[Oisf-users] Crash in 4.0.5 when receiving packets

Victor Julien lists at inliniac.net
Fri Aug 3 06:02:57 UTC 2018 

Ubuntu had released a broken libjansson upgrade yesterday, but it should
be fixed if you upgrade again to 2.5-2ubuntu0.2

# dpkg --list libjansson*
...
ii  libjansson4:i386                               2.5-2ubuntu0.2
       i386                         C library for encoding, decoding and
manipulating JSON data


Simply another apt update && apt upgrade should fix it.

See: https://redmine.openinfosecfoundation.org/issues/2560

On 03-08-18 03:27, Peter Fyon wrote:
> I'm on Ubuntu 14.04 in IPS mode using af_packet. 
> 
> On Thu, Aug 2, 2018, 9:04 PM Peter Manev <petermanev at gmail.com
> <mailto:petermanev at gmail.com>> wrote:
> 
> 
> 
>     On 3 Aug 2018, at 01:26, Serge Malev <smalev at hotmail.com
>     <mailto:smalev at hotmail.com>> wrote:
> 
>>     I am having the same problem. Suricata tries to restart every 5
>>     minutes and crashes with the same error.
>>
>>
> 
>     Hi,
> 
>     Are you using IDS or IPS mode?
> 
>     Thank you
> 
>>
>>
>>
>>     ------------------------------------------------------------------------
>>     *From:* Oisf-users
>>     <oisf-users-bounces at lists.openinfosecfoundation.org
>>     <mailto:oisf-users-bounces at lists.openinfosecfoundation.org>> on
>>     behalf of Peter Fyon <peter.fyon at gmail.com
>>     <mailto:peter.fyon at gmail.com>>
>>     *Sent:* Friday, August 3, 2018 8:56 AM
>>     *To:* oisf-users at lists.openinfosecfoundation.org
>>     <mailto:oisf-users at lists.openinfosecfoundation.org>
>>     *Subject:* [Oisf-users] Crash in 4.0.5 when receiving packets
>>      
>>     Hey suricata users,
>>
>>     I upgraded suricata from 4.0.4 to 4.0.5 using the ppa last night
>>     and now suricata crashes when it (presumably) receives its first
>>     packet. I say presumably because if I physically bypass suricata,
>>     it doesn't crash. When I put it back inline, it crashes.
>>
>>     When I start it with:
>>     /usr/bin/suricata -c /etc/suricata/suricata.yaml --pidfile
>>     /var/run/suricata.pid --af-packet -vvv
>>
>>     It dies and spits the following to stdout:
>>     suricata: dump.c:337: do_dump: Assertion `value' failed.
>>
>>     Nothing has changed in my config between 4.0.4 and 4.0.5.
>>
>>     Peter
>>     _______________________________________________
>>     Suricata IDS Users mailing list:
>>     oisf-users at openinfosecfoundation.org
>>     <mailto:oisf-users at openinfosecfoundation.org>
>>     Site: http://suricata-ids.org | Support:
>>     http://suricata-ids.org/support/
>>     List:
>>     https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>>
>>     Conference: https://suricon.net
>>     Trainings: https://suricata-ids.org/training/
> 
> 
> 
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> 
> Conference: https://suricon.net
> Trainings: https://suricata-ids.org/training/
> 


-- 
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------

More information about the Oisf-users mailing list