Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    SURICATA UDPv6 invalid checksum

    Scheduled Pinned Locked Moved IDS/IPS
    2 Posts 2 Posters 1.1k Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T Offline
      trumee
      last edited by

      I am getting loads of blocks in Suricata,

      06/16/2018-20:24:09.762839  [Block Dst] [**] [1:2200078:2] SURICATA UDPv6 invalid checksum [**] [Classification: Generic Protocol Command Decode] [Priority: 3]

      I have enabled "Disable hardware checksum offload" in Advanced>Networking>Hardware Checksum Offloading which seems to have gotten rid of "SURICATA UDPv4 invalid checksum". But this IPV6 checksum still comes up.

      My system is Supermicro A2SDi-4C-HLN4F running Intel X553 nics.

      S 1 Reply Last reply Reply Quote 0
      • S Offline
        SteveITS Rebel Alliance @trumee
        last edited by

        @trumee
        I think we ended disabling the entire stream-events.rules ruleset to avoid these errors. IIRC if you are in legacy mode the packets can be scanned out of order and trigger false positives.

        Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to reboot, or more depending on packages, and device or disk speed.
        Upvote 👍 helpful posts!

        1 Reply Last reply Reply Quote 1
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.