<div dir="ltr">Hi<br><br>Did u see this :<br><br><a href="http://www.inliniac.net/blog/2010/05/10/setting-up-suricata-0-9-0-for-initial-use-on-ubuntu-lucid-10-04.html">http://www.inliniac.net/blog/2010/05/10/setting-up-suricata-0-9-0-for-initial-use-on-ubuntu-lucid-10-04.html</a><br>
<br><div class="gmail_quote">2010/6/7 Martin Spinassi <span dir="ltr"><<a href="mailto:martins.listz@gmail.com">martins.listz@gmail.com</a>></span><br><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
Will,<br>
<br>
Thanks for you reply.<br>
<br>
Here is my uname -a<br>
<br>
Linux server 2.6.32-trunk-686 #1 SMP Sun Jan 10 06:32:16 UTC 2010 i686<br>
GNU/Linux<br>
<br>
And my "lsmod" output:<br>
<br>
Module Size Used by<br>
xt_NFQUEUE 1565 2<br>
nfnetlink_queue 5093 0<br>
nfnetlink 1798 1 nfnetlink_queue<br>
decnet 48505 0 [permanent]<br>
xt_tcpudp 1743 2<br>
iptable_filter 1790 1<br>
ip_tables 7690 1 iptable_filter<br>
x_tables 8335 3 xt_NFQUEUE,xt_tcpudp,ip_tables<br>
ip_queue 3766 0<br>
loop 9721 0<br>
snd_intel8x0 19523 0<br>
snd_ac97_codec 79136 1 snd_intel8x0<br>
ac97_bus 710 1 snd_ac97_codec<br>
snd_pcm 47350 2 snd_intel8x0,snd_ac97_codec<br>
snd_timer 12258 1 snd_pcm<br>
snd 33551 4<br>
snd_intel8x0,snd_ac97_codec,snd_pcm,snd_timer<br>
soundcore 3450 1 snd<br>
shpchp 21220 0<br>
parport_pc 15799 0<br>
sis_agp 3145 1<br>
pcspkr 1207 0<br>
evdev 5609 3<br>
parport 22554 1 parport_pc<br>
snd_page_alloc 4977 2 snd_intel8x0,snd_pcm<br>
pci_hotplug 18065 1 shpchp<br>
agpgart 19516 1 sis_agp<br>
button 3598 0<br>
processor 25803 0<br>
ext3 93828 6<br>
jbd 31965 1 ext3<br>
mbcache 3762 1 ext3<br>
ide_cd_mod 21044 0<br>
ide_gd_mod 17103 10<br>
cdrom 26487 1 ide_cd_mod<br>
ata_generic 2015 0<br>
ohci_hcd 16804 0<br>
ide_pci_generic 1924 0<br>
sata_sis 2734 0<br>
pata_sis 1538 1 sata_sis<br>
8139cp 13285 0<br>
libata 113728 3 ata_generic,sata_sis,pata_sis<br>
thermal 9206 0<br>
sis5513 4888 8<br>
ehci_hcd 27230 0<br>
floppy 40923 0<br>
8139too 14849 0<br>
scsi_mod 101073 1 libata<br>
sis900 13731 0<br>
mii 2714 3 8139cp,8139too,sis900<br>
thermal_sys 9378 2 processor,thermal<br>
usbcore 97930 3 ohci_hcd,ehci_hcd<br>
nls_base 4541 1 usbcore<br>
ide_core 63850 4<br>
ide_cd_mod,ide_gd_mod,ide_pci_generic,sis5513<br>
<br>
<br>
Thanks for your support!<br>
<br>
Regards,<br>
<font color="#888888"><br>
Martin<br>
</font><div><div></div><div class="h5"><br>
On Mon, 2010-06-07 at 09:59 -0500, Will Metcalf wrote:<br>
> can you send output of lsmod and uname -a<br>
><br>
> Regards,<br>
><br>
> Will<br>
><br>
> On Mon, Jun 7, 2010 at 9:53 AM, Martin Spinassi <<a href="mailto:martins.listz@gmail.com">martins.listz@gmail.com</a>> wrote:<br>
> > Hi list,<br>
> ><br>
> > I' trying suricata for my first time, but I'm having some issues on<br>
> > inline mode.<br>
> ><br>
> > This is part of the output of<br>
> ><br>
> > root@server# suricata -c /etc/suricata/suricata-debian.yaml -q 0<br>
> ><br>
> ><br>
> > <snip><br>
> > [11621] 7/6/2010 -- 11:47:40 - (stream-tcp.c:282) <Info><br>
