PFSense - Suricata - Alerts - SURICATA STREAM Packet with invalid timestamp

Disable Hardware Checksum Offloading under System → Advanced → Networking.


Suppress

#SURICATA STREAM Packet with invalid timestamp
suppress gen_id 1, sig_id 2210044

NOTE: Try toggling the Hardware Checksum Offloading.

If that does not do it, you can simply disable this particular rule by either clicking the red X icon on the Alerts tab in the GID/SID column, or you can find and selectively disable that rule on the Rules tab for the interface.

See this thread from the official Suricata documentation Wiki for details:

Suricata uses PCAP for packet capture during Legacy Blocking Mode operation, and Netmap for Inline IPS Mode operation.

In both cases, hardware checksum offloading needs to be disabled.