[Oisf-users] Error: Decode1[31747]: segfault at 7fc3fe85cc6f ip 00000000004f0de9 sp 00007fc2fe85c230 error 4 in suricata[400000+12f000]
Victor Julien
victor at inliniac.net
Mon Aug 22 11:19:57 UTC 2011
On 08/01/2011 07:43 PM, Fernando Ortiz wrote:
> Jul 29 04:49:05 ips1 kernel: Decode1[31747]: segfault at 7fc3fe85cc6f ip
> 00000000004f0de9 sp 00007fc2fe85c230 error 4 in suricata[400000+12f000]
>
> I don't know what this error means, but it happens when I change the
> midstream option in suricata.yaml
>
> // /etc/suricata/suricata.yaml
>
> memcap: 567554432
> max_sessions: 550000
> checksum_validation: no # reject wrong csums
> # midstream : false
> midstream : true
> async_oneside: true
> inline: yes # no inline mode
>
> Not sure if it is a bug or something misconfigured at my side.
My first thought is a bug in the midstream TCP handling. Are you able to
record the traffic when it happens and see if you can reproduce it from
a pcap?
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-users
mailing list