[Discussion] Problem in Suricata 2.0.1rc1 and vlans

• Previous message (by thread): [Discussion] Problem in Suricata 2.0.1rc1 and vlans
• Next message (by thread): [Discussion] Suricata 2.0.1 Available!
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 05/20/2014 09:21 AM, ville at leinonen.org wrote:
> I installed suricata 2.0.1rc1 and put it in listening 802.1x trunk
> port. Now in some reason i got this error message:
> 
> 
> 05/20/2014-10:15:59.719054  [**] [1:2200067:1] SURICATA VLAN unknown
> type [**] [Classification: (null)] [Priority: 3] [**] [Raw pkt: FF FF FF
> FF FF FF 00 25 84 F6 67 E0 81 00 02 9E 08 06 00 01 08 00 06 04 00 01 00
> 25 84 F6 67 E0 ]
> 
> Any suggestion how to correct this?

It's a rule indicating that Suricata doesn't support a certain protocol
inside vlan. I think the best way to investigate would be to record some
of the traffic and inspect it in wireshark. If you're able to share the
traffic, we may be able to add support for it.

-- 
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------

• Previous message (by thread): [Discussion] Problem in Suricata 2.0.1rc1 and vlans
• Next message (by thread): [Discussion] Suricata 2.0.1 Available!
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]