[Oisf-users] Error running inline mode
Martin Spinassi
martins.listz at gmail.com
Mon Jun 7 15:33:27 UTC 2010
Will,
Here is the output of "cat /proc/net/netfilter/nf_queue":
# cat /proc/net/netfilter/nf_queue
0 NONE
1 NONE
2 ip_queue
3 NONE
4 NONE
5 NONE
6 NONE
7 NONE
8 NONE
9 NONE
10 NONE
11 NONE
12 NONE
Thanks for your help.
Regards,
Martin
On Mon, Jun 7, 2010 at 12:24 PM, Will Metcalf <william.metcalf at gmail.com> wrote:
> right... ok and the output from cat /proc/net/netfilter/nf_queue ?
>
> Regards,
>
> Will
>
>
>
> On Mon, Jun 7, 2010 at 10:17 AM, Martin Spinassi
> <martins.listz at gmail.com> wrote:
>> Will,
>>
>> Thanks for you reply.
>>
>> Here is my uname -a
>>
>> Linux server 2.6.32-trunk-686 #1 SMP Sun Jan 10 06:32:16 UTC 2010 i686
>> GNU/Linux
>>
>> And my "lsmod" output:
>>
>> Module Size Used by
>> xt_NFQUEUE 1565 2
>> nfnetlink_queue 5093 0
>> nfnetlink 1798 1 nfnetlink_queue
>> decnet 48505 0 [permanent]
>> xt_tcpudp 1743 2
>> iptable_filter 1790 1
>> ip_tables 7690 1 iptable_filter
>> x_tables 8335 3 xt_NFQUEUE,xt_tcpudp,ip_tables
>> ip_queue 3766 0
>> loop 9721 0
>> snd_intel8x0 19523 0
>> snd_ac97_codec 79136 1 snd_intel8x0
>> ac97_bus 710 1 snd_ac97_codec
>> snd_pcm 47350 2 snd_intel8x0,snd_ac97_codec
>> snd_timer 12258 1 snd_pcm
>> snd 33551 4
>> snd_intel8x0,snd_ac97_codec,snd_pcm,snd_timer
>> soundcore 3450 1 snd
>> shpchp 21220 0
>> parport_pc 15799 0
>> sis_agp 3145 1
>> pcspkr 1207 0
>> evdev 5609 3
>> parport 22554 1 parport_pc
>> snd_page_alloc 4977 2 snd_intel8x0,snd_pcm
>> pci_hotplug 18065 1 shpchp
>> agpgart 19516 1 sis_agp
>> button 3598 0
>> processor 25803 0
>> ext3 93828 6
>> jbd 31965 1 ext3
>> mbcache 3762 1 ext3
>> ide_cd_mod 21044 0
>> ide_gd_mod 17103 10
>> cdrom 26487 1 ide_cd_mod
>> ata_generic 2015 0
>> ohci_hcd 16804 0
>> ide_pci_generic 1924 0
>> sata_sis 2734 0
>> pata_sis 1538 1 sata_sis
>> 8139cp 13285 0
>> libata 113728 3 ata_generic,sata_sis,pata_sis
>> thermal 9206 0
>> sis5513 4888 8
>> ehci_hcd 27230 0
>> floppy 40923 0
>> 8139too 14849 0
>> scsi_mod 101073 1 libata
>> sis900 13731 0
>> mii 2714 3 8139cp,8139too,sis900
>> thermal_sys 9378 2 processor,thermal
>> usbcore 97930 3 ohci_hcd,ehci_hcd
>> nls_base 4541 1 usbcore
>> ide_core 63850 4
>> ide_cd_mod,ide_gd_mod,ide_pci_generic,sis5513
>>
>>
>> Thanks for your support!
>>
>> Regards,
>>
>> Martin
>>
>> On Mon, 2010-06-07 at 09:59 -0500, Will Metcalf wrote:
>>> can you send output of lsmod and uname -a
>>>
>>> Regards,
>>>
>>> Will
>>>
>>> On Mon, Jun 7, 2010 at 9:53 AM, Martin Spinassi <martins.listz at gmail.com> wrote:
>>> > Hi list,
>>> >
>>> > I' trying suricata for my first time, but I'm having some issues on
>>> > inline mode.
