Actions
Bug #3325
closedlua issues on arm (fedora:29) (4.1.x)
Affected Versions:
Effort:
Difficulty:
Label:
Description
The suricata-verify 'lua-output-dns' test fails because the produced logfile contains some strange values:
05/24/2016-23:27:01.960780 [**] Query TX 2b2ea9628 [**] client-cf.dropbox.com [**] A [**] 10.16.1.11:53679 -> 10.16.1.1:53 05/24/2016-23:27:02.832606 [**] Query TX 2b10a9628 [**] block.dropbox.com [**] A [**] 10.16.1.11:49697 -> 10.16.1.1:53 05/24/2016-23:27:04.653864 [**] Query TX 2b06a9628 [**] client-cf.dropbox.com [**] A [**] 10.16.1.11:57634 -> 10.16.1.1:53 10/14/2016-15:40:21.889830 [**] Query TX 2b42aa6a8 [**] d98cf633-97be-406f-9e39-bd8fc0cbdea4.com [**] A [**] 10.16.1.11:40697 -> 10.16.1.1:53 05/24/2016-23:27:02.333141 [**] Query TX 2b2ea9628 [**] client-cf.dropbox.com [**] A [**] 10.16.1.11:53679 -> 10.16.1.1:53 05/24/2016-23:27:02.333141 [**] Response TX 2b2ea9628 [**] client-cf.dropbox.com [**] A [**] TTL 77968877786497092 [**] 52.85.112.21 [**] 10.16.1.11:53679 -> 10.16.1.1:53 05/24/2016-23:27:03.085375 [**] Query TX 2b10a9628 [**] codemonkey.net [**] A [**] 10.16.1.11:33458 -> 10.16.1.1:53 05/24/2016-23:27:04.654238 [**] Query TX 2b06a9628 [**] client-cf.dropbox.com [**] A [**] 10.16.1.11:57634 -> 10.16.1.1:53 05/24/2016-23:27:04.654238 [**] Response TX 2b06a9628 [**] client-cf.dropbox.com [**] A [**] TTL 77968877786497092 [**] 52.85.112.21 [**] 10.16.1.11:57634 -> 10.16.1.1:53 10/14/2016-15:40:21.971664 [**] Query TX 2b42aa6a8 [**] d98cf633-97be-406f-9e39-bd8fc0cbdea4.com [**] A [**] 10.16.1.11:40697 -> 10.16.1.1:53 10/14/2016-15:40:21.971664 [**] Response TX 2b42aa6a8 [**] NXDOMAIN [**] 10.16.1.11:40697 -> 10.16.1.1:53 10/14/2016-15:40:21.971664 [**] Response TX 2b42aa6a8 [**] com [**] SOA [**] TTL 77968877786497092 [**] 10.16.1.11:40697 -> 10.16.1.1:53 05/24/2016-23:27:03.213624 [**] Query TX 2b10a9628 [**] block.dropbox.com [**] A [**] 10.16.1.11:49697 -> 10.16.1.1:53 05/24/2016-23:27:03.213624 [**] Response TX 2b10a9628 [**] block.g1.dropbox.com [**] A [**] TTL 77968877786497092 [**] 45.58.70.33 [**] 10.16.1.11:49697 -> 10.16.1.1:53 05/24/2016-23:27:03.213624 [**] Response TX 2b10a9628 [**] block.dropbox.com [**] CNAME [**] TTL 77968877786497092 [**] block.g1.dropbox.com [**] 10.16.1.11:49697 -> 10.16.1.1:53 05/24/2016-23:27:03.493333 [**] Query TX 2b10a9d48 [**] codemonkey.net [**] A [**] 10.16.1.11:33458 -> 10.16.1.1:53 05/24/2016-23:27:03.493333 [**] Response TX 2b10a9d48 [**] codemonkey.net [**] A [**] TTL 77968877786497092 [**] 104.131.202.103 [**] 10.16.1.11:33458 -> 10.16.1.1:53
The id's are wrong and the ttl values look rather suspect.
Setup:
Docker on ARM (32 bit) with fedora:29 image.
Test 'dns-lua-rules' also fails. The EVE log DNS records look normal, so I wonder if the lua-rust layer is mangling types.
Updated by Victor Julien about 5 years ago
- Copied from Bug #2955: lua issues on arm (fedora:29) added
Updated by Victor Julien about 5 years ago
- Status changed from Assigned to Closed
Actions