[Oisf-users] Crash in 4.0.5 when receiving packets
Peter Fyon
peter.fyon at gmail.com
Fri Aug 3 22:42:39 UTC 2018
Thanks for picking up on that so quickly. Upgrading fixed my crashes too.
Peter
On Fri, Aug 3, 2018, 2:03 AM Victor Julien <lists at inliniac.net> wrote:
> Ubuntu had released a broken libjansson upgrade yesterday, but it should
> be fixed if you upgrade again to 2.5-2ubuntu0.2
>
> # dpkg --list libjansson*
> ...
> ii libjansson4:i386 2.5-2ubuntu0.2
> i386 C library for encoding, decoding and
> manipulating JSON data
>
>
> Simply another apt update && apt upgrade should fix it.
>
> See: https://redmine.openinfosecfoundation.org/issues/2560
>
> On 03-08-18 03:27, Peter Fyon wrote:
> > I'm on Ubuntu 14.04 in IPS mode using af_packet.
> >
> > On Thu, Aug 2, 2018, 9:04 PM Peter Manev <petermanev at gmail.com
> > <mailto:petermanev at gmail.com>> wrote:
> >
> >
> >
> > On 3 Aug 2018, at 01:26, Serge Malev <smalev at hotmail.com
> > <mailto:smalev at hotmail.com>> wrote:
> >
> >> I am having the same problem. Suricata tries to restart every 5
> >> minutes and crashes with the same error.
> >>
> >>
> >
> > Hi,
> >
> > Are you using IDS or IPS mode?
> >
> > Thank you
> >
> >>
> >>
> >>
> >>
> ------------------------------------------------------------------------
> >> *From:* Oisf-users
> >> <oisf-users-bounces at lists.openinfosecfoundation.org
> >> <mailto:oisf-users-bounces at lists.openinfosecfoundation.org>> on
> >> behalf of Peter Fyon <peter.fyon at gmail.com
> >> <mailto:peter.fyon at gmail.com>>
> >> *Sent:* Friday, August 3, 2018 8:56 AM
> >> *To:* oisf-users at lists.openinfosecfoundation.org
> >> <mailto:oisf-users at lists.openinfosecfoundation.org>
> >> *Subject:* [Oisf-users] Crash in 4.0.5 when receiving packets
> >>
> >> Hey suricata users,
> >>
> >> I upgraded suricata from 4.0.4 to 4.0.5 using the ppa last night
> >> and now suricata crashes when it (presumably) receives its first
> >> packet. I say presumably because if I physically bypass suricata,
> >> it doesn't crash. When I put it back inline, it crashes.
> >>
> >> When I start it with:
> >> /usr/bin/suricata -c /etc/suricata/suricata.yaml --pidfile
> >> /var/run/suricata.pid --af-packet -vvv
> >>
> >> It dies and spits the following to stdout:
> >> suricata: dump.c:337: do_dump: Assertion `value' failed.
> >>
> >> Nothing has changed in my config between 4.0.4 and 4.0.5.
> >>
> >> Peter
> >> _______________________________________________
> >> Suricata IDS Users mailing list:
> >> oisf-users at openinfosecfoundation.org
> >> <mailto:oisf-users at openinfosecfoundation.org>
> >> Site: http://suricata-ids.org | Support:
> >> http://suricata-ids.org/support/
> >> List:
> >> https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> >>
> >> Conference: https://suricon.net
> >> Trainings: https://suricata-ids.org/training/
> >
> >
> >
> > _______________________________________________
> > Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> > Site: http://suricata-ids.org | Support:
> http://suricata-ids.org/support/
> > List:
> https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> >
> > Conference: https://suricon.net
> > Trainings: https://suricata-ids.org/training/
> >
>
>
> --
> ---------------------------------------------
> Victor Julien
> http://www.inliniac.net/
> PGP: http://www.inliniac.net/victorjulien.asc
> ---------------------------------------------
>
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>
> Conference: https://suricon.net
> Trainings: https://suricata-ids.org/training/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20180803/b18e5238/attachment.html>
More information about the Oisf-users
mailing list