Home > other >  SURICATA - <Error> - [ERRCODE: SC_ERR_DUPLICATE_SIG(176)]
SURICATA - <Error> - [ERRCODE: SC_ERR_DUPLICATE_SIG(176)]

Time:03-28

When i execute

sudo suricata -i enp0s8 -c suricata.yaml -s rules/misreglas.rules

Get the output:

<Error> - [ERRCODE: SC_ERR_DUPLICATE_SIG(176)] - Duplicate signature "drop http $HOME_NET any -> any any (msg: "HTTP DROP";)"

<Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "drop http $HOME_NET any -> any any (msg: "HTTP DROP";)" from file rules/misreglas.rules at line 1

misreglas.rules content

drop http $HOME_NET any -> any any (msg: "HTTP DROP";)

CodePudding user response:

Okay, I solved myself,

you have to put the rules like that:

drop ICMP any any -> 169.69.1.11 any (msg: "test";sid:10001;)
drop HTTP $HOME_NET any -> any any (msg: "HTTP DROP";sid:10002;)

where I put sid you have to put and sid that is not already in use

Page link:https//www.codepudding.com/other/350737.html

Prev:How to replace a range of numbers from a range of strings with sed
Next:Writing random numbers in file
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding