FYI:
Just in case anybody is/was wondering:
There were two errors in the Etnetera Aggressive Blacklist Rules
, which caused ‘suricata’ to fail loading two rule lines:
[ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "drop ip [220. 158.142.114,2604:a880:4:1d0::2b8:0,(Empty Value),172.17.2.100,31.130.168.90, ...]
Reported to security@etnetera.cz
=> Both errors were fixed within 30 minutes. Wow!
To update, open GUI Intrusion Prevention
, edit (if activated) Etnetera Aggressive Blacklist Rules
and choose the button Force Ruleset Update
.
Best,
Matthias