Project

General

Profile

Actions

Bug #13920

closed

23.01RC - Suricata stops working after Wireguard installed

Added by Greger Blennerud about 1 year ago. Updated about 1 year ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
Suricata
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Affected Version:
Affected Plus Version:
Affected Architecture:
amd64

Description

Upgraded to 23.01RC from 22.05 without any packages installed. Current base system shown as 23.01.r.20230202.0019

Installed Suricata (from scratch) and set it up exactly as I have had it before.
When installing Wireguard, Suricata stops working.

The error it show in the suricata.log file is:

<Info> -- alert-pf > Added IPv4 address 1.0.0.3/32 from assigned Pass List.
<Info> -
alert-pf > Added IPv4 address 1.1.1.1/32 from assigned Pass List.
<Error> -
[ERRCODE: SC_ERR_FATAL(171)] - prefix or user NULL

The next IP in the passlist file (/usr/local/etc/suricata/suricata_18023_igb1/passlist) is the Tunnel IP's for the peers in Wireguard.
10.6.210.0/31
10.6.250.0/31

Removing Wireguard package allows Suricata to go through with the passlist and it starts up again...

Actions

Also available in: Atom PDF