Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Hardware and Performance
»
Network card compatibility - BCM95719 - Suricata
« previous
next »
Print
Pages: [
1
]
Author
Topic: Network card compatibility - BCM95719 - Suricata (Read 985 times)
goobs
Newbie
Posts: 5
Karma: 0
Network card compatibility - BCM95719 - Suricata
«
on:
May 16, 2024, 10:06:43 am »
I have been running Opnsense on a HP t730 Thin Client for over a year using 2 of the 4 ports on the BCM95719A1904G NIC for WAN and LAN.
Throughout all that time I have never got Suricata to detect anything either on LAN or WAN. Even with the EICAR test rule.
I used to use ZENArmor but found that would stop network flow randomly after a couple of days so uninstalled it.
I think the NIC is running as generic emulated or something similar.
My question is has anyone any issues with this card or can offer any advice why Suricata fails to detect any malware, even when using the EICAR txt test ?
Or is it the case that the emulated nic driver is not compatible with Suricata/Zenarmour etc ?
Thanks
Logged
Greg_E
Sr. Member
Posts: 342
Karma: 19
Re: Network card compatibility - BCM95719 - Suricata
«
Reply #1 on:
May 16, 2024, 03:28:26 pm »
Broadcom can be risky, Intel is the sure bet. I'd suggest an Intel i350 card.
Also do yo have all of the offloading turned to off? Not sure if it will help, buy worth checking.
Logged
goobs
Newbie
Posts: 5
Karma: 0
Re: Network card compatibility - BCM95719 - Suricata
«
Reply #2 on:
May 17, 2024, 10:52:55 am »
Hi Greg
I did quite a bit of research when choosing a Broadcom over an Intel as I saw other users having issues with OEM types such as Dell or HP NC364 etc. and less reports of issues with Broadcom.
I can take a punt and grab an I350, for the sake of £20 or so.
Yes, all hardware offloading is turned off. Tried with and without Promiscuous mode and have no VLANs.
For now I am relying on firewall rules on the WAN port with ET-emerging and GEO-IP blocklists but it would be good to have something more comprehensive on the LAN working.
Thanks
Logged
Greg_E
Sr. Member
Posts: 342
Karma: 19
Re: Network card compatibility - BCM95719 - Suricata
«
Reply #3 on:
May 17, 2024, 10:15:55 pm »
It's all working fine on my T740 with an Intel branded i350, you are right, sometimes the HP and Dell branded cards have different firmware and might work slightly differently.
I did a little work with a 10gtek i350 card, this was a brand new card that I'm going to use in my long term production server, basic testing said it worked fine, but it was $80usd.
The T740 and used i350 cards are my lab machines, but one is in "production" at the moment while I get the production machine ready.
Logged
goobs
Newbie
Posts: 5
Karma: 0
Re: Network card compatibility - BCM95719 - Suricata
«
Reply #4 on:
May 28, 2024, 04:49:29 pm »
Thanks for the help.
After a failed eBay order (check PCIe not just PCI !) I managed to get a Dell? I350AM4 dual port card.
A small hurdle of re-assigning the WAN port correctly then I had to re-configure my PPPOE connection before finally getting on the internet and setting up Suricata from scratch. I now have alerts detecting stuff !
I also installed a CURL port for Windows and the EICAR test works too.
Now to get a good set of Rules setup ...
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Hardware and Performance
»
Network card compatibility - BCM95719 - Suricata