General

Profile

Jan Hugo Prins

  • Login: jhaprins
  • Registered on: 11/04/2020
  • Last connection: 11/07/2020

Issues

open closed Total
Assigned issues 0 0 0
Reported issues 0 1 1

Activity

11/08/2020

05:50 PM Suricata Bug #4109: mac address logging crash
Sascha Steinbiss wrote in #note-26:
>
> Thanks for the detailed information and good debugging support! I will ope...
Jan Hugo Prins
04:16 PM Suricata Bug #4109: mac address logging crash
Hello Sascha,
You can use those packets as far as I'm concerned.
You are right that the packets look corrupted in...
Jan Hugo Prins
03:50 PM Suricata Bug #4109: mac address logging crash
I just wanted to confirm the same.
Thanks for the good work.
I hope this patch is in time for the next release.
...
Jan Hugo Prins
03:03 PM Suricata Bug #4109: mac address logging crash
Sascha Steinbiss wrote in #note-21:
> I think I found the bug. It looks like we're assuming a flow exists to look up...
Jan Hugo Prins
03:01 PM Suricata Bug #4109: mac address logging crash
I have a pcap file that is able to crash my Suricata instance.
I have added the pcap file and 2 gdb backtraces.
One...
Jan Hugo Prins

11/07/2020

03:33 AM Suricata Bug #4109: mac address logging crash
I have done some more analyses and what I have found is that in a lot of cases this crash happens when the packet is ... Jan Hugo Prins
01:34 AM Suricata Bug #4109: mac address logging crash
I have also found an other packet that crashed a Suricata server on one of my other probes around the same time:
{...
Jan Hugo Prins
01:33 AM Suricata Bug #4109: mac address logging crash
I have found the packets that created the 2 crashes in for which I have the core files and the backtraces above:
c...
Jan Hugo Prins

11/06/2020

08:29 PM Suricata Bug #4109: mac address logging crash
Creating a pcap during the crash will be a bit difficult, but zeek has been running constantly and should have logged... Jan Hugo Prins
11:13 AM Suricata Bug #4109: mac address logging crash
Just had a crash with the combination "netflow" / "ethernet".
Now disabled the "ethernet" option on all servers to v...
Jan Hugo Prins

Also available in: Atom