Actions
Bug #2953
closedbypass keyword: Suricata 4.1.x Segmentation Faults
Affected Versions:
Effort:
Difficulty:
Label:
Needs backport
Description
Been seeing this consistently on some of our higher traffic sensors since our major upgrade from Suricata 3.0.2 to 4.1.2 release and I also confirmed the issue persists on today's 4.1.4 release. Output below is from our compiled debug version. Happy to provide the crash file / core dump to a developer if needed.
Platform: Ubuntu 16.04 LTS
Uname: Linux sensor 4.4.0-142-generic #168-Ubuntu SMP Wed Jan 16 21:00:45 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
Configure:
./configure --prefix=/usr/ --sysconfdir=/etc/ --localstatedir=/var/ --enable-geoip --enable-luajit --enable-pie --enable-hiredis --enable-gccprotect --disable-gccmarch-native --enable-debug CFLAGS="-ggdb -O0" && make && make install
Build Info and Crash Logs
user@sensor:~$ suricata --build-info
This is Suricata version 4.1.4 RELEASE
Features: DEBUG PCAP_SET_BUFF AF_PACKET HAVE_PACKET_FANOUT LIBCAP_NG LIBNET1.1 HAVE_HTP_URI_NORMALIZE_HOOK PCRE_JIT HAVE_NSS HAVE_LUA HAVE_LUAJIT HAVE_LIBJANSSON TLS MAGIC RUST
SIMD support: none
Atomic intrisics: 1 2 4 8 byte(s)
64-bits, Little-endian architecture
GCC version 5.4.0 20160609, C version 199901
compiled with -fstack-protector
compiled with _FORTIFY_SOURCE=2
L1 cache line size (CLS)=64
thread local storage method: __thread
compiled with LibHTP v0.5.30, linked against LibHTP v0.5.30
Suricata Configuration:
AF_PACKET support: yes
eBPF support: no
XDP support: no
PF_RING support: no
NFQueue support: no
NFLOG support: no
IPFW support: no
Netmap support: no
DAG enabled: no
Napatech enabled: no
WinDivert enabled: no
Unix socket enabled: yes
Detection enabled: yes
Libmagic support: yes
libnss support: yes
libnspr support: yes
libjansson support: yes
liblzma support: yes
hiredis support: yes
hiredis async with libevent: yes
Prelude support: no
PCRE jit: yes
LUA support: yes, through luajit
libluajit: yes
libgeoip: yes
Non-bundled htp: no
Old barnyard2 support: no
Hyperscan support: yes
Libnet support: yes
liblz4 support: yes
Rust support: yes (default)
Rust strict mode: no
Rust debug mode: no
Rust compiler: rustc 1.31.0
Rust cargo: cargo 1.31.0
Install suricatasc: yes
Install suricata-update: yes
Profiling enabled: no
Profiling locks enabled: no
Development settings:
Coccinelle / spatch: no
Unit tests enabled: no
Debug output enabled: yes
Debug validation enabled: no
Generic build parameters:
Installation prefix: /usr
Configuration directory: /etc/suricata/
Log directory: /var/log/suricata/
--prefix /usr
--sysconfdir /etc
--localstatedir /var
--datarootdir /usr/share
Host: x86_64-pc-linux-gnu
Compiler: gcc (exec name) / gcc (real)
GCC Protect enabled: yes
GCC march native enabled: no
GCC Profile enabled: no
Position Independent Executable enabled: yes
CFLAGS -ggdb -O0 -I${srcdir}/../rust/gen/c-headers
PCAP_CFLAGS -I/usr/include
SECCFLAGS -fstack-protector -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security
user@sensor:~$ sudo journalctl -u suricata -ef | grep -A20 -B20 -i segv
Apr 30 19:01:37 sensor suricata[27656]: 30/4/2019 -- 19:01:37 - <Debug> - Entering ... >>
