[Oisf-users] Unable to run inline in Windows

Aethrun geofa80 at gmail.com
Tue May 27 18:04:35 UTC 2014 

Hi Peter,

I installed Suricata in Cygwin/tmp today from
 Linux/Mac/FreeBSD/UNIX/Windows Source without the --enable-nfqueue option.
It ran just as well as it had after installing with the .msi.

I then unpacked netfilterforwin in Cygwin/tmp and installed netfilter.sys
and libnetfilter_queue using Cygwin, successfully I believe. However, when
I recompiled Suricata, this time with --enable-nfqueue, it failed with
these messages:

   checking libnfnetlink/libnfnetlink.h usability... no
   checking libnfnetlink/libnfnetlink.h presence... no
   checking for libnfnetlink/libnfnetlink.h... no
   configure: error: libnfnetlink.h not found ...

I've attached the config.log.

Thanks.

Geof


On Fri, May 23, 2014 at 12:25 AM, Peter Manev <petermanev at gmail.com> wrote:

> On Fri, May 23, 2014 at 9:11 AM, Aethrun <geofa80 at gmail.com> wrote:
> > Hello,
> >
> > I installed Suricata under Windows 7 using the Suricata-2.0-1-32bit.msi
> > installer. It's performing well in IDS mode.
> >
> > However, when I enter suricata -c suricata.yaml -q 0 to go into inline
> mode
> > I get this message:
> >
> > 21/5/2014 -- 20:29:58 - <Error> - [ERRCODE: SC_ERR_NFQ_NOSUPPORT(67)] -
> > NFQUEUE not enabled. Make sure to pass --enable-nfqueue to configure when
> > building.
> >
> > Is there another command I can use to run inline? If not, can I install
> the
> > missing files to the Suricata directory to enable NFQ?
> >
> > Thanks.
> >
> > Geof
> >
> >
> > _______________________________________________
> > Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> > Site: http://suricata-ids.org | Support:
> http://suricata-ids.org/support/
> > List:
> https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> > OISF: http://www.openinfosecfoundation.org/
>
> Hi,
>
> The msi package comes without NFQUEUE enabled.
> To enable it you would have to recompile Suricata on Windows under
> CYGWIN with "--enable-nfqueue" and have netfilterforwin installded
> beforehand.
>
> How to for Suricata on Windows:
>
> https://redmine.openinfosecfoundation.org/attachments/download/757/SuricataWinInstallationGuide_v1.3.pdf
>
> for NFQUEUE under windows follow the section "Inline mode" from this page -
> https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Windows
>
> Thank you
>
>
> --
> Regards,
> Peter Manev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20140527/4c79eedc/attachment-0002.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: config.log
Type: application/octet-stream
Size: 116456 bytes
Desc: not available
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20140527/4c79eedc/attachment-0002.obj>

More information about the Oisf-users mailing list