OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 18.7 Legacy Series »
  • Error message in Suricata
« previous next »
  • Print
Pages: [1]

Author Topic: Error message in Suricata  (Read 810 times)

jljb66

  • Newbie
  • *
  • Posts: 22
  • Karma: 2
    • View Profile
Error message in Suricata
« on: August 30, 2018, 06:29:26 pm »
trying to block Russia but running into error message using IDS

Aug 30 12:26:13 jsb-fw1 suricata: [100103] <Notice> -- This is Suricata version 4.0.5 RELEASE
Aug 30 12:26:13 jsb-fw1 suricata: [100135] <Error> -- [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "drop ip  any any -> any any (msg:"block russia";  geoip:src,RU ; sid:4294967294; rev:1;)" from file /usr/local/etc/suricata/opnsense.rules/OPNsense.rules at line 8
Aug 30 12:26:13 jsb-fw1 suricata: [100135] <Notice> -- all 2 packet processing threads, 4 management threads initialized, engine started.

Logged

jljb66

  • Newbie
  • *
  • Posts: 22
  • Karma: 2
    • View Profile
Re: Error message in Suricata
« Reply #1 on: August 31, 2018, 03:12:06 pm »
here is line 8 from the rule

# -- User defined rules
drop ip  any any -> any any (msg:"block russia";  geoip:src,RU ; sid:4294967294; rev:1;)
Logged
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 18.7 Legacy Series »
  • Error message in Suricata
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2021 All rights reserved
  • SMF 2.0.17 | SMF © 2019, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2