[Oisf-users] (source-nfq.c:246) < Error> (NFQInitThread) -- [ERRCODE: SC_ERR_NFQ_UNBIND(70)] - nfq_unbind_pf() for AF_INET failed
Victor Julien
victor at inliniac.net
Mon Sep 27 09:48:17 UTC 2010
zeojex wrote:
> Victor Julien <victor at ...> writes:
>
>> I think the problem is that the ip_queue module is loaded. In my
>> experience ip_queue and nf_queue applications don't mix. So try
>> unloading ip_queue with the command "rmmod ip_queue" and try starting
>> Suricata again.
>>
>> Cheers,
>> Victor
>
> You were right Victor ! Thx a lot ! (are you french too ?)
> I have no alerts since i launch suricata under inline mode.
> Do you know where i can read the queue content in order to adapt barnyard2 ?
Nope, not French :)
Did you add iptables NFQUEUE rules? Check the
/var/log/suricata/stats.log file to confirm Suricata sees traffic.
Cheers,
Victor
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-users
mailing list