[Oisf-users] "suricata: double free or corruption" when I use bpf filter
Peter Manev
petermanev at gmail.com
Wed Nov 9 20:29:31 UTC 2011
On Wed, Nov 9, 2011 at 8:09 PM, Victor Julien <victor at inliniac.net> wrote:
> On 11/09/2011 06:58 PM, carlopmart wrote:
> > On 11/09/2011 06:44 PM, Peter Manev wrote:
> >> Do you mind sharing the pcap?
> >
> > No, here it is:
> >
>
> It works for me both with the pcap file and by going to that site. Are
> you sure the rule is properly loaded?
>
> --
> ---------------------------------------------
> Victor Julien
> http://www.inliniac.net/
> PGP: http://www.inliniac.net/victorjulien.asc
> ---------------------------------------------
>
> _______________________________________________
> Oisf-users mailing list
> Oisf-users at openinfosecfoundation.org
> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>
I just tested it -
it does work while reading a pcap and while replaying it (tcpreplay) on
suricata's listening interface.
As Victor pointed out:
Does the rule load?
HOME_NET and EXTERNAL_NET set up correctly?
Thanks
--
Peter Manev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20111109/e171b145/attachment-0002.html>
More information about the Oisf-users
mailing list