Apr 30 19:01:37 sensor suricata[27656]: 30/4/2019 -- 19:01:37 - <Debug> - Returning ... <<
Apr 30 19:01:37 sensor suricata[27656]: 30/4/2019 -- 19:01:37 - <Debug> - Returning ... <<
Apr 30 19:01:37 sensor suricata[27656]: 30/4/2019 -- 19:01:37 - <Debug> - Entering ... >>
Apr 30 19:01:37 sensor suricata[27656]: 30/4/2019 -- 19:01:37 - <Debug> - Returning ... <<
Apr 30 19:01:37 sensor suricata[27656]: 30/4/2019 -- 19:01:37 - <Debug> - Entering ... >>
Apr 30 19:01:37 sensor suricata[27656]: 30/4/2019 -- 19:01:37 - <Debug> - Returning ... <<
Apr 30 19:01:37 sensor suricata[27656]: 30/4/2019 -- 19:01:37 - <Debug> - Returning ... <<
Apr 30 19:01:37 sensor suricata[27656]: 30/4/2019 -- 19:01:37 - <Debug> - type "host" name "tag" size "8"
Apr 30 19:01:37 sensor suricata[27656]: 30/4/2019 -- 19:01:37 - <Debug> - type "host" name "threshold" size "8"
Apr 30 19:01:37 sensor suricata[27656]: 30/4/2019 -- 19:01:37 - <Debug> - type "host" name "bit" size "8"
Apr 30 19:01:37 sensor suricata[27656]: 30/4/2019 -- 19:01:37 - <Debug> - type "flow" name "expectation" size "8"
Apr 30 19:01:37 sensor suricata[27656]: 30/4/2019 -- 19:01:37 - <Debug> - type "flow" name "tag" size "8"
Apr 30 19:01:37 sensor suricata[27656]: 30/4/2019 -- 19:01:37 - <Debug> - type "ippair" name "expectation" size "8"
Apr 30 19:01:37 sensor suricata[27656]: 30/4/2019 -- 19:01:37 - <Debug> - type "ippair" name "threshold" size "8"
Apr 30 19:01:37 sensor suricata[27656]: 30/4/2019 -- 19:01:37 - <Debug> - type "ippair" name "bit" size "8"
Apr 30 19:01:37 sensor suricata[27656]: 30/4/2019 -- 19:01:37 - <Debug> - Parent is waiting for child to be ready
Apr 30 19:01:37 sensor suricata[27656]: 30/4/2019 -- 19:01:37 - <Debug> - Daemon: Parent waiting for child to be ready...
Apr 30 19:01:37 sensor suricata[27656]: 30/4/2019 -- 19:01:37 - <Debug> - failed to lookup configuration parameter 'daemon-directory'
Apr 30 19:01:37 sensor suricata[27656]: 30/4/2019 -- 19:01:37 - <Debug> - Child is ready, parent exiting
Apr 30 19:02:53 sensor systemd[1]: suricata.service: Main process exited, code=killed, status=11/SEGV
Apr 30 19:02:53 sensor systemd[1]: suricata.service: Control process exited, code=exited status=1
Apr 30 19:02:53 sensor kill[27690]: Usage:
Apr 30 19:02:53 sensor kill[27690]: kill [options] <pid> [...]
Apr 30 19:02:53 sensor kill[27690]: Options:
Apr 30 19:02:53 sensor kill[27690]: <pid> [...] send signal to every <pid> listed
Apr 30 19:02:53 sensor kill[27690]: -<signal>, -s, --signal <signal>
Apr 30 19:02:53 sensor kill[27690]: specify the <signal> to be sent
Apr 30 19:02:53 sensor kill[27690]: -l, --list=[<signal>] list all signal names, or convert one to a name
Apr 30 19:02:53 sensor kill[27690]: -L, --table list all signal names in a nice table
Apr 30 19:02:53 sensor kill[27690]: -h, --help display this help and exit
Apr 30 19:02:53 sensor kill[27690]: -V, --version output version information and exit
Apr 30 19:02:53 sensor kill[27690]: For more details see kill(1).
Apr 30 19:02:53 sensor systemd[1]: suricata.service: Unit entered failed state.
Apr 30 19:02:53 sensor systemd[1]: suricata.service: Triggering OnFailure= dependencies.
Apr 30 19:02:53 sensor systemd[1]: suricata.service: Failed with result 'exit-code'.
