Hello,
I am using FreeBSD 12.2. I installed Suricata package successfully. But Suricata doesn't work properly. How can I solve this problem?
I am using FreeBSD 12.2. I installed Suricata package successfully. But Suricata doesn't work properly. How can I solve this problem?
Code:
[root@vmi551894 ~]# pkg info |grep -i suricata
suricata-5.0.5 High Performance Network IDS, IPS and Security Monitoring engine
[root@vmi551894 ~]# service suricata onestart
Starting suricata.
24/3/2021 -- 22:24:35 - <Notice> - This is Suricata version 5.0.5 RELEASE running in SYSTEM mode
[root@vmi551894 ~]# cat /var/log/suricata/suricata.log
24/3/2021 -- 22:14:16 - <Notice> - This is Suricata version 5.0.5 RELEASE running in SYSTEM mode
24/3/2021 -- 22:14:16 - <Info> - CPUs/cores online: 4
24/3/2021 -- 22:14:16 - <Info> - fast output device (regular) initialized: fast.log
24/3/2021 -- 22:14:16 - <Info> - eve-log output device (regular) initialized: eve.json
24/3/2021 -- 22:14:16 - <Info> - stats output device (regular) initialized: stats.log
24/3/2021 -- 22:14:16 - <Info> - Running in live mode, activating unix socket
24/3/2021 -- 22:14:16 - <Warning> - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /var/lib/suricata/rules/suricata.rules
24/3/2021 -- 22:14:16 - <Warning> - [ERRCODE: SC_ERR_NO_RULES_LOADED(43)] - 1 rule files specified, but no rule was loaded at all!
24/3/2021 -- 22:14:16 - <Info> - Threshold config parsed: 0 rule(s) found
24/3/2021 -- 22:14:16 - <Info> - 0 signatures processed. 0 are IP-only rules, 0 are inspecting packet payload, 0 inspect application layer, 0 are decoder event only
24/3/2021 -- 22:14:16 - <Error> - [ERRCODE: SC_ERR_IPFW_SOCK(81)] - Can't create divert socket: Protocol not supported
24/3/2021 -- 22:14:16 - <Info> - Running in live mode, activating unix socket
24/3/2021 -- 22:14:16 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket'
24/3/2021 -- 22:14:16 - <Info> - Created socket directory /var/run/suricata/
24/3/2021 -- 22:14:16 - <Error> - [ERRCODE: SC_ERR_THREAD_INIT(49)] - thread "RX-8000" failed to initialize: flags 0145
24/3/2021 -- 22:14:16 - <Error> - [ERRCODE: SC_ERR_INITIALIZATION(45)] - Engine initialization failed, aborting...