Upgrade OPNsense 20.7.2 reboot fails due to suricata pid

Started by banym, September 02, 2020, 07:00:24 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 02, 2020, 07:00:24 PM
The first box that I updated did not made the reboot due to a suricata pid that did not exit.

I verified that the upgrade was done and only the reboot was pending, killed the process with kill -9 <pid> and everyting booted up normal and seems to work fine.
Twitter: banym
Mastodon: banym@bsd.network
Blog: https://www.banym.de
September 02, 2020, 08:39:28 PM #1
Hi there,

Not sure we've heard this before. It sounds random, but I'll keep an eye on this when doing the next test rounds.


Cheers,
Franco
September 03, 2020, 03:46:10 AM #2 Last Edit: September 03, 2020, 04:36:11 AM by littlepepper

https://imgur.com/a/AZLjpZ5

I can confirm. However the problem has also existed when 20.7 -> 20.7.1 I thought it was a one off.

I killed suricata from the console and the rest of the upgrade / reboot went smoothly.
September 03, 2020, 09:30:02 AM #3
IPS mode on or off?


Cheers,
Franco
September 03, 2020, 10:45:34 AM #4
The IPS was on.. running normally and seems to be fine after the reboot
September 03, 2020, 10:59:16 AM #5
Same. IPS on and worked until reboot, continue to work after reboot.
Twitter: banym
Mastodon: banym@bsd.network
Blog: https://www.banym.de
September 03, 2020, 12:07:35 PM #6
I'm suspecting this is netmap related... Easy to check: turn of IDS, try to reboot a few times to confirm if you can. All help is appreciated.


Cheers,
Franco
September 03, 2020, 03:33:35 PM #7
in my case suricata starts, then it freeze the system completely
the big problem i see is with the wan connection - being disconnected all the time.
DEC750 Deciso
September 03, 2020, 04:39:02 PM #8
Updated to 20.7.2 and everything works correctly.
September 06, 2020, 02:10:13 PM #9
just to add some feedback: I have rebooted 20.7.2 a few times the last few days with IPS on. Suricata doesn't seem to stall at reboot using 20.7.2. So the issue might have just been isolated to 20.7 and 20.7.1
September 06, 2020, 03:05:49 PM #10
Just a guess but maybe this was due to syslog issues in 20.7 and 20.7.1? We need to wait and see what happens until 20.7.3 to be sure. :)


Cheers,
Franco
September 06, 2020, 04:10:47 PM #11
Will test on next update with the same box.
Twitter: banym
Mastodon: banym@bsd.network
Blog: https://www.banym.de
September 06, 2020, 04:58:58 PM #12
my 2ยข
read this thread before 2.7.2 upgrade and just disable suricata before upgrade.
upgrade was smooth. but attempts to launch a suricata ended in error (error (1)). some error in rule-updater.py.
I didn't have time to find out the reason - its just update rules and started normally on 4th or 5th try.
works well since that
August 04, 2022, 01:36:18 AM #13
Same thing happened to me just now on two separate OPNsense instances, upgrading from 22.1.10_4 -> 22.7_4.
Print
Go Up Pages1
User actions