Project

General

Profile

Actions

Bug #3884

closed

SC_ERR_INVALID_ENUM_MAP on rule load

Added by Peter Manev over 4 years ago. Updated over 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

Seeing this with 6.0 Beta1

root@a319f7210f49:/# suricata -V
This is Suricata version 6.0.0-beta1 RELEASE
root@a319f7210f49:/# suricata-update 
18/8/2020 -- 06:09:45 - <Info> -- Using data-directory /var/lib/suricata.
18/8/2020 -- 06:09:45 - <Info> -- Using Suricata configuration /etc/suricata/suricata.yaml
18/8/2020 -- 06:09:45 - <Info> -- Using /etc/suricata/rules for Suricata provided rules.
18/8/2020 -- 06:09:45 - <Info> -- Found Suricata version 6.0.0-beta1 at /usr/bin/suricata.
18/8/2020 -- 06:09:45 - <Info> -- Loading /etc/suricata/suricata.yaml
18/8/2020 -- 06:09:45 - <Info> -- Disabling rules for protocol http2
18/8/2020 -- 06:09:45 - <Info> -- Disabling rules for protocol modbus
18/8/2020 -- 06:09:45 - <Info> -- Disabling rules for protocol dnp3
18/8/2020 -- 06:09:45 - <Info> -- Disabling rules for protocol enip
18/8/2020 -- 06:09:45 - <Info> -- No sources configured, will use Emerging Threats Open
18/8/2020 -- 06:09:45 - <Info> -- Fetching https://rules.emergingthreats.net/open/suricata-6.0.0/emerging.rules.tar.gz.
 100% - 2678635/2678635               
18/8/2020 -- 06:09:47 - <Info> -- Done.
18/8/2020 -- 06:09:47 - <Info> -- Loading distribution rule file /etc/suricata/rules/app-layer-events.rules
18/8/2020 -- 06:09:47 - <Info> -- Loading distribution rule file /etc/suricata/rules/decoder-events.rules
18/8/2020 -- 06:09:47 - <Info> -- Loading distribution rule file /etc/suricata/rules/dhcp-events.rules
18/8/2020 -- 06:09:47 - <Info> -- Loading distribution rule file /etc/suricata/rules/dnp3-events.rules
18/8/2020 -- 06:09:47 - <Info> -- Loading distribution rule file /etc/suricata/rules/dns-events.rules
18/8/2020 -- 06:09:47 - <Info> -- Loading distribution rule file /etc/suricata/rules/files.rules
18/8/2020 -- 06:09:47 - <Info> -- Loading distribution rule file /etc/suricata/rules/http-events.rules
18/8/2020 -- 06:09:47 - <Info> -- Loading distribution rule file /etc/suricata/rules/ipsec-events.rules
18/8/2020 -- 06:09:47 - <Info> -- Loading distribution rule file /etc/suricata/rules/kerberos-events.rules
18/8/2020 -- 06:09:47 - <Info> -- Loading distribution rule file /etc/suricata/rules/modbus-events.rules
18/8/2020 -- 06:09:47 - <Info> -- Loading distribution rule file /etc/suricata/rules/nfs-events.rules
18/8/2020 -- 06:09:47 - <Info> -- Loading distribution rule file /etc/suricata/rules/ntp-events.rules
18/8/2020 -- 06:09:47 - <Info> -- Loading distribution rule file /etc/suricata/rules/smb-events.rules
18/8/2020 -- 06:09:47 - <Info> -- Loading distribution rule file /etc/suricata/rules/smtp-events.rules
18/8/2020 -- 06:09:47 - <Info> -- Loading distribution rule file /etc/suricata/rules/stream-events.rules
18/8/2020 -- 06:09:47 - <Info> -- Loading distribution rule file /etc/suricata/rules/tls-events.rules
18/8/2020 -- 06:09:47 - <Info> -- Ignoring file rules/emerging-deleted.rules
18/8/2020 -- 06:09:48 - <Info> -- Loaded 27614 rules.
18/8/2020 -- 06:09:48 - <Info> -- Disabled 14 rules.
18/8/2020 -- 06:09:48 - <Info> -- Enabled 0 rules.
18/8/2020 -- 06:09:48 - <Info> -- Modified 0 rules.
18/8/2020 -- 06:09:48 - <Info> -- Dropped 0 rules.
18/8/2020 -- 06:09:48 - <Info> -- Enabled 141 rules for flowbit dependencies.
18/8/2020 -- 06:09:48 - <Info> -- Creating directory /var/lib/suricata/rules.
18/8/2020 -- 06:09:48 - <Info> -- Backing up current rules.
18/8/2020 -- 06:09:48 - <Info> -- Writing rules to /var/lib/suricata/rules/suricata.rules: total: 27614; enabled: 20761; added: 27614; removed 0; modified: 0
18/8/2020 -- 06:09:48 - <Info> -- Writing /var/lib/suricata/rules/classification.config
18/8/2020 -- 06:09:49 - <Info> -- Testing with suricata -T.
18/8/2020 -- 06:09:49 - <Error> -- [ERRCODE: SC_ERR_INVALID_ENUM_MAP(15)] - event "certificate_missing_element" not present in ssl's enum map table.
18/8/2020 -- 06:09:49 - <Warning> -- [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - app-layer-event keyword's protocol "tls" doesn't have event "certificate_missing_element" registered
18/8/2020 -- 06:09:49 - <Error> -- [ERRCODE: SC_ERR_INVALID_ENUM_MAP(15)] - event "certificate_unknown_element" not present in ssl's enum map table.
18/8/2020 -- 06:09:49 - <Warning> -- [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - app-layer-event keyword's protocol "tls" doesn't have event "certificate_unknown_element" registered
18/8/2020 -- 06:09:49 - <Error> -- [ERRCODE: SC_ERR_INVALID_ENUM_MAP(15)] - event "certificate_invalid_string" not present in ssl's enum map table.
18/8/2020 -- 06:09:49 - <Warning> -- [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - app-layer-event keyword's protocol "tls" doesn't have event "certificate_invalid_string" registered
18/8/2020 -- 06:10:07 - <Info> -- Done.
root@a319f7210f49:/# echo $?
0

Actions #1

Updated by Victor Julien over 4 years ago

  • Status changed from New to Closed
  • Assignee set to Victor Julien
  • Target version set to 6.0.0rc1
Actions

Also available in: Atom PDF