0 getty
99393 1 99393 0 Ss+ ttyin 0xfffff800050b34b0 getty
95987 1 95987 0 Ss bpf 0xfffff80001eeac00 filterlog
88549 5283 88549 0 S select 0xfffff80002009bc0 python3.9
88369 5283 88369 0 S select 0xfffff80005fbebc0 python3.9
87237 1 87237 0 Ss nanslp 0xffffffff81ec02ef cron
69136 1 69136 0 Ss (threaded) suricata
100349 S nanslp 0xffffffff81ec02e2 suricata
Did you install Realtek plugin? I'm guessing you mean Suricata IPS mode being the issue?
Cheers,
Franco
Hi Franco,
You are correct. Yes I use Realtek plugin and IPS mode on Suricata.