Project

General

Profile

Actions

Bug #12322

open

Suricata creates invalid HOME_NET entries

Added by Viktor Gurov about 2 months ago. Updated about 1 month ago.

Status:
Feedback
Priority:
Normal
Assignee:
Category:
Suricata
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Affected Version:
Affected Plus Version:
Affected Architecture:

Description

In some cases Suricata creates invalid ("Array()") entries in the HOME_NET variable on boot:

28/8/2021 -- 16:16:13 - <Notice> -- This is Suricata version 6.0.3 RELEASE running in SYSTEM mode
28/8/2021 -- 16:16:13 - <Info> -- CPUs/cores online: 4
28/8/2021 -- 16:16:13 - <Info> -- HTTP memcap: 67108864
28/8/2021 -- 16:16:13 - <Error> -- [ERRCODE: SC_ERR_ADDRESS_ENGINE_GENERIC(89)] - failed to parse address "Array" 
28/8/2021 -- 16:16:13 - <Error> -- [ERRCODE: SC_ERR_INVALID_YAML_CONF_ENTRY(139)] - failed to parse address var "HOME_NET" with
value "[10.10.0.0/24, 10.10.10.1/32, 10.10.20.0/24, 10.10.30.0/24, 127.0.0.1/32, 192.168.1.14/32, 192.168.1.254/32,
193.19.108.2/32, 194.242.2.2/32, ::1/128, Array, fe80::a236:9fff:fe18:6f7c/128, fe80::a236:9fff:fe18:6f7d/128,
fe80::a236:9fff:fe18:6f7e/128, fe80::a236:9fff:fe18:6f7f/128]". Please check its syntax
28/8/2021 -- 16:16:13 - <Error> -- [ERRCODE: SC_ERR_INVALID_YAML_CONF_ENTRY(139)] - basic address vars test failed. Please check
/usr/local/etc/suricata/suricata_10842_igb0/suricata.yaml for errors

more details: https://forum.netgate.com/topic/166106/suricata-doesn-t-start-automatically-at-boot/


Related issues

Related to Regression #12476: Suricata 6.0.3_3 Pass List ignores all single IPsNew

Actions
Actions #2

Updated by Renato Botelho about 1 month ago

  • Status changed from New to Feedback
  • Assignee set to Viktor Gurov

PR has been merged. Thanks!

Actions #3

Updated by Viktor Gurov 2 days ago

  • Related to Regression #12476: Suricata 6.0.3_3 Pass List ignores all single IPs added
Actions

Also available in: Atom PDF