4. <warning>– [ERRCODE: SC_ERR_INVALID_VALUE(130)] - Name of device should not be</warning>

<warning>– [ERRCODE: SC_ERR_INVALID_VALUE(130)] - Name of device should not be</warning>

  • J

    The suricata log (services / suricata / logs view) shows a warning on all suricata enabled interfaces. This warning appears daily (processing of the updated rules)

    Unfortunately, I cannot find the field I'm suppose to update e.g. not null

    Here is the log:

    23/5/2017 – 05:30:43 - <info>-- 2 rule files processed. 16362 rules successfully loaded, 34 rules failed
    23/5/2017 -- 05:30:44 - <info>-- 16362 signatures processed. 296 are IP-only rules, 5673 are inspecting packet payload, 11726 inspect application layer, 102 are decoder event only
    23/5/2017 -- 05:31:17 - <info>-- Threshold config parsed: 0 rule(s) found
    23/5/2017 -- 05:31:17 - <info>-- fast output device (regular) initialized: alerts.log
    23/5/2017 -- 05:31:17 - <info>-- http-log output device (regular) initialized: http.log
    23/5/2017 -- 05:31:17 - <info>-- Using 1 live device(s).
    23/5/2017 -- 05:31:17 - <warning>– [ERRCODE: SC_ERR_INVALID_VALUE(130)] - Name of device should not be null</warning>
    23/5/2017 – 05:31:17 - <info>-- using interface igb3
    23/5/2017 -- 05:31:17 - <info>-- Running in 'auto' checksum mode. Detection of interface state will require 1000 packets.
    23/5/2017 -- 05:31:17 - <info>-- Found an MTU of 1500 for 'igb3'
    23/5/2017 -- 05:31:17 - <info>-- Set snaplen to 1524 for 'igb3'
    23/5/2017 -- 05:31:17 - <info>-- RunModeIdsPcapAutoFp initialised
    23/5/2017 -- 05:31:17 - <notice>-- all 5 packet processing threads, 2 management threads initialized, engine started.
    23/5/2017 -- 07:55:57 - <info>-- No packets with invalid checksum, assuming checksum offloading is NOT used</info></notice></info></info></info></info></info></info></info></info></info></info></info>

    0

  • This is a bug within the Suricata binary itself.  It has been reported to Suricata upstream and will be fixed in the next release, I think.  It is only a warning and will not affect operation.

    Some changes were made to a section of code in the 3.2.x series, but one line got missed when those changes were made.  You can find the bug report and details on the Suricata Redmine site.

    Bill

    0
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy