[Oisf-users] suri 3.1dev second session / instance crash

Stefan Sabolowitsch Stefan.Sabolowitsch at felten-group.com
Thu Sep 15 05:34:23 UTC 2016 

Hi there,
i upgradet from 2.x to the latest 3.1 dev. with a complete new suricata.yaml file.
After this upgarde, i can only start one suricata instance.

The  error logfile:
xecuting: suricata --user sguil --group sguil -c /etc/nsm/Serrig-DMZ/suricata.yaml -i eth10 -l /nsm/sensor_data/Serrig-DMZ --runmode autofp
21866] 14/9/2016 -- 13:51:49 - (suricata.c:1086) <Notice> (SCPrintVersion) -- This is Suricata version 3.1dev (rev ae11687)
[21866] 14/9/2016 -- 13:51:58 - (util-threshold-config.c:156) <Warning> (SCThresholdConfInitContext) -- [ERRCODE: SC_ERR_FOPEN(44)] - Error opening file: "/usr/local/etc/sur
[21866] 14/9/2016 -- 13:51:58 - (tm-threads.c:2168) <Notice> (TmThreadWaitOnThreadInit) -- all 8 packet processing threads, 4 management threads initialized, engine started.
[21930] 14/9/2016 -- 13:51:58 - (source-af-packet.c:1930) <Error> (AFPCreateSocket) -- [ERRCODE: SC_ERR_AFP_CREATE(190)] - Couldn't set fanout mode, error Invalid argument
[21930] 14/9/2016 -- 13:51:58 - (source-af-packet.c:1337) <Error> (ReceiveAFPLoop) -- [ERRCODE: SC_ERR_AFP_CREATE(190)] - Couldn't init AF_PACKET socket, fatal error
[21866] 14/9/2016 -- 13:51:58 - (suricata.c:2665) <Notice> (main) -- Signal Received.  Stopping engine.
[21932] 14/9/2016 -- 13:51:58 - (source-af-packet.c:1930) <Error> (AFPCreateSocket) -- [ERRCODE: SC_ERR_AFP_CREATE(190)] - Couldn't set fanout mode, error Invalid argument
[21931] 14/9/2016 -- 13:51:58 - (source-af-packet.c:1930) <Error> (AFPCreateSocket) -- [ERRCODE: SC_ERR_AFP_CREATE(190)] - Couldn't set fanout mode, error Invalid argument
[21932] 14/9/2016 -- 13:51:58 - (source-af-packet.c:1337) <Error> (ReceiveAFPLoop) -- [ERRCODE: SC_ERR_AFP_CREATE(190)] - Couldn't init AF_PACKET socket, fatal error
[21933] 14/9/2016 -- 13:51:58 - (source-af-packet.c:1930) <Error> (AFPCreateSocket) -- [ERRCODE: SC_ERR_AFP_CREATE(190)] - Couldn't set fanout mode, error Invalid argument
[21933] 14/9/2016 -- 13:51:58 - (source-af-packet.c:1337) <Error> (ReceiveAFPLoop) -- [ERRCODE: SC_ERR_AFP_CREATE(190)] - Couldn't init AF_PACKET socket, fatal error
[21931] 14/9/2016 -- 13:51:58 - (source-af-packet.c:1337) <Error> (ReceiveAFPLoop) -- [ERRCODE: SC_ERR_AFP_CREATE(190)] - Couldn't init AF_PACKET socket, fatal error
[21866] 14/9/2016 -- 13:51:58 - (util-device.c:265) <Notice> (LiveDeviceListClean) -- Stats for 'eth10':  pkts: 0, drop: 0 (-nan%), invalid chksum: 0

Any help here ?
Thx
Stefan

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20160915/ed96af42/attachment.html>

More information about the Oisf-users mailing list