Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    <warning>– [ERRCODE: SC_ERR_INVALID_VALUE(130)] - Name of device should not be</warning>

    IDS/IPS
    2
    2
    868
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jpgsense251 last edited by

      The suricata log (services / suricata / logs view) shows a warning on all suricata enabled interfaces. This warning appears daily (processing of the updated rules)

      Unfortunately, I cannot find the field I'm suppose to update e.g. not null

      Here is the log:

      23/5/2017 – 05:30:43 - <info>-- 2 rule files processed. 16362 rules successfully loaded, 34 rules failed
      23/5/2017 -- 05:30:44 - <info>-- 16362 signatures processed. 296 are IP-only rules, 5673 are inspecting packet payload, 11726 inspect application layer, 102 are decoder event only
      23/5/2017 -- 05:31:17 - <info>-- Threshold config parsed: 0 rule(s) found
      23/5/2017 -- 05:31:17 - <info>-- fast output device (regular) initialized: alerts.log
      23/5/2017 -- 05:31:17 - <info>-- http-log output device (regular) initialized: http.log
      23/5/2017 -- 05:31:17 - <info>-- Using 1 live device(s).
      23/5/2017 -- 05:31:17 - <warning>– [ERRCODE: SC_ERR_INVALID_VALUE(130)] - Name of device should not be null</warning>
      23/5/2017 – 05:31:17 - <info>-- using interface igb3
      23/5/2017 -- 05:31:17 - <info>-- Running in 'auto' checksum mode. Detection of interface state will require 1000 packets.
      23/5/2017 -- 05:31:17 - <info>-- Found an MTU of 1500 for 'igb3'
      23/5/2017 -- 05:31:17 - <info>-- Set snaplen to 1524 for 'igb3'
      23/5/2017 -- 05:31:17 - <info>-- RunModeIdsPcapAutoFp initialised
      23/5/2017 -- 05:31:17 - <notice>-- all 5 packet processing threads, 2 management threads initialized, engine started.
      23/5/2017 -- 07:55:57 - <info>-- No packets with invalid checksum, assuming checksum offloading is NOT used</info></notice></info></info></info></info></info></info></info></info></info></info></info>

      1 Reply Last reply Reply Quote 0
      • bmeeks
        bmeeks last edited by

        This is a bug within the Suricata binary itself.  It has been reported to Suricata upstream and will be fixed in the next release, I think.  It is only a warning and will not affect operation.

        Some changes were made to a section of code in the 3.2.x series, but one line got missed when those changes were made.  You can find the bug report and details on the Suricata Redmine site.

        Bill

        1 Reply Last reply Reply Quote 0
        • First post
          Last post

        Products

        • Platform Overview
        • TNSR
        • pfSense
        • Appliances

        Services

        • Training
        • Professional Services

        Support

        • Subscription Plans
        • Contact Support
        • Product Lifecycle
        • Documentation

        News

        • Media Coverage
        • Press
        • Events

        Resources

        • Blog
        • FAQ
        • Find a Partner
        • Resource Library
        • Security Information

        Company

        • About Us
        • Careers
        • Partners
        • Contact Us
        • Legal
        Our Mission

        We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

        Subscribe to our Newsletter

        Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

        © 2021 Rubicon Communications, LLC | Privacy Policy