Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    <warning>– [ERRCODE: SC_ERR_INVALID_VALUE(130)] - Name of device should not be</warning>

    Scheduled Pinned Locked Moved IDS/IPS
    2 Posts 2 Posters 1.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jpgsense251
      last edited by

      The suricata log (services / suricata / logs view) shows a warning on all suricata enabled interfaces. This warning appears daily (processing of the updated rules)

      Unfortunately, I cannot find the field I'm suppose to update e.g. not null

      Here is the log:

      23/5/2017 – 05:30:43 - <info>-- 2 rule files processed. 16362 rules successfully loaded, 34 rules failed
      23/5/2017 -- 05:30:44 - <info>-- 16362 signatures processed. 296 are IP-only rules, 5673 are inspecting packet payload, 11726 inspect application layer, 102 are decoder event only
      23/5/2017 -- 05:31:17 - <info>-- Threshold config parsed: 0 rule(s) found
      23/5/2017 -- 05:31:17 - <info>-- fast output device (regular) initialized: alerts.log
      23/5/2017 -- 05:31:17 - <info>-- http-log output device (regular) initialized: http.log
      23/5/2017 -- 05:31:17 - <info>-- Using 1 live device(s).
      23/5/2017 -- 05:31:17 - <warning>– [ERRCODE: SC_ERR_INVALID_VALUE(130)] - Name of device should not be null</warning>
      23/5/2017 – 05:31:17 - <info>-- using interface igb3
      23/5/2017 -- 05:31:17 - <info>-- Running in 'auto' checksum mode. Detection of interface state will require 1000 packets.
      23/5/2017 -- 05:31:17 - <info>-- Found an MTU of 1500 for 'igb3'
      23/5/2017 -- 05:31:17 - <info>-- Set snaplen to 1524 for 'igb3'
      23/5/2017 -- 05:31:17 - <info>-- RunModeIdsPcapAutoFp initialised
      23/5/2017 -- 05:31:17 - <notice>-- all 5 packet processing threads, 2 management threads initialized, engine started.
      23/5/2017 -- 07:55:57 - <info>-- No packets with invalid checksum, assuming checksum offloading is NOT used</info></notice></info></info></info></info></info></info></info></info></info></info></info>

      1 Reply Last reply Reply Quote 0
      • bmeeksB
        bmeeks
        last edited by

        This is a bug within the Suricata binary itself.  It has been reported to Suricata upstream and will be fixed in the next release, I think.  It is only a warning and will not affect operation.

        Some changes were made to a section of code in the 3.2.x series, but one line got missed when those changes were made.  You can find the bug report and details on the Suricata Redmine site.

        Bill

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.