[Oisf-users] Suricata in Inline Mode - ERRCODE: SC_ERR_NFQ_UNBIND(70)
Dave Remien
dave.remien at gmail.com
Mon Dec 12 17:23:10 UTC 2011
On Mon, Dec 12, 2011 at 12:13 AM, Victor Julien <victor at inliniac.net> wrote:
> On 12/11/2011 09:38 AM, Srijan Nandi wrote:
> > Can anyone please help me with this? I need Suricata to work via nf_queue
> > and also I cannot remove ip_queue as it is inbuilt in my kernel.
>
> As far as I know your only option is to rebuild your kernel w/o ip_queue
> support.
>
> --
> ---------------------------------------------
> Victor Julien
> http://www.inliniac.net/
> PGP: http://www.inliniac.net/victorjulien.asc
> ---------------------------------------------
>
> _______________________________________________
> Oisf-users mailing list
> Oisf-users at openinfosecfoundation.org
> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>
Try specifying the nf_queue to be greater than 0 (for both Suricata and
iptables -J NFQUEUE --queue-number) , if you haven't already tried that.
ip_queue uses the nf_queue known as 0....
Dave
--
".... We are such stuff
As dreams are made on; and our little life
Is rounded with a sleep."
-- Shakespeare, The Tempest - Act 4
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20111212/26aaf3fd/attachment-0002.html>
More information about the Oisf-users
mailing list