Project

General

Profile

Actions

Bug #1152

open

Write to ipfw divert socket failed: Message too long

Added by Evgeny Kovalchuk almost 10 years ago. Updated over 4 years ago.

Status:
Feedback
Priority:
Normal
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

8.4-RELEASE + Suricata 2.0dev (rev 9e03550) + IPFW divert

After some hours of work in log write
[100152] 23/3/2014 -- 18:42:32 <Warning> [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: Message too long

And suricata exit.

How fix it?
What additional info needed?

Actions #1

Updated by Victor Julien almost 10 years ago

  • Target version deleted (2.0)
Actions #2

Updated by Evgeny Kovalchuk almost 10 years ago

bce0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=80038<VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,LINKSTATE>
ether 00:1e:0b:1c:a1:ba
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active

On 2.0 Release - problem remained

Actions #3

Updated by Andreas Herz about 8 years ago

  • Assignee set to Anonymous
  • Target version set to TBD

Can you test it with 3.0 again?

Actions #4

Updated by Mohammad S. Babaei over 7 years ago

The same issue on FreeBSD 10.3-Release and Suricata 3.1.1_1 exists and it blocks all in/out traffic:

27/8/2016 -- 19:37:52 - <Info> - Threshold config parsed: 0 rule(s) found
27/8/2016 -- 19:37:52 - <Info> - fast output device (regular) initialized: fast.log
27/8/2016 -- 19:37:52 - <Info> - eve-log output device (regular) initialized: eve.json
27/8/2016 -- 19:37:52 - <Info> - Unified2-alert initialized: filename unified2.alert, limit 32 MB
27/8/2016 -- 19:37:52 - <Info> - stats output device (regular) initialized: stats.log
27/8/2016 -- 19:37:52 - <Notice> - all 6 packet processing threads, 4 management threads initialized, engine started.
27/8/2016 -- 19:37:52 - <Info> - Thread 'RX-Q8000' will run on port 8000 (item 1)
27/8/2016 -- 19:37:52 - <Info> - Thread 'RX-Q55055' will run on port 55055 (item 0)
27/8/2016 -- 19:38:30 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: Operation not supported
27/8/2016 -- 19:38:30 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 331, dropped 2
27/8/2016 -- 19:38:30 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:38:41 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:38:41 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 59, dropped 0
27/8/2016 -- 19:38:41 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:38:42 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:38:42 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 46, dropped 0
27/8/2016 -- 19:38:42 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:38:43 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:39:00 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:39:00 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 161, dropped 0
27/8/2016 -- 19:39:00 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:39:01 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:39:01 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 22, dropped 0
27/8/2016 -- 19:39:01 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:39:02 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: Message too long
27/8/2016 -- 19:39:02 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 127, dropped 0
27/8/2016 -- 19:39:02 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:39:02 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:39:02 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 29, dropped 0
27/8/2016 -- 19:39:02 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:39:02 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: Message too long
27/8/2016 -- 19:39:02 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 24, dropped 0
27/8/2016 -- 19:39:02 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:39:03 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:39:03 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 42, dropped 0
27/8/2016 -- 19:39:03 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:39:04 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:39:04 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 30, dropped 0
27/8/2016 -- 19:39:04 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:39:05 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:39:05 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 17, dropped 0
27/8/2016 -- 19:39:05 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:39:06 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:39:06 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 18, dropped 0
27/8/2016 -- 19:39:06 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:39:07 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:39:07 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 11, dropped 0
27/8/2016 -- 19:39:07 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:39:08 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:39:08 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 7, dropped 0
27/8/2016 -- 19:39:08 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:39:10 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:39:10 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 20, dropped 0
27/8/2016 -- 19:39:10 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:39:11 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:39:11 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 93, dropped 0
27/8/2016 -- 19:39:11 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:39:12 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:39:12 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 88, dropped 3
27/8/2016 -- 19:39:12 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:39:13 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:39:13 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 74, dropped 0
27/8/2016 -- 19:39:13 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:39:14 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:39:14 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 60, dropped 0
27/8/2016 -- 19:39:14 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:39:15 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:39:15 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 24, dropped 0
27/8/2016 -- 19:39:15 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:39:16 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:39:16 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 27, dropped 0
27/8/2016 -- 19:39:16 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:39:17 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:39:17 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 55, dropped 0
27/8/2016 -- 19:39:17 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:39:18 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:39:18 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 102, dropped 0
