Suricata: There were error(s) loading the rules
-
I've updated suricata to version 4.0.4_1.
Since this update, I'm getting this error:There were error(s) loading the rules: /tmp/rules.debug:21: cannot define table bogonsv6: Cannot allocate memory - The line in question reads [21]: table <bogonsv6> persist file "/etc/bogonsv6"
@ 2018-04-02 09:22:23I've never encountered any rule loading problems with previous versions
any suggestions?
thanks
-
This is not a Suricata error. This is a pfSense error. You have other problems not related to Suricata.
Bill
-
Thank you for this.
In this article (https://forum.pfsense.org/index.php?topic=50141.0), the problem is explained. I increased the value of System/Advanced/Firewall & NAT/Firewall Maximum Table Entries to 400000.The default value was 200000.
The description for this field is: Maximum number of table entries for systems such as aliases, sshlockout, snort, etc, combined.
Since it mentions snort, I assume using suricata also impacts the number of table entries. It is however a system setting, so Bill's remark is correct.The error didn't appear anymore after the value was increased.
