"
Deactivating HW offload and rebooting breaks the connectivity to internet and UI. I needed to login physically to firewall and stop the suricata service in order to access the UI again.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#2
Intrusion Detection and Prevention / Error with IPS activation
August 27, 2024, 12:54:46 AM
Hello community,
I run opnsense [24.7.2] on Protectli Vault Pro VP2420 + zenarmor and have a very strange issue when I activate suricata IPS. Once activated it runs for a few seconds and then service crashes with the error below. IDS works fine, this happens only when I activate IPS mode.
What I did so far to troubleshoot was to disable all hardware offloading incl. CRC, TSO & LRO but that only broke the connectivity and access to UI and internet was gone.
The interfaces I want to active IPS on are VLAN interfaces and physical WAN interface.
Any help with getting this work is appreciated!
Thanks,
N
I run opnsense [24.7.2] on Protectli Vault Pro VP2420 + zenarmor and have a very strange issue when I activate suricata IPS. Once activated it runs for a few seconds and then service crashes with the error below. IDS works fine, this happens only when I activate IPS mode.
Code Select
Error suricata [104135] <Error> -- opening devname netmap:igc1-0/R@conf:host-rings=4 failed: Device busyWhat I did so far to troubleshoot was to disable all hardware offloading incl. CRC, TSO & LRO but that only broke the connectivity and access to UI and internet was gone.
The interfaces I want to active IPS on are VLAN interfaces and physical WAN interface.
Any help with getting this work is appreciated!
Thanks,
N
Pages1
