IDS kills WAN DHCP

[RabidWolf9]

Upgraded to 16.7, WAN on cable modem would no longer pull DHCP. Rebooted Cable modem and OPNsense multiple times, entered manually, still a no go. Disabled IDS, rebooted and BAM, back up. Worked great before upgrade. Must be a particular rule set. My hardware is overkill so dont ask that question. Any one else seen this issue?

[RabidWolf9]

Disabled all rule sets both system and user defined, applied IDS, killed WAN.
Disabled IPS mode, rebooted, WAN active again.

IPS states "Enable protection mode (block traffic).
Before enabling, please disable all hardware offloading first in advanced network."

Even though all hardware offloading in advanced network has been disabled still kills WAN.

[RabidWolf9]

Changed "Pattern Matcher" from "Aho-Corasick" to Hyperscan, no luck.
Enabled Hardware CRC, TSC and LRO, no luck.

Enabled and disabled Promiscuous mode, changed nothing.

IDS/IPS is now a DEAD package, will define rules as needed in firewall/rules, although almost any router can do that.

Anyone find a solution please post, Geo Blocking and other Rule Sets was an awesome feature.

[RabidWolf9]

Ok ever heard the statement "READ before sticking foot in MOUTH"?

In post
Upgrading to 16.7, known issues and workarounds
https://forum.opnsense.org/index.php?topic=3430.0

[1] if IPS is not working, disable it temporarily or switch to IDS mode. we are investigating the root cause

Will keep foot on floor and await the experts

[franco]

Just for the record: Suricata keeps running but no packets flow?

We're tracking down this particular issue in FreeBSD itself at the moment...


Cheers,
Franco