OPNsense Forum
Archive => 18.7 Legacy Series => Topic started by: jljb66 on August 30, 2018, 06:29:26 pm
-
trying to block Russia but running into error message using IDS
Aug 30 12:26:13 jsb-fw1 suricata: [100103] <Notice> -- This is Suricata version 4.0.5 RELEASE
Aug 30 12:26:13 jsb-fw1 suricata: [100135] <Error> -- [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "drop ip any any -> any any (msg:"block russia"; geoip:src,RU ; sid:4294967294; rev:1;)" from file /usr/local/etc/suricata/opnsense.rules/OPNsense.rules at line 8
Aug 30 12:26:13 jsb-fw1 suricata: [100135] <Notice> -- all 2 packet processing threads, 4 management threads initialized, engine started.
-
here is line 8 from the rule
# -- User defined rules
drop ip any any -> any any (msg:"block russia"; geoip:src,RU ; sid:4294967294; rev:1;)