Intrusion Detection can't enable IPS

[keshan]

I just installed OPNsense on my Proxmox with the NIC passthrough.
The NIC is an old Intel 1000 pt dual NIC card.
The OPNsense VM has 1G of RAM, and when I am trying to config the Intrusion Detection with IPS enable I got

Code Select Expand

2020-05-12T10:05:49 suricata: [100154] <Error> -- [ERRCODE: SC_ERR_INITIALIZATION(45)] - Engine initialization failed, aborting...
2020-05-12T10:05:49 suricata: [100154] <Error> -- [ERRCODE: SC_ERR_THREAD_INIT(49)] - thread "W#01-em0" failed to initialize: flags 0145
2020-05-12T10:05:49 suricata: [100555] <Error> -- [ERRCODE: SC_ERR_NETMAP_CREATE(263)] - Couldn't register em0 with netmap: Cannot allocate memory
2020-05-12T10:05:49 suricata: [100547] <Error> -- [ERRCODE: SC_ERR_NETMAP_CREATE(263)] - Couldn't register em0 with netmap: Cannot allocate memory
2020-05-12T10:05:49 suricata: [100154] <Warning> -- [ERRCODE: SC_ERR_NO_RULES_LOADED(43)] - 1 rule files specified, but no rule was loaded at all!
2020-05-12T10:05:49 suricata: [100154] <Warning> -- [ERRCODE: SC_WARN_DEFAULT_WILL_CHANGE(317)] - in 5.0 the default for decoder event stats will go from 'decoder.<proto>.<event>' to 'decoder.event.<proto>.<event>'. See ticket #2225. To suppress this message, set stats.decoder-events-prefix in the yaml.
2020-05-12T10:05:49 suricata: [100413] <Notice> -- This is Suricata version 4.1.8 RELEASE

please point me to the right direction, thanks.

[binaryanomaly]

No idea what really the problem might be.

I'm using KVM with i440FX UEFI with virtIO NICs and it works. Maybe give the virtIO NICs a try...