Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    SURICATA UDPv6 invalid checksum

    Scheduled Pinned Locked Moved IDS/IPS
    2 Posts 2 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      trumee
      last edited by

      I am getting loads of blocks in Suricata,

      06/16/2018-20:24:09.762839  [Block Dst] [**] [1:2200078:2] SURICATA UDPv6 invalid checksum [**] [Classification: Generic Protocol Command Decode] [Priority: 3]
      

      I have enabled "Disable hardware checksum offload" in Advanced>Networking>Hardware Checksum Offloading which seems to have gotten rid of "SURICATA UDPv4 invalid checksum". But this IPV6 checksum still comes up.

      My system is Supermicro A2SDi-4C-HLN4F running Intel X553 nics.

      S 1 Reply Last reply Reply Quote 0
      • S
        SteveITS Galactic Empire @trumee
        last edited by

        @trumee
        I think we ended disabling the entire stream-events.rules ruleset to avoid these errors. IIRC if you are in legacy mode the packets can be scanned out of order and trigger false positives.

        Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
        Upvote 👍 helpful posts!

        1 Reply Last reply Reply Quote 1
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.