squid:alerts:suricata_udpv4_invalid_checksum
Squid - Alerts - SURICATA UDPv4 invalid checksum
Disable Hardware Checksum Offloading under System → Advanced → Networking.
Suppress Rules
# Messes up with DNS resolution on LAN. 1:2200073 # SURICATA IPv4 invalid checksum # Bittorrent noise, DNS. 1:2200075 # SURICATA UDPv4 invalid checksum 1:2200078 # SURICATA UDPv6 invalid checksum # Lots of useless noise. 1:2200076 # SURICATA ICMPv4 invalid checksum 1:2200079 # SURICATA ICMPv6 invalid checksum
NOTE: Try toggling the Hardware Checksum Offloading.
If that does not do it, you can simply disable that particular rule by either clicking the red X icon on the Alerts tab in the GID/SID column, or you can find and selectively disable that rule on the Rules tab for the interface.
See this thread from the official Suricata documentation Wiki for details:
Suricata uses PCAP for packet capture during Legacy Blocking Mode operation, and Netmap for Inline IPS Mode operation.
In both cases, hardware checksum offloading needs to be disabled.
squid/alerts/suricata_udpv4_invalid_checksum.txt · Last modified: 2021/01/04 20:26 by peter