OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 17.7 Legacy Series »
  • Suricata Rule Parsing Errors
« previous next »
  • Print
Pages: [1]

Author Topic: Suricata Rule Parsing Errors  (Read 3732 times)

mw01

  • Newbie
  • *
  • Posts: 31
  • Karma: 4
    • View Profile
Suricata Rule Parsing Errors
« on: August 27, 2017, 04:09:38 pm »
We have been "testing" Suricata 4.0 and it works well.  Today, I was checking into TLS wrong version errors (daughter on facebook, andriod cell) and checked the logs.  There are parsing errors from abuse.ch.  For example, IDS Rules Apply, clog suricata.log | less first error:

27/8/2017 -- 09:32:29 - <Notice> - rule reload starting
27/8/2017 -- 09:32:35 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "^_<8B>^H" from file /usr/local/etc/suricata/opnsense.rules/abuse.ch.sslblacklist.rules at line 1

I recall, not all that long ago the ET ruleset parsing changed.
Logged

  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 17.7 Legacy Series »
  • Suricata Rule Parsing Errors
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2