Disable Hardware Checksum Offloading under SYSTEM > ADVANCED » NETWORKING.

Try toggling the Hardware Checksum Offloading feature under SYSTEM > ADVANCED » NETWORKING.

If that does not do it, you can simply disable that particular rule by either clicking the red X icon on the Alerts tab in the GID/SID column, or you can find and selectively disable that rule on the Rules tab for the interface.

See this thread from the official Suricata documentation Wiki for details: http://suricata.readthedocs.io/en/latest/performance/packet-capture.html, but the short answer is you want hardware checksum offloading disabled as well as LRO (it is already off by default in pfSense).

Suricata uses PCAP for packet capture during Legacy Blocking Mode operation, and Netmap for Inline IPS Mode operation.

In both cases, hardware checksum offloading needs to be disabled.