Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
16.7 Legacy Series
»
IDS kills WAN DHCP
« previous
next »
Print
Pages: [
1
]
Author
Topic: IDS kills WAN DHCP (Read 5663 times)
RabidWolf9
Newbie
Posts: 6
Karma: 1
IDS kills WAN DHCP
«
on:
July 29, 2016, 09:53:38 pm »
Upgraded to 16.7, WAN on cable modem would no longer pull DHCP. Rebooted Cable modem and OPNsense multiple times, entered manually, still a no go. Disabled IDS, rebooted and BAM, back up. Worked great before upgrade. Must be a particular rule set. My hardware is overkill so dont ask that question. Any one else seen this issue?
Logged
RabidWolf9
Newbie
Posts: 6
Karma: 1
Re: IDS kills WAN DHCP
«
Reply #1 on:
July 29, 2016, 10:19:44 pm »
Disabled all rule sets both system and user defined, applied IDS, killed WAN.
Disabled IPS mode, rebooted, WAN active again.
IPS states "Enable protection mode (block traffic).
Before enabling, please disable all hardware offloading first in advanced network."
Even though all hardware offloading in advanced network has been disabled still kills WAN.
Logged
RabidWolf9
Newbie
Posts: 6
Karma: 1
Re: IDS kills WAN DHCP
«
Reply #2 on:
July 29, 2016, 11:01:00 pm »
Changed "Pattern Matcher" from "Aho-Corasick" to Hyperscan, no luck.
Enabled Hardware CRC, TSC and LRO, no luck.
Enabled and disabled Promiscuous mode, changed nothing.
IDS/IPS is now a DEAD package, will define rules as needed in firewall/rules, although almost any router can do that.
Anyone find a solution please post, Geo Blocking and other Rule Sets was an awesome feature.
Logged
RabidWolf9
Newbie
Posts: 6
Karma: 1
Re: IDS kills WAN DHCP
«
Reply #3 on:
July 29, 2016, 11:09:50 pm »
Ok ever heard the statement "READ before sticking foot in MOUTH"?
In post
Upgrading to 16.7, known issues and workarounds
https://forum.opnsense.org/index.php?topic=3430.0
[1] if IPS is not working, disable it temporarily or switch to IDS mode. we are investigating the root cause
Will keep foot on floor and await the experts
Logged
franco
Administrator
Hero Member
Posts: 17661
Karma: 1611
Re: IDS kills WAN DHCP
«
Reply #4 on:
July 30, 2016, 09:04:46 am »
Just for the record: Suricata keeps running but no packets flow?
We're tracking down this particular issue in FreeBSD itself at the moment...
Cheers,
Franco
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
16.7 Legacy Series
»
IDS kills WAN DHCP