[Oisf-users] Strange behaviour of Suricata
Andreas Herz
andi at geekosphere.org
Wed Oct 19 20:50:47 UTC 2016
On 19/10/16 at 11:46, James Moe wrote:
> On 10/19/2016 03:13 AM, Todor Petkov wrote:
> >
> > iptables-save -t filter -> http://pastebin.com/79VjZK09
> >
> I did not see NFQUEUE in the list.
>
> To create:
> /usr/sbin/iptables -I INPUT -j NFQUEUE
> /usr/sbin/iptables -I OUTPUT -j NFQUEUE
>
> To remove:
> /usr/sbin/iptables -D INPUT -j NFQUEUE
> /usr/sbin/iptables -D OUTPUT -j NFQUEUE
I see them there :)
-A INPUT_direct -j NFQUEUE --queue-num 0 --queue-bypass
Could you try 3.2beta or just for testing purposes an older version?
I have a similiar setup working with IPS NFQUEUE with 3.1.x and can't
reproduce that.
AFAIR we already talked about that at the IRC, so I think we already saw
that it's working when you add -j ACCEPT instead of the -j NFQUEUE
right?
--
Andreas Herz
More information about the Oisf-users
mailing list