Core 153 Testing

After a first short quick test, everything is running as expected so far.

4 Likes

+1.

For now, everything works fine.

1 Like

Hi,

thank you very much to both of you for testing. :slight_smile:

In case you are using the IPS: Did you observe any significant increase CPU load after upgrading? Apparently, some users do, especially in virtualised environments, while some (including me) do not…

Thanks, and best regards,
Peter MĂĽller

in my case on lwl mini appliace with suricata on wan, lan and openvpn, not. but it should be 5.04, like in blogpost reported. not 6.0 . Maybe a problem of suricata 6?

Edit: Ok it’s 6.0

Edit: Thanks for correction the Blogpost.

Blockquote This is Suricata version 6.0.0 RELEASE

then the blogpost is wrong


Bildschirmfoto_2020-12-14_19-51-57

Cheers HTH

1 Like

I´ve this machine (Apu2e0) with OpenVPN, IPS, DDns, Proxy, URL Filter, Location Filter, DHCP, Samba, Hostapd, WIO, and nothing more, I think.

And go fine.

With this configuration:

And TOP:

Best!.

2 Likes

Hi, I am testing core 153 on a I3 processor. Upgrade occurred on the9th of December. All looks good so far. Things like locationblock can now update, I am 8 hours west of CET. As far a CPU load, I am running IPS on the green only. The green only is due to the fact that my connection is DSL. I noticed an increase in the system load, but that appears to have lasted 3 days then returned to pre-153 install. One thing noticed is the CPU frequency graph suddenly looks very smooth shortly after install. All plots 1 week of data.
Pete

1 Like

Hi there!

First of all, many thanks to the ipFire team for the excellent work and support!

I am testing Core 153 on an ipFire Mini Appliance and I notice changes to the previous version.

Using IPS on green/blue/red with the configuration shown in the picture. The CPU load increases starting with the update to Core 153 on dec 12. Also shown in pic. All data is shown in the week view.

Everything else is functioning as expected so far.

Greetings to the team and community, Wayne

(fireinfo.ipfire.org - Profile 38957557ca5511ca0bced7163151f69e94e419b9)

1 Like

Hi,

thanks for reporting back. :slight_smile:

Indeed, this looks like something is eating up more CPU time. Given an average load of ~ 0.2 after Core Update 153, it is not too bad from my point of view, however, it is a noticeable change.

I am still not sure what to think about this Suricata regression. It does not seem to affect many, but those who are affected are affected rather bad…

Thanks, and best regards,
Peter MĂĽller

maybe an devop of the suricata-team can say more?

I am also experiencing much higher CPU loads since 153.

Happy to provide graphs, configs etc… if needed.

Other than the above issue 153 working well.

Hi,

I am also experiencing much higher CPU loads since 153.

yes, we unfortunately had to downgrade Suricata to 5.x again in Core Update 153
(see this commit for details), since this affects too many users quite badly. :expressionless:

Thanks, and best regards,
Peter MĂĽller

Thanks @pmueller,

Perhaps a silly question…

Considering the downgrade of Suricata… when Core 153 (stable) is released can I just upgrade from Core 153 (Testing) to Core 153 (Stable) via Pakfire without any issues?

RS

Hi,

Perhaps a silly question…

your question is not silly. :slight_smile:

Considering the downgrade of Suricata… when Core 153 (stable) is released can I just upgrade from Core 153 (Testing) to Core 153 (Stable) via Pakfire without any issues?

Suricata is shipped in Core Update 153 (see this commit), whatever version it is.

As far as I am aware, Pakfire re-installs the second latest Core Update (152 in this case) while
switching from stable to testing and vice versa, so you should receive Core Update 153 with Suricata
5.0.5 during that procedure.

Please let me know if you don’t.

Thanks, and best regards,
Peter MĂĽller

Hi @pmueller,

Didn’t work - changing from repo Testing to Stable didn’t rollback IPFire to 152:

And Suricata remains on version 6.0.0:

I changed back and forth between Testing and Stable several times and also rebooted IPFire but same outcome - system is not budging from 153 Testing.

Everything appears to be working fine other than higher than normal CPU - so happy to wait until 153 stable is released - unless of course there’s a quick fix you can suggest.

Thanks,

Robert

Have thought this through and moving from 153 Testing back to 152 Stable is the equivalent of a downgrade.

Typically a downgrade would require a re-install of a previous version.

Happy to wait until 153 Stable is released and then simply upgrade from 153 Testing to Stable.

Robert

Hi,

for the records: The testing announcement for Core Update 153 has been updated since we were forced to revert the Suricata 6.x change for now, as it causes too much trouble to too much users. :expressionless:

Thanks, and best regards,
Peter MĂĽller

1 Like

Hi,

regarding reverting Suricata: what does that mean for rules or rule sets that have been checked or unchecked by me? Do I have to do this again, are modifications recognized and merged into the downgraded version or will they not even be touched by the downgrade or upgrade process?

Downgrade didn’t work for me. Disabled suricata for now due to high CPU issue. Fingers crossed when I upgrade from 153 Testing to 153 Stable all is ok and can re-enable suricata.

in the final release is announced Suricata 6. Is that correct?

1 Like

Hi,

no, this has been fixed by now.

Suricata 5.0.5 is the correct version - thanks for catching this. :slight_smile:

Thanks, and best regards,
Peter MĂĽller