Hi All, I need help.
OS :Yocto (Dunfell +QT5)
Device:Nitrogen8m
When I run the command " systemctl status suricata.service" getting this failed status
Is this related to " [errcode: sc_warn_flowbit(306)]"
Hi All, I need help.
OS :Yocto (Dunfell +QT5)
Device:Nitrogen8m
When I run the command " systemctl status suricata.service" getting this failed status
Is this related to " [errcode: sc_warn_flowbit(306)]"
Can you also post the suricata.service
file?
From you screenshot above it looks like it should be /lib/systemd/system/suricata.service
.
The ExecStart
is missing the -i
command line option. It should look like:
ExecStart=/usr/bin/suricata -c /etc/suricata/suricata.yaml -i eth0
If this is from a Suricata package that you installed I’d suggest reporting this back to whoever made the package.
Hi,
I changed the ExecStart=/usr/bin/suricata -c /etc/suricata/suricata.yaml eth0 —> ExecStart=/usr/bin/suricata -c /etc/suricata/suricata.yaml -i eth0
Now its showing, “Active (Running)”, Please confirm that
I taken this recipe from" OpenEmbedded Layer Index - suricata "and bitbaked in to Yocto(dunfell +QT5) image
Looks like its running now.
You didn’t specify a version, but I don’t think you should see those warnings with an update to date Suricata 6.0 or 5.0 release and up to date rules.
That documentation is out of date and exists for reference purposes only. Please see the the current documtation linked at the top of the page, or more specifically 7. Rule Management — Suricata 6.0.4 documentation.
Thank you, I will look into it.
I will get back to you once it got resolved.
Hii @ish suricata service is not working.
Here is my suricata.service file:
[Unit]
Description=Suricata IDS/IDP daemon
After=network.target network-online.target
Requires=network-online.target
Documentation=man:suricata(8) man:suricatasc(8)
Documentation=https://suricata-ids.org/docs/
[Service]
Type=forking
#Environment=LD_PRELOAD=/usr/lib/libtcmalloc_minimal.so.4
PIDFile=/run/suricata.pid
ExecStart=/usr/bin/suricata -D --af-packet -c /etc/suricata/suricata.yaml --pidfile /run/suricata.pid
ExecReload=/usr/bin/suricatasc -c reload-rules ; /bin/kill -HUP $MAINPID
ExecStop=/usr/bin/suricatasc -c shutdown
Restart=on-failure
ProtectSystem=full
ProtectHome=true
[Install]
WantedBy=multi-user.target
I’d first start by removing the Type=forking
and not using -D
with Suricata.
You can see our template Systemd unit file here:
If you still have issues, please create a new topic, and include details of what is not working.