> > (StreamTcpInitConfig) -- stream "max_sessions": 262144<br>
> > [11621] 7/6/2010 -- 11:47:40 - (stream-tcp.c:294) <Info><br>
> > (StreamTcpInitConfig) -- stream "prealloc_sessions": 32768<br>
> > [11621] 7/6/2010 -- 11:47:40 - (stream-tcp.c:302) <Info><br>
> > (StreamTcpInitConfig) -- stream "memcap": 67108864<br>
> > [11621] 7/6/2010 -- 11:47:40 - (stream-tcp.c:309) <Info><br>
> > (StreamTcpInitConfig) -- stream "midstream" session pickups: disabled<br>
> > [11621] 7/6/2010 -- 11:47:40 - (stream-tcp.c:317) <Info><br>
> > (StreamTcpInitConfig) -- stream "async_oneside": disabled<br>
> > [11657] 7/6/2010 -- 11:47:40 - (tm-threads.c:734) <Info><br>
> > (TmThreadSetupOptions) -- Setting affinity for "Detect1" Module to<br>
> > cpu/core 0, thread id 11657<br>
> > [11658] 7/6/2010 -- 11:47:40 - (tm-threads.c:734) <Info><br>
> > (TmThreadSetupOptions) -- Setting affinity for "Verdict" Module to<br>
> > cpu/core 0, thread id 11658<br>
> > [11659] 7/6/2010 -- 11:47:40 - (tm-threads.c:734) <Info><br>
> > (TmThreadSetupOptions) -- Setting affinity for "RespondReject" Module to<br>
> > cpu/core 0, thread id 11659<br>
> > [11660] 7/6/2010 -- 11:47:40 - (tm-threads.c:734) <Info><br>
> > (TmThreadSetupOptions) -- Setting affinity for "Outputs" Module to<br>
> > cpu/core 0, thread id 11660<br>
> > [11656] 7/6/2010 -- 11:47:40 - (tm-threads.c:734) <Info><br>
> > (TmThreadSetupOptions) -- Setting affinity for "Stream1" Module to<br>
> > cpu/core 0, thread id 11656<br>
> > [11655] 7/6/2010 -- 11:47:40 - (tm-threads.c:734) <Info><br>
> > (TmThreadSetupOptions) -- Setting affinity for "Decode1" Module to<br>
> > cpu/core 0, thread id 11655<br>
> > [11654] 7/6/2010 -- 11:47:40 - (tm-threads.c:734) <Info><br>
> > (TmThreadSetupOptions) -- Setting affinity for "ReceiveNFQ" Module to<br>
> > cpu/core 0, thread id 11654<br>
> > [11654] 7/6/2010 -- 11:47:40 - (source-nfq.c:241) <Error><br>
> > (NFQInitThread) -- [ERRCODE: SC_ERR_NFQ_UNBIND(67)] - nfq_unbind_pf()<br>
> > for AF_INET failed<br>
> ><br>
> ><br>
> > I googled it for a while, but I don't get anything but source code of<br>
> > suricata.<br>
> ><br>
> ><br>
> > Any link/suggestion is very appreciated.<br>
> > Thanks!<br>
> ><br>
> > Martin<br>
> ><br>
> ><br>
> > _______________________________________________<br>
> > Oisf-users mailing list<br>
> > <a href="mailto:Oisf-users@openinfosecfoundation.org">Oisf-users@openinfosecfoundation.org</a><br>
> > <a href="http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users" target="_blank">http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users</a><br>
> ><br>
<br>
<br>
_______________________________________________<br>
Oisf-users mailing list<br>
<a href="mailto:Oisf-users@openinfosecfoundation.org">Oisf-users@openinfosecfoundation.org</a><br>
<a href="http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users" target="_blank">http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users</a><br>
</div></div></blockquote></div><br></div>