[Version 2.1.11, 2.1.12]dbProcessEventInformation() Fatal Error #77

Closed
s-takehana opened this Issue Apr 5, 2013 · 2 comments

Comments

Projects
None yet
2 participants

I'm using Barnyard2.1.11 (Build 319) with Suricata ET rules.
I've been getting below error.

Output from Barnyard2:

04/03-23:11:35.136144  [**] [1:2100368:7] GPL ICMP_INFO PING BSDtype [**] [Classification: Misc activity] [Priority: 3] {ICMP} ***.***.***.*** -> ***.***.***.***
ERROR: [dbProcessEventInformation()]: Failed, stoping processing
Fatal Error, Quitting..

Output from u2spewfoo:

(Event)
        sensor id: 0    event id: 8493  event second: 1364998295        event microsecond: 136144
        sig id: 2100368 gen id: 1       revision: 7      classification: 29
        priority: 3     ip source: ***.***.***.***       ip destination: ***.***.***.***
        src port: 8     dest port: 0    protocol: 1     impact_flag: 0  blocked: 0

Packet
        sensor id: 0    event id: 8493  event second: 1364998295
        packet second: 1364998295       packet microsecond: 136144
        linktype: 1     packet_length: 142
[    0] 00 00 5E 00 01 0A 00 A0 DE 66 25 46 81 00 03 F6  ..^......f%F....
[   16] 08 00 4F 00 00 7C 00 00 40 00 31 01 BA 3B CC 5D  ..O..|..@.1..;.]
[   32] 82 88 6F 57 6D 0D 01 07 27 28 CC 5D 82 88 CC 5D  ..oWm...'(.]...]
[   48] CC E4 CC 5D C0 F5 40 CA 6F 02 81 FA 04 CA 81 FA  ...]..@.o.......
[   64] C1 D9 6F 57 03 22 7C D3 22 FB CB B5 63 EC 08 00  ..oW."|."...c...
[   80] 50 F9 55 42 00 01 97 38 5C 51 73 36 00 00 08 09  P.UB...8\Qs6....
[   96] 0A 0B 0C 0D 0E 0F 10 11 12 13 14 15 16 17 18 19  ................
[  112] 1A 1B 1C 1D 1E 1F 20 21 22 23 24 25 26 27 28 29  ...... !"#$%&'()
[  128] 2A 2B 2C 2D 2E 2F 30 31 32 33 34 35 36 37        *+,-./01234567

I've confirmed same error 2.1.12 (Build 321).

Could you help?

Collaborator

binf commented Apr 5, 2013

On Fri, Apr 5, 2013 at 12:37 AM, s-takehana notifications@github.com wrote:

I'm using Barnyard2.1.11 (Build 319) with Suricata ET rules.
I've been getting below error.

Output from Barnyard2:

04/03-23:11:35.136144 [] [1:2100368:7] GPL ICMP_INFO PING BSDtype [] [Classification: Misc activity] [Priority: 3] {ICMP} *...* -> _..**.**_
ERROR: [dbProcessEventInformation()]: Failed, stoping processing
Fatal Error, Quitting..

Greetings,

this has already been reported and its fixed in a staging branch that
you can download
here:
https://github.com/binf/barnyard2/tree/sid-msgv2
This has been reported by John Naggets on the by2-users mailing list.

Let-us know how it goes,
-elz

Thank you quick response.

Barnyard2 is processing fine now.

@s-takehana s-takehana closed this Apr 5, 2013

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment