1
23.1 Legacy Series / OPNsense 23.1.1_2 - Suricata stops after startup
« on: March 04, 2023, 01:30:21 pm »
Hello everyone,
I'm running OPNsense 23.1.1_2-amd64 and trying to setup ET Pro Telemetry edition in Intrusion Prevention.
OPNsense is a VM on a Proxmox host, wich has a WAN pass-trough port and then share other ports for local VLANs (it's a home network, so energy saving is the main purpose).
I've downloaded definitions (both ET and built-in) and started service with this options flagged:
- Enabled
- IPS Mode (tried off with the same results)
- Promiscuous Mode (tried off with the same results)
Suricata start:
I've checked on another working setup and I got the same error, even if suricata is working.
Have you any idea?
Thank you,
I'm running OPNsense 23.1.1_2-amd64 and trying to setup ET Pro Telemetry edition in Intrusion Prevention.
OPNsense is a VM on a Proxmox host, wich has a WAN pass-trough port and then share other ports for local VLANs (it's a home network, so energy saving is the main purpose).
I've downloaded definitions (both ET and built-in) and started service with this options flagged:
- Enabled
- IPS Mode (tried off with the same results)
- Promiscuous Mode (tried off with the same results)
Suricata start:
Code: [Select]
[100174] <Notice> -- This is Suricata version 6.0.9 RELEASE running in SYSTEM mode
Then throw out 6 error on configuration of various network protocols: sip, rfb, mqtt, rdp, http, http2.Code: [Select]
[100174] <Warning> -- [ERRCODE: SC_ERR_CONF_YAML_ERROR(242)] - App-Layer protocol [b]*[/b] enable status not set, so enabling by default. This behavior will change in Suricata 7, so please update your config. See ticket #4744 for more details.
I've checked on another working setup and I got the same error, even if suricata is working.
Have you any idea?
Thank you,