Fiirewalll rules

Hello,
Checking the firewall on install - looks like it applies to both my management and listening port. Normal ? I was wondering since if the listening port was scanned should it alert in Suricata ?

Thanks,
Tom

Hmm this looks like the reason…
sudo cat filename: /var/log/suricata/suricata.log
cat: filename:: No such file or directory
27/8/2019 – 22:10:29 - - This is Suricata version 4.1.4 RELEASE
27/8/2019 – 22:10:29 - - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files matc h the pattern /var/lib/suricata/rules/suricata.rules
27/8/2019 – 22:10:29 - - [ERRCODE: SC_ERR_NO_RULES_LOADED(43)] - 1 rule file s specified, but no rule was loaded at all!
27/8/2019 – 22:10:29 - - all 16 packet processing threads, 4 management threa ds initialized, engine started.

Looks like it finds the file just errors out on each rule…

example
– 19:29:18 - - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - error parsing signature "alert http $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any

Did a new install – same results hmm
“msg”: “● suricata.service - Suricata Intrusion Detection Service\n Loaded: loaded (/etc/systemd/system/suricata.service; enabled; vendor preset: disabled)\n Active: active (running) since Thu 2019-08-29 20:50:33 UTC; 14min ago\n Main PID: 14853 (Suricata-Main)\n CGroup: /system.slice/suricata.service\n └─14853 /sbin/suricata -c /etc/suricata/suricata.yaml --af-packet\n\nAug 29 20:50:33 ocirocknms1 suricata[14853]: 29/8/2019 – 20:50:33 - - [ERRCODE: SC_ERR_NO_RULES(42)] - No rule files match the pattern /var/lib/suricata/rules/suricata.rules\nAug 29 20:50:33 ocirocknms1 suricata[14853]: 29/8/2019 – 20:50:33 - - [ERRCODE: SC_ERR_NO_RULES_LOADED(43)] - 1 rule files specified, but no rule was loaded at all!\nAug 29 20:50:34 ocirocknms1 suricata[14853]: 29/8/2019 – 20:50:34 - - all 16 packet processing threads, 4 management threads initialized, engine started.”
}