Apr 30 19:02:53 sensor systemd[1]: suricata.service: Service hold-off time over, scheduling restart.
Apr 30 19:02:53 sensor systemd[1]: Stopped Suricata Daemon.
Apr 30 19:02:53 sensor systemd[1]: Starting Suricata Daemon...
Apr 30 19:02:53 sensor genconf_suricata[27699]: Generating Variable File
Apr 30 19:02:53 sensor genconf_suricata[27699]: Writing to /etc/suricata/suricata_vars.yaml
user@sensor:~$ dmesg | grep seg
[70850.864982] W#01-br0[27147]: segfault at 40 ip 000055a99aa623f7 sp 00007fd16e63d5d8 error 4 in suricata-4.1.4-prod[55a99a9c6000+4b7000]
[70989.001085] W#02-br0[27582]: segfault at 40 ip 000055d9aca963f7 sp 00007f71e67545d8 error 4 in suricata-4.1.4-prod[55d9ac9fa000+4b7000]
[71083.258640] W#02-br0[27672]: segfault at 40 ip 000055ce734ba68c sp 00007f3d26afe560 error 4 in suricata-4.1.4-dbg[55ce73368000+bae000]
[71178.483007] W#01-br0[27715]: segfault at 40 ip 000056092ef8168c sp 00007fb9e4ee4560 error 4 in suricata-4.1.4-dbg[56092ee2f000+bae000]
[71224.431899] W#01-br0[27997]: segfault at 40 ip 000055ab74e8968c sp 00007f3b3854d560 error 4 in suricata-4.1.4-dbg[55ab74d37000+bae000]
[71427.648879] W#01-br0[28119]: segfault at 40 ip 000055c70935c68c sp 00007fea065ee560 error 4 in suricata-4.1.4-dbg[55c70920a000+bae000]
user@sensor:~$ tail /var/log/apport.log -n1
ERROR: apport (pid 28453) Tue Apr 30 19:09:42 2019: apport: report /var/crash/_usr_bin_suricata-4.1.4-dbg.0.crash already exists and unseen, doing nothing to avoid disk usage DoS
Updated by K Dev almost 5 years ago
GDB Output
Thread 7 (Thread 0x7fea045ef700 (LWP 28123)):
#0 pthread_cond_timedwait@@GLIBC_2.3.2 () at ../sysdeps/unix/sysv/linux/x86_64/pthread_cond_timedwait.S:225
#1 0x000055c709355f91 in ?? ()
#2 0x00007fea0a8b56ba in start_thread (arg=0x7fea045ef700) at pthread_create.c:333
#3 0x00007fea08c5f41d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109
Thread 6 (Thread 0x7fea05df2700 (LWP 28120)):
#0 strchrnul () at ../sysdeps/x86_64/strchr.S:38
#1 0x00007fea08ba58eb in __find_specmb (format=0x55c709cb906b "%s%s") at printf-parse.h:108
#2 _IO_vfprintf_internal (s=s@entry=0x7fea05dedb10, format=<optimized out>, format@entry=0x55c709cb9069 "%s%s%s", ap=ap@entry=0x7fea05dedc78) at vfprintf.c:1659
#3 0x00007fea08bcea49 in _IO_vsnprintf (string=0x7fea05dedf92 "", maxlen=<optimized out>, format=0x55c709cb9069 "%s%s%s", args=args@entry=0x7fea05dedc78)
at vsnprintf.c:114
#4 0x00007fea08bad932 in __snprintf (s=<optimized out>, maxlen=<optimized out>, format=<optimized out>) at snprintf.c:33
#5 0x000055c709667287 in ?? ()
#6 0x000055c709667584 in ?? ()
#7 0x000055c7094dc655 in ?? ()
#8 0x000055c7094ea684 in ?? ()
#9 0x000055c7094eae85 in ?? ()
#10 0x000055c70964655e in ?? ()
#11 0x000055c70959b231 in ?? ()
#12 0x000055c70959f2e2 in ?? ()
#13 0x000055c7095a296e in ?? ()
