[Oisf-users] having NFQUEUE without a suricata instance running blocks all connections
Eric Leblond
eric at regit.org
Wed Aug 30 22:07:09 UTC 2017
Hi,
On Wed, 2017-08-30 at 13:40 -0700, James Moe wrote:
> On 08/29/2017 02:13 PM, Jeff Dyke wrote:
> > https://home.regit.org/netfilter-en/using-nfqueue-and-libnetfilter_
> > queue/
> >
> > You can add |--queue-bypass|. I'll request that the documentation
> > is
> > updated. I'm not out of the woods, but past this issue.
> >
>
> In opensuse 42.2 (linux 4.4.79-18.26-default x86_64) the iptables
> manual does not show "--queue-bypass" as an option.
> Is the option undocumented, hidden, or unsupported? Or does it
> require
> a custom build of iptables?
bypass option is 2.6.39 so it should be there. Maybe check the
iptables-extensions manpage ?
