pfSense

Upon further testing it appears this may not be an actual bug, but is more likely related to older FreeBSD-12.0 versions of some required library dependencies remaining after a pfSense-2.5 snapshot update that installs FreeBSD-12.1 without removing and reinstalling the Snort package.

I simply removed the Snort package from a non-functioning pfSense-2.5 snapshot using SYSTEM > PACKAGE MANAGER, and then I installed the Snort package again using SYSTEM > PACKAGE MANAGER and it installed and all interfaces (including one using Inline IPS Mode) came up normally. There were no netmap API errors.

I have asked affected users to test again using the method described above and to report back.

Confirmed after further testing by me and by feedback from impacted users. Deleting the package (Snort or Suricata) and installing it again forces the download and installation of the correct version for FreeBSD-12.1. The packages will then start and run normally.

The pfSense-2.5 snapshot update bumped up the OS version to FreeBSD-12.1-STABLE, but it did not result in the new versions of Snort and Suricata compiled on FreeBSD-12.1-STABLE being installed at the same time. Instead, the old versions of the Snort and Suricata binaries compatible with FreeBSD-12.0-RELEASE remained, and those versions will not run in FreeBSD-12.1-STABLE due to changes in the netmap device.

This issue can be closed and marked either RESOLVED or NOT A BUG as desired. The solution for any impacted user is to remove the package and then install it again to bring down the correct package binary compiled against FreeBSD-12.1-STABLE.