#14 0x000055c70964768f in ?? ()
#15 0x00007fea0a8b56ba in start_thread (arg=0x7fea05df2700) at pthread_create.c:333
#16 0x00007fea08c5f41d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109
Thread 5 (Thread 0x7fea03dee700 (LWP 28124)):
#0 pthread_cond_timedwait@@GLIBC_2.3.2 () at ../sysdeps/unix/sysv/linux/x86_64/pthread_cond_timedwait.S:225
#1 0x000055c709355709 in ?? ()
#2 0x00007fea0a8b56ba in start_thread (arg=0x7fea03dee700) at pthread_create.c:333
#3 0x00007fea08c5f41d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109
Thread 4 (Thread 0x7fea04df0700 (LWP 28122)):
#0 pthread_cond_timedwait@@GLIBC_2.3.2 () at ../sysdeps/unix/sysv/linux/x86_64/pthread_cond_timedwait.S:225
#1 0x000055c7094e4f5a in ?? ()
#2 0x000055c709648e73 in ?? ()
#3 0x00007fea0a8b56ba in start_thread (arg=0x7fea04df0700) at pthread_create.c:333
#4 0x00007fea08c5f41d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109
Thread 3 (Thread 0x7fea055f1700 (LWP 28121)):
#0 pthread_cond_timedwait@@GLIBC_2.3.2 () at ../sysdeps/unix/sysv/linux/x86_64/pthread_cond_timedwait.S:225
#1 0x000055c7094e3f6e in ?? ()
#2 0x000055c709648e73 in ?? ()
#3 0x00007fea0a8b56ba in start_thread (arg=0x7fea055f1700) at pthread_create.c:333
#4 0x00007fea08c5f41d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109
Thread 2 (Thread 0x7fea0cff1b40 (LWP 28028)):
#0 0x00007fea08c2430d in nanosleep () at ../sysdeps/unix/syscall-template.S:84
#1 0x00007fea08c55d94 in usleep (useconds=<optimized out>) at ../sysdeps/posix/usleep.c:32
#2 0x000055c70963fbf8 in ?? ()
#3 0x000055c709640462 in ?? ()
#4 0x00007fea08b78830 in __libc_start_main (main=0x55c70963fc15, argc=7, argv=0x7ffdd9e18618, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>,
stack_end=0x7ffdd9e18608) at ../csu/libc-start.c:291
#5 0x000055c7092694b9 in ?? ()
Thread 1 (Thread 0x7fea065f3700 (LWP 28119)):
#0 0x000055c70935c68c in ?? ()
#1 0x000055c70939d3b3 in ?? ()
#2 0x000055c709413f38 in ?? ()
#3 0x000055c7093a0a02 in ?? ()
#4 0x000055c70939dcfb in ?? ()
#5 0x000055c7093a6e60 in ?? ()
#6 0x000055c7093a72ef in ?? ()
#7 0x000055c7094eb64f in ?? ()
#8 0x000055c70964655e in ?? ()
#9 0x000055c70959b231 in ?? ()
#10 0x000055c70959f2e2 in ?? ()
#11 0x000055c7095a296e in ?? ()
#12 0x000055c70964768f in ?? ()
#13 0x00007fea0a8b56ba in start_thread (arg=0x7fea065f3700) at pthread_create.c:333
#14 0x00007fea08c5f41d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109
Updated by Victor Julien almost 5 years ago
Does this also happen if '--enable-debug' not passed to configure?
When (re)compiling, could you set 'CFLAGS="-ggdb"'? This would hopefully get us a more useful backtrace.
Updated by K Dev almost 5 years ago
Yes, we are seeing the issue on our production build (same as above without the --enable-debug).
