[Oisf-users] Trouble with NFQUEUE IPS Mode
Leonard Jacobs
ljacobs at netsecuris.com
Wed Nov 18 00:11:41 UTC 2015
I set up Suricata in NFQUEUE with the following IPTABLES configuration:
Chain INPUT (policy ACCEPT 107K packets, 152M bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 NFQUEUE all -- p3p1 p2p1 0.0.0.0/0 0.0.0.0/0 NFQUEUE num 0
0 0 NFQUEUE all -- p2p1 p3p1 0.0.0.0/0 0.0.0.0/0 NFQUEUE num 0
0 0 NFQUEUE all -- p1p1 eth0 0.0.0.0/0 0.0.0.0/0 NFQUEUE num 0
0 0 NFQUEUE all -- eth0 p1p1 0.0.0.0/0 0.0.0.0/0 NFQUEUE num 0
Chain OUTPUT (policy ACCEPT 65421 packets, 3998K bytes)
pkts bytes target prot opt in out source destination
and
suricata -v -c /etc/suricata/suricata.yaml -q 0
and all traffic come to a halt. What am I doing wrong?
Leonard
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20151117/520dbcad/attachment-0001.html>
More information about the Oisf-users
mailing list