Author Topic: Upgrade OPNsense 20.7.2 reboot fails due to suricata pid (Read 11454 times)

banym · « **on:** September 02, 2020, 07:00:24 pm »

The first box that I updated did not made the reboot due to a suricata pid that did not exit.

I verified that the upgrade was done and only the reboot was pending, killed the process with kill -9 <pid> and everyting booted up normal and seems to work fine.

franco · « **Reply #1 on:** September 02, 2020, 08:39:28 pm »

Hi there,

Not sure we've heard this before. It sounds random, but I'll keep an eye on this when doing the next test rounds.

Cheers,
Franco

littlepepper · « **Reply #2 on:** September 03, 2020, 03:46:10 am »

https://imgur.com/a/AZLjpZ5

I can confirm. However the problem has also existed when 20.7 -> 20.7.1 I thought it was a one off.

I killed suricata from the console and the rest of the upgrade / reboot went smoothly.

franco · « **Reply #3 on:** September 03, 2020, 09:30:02 am »

IPS mode on or off?

Cheers,
Franco

littlepepper · « **Reply #4 on:** September 03, 2020, 10:45:34 am »

The IPS was on.. running normally and seems to be fine after the reboot

banym · « **Reply #5 on:** September 03, 2020, 10:59:16 am »

Same. IPS on and worked until reboot, continue to work after reboot.

franco · « **Reply #6 on:** September 03, 2020, 12:07:35 pm »

I'm suspecting this is netmap related... Easy to check: turn of IDS, try to reboot a few times to confirm if you can. All help is appreciated.

Cheers,
Franco

nikkon · « **Reply #7 on:** September 03, 2020, 03:33:35 pm »

in my case suricata starts, then it freeze the system completely
the big problem i see is with the wan connection - being disconnected all the time.

yeraycito · « **Reply #8 on:** September 03, 2020, 04:39:02 pm »

Updated to 20.7.2 and everything works correctly.

littlepepper · « **Reply #9 on:** September 06, 2020, 02:10:13 pm »

just to add some feedback: I have rebooted 20.7.2 a few times the last few days with IPS on. Suricata doesn't seem to stall at reboot using 20.7.2. So the issue might have just been isolated to 20.7 and 20.7.1

franco · « **Reply #10 on:** September 06, 2020, 03:05:49 pm »

Just a guess but maybe this was due to syslog issues in 20.7 and 20.7.1? We need to wait and see what happens until 20.7.3 to be sure.

Cheers,
Franco

banym · « **Reply #11 on:** September 06, 2020, 04:10:47 pm »

Will test on next update with the same box.

Fright · « **Reply #12 on:** September 06, 2020, 04:58:58 pm »

my 2¢
read this thread before 2.7.2 upgrade and just disable suricata before upgrade.
upgrade was smooth. but attempts to launch a suricata ended in error (error (1)). some error in rule-updater.py.
I didn't have time to find out the reason - its just update rules and started normally on 4th or 5th try.
works well since that

astuckey · « **Reply #13 on:** August 04, 2022, 01:36:18 am »

Same thing happened to me just now on two separate OPNsense instances, upgrading from 22.1.10_4 -> 22.7_4.

Author Topic: Upgrade OPNsense 20.7.2 reboot fails due to suricata pid (Read 11454 times)

banym

Upgrade OPNsense 20.7.2 reboot fails due to suricata pid

franco

Re: Upgrade OPNsense 20.7.2 reboot fails due to suricata pid

littlepepper

Re: Upgrade OPNsense 20.7.2 reboot fails due to suricata pid

franco

Re: Upgrade OPNsense 20.7.2 reboot fails due to suricata pid

littlepepper

Re: Upgrade OPNsense 20.7.2 reboot fails due to suricata pid

banym

Re: Upgrade OPNsense 20.7.2 reboot fails due to suricata pid

franco

Re: Upgrade OPNsense 20.7.2 reboot fails due to suricata pid

nikkon

Re: Upgrade OPNsense 20.7.2 reboot fails due to suricata pid

yeraycito

Re: Upgrade OPNsense 20.7.2 reboot fails due to suricata pid

littlepepper

Re: Upgrade OPNsense 20.7.2 reboot fails due to suricata pid

franco

Re: Upgrade OPNsense 20.7.2 reboot fails due to suricata pid

banym

Re: Upgrade OPNsense 20.7.2 reboot fails due to suricata pid

Fright

Re: Upgrade OPNsense 20.7.2 reboot fails due to suricata pid

astuckey

Re: Upgrade OPNsense 20.7.2 reboot fails due to suricata pid