Oops! I was building it correctly but forgot to remove the post-build symbol stripping :)
Thread 7 (Thread 0x7fa99acf3700 (LWP 14000)):
#0 pthread_cond_timedwait@@GLIBC_2.3.2 () at ../sysdeps/unix/sysv/linux/x86_64/pthread_cond_timedwait.S:225
#1 0x000055c2c730df91 in StatsWakeupThread (arg=0x55c2d86ddd40) at counters.c:484
#2 0x00007fa9a0fb96ba in start_thread (arg=0x7fa99acf3700) at pthread_create.c:333
#3 0x00007fa99f36341d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109
Thread 6 (Thread 0x7fa99bcf5700 (LWP 13998)):
#0 pthread_cond_timedwait@@GLIBC_2.3.2 () at ../sysdeps/unix/sysv/linux/x86_64/pthread_cond_timedwait.S:225
#1 0x000055c2c749bf6e in FlowManager (th_v=0x55c2d86ddb00, thread_data=0x55c2cedaea30) at flow-manager.c:787
#2 0x000055c2c7600e73 in TmThreadsManagement (td=0x55c2d86ddb00) at tm-threads.c:719
#3 0x00007fa9a0fb96ba in start_thread (arg=0x7fa99bcf5700) at pthread_create.c:333
#4 0x00007fa99f36341d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109
Thread 5 (Thread 0x7fa99c4f6700 (LWP 13997)):
#0 0x00007fa99f35774d in poll () at ../sysdeps/unix/syscall-template.S:84
#1 0x000055c2c755a662 in ReceiveAFPLoop (tv=0x55c2d86dd9e0, data=0x55c2d95d0000, slot=0x55c2d97ab340) at source-af-packet.c:1552
#2 0x000055c2c75ff68f in TmThreadsSlotPktAcqLoop (td=0x55c2d86dd9e0) at tm-threads.c:348
#3 0x00007fa9a0fb96ba in start_thread (arg=0x7fa99c4f6700) at pthread_create.c:333
#4 0x00007fa99f36341d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109
Thread 4 (Thread 0x7fa9a36f5b40 (LWP 13991)):
#0 0x00007fa99f32830d in nanosleep () at ../sysdeps/unix/syscall-template.S:84
#1 0x00007fa99f359d94 in usleep (useconds=<optimized out>) at ../sysdeps/posix/usleep.c:32
#2 0x000055c2c75f7bf8 in SuricataMainLoop (suri=0x55c2c7fb1860 <suricata>) at suricata.c:2901
#3 0x000055c2c75f8462 in main (argc=7, argv=0x7ffc99fae498) at suricata.c:3042
Thread 3 (Thread 0x7fa99a4f2700 (LWP 14001)):
#0 pthread_cond_timedwait@@GLIBC_2.3.2 () at ../sysdeps/unix/sysv/linux/x86_64/pthread_cond_timedwait.S:225
#1 0x000055c2c730d709 in StatsMgmtThread (arg=0x55c2d86dde60) at counters.c:409
#2 0x00007fa9a0fb96ba in start_thread (arg=0x7fa99a4f2700) at pthread_create.c:333
#3 0x00007fa99f36341d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109
Thread 2 (Thread 0x7fa99b4f4700 (LWP 13999)):
#0 pthread_cond_timedwait@@GLIBC_2.3.2 () at ../sysdeps/unix/sysv/linux/x86_64/pthread_cond_timedwait.S:225
#1 0x000055c2c749cf5a in FlowRecycler (th_v=0x55c2d86ddc20, thread_data=0x55c2d9a39550) at flow-manager.c:940
#2 0x000055c2c7600e73 in TmThreadsManagement (td=0x55c2d86ddc20) at tm-threads.c:719
#3 0x00007fa9a0fb96ba in start_thread (arg=0x7fa99b4f4700) at pthread_create.c:333
#4 0x00007fa99f36341d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109
Thread 1 (Thread 0x7fa99ccf7700 (LWP 13996)):
#0 0x000055c2c731468c in PacketBypassCallback (p=0x55c2d0f55e00) at decode.c:404
#1 0x000055c2c73553b3 in DetectBypassMatch (tv=0x55c2d86dd8c0, det_ctx=0x55c2d8857900, p=0x55c2d0f55e00, s=0x55c2c924c900, ctx=0x0)
at detect-bypass.c:98
#2 0x000055c2c73cbf38 in IPOnlyMatchPacket (tv=0x55c2d86dd8c0, de_ctx=0x55c2c92ee000, det_ctx=0x55c2d8857900,
