search

opnsense / core

OPNsense GUI, API and systems backend
https://opnsense.org/
BSD 2-Clause "Simplified" License
3.3k stars 734 forks source link

OPNsense 24.1.6 Suricata 7 Cannot Allocate Memory #7405

Open tsense1337 opened 5 months ago

tsense1337 commented 5 months ago 
[v] I have read the contributing guide lines at https://github.com/opnsense/core/blob/master/CONTRIBUTING.md
[v] I am convinced that my issue is new after having checked both open and closed issues at https://github.com/opnsense/core/issues?q=is%3Aissue

Describe the bug

after upgrading from 24.1.1 Suricata 6 to 24.1.6 Suricata 7 fails to launch. After the error message is displayed, the machine can be pinged but can no longer be accessed via the web interface. returning to 24.1.1 everything was fine again.

To Reproduce

Steps to reproduce the behavior:

Upgrade from 24.1.1 to 24.1.6
Tunables:
tuneable dev.netmap.admode: 2
dev.netmap.buf_size: 4096 <<< Even without the parameter it behaves exactly as in the error description.

Expected behavior

We see this error messages: 2024-04-23T09:25:12 21 Error suricata 8429 [105315] -- opening devname netmap:ix1^3/T failed: Cannot allocate memory 2024-04-23T09:21:54 21 Error suricata 84930 [103083] -- opening devname netmap:ix1^3/T failed: Cannot allocate memory

Describe alternatives you considered N/A

Screenshots N/A

Relevant log files

2024-04-23T09:25:12 21 Error suricata 8429 [105315] -- opening devname netmap:ix1^3/T failed: Cannot allocate memory 2024-04-23T09:21:54 21 Error suricata 84930 [103083] -- opening devname netmap:ix1^3/T failed: Cannot allocate memory

Additional context

N/A

Environment

Software version used and hardware type if relevant, e.g.:

OPNsense 24.1.1 512GB RAM (amd64, OpenSSL). nic ='NetXtreme BCM5719 Gigabit Ethernet PCIe' nic = 'Ethernet Controller 10-Gigabit X540-AT2'

tsense1337 commented 5 months ago

Are there any updates to my problem?

tsense1337 commented 3 months ago

Is the problem still being resolved? The problem does not exist in the business version! only in the community version.

AdSchellevis commented 3 months ago

which business edition version did you test with the exact same hardware being used? It sounds quite unlikely there's a difference on this subject.

tsense1337 commented 3 months ago

yes, exactly. I updated the version with identical hardware directly to the latest Business (24.4_8) and have had no problems with the error since then. Could it be due to a different netmap version?

AdSchellevis commented 3 months ago

If I’m not mistaken the kernel and suricata package are the same between those versions.

tsense1337 commented 3 months ago

But there has to be a difference. Because then an upgrade to the business version would have led to the same error. Could it be due to a configuration difference?

AdSchellevis commented 3 months ago

I've double checked, both kernel and suricata versions are the same. There's not much we can do at the moment, if it's hardware / driver related, it might have been a lucky shot if it sometimes works.