[Oisf-users] Unable to run inline in Windows
Peter Manev
petermanev at gmail.com
Fri May 23 07:25:27 UTC 2014
On Fri, May 23, 2014 at 9:11 AM, Aethrun <geofa80 at gmail.com> wrote:
> Hello,
>
> I installed Suricata under Windows 7 using the Suricata-2.0-1-32bit.msi
> installer. It's performing well in IDS mode.
>
> However, when I enter suricata -c suricata.yaml -q 0 to go into inline mode
> I get this message:
>
> 21/5/2014 -- 20:29:58 - <Error> - [ERRCODE: SC_ERR_NFQ_NOSUPPORT(67)] -
> NFQUEUE not enabled. Make sure to pass --enable-nfqueue to configure when
> building.
>
> Is there another command I can use to run inline? If not, can I install the
> missing files to the Suricata directory to enable NFQ?
>
> Thanks.
>
> Geof
>
>
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> OISF: http://www.openinfosecfoundation.org/
Hi,
The msi package comes without NFQUEUE enabled.
To enable it you would have to recompile Suricata on Windows under
CYGWIN with "--enable-nfqueue" and have netfilterforwin installded
beforehand.
How to for Suricata on Windows:
https://redmine.openinfosecfoundation.org/attachments/download/757/SuricataWinInstallationGuide_v1.3.pdf
for NFQUEUE under windows follow the section "Inline mode" from this page -
https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Windows
Thank you
--
Regards,
Peter Manev
More information about the Oisf-users
mailing list