IDS Daemon stoped working and is not restarting anymore

The Intrusion-Prevention daemon stoped working and i am not able to restart it with the gui.
I am getting a error message "cannot access ‘/var/run/suricata.pid’ ".
There is no such file. I did not change or updated the firewall. Suricata was running, but now it stoped working.

Related to that: IDS Daemon doesn't start ?

Sorry for my bad english,

in der Datei /var/ipfire/suricata/suricata-dns-servers.yaml
habe ich den Eintrag ::
#Autogenerated file. Any custom changes will be overwritten!
DNS_SERVERS: “[194.150.168.168194.150.168.168]”

ich meine hier müssten die beiden DNS-Server Adressen mit einem Komma getrennt sein.
Those two DNS server have to be separated by a comma?

// there is no untouched example configuration - suricata-example.yaml
// i am using IPFire-Version: IPFire 2.23 (x86_64) - core139

=> for me it works now, i edited my suricata.yaml file

vars:
address-groups:
# Include HOME_NET declaration from external file.
# include: /var/ipfire/suricata/suricata-homenet.yaml
HOME_NET: "[192.168.178.46/32, 192.168.77.0/24, 192.168.18.0/24]"

# Include DNS_SERVERS declaration from external file.
# include: /var/ipfire/suricata/suricata-dns-servers.yaml
DNS_SERVERS: "[194.150.168.168, 194.150.168.168]"

EXTERNAL_NET: "any"

The ipfire generator file for suricata-homenet.yaml and suricata-dns-servers.yaml must be faulty.

Is there a topic for this in Bugzilla?

Hatte das selbe problem wurde hier gelöst

1 Like

No, the issue already is fixed, which will be included in the core 140/141 doubble-release.

Best regards,

-Stefan