Project

General

Profile

Actions
Copy link

Bug #999

closed

delayed detect inits thresholds before de_ctx

Added by Victor Julien over 10 years ago. Updated over 10 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Victor Julien
Target version:
2.0beta2
Affected Versions:
Effort:
Difficulty:
Label:

Description

[27393] 14/10/2013 -- 13:55:55 - (util-threshold-config.c:384) <Warning> (SetupSuppressRule) -- [ERRCODE: SC_ERR_EVENT_ENGINE(210)] - can't suppress sid 2013296, gid 1: unknown rule
[27393] 14/10/2013 -- 13:55:55 - (util-threshold-config.c:384) <Warning> (SetupSuppressRule) -- [ERRCODE: SC_ERR_EVENT_ENGINE(210)] - can't suppress sid 2013296, gid 1: unknown rule
[27393] 14/10/2013 -- 13:55:55 - (util-threshold-config.c:384) <Warning> (SetupSuppressRule) -- [ERRCODE: SC_ERR_EVENT_ENGINE(210)] - can't suppress sid 2013659, gid 1: unknown rule
[27393] 14/10/2013 -- 13:55:55 - (util-threshold-config.c:384) <Warning> (SetupSuppressRule) -- [ERRCODE: SC_ERR_EVENT_ENGINE(210)] - can't suppress sid 2001058, gid 1: unknown rule
[27393] 14/10/2013 -- 13:55:55 - (util-threshold-config.c:384) <Warning> (SetupSuppressRule) -- [ERRCODE: SC_ERR_EVENT_ENGINE(210)] - can't suppress sid 2009557, gid 1: unknown rule
[27393] 14/10/2013 -- 13:55:55 - (util-threshold-config.c:384) <Warning> (SetupSuppressRule) -- [ERRCODE: SC_ERR_EVENT_ENGINE(210)] - can't suppress sid 2012086, gid 1: unknown rule
[27393] 14/10/2013 -- 13:55:55 - (util-threshold-config.c:384) <Warning> (SetupSuppressRule) -- [ERRCODE: SC_ERR_EVENT_ENGINE(210)] - can't suppress sid 2003614, gid 1: unknown rule
[27393] 14/10/2013 -- 13:55:55 - (util-threshold-config.c:384) <Warning> (SetupSuppressRule) -- [ERRCODE: SC_ERR_EVENT_ENGINE(210)] - can't suppress sid 2009389, gid 1: unknown rule
[27393] 14/10/2013 -- 13:55:56 - (tm-threads.c:2192) <Notice> (TmThreadWaitOnThreadInit) -- all 4 packet processing threads, 3 management threads initialized, engine started.
[27393] 14/10/2013 -- 13:55:56 - (detect.c:406) <Warning> (SigLoadSignatures) -- [ERRCODE: SC_ERR_NO_RULES(42)] - No rules loaded from /etc/suricata/rules/files.rules
[27393] 14/10/2013 -- 13:56:00 - (detect.c:406) <Warning> (SigLoadSignatures) -- [ERRCODE: SC_ERR_NO_RULES(42)] - No rules loaded from /etc/suricata/rules/icmp.rules
[27393] 14/10/2013 -- 13:58:19 - (suricata.c:2139) <Notice> (main) -- Signature(s) loaded, Detect thread(s) activated.

The "suppress" errors make sense if de_ctx isn't initialized yet.

Actions
Copy link

Also available in: Atom PDF