pfSense » pfSense Packages

Install 2.4.4.a.20180810.1914 recovery snapshot for SG-3100. Install Suricata, enable some sources, update, add and enable WAN interace with some rules. Start the interface, it will run. Upgrade to the latest 2.4.4 snapshot (2.4.4.a.20180817.1114 as I type this). Once the upgrade completes try to start the service, it will not start.

Still seeing this. On ARM for example:

Installed packages to be UPGRADED:
    php72-pfSense-module: 0.62_6 -> 0.63_6 [pfSense]
    pfSense-u-boot-sg3100: 2.4.4.a.20180814.1655 -> 2.4.4.a.20180820.0415 [pfSense-core]
    pfSense-rc: 2.4.4.a.20180814.1655 -> 2.4.4.a.20180820.0415 [pfSense-core]
    pfSense-pkg-suricata: 4.0.13_2 -> 4.0.13_3 [pfSense]
    pfSense-kernel-pfSense-SG-3100: 2.4.4.a.20180814.1655 -> 2.4.4.a.20180820.0415 [pfSense-core]
    pfSense-default-config-serial: 2.4.4.a.20180814.1655 -> 2.4.4.a.20180820.0415 [pfSense-core]
    pfSense-base: 2.4.4.a.20180814.1655 -> 2.4.4.a.20180820.0415 [pfSense-core]
    pfSense: 2.4.4.a.20180814.1656 -> 2.4.4.a.20180819.1529 [pfSense]

Running "/etc/rc.d/ldconfig start; ldd /usr/local/bin/suricata" still allows it to start after that so the root cause appears the same.

Interestingly the Suricata package was updated there and that usually allows it to start normally after an upgrade but not this time.

We probably need to test this across an upgrade where the suricata package version doesn't change to be sure.

I have done upgrade at SG-3100 to 2.4.4.a.20180824.1144 base system. Suricata has survived.

Tested on ARM and x86. Looks good, Suricata running correctly after reboot.

pfSense-base: 2.4.4.a.20180823.1619 -> 2.4.4.a.20180824.1624

pfSense-base: 2.4.4.a.20180823.1533 -> 2.4.4.a.20180824.1144