Text only | Text with Images

OPNsense Forum

Archive => 18.7 Legacy Series => Topic started by: jljb66 on August 30, 2018, 06:29:26 PM

Title: Error message in Suricata
Post by: jljb66 on August 30, 2018, 06:29:26 PM
trying to block Russia but running into error message using IDS

Aug 30 12:26:13 jsb-fw1 suricata: [100103] <Notice> -- This is Suricata version 4.0.5 RELEASE
Aug 30 12:26:13 jsb-fw1 suricata: [100135] <Error> -- [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "drop ip  any any -> any any (msg:"block russia";  geoip:src,RU ; sid:4294967294; rev:1;)" from file /usr/local/etc/suricata/opnsense.rules/OPNsense.rules at line 8
Aug 30 12:26:13 jsb-fw1 suricata: [100135] <Notice> -- all 2 packet processing threads, 4 management threads initialized, engine started.

Title: Re: Error message in Suricata
Post by: jljb66 on August 31, 2018, 03:12:06 PM
here is line 8 from the rule

# -- User defined rules
drop ip  any any -> any any (msg:"block russia";  geoip:src,RU ; sid:4294967294; rev:1;)
Text only | Text with Images