>>> >
>>> > This is part of the output of
>>> >
>>> > root at server# suricata -c /etc/suricata/suricata-debian.yaml -q 0
>>> >
>>> >
>>> > <snip>
>>> > [11621] 7/6/2010 -- 11:47:40 - (stream-tcp.c:282) <Info>
>>> > (StreamTcpInitConfig) -- stream "max_sessions": 262144
>>> > [11621] 7/6/2010 -- 11:47:40 - (stream-tcp.c:294) <Info>
>>> > (StreamTcpInitConfig) -- stream "prealloc_sessions": 32768
>>> > [11621] 7/6/2010 -- 11:47:40 - (stream-tcp.c:302) <Info>
>>> > (StreamTcpInitConfig) -- stream "memcap": 67108864
>>> > [11621] 7/6/2010 -- 11:47:40 - (stream-tcp.c:309) <Info>
>>> > (StreamTcpInitConfig) -- stream "midstream" session pickups: disabled
>>> > [11621] 7/6/2010 -- 11:47:40 - (stream-tcp.c:317) <Info>
>>> > (StreamTcpInitConfig) -- stream "async_oneside": disabled
>>> > [11657] 7/6/2010 -- 11:47:40 - (tm-threads.c:734) <Info>
>>> > (TmThreadSetupOptions) -- Setting affinity for "Detect1" Module to
>>> > cpu/core 0, thread id 11657
>>> > [11658] 7/6/2010 -- 11:47:40 - (tm-threads.c:734) <Info>
>>> > (TmThreadSetupOptions) -- Setting affinity for "Verdict" Module to
>>> > cpu/core 0, thread id 11658
>>> > [11659] 7/6/2010 -- 11:47:40 - (tm-threads.c:734) <Info>
>>> > (TmThreadSetupOptions) -- Setting affinity for "RespondReject" Module to
>>> > cpu/core 0, thread id 11659
>>> > [11660] 7/6/2010 -- 11:47:40 - (tm-threads.c:734) <Info>
>>> > (TmThreadSetupOptions) -- Setting affinity for "Outputs" Module to
>>> > cpu/core 0, thread id 11660
>>> > [11656] 7/6/2010 -- 11:47:40 - (tm-threads.c:734) <Info>
>>> > (TmThreadSetupOptions) -- Setting affinity for "Stream1" Module to
>>> > cpu/core 0, thread id 11656
>>> > [11655] 7/6/2010 -- 11:47:40 - (tm-threads.c:734) <Info>
>>> > (TmThreadSetupOptions) -- Setting affinity for "Decode1" Module to
>>> > cpu/core 0, thread id 11655
>>> > [11654] 7/6/2010 -- 11:47:40 - (tm-threads.c:734) <Info>
>>> > (TmThreadSetupOptions) -- Setting affinity for "ReceiveNFQ" Module to
>>> > cpu/core 0, thread id 11654
>>> > [11654] 7/6/2010 -- 11:47:40 - (source-nfq.c:241) <Error>
>>> > (NFQInitThread) -- [ERRCODE: SC_ERR_NFQ_UNBIND(67)] - nfq_unbind_pf()
>>> > for AF_INET failed
>>> >
>>> >
>>> > I googled it for a while, but I don't get anything but source code of
>>> > suricata.
>>> >
>>> >
>>> > Any link/suggestion is very appreciated.
>>> > Thanks!
>>> >
>>> > Martin
>>> >
>>> >
>>> > _______________________________________________
>>> > Oisf-users mailing list
>>> > Oisf-users at openinfosecfoundation.org
>>> > http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>>> >
>>
>>
>>
> _______________________________________________
> Oisf-users mailing list
> Oisf-users at openinfosecfoundation.org
> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>
More information about the Oisf-users
mailing list