27/8/2016 -- 19:39:18 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:39:19 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:39:19 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 73, dropped 0
27/8/2016 -- 19:39:19 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:39:20 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:39:20 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 40, dropped 0
27/8/2016 -- 19:39:20 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:39:21 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:39:21 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 17, dropped 0
27/8/2016 -- 19:39:21 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:39:27 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:39:27 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 61, dropped 0
27/8/2016 -- 19:39:27 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:39:28 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:39:28 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 8, dropped 0
27/8/2016 -- 19:39:28 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:39:29 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:39:29 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 17, dropped 0
27/8/2016 -- 19:39:29 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:39:46 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:39:46 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 709, dropped 0
27/8/2016 -- 19:39:46 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:39:47 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: Message too long
27/8/2016 -- 19:39:47 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 4, dropped 0
27/8/2016 -- 19:39:47 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:39:47 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:39:47 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 13, dropped 0
27/8/2016 -- 19:39:47 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:39:48 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:39:48 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 9, dropped 0
27/8/2016 -- 19:39:48 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:39:49 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:39:49 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 37, dropped 0
27/8/2016 -- 19:39:49 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:39:50 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:39:50 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 14, dropped 0
27/8/2016 -- 19:39:50 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:39:51 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:39:51 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 27, dropped 0
27/8/2016 -- 19:39:51 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:39:54 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:39:54 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 220, dropped 0
27/8/2016 -- 19:39:54 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:39:55 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:39:55 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 63, dropped 1
27/8/2016 -- 19:39:55 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:39:56 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: Message too long
27/8/2016 -- 19:39:56 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 24, dropped 4
27/8/2016 -- 19:39:56 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:39:56 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:39:56 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 4, dropped 0
27/8/2016 -- 19:39:56 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:40:12 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: Message too long
27/8/2016 -- 19:40:12 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 289, dropped 2
27/8/2016 -- 19:40:12 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:40:16 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: Message too long
27/8/2016 -- 19:40:16 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 46, dropped 0
27/8/2016 -- 19:40:16 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:40:23 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:40:23 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 124, dropped 0
27/8/2016 -- 19:40:23 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:40:25 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:40:25 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 34, dropped 0
27/8/2016 -- 19:40:25 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:40:45 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: Message too long
27/8/2016 -- 19:40:45 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 376, dropped 0
27/8/2016 -- 19:40:45 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:40:46 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: Message too long
27/8/2016 -- 19:40:46 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 30, dropped 0
27/8/2016 -- 19:40:46 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:40:50 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: Message too long
27/8/2016 -- 19:40:50 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 97, dropped 0
27/8/2016 -- 19:40:50 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:40:50 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:40:50 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 6, dropped 0
27/8/2016 -- 19:40:50 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:40:51 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: Message too long
27/8/2016 -- 19:40:51 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 2, dropped 0
27/8/2016 -- 19:40:51 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:40:51 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: No route to host
27/8/2016 -- 19:40:51 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 18, dropped 0
27/8/2016 -- 19:40:51 - <Info> - thread "TX#00" restarted
27/8/2016 -- 19:40:52 - <Warning> - [ERRCODE: SC_WARN_IPFW_XMIT(84)] - Write to ipfw divert socket failed: Message too long
27/8/2016 -- 19:40:52 - <Info> - IPFW Processing: - (TX#00) Pkts accepted 6, dropped 0
27/8/2016 -- 19:40:52 - <Error> - [ERRCODE: SC_ERR_TM_THREADS_ERROR(136)] - thread restarts exceeded threshold limit for thread "TX#00"

Actions #5

Updated by Mohammad S. Babaei over 7 years ago

For me thing work for like a minute and then I have to reboot the server.

Actions #6

Updated by Andreas Herz about 5 years ago

  • Assignee set to Community Ticket
Actions #7

Updated by Andreas Herz over 4 years ago

  • Status changed from New to Feedback

Is this still an issue?

Actions

Also available in: Atom PDF