OPNsense Forum

Archive => 21.1 Legacy Series => Topic started by: yeraycito on January 13, 2021, 05:42:34 pm

Title: Suricata 6
Post by: yeraycito on January 13, 2021, 05:42:34 pm

The notes of the new version of Opnsense do not say anything about the new version of Suricata. Is the update to Suricata 6.0.1 planned? Many thanks to the developers.

Title: Re: Suricata 6
Post by: franco on January 14, 2021, 09:05:34 am

We don't have an immediate need for version 6, but I think we will add it to the development release of version 21.1 to give it a proper test drive and see what happens.


Cheers,
Franco

Title: Re: Suricata 6
Post by: marshalleq on January 16, 2021, 01:03:16 am

Hi, I hope it's OK to add to this thread - I don't think Suricata works very well, if at all for many people right now.  The documentation here has left a lot to be desired and in my case I can only get it to kind of work by protecting the LAN instead of the WAN which is not at all what I want.

I am quite frustrated about it and not really sure what to do other than bail on Opnsense and go to pfsense.  However, I've been with Opnsense a long time and would prefer to stay for all the reasons I chose it in the first place.

I suspect, that bringing forward Suricata 6 would allow us to iron out these challenges.  So if we could have it added I would be happy to help.

I assume there is a downloadable beta somewhere I can get my hands on?  (Looking now).

Thanks,

Marshalleq

Title: Re: Suricata 6
Post by: franco on January 16, 2021, 04:20:28 pm

I don't mind you going the pfSense route to be honest. I don't want to reason with the factually questionable bits of your response.


Cheers,
Franco

Title: Re: Suricata 6
Post by: yeraycito on January 16, 2021, 08:23:07 pm

Suricata is one of the best things Opnsense has and in my case it has always worked well. What you have to do is to have it configured correctly. In my case I have it acting in the wan and I can't be happier. The new version of Suricata seems to bring great changes adding better detection protocols and I hope they will integrate it in the new version of Opnsense. And if I have to compare pfsense ( mostly outdated ) - Snort ( gave me a lot of system blocking problems ) with Opnsense + Suricata the choice is safe: Opnsense

Title: Re: Suricata 6
Post by: Mondmann on January 16, 2021, 10:26:48 pm

Hello community,
I am glad that you exist and that you support us with words and deeds
in good times and in bad times to the project OPNSense and develop.

@Franko approx. 10000 Posts x estimated with approx. 3 min. work/effort = approx. 500 hours for us - respect! many thanks that there is you!

I, We can wait and be patient until you have finished adjustments, test, development and support etc. on OPNSene 21.1.

Greetings from Germany and stay healthy   

Title: Re: Suricata 6
Post by: FarmServer on January 29, 2021, 06:44:24 pm

I installed it and got it to work just fine.

But I will second the documentation is somewhat lacking.

Title: Re: Suricata 6
Post by: LOTRouter on January 30, 2021, 12:41:46 am

I found this webinar on using Suricata on OPNsense to be very helpful, including explaining why putting protection on the LAN port is for the best.
https://www.youtube.com/watch?v=_yIq3GM4gjA