io_ctx=0x55c2c92ef098, io_tctx=0x55c2d8857a30, p=0x55c2d0f55e00) at detect-engine-iponly.c:1084
#3 0x000055c2c7358a02 in DetectRunInspectIPOnly (tv=0x55c2d86dd8c0, de_ctx=0x55c2c92ee000, det_ctx=0x55c2d8857900, pflow=0x0,
p=0x55c2d0f55e00) at detect.c:580
#4 0x000055c2c7355cfb in DetectRun (th_v=0x55c2d86dd8c0, de_ctx=0x55c2c92ee000, det_ctx=0x55c2d8857900, p=0x55c2d0f55e00)
at detect.c:119
#5 0x000055c2c735ee60 in DetectNoFlow (tv=0x55c2d86dd8c0, de_ctx=0x55c2c92ee000, det_ctx=0x55c2d8857900, p=0x55c2d0f55e00)
at detect.c:1677
#6 0x000055c2c735f2ef in Detect (tv=0x55c2d86dd8c0, p=0x55c2d0f55e00, data=0x55c2d8857900, pq=0x0, postpq=0x0) at detect.c:1737
#7 0x000055c2c74a364f in FlowWorker (tv=0x55c2d86dd8c0, p=0x55c2d0f55e00, data=0x55c2d9ca1d40, preq=0x55c2db7acc00, unused=0x0)
at flow-worker.c:260
#8 0x000055c2c75fe55e in TmThreadsSlotVarRun (tv=0x55c2d86dd8c0, p=0x55c2d0f55e00, slot=0x55c2d8429040) at tm-threads.c:145
#9 0x000055c2c7553231 in TmThreadsSlotProcessPkt (tv=0x55c2d86dd8c0, s=0x55c2d8429040, p=0x55c2d0f55e00) at tm-threads.h:147
#10 0x000055c2c75572e2 in AFPReadFromRing (ptv=0x55c2d97ab5c0) at source-af-packet.c:1016
#11 0x000055c2c755a96e in ReceiveAFPLoop (tv=0x55c2d86dd8c0, data=0x55c2d97ab5c0, slot=0x55c2d8428f00) at source-af-packet.c:1579
#12 0x000055c2c75ff68f in TmThreadsSlotPktAcqLoop (td=0x55c2d86dd8c0) at tm-threads.c:348
#13 0x00007fa9a0fb96ba in start_thread (arg=0x7fa99ccf7700) at pthread_create.c:333
#14 0x00007fa99f36341d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109
Quit
Updated by K Dev almost 5 years ago
After reviewing the traceback, I removed the bypass keyword from the rule below and have not had a crash since. Will update later today.
pass ip any any -> any any (msg:"Pass Rule - Ignore all traffic to/from this IP"; iprep:any,IGNORE,<,127; classtype:whitelist; sid:XXXXXXX; rev:1;)
Updated by K Dev almost 5 years ago
No crashes since removing the bypass keyword from the rule above. This is the only place we're using the bypass keyword at the moment so I'm not sure if this is an issue w/ bypass itself or when used (perhaps incorrectly) with an IP rule and/or iprep rule.
Updated by Victor Julien almost 5 years ago
- Status changed from New to Assigned
- Assignee set to Eric Leblond
- Target version set to 5.0rc1
Definitely sounds like a bug.
Updated by Victor Julien almost 5 years ago
- Subject changed from Suricata 4.1.x Segmentation Faults to bypass keyword: Suricata 4.1.x Segmentation Faults
Updated by Eric Leblond almost 5 years ago
OK, I confirm the problem, bypass assume flow in current code.
Updated by Eric Leblond almost 5 years ago
Done a MR there: https://github.com/OISF/suricata/pull/3886
Updated by Eric Leblond almost 5 years ago
- Status changed from Assigned to Closed
Updated by Eric Leblond almost 5 years ago
Fixed in MR: https://github.com/OISF/suricata/pull/3948
Updated by Victor Julien almost 5 years ago
- Label Needs backport added
Adding backport label as we need a ticket for 4.1.x. PR is waiting for me https://github.com/OISF/suricata/pull/3886
Updated by Victor Julien over 4 years ago
- Copied to Bug #3123: bypass keyword: Suricata 4.1.x Segmentation Faults (4.1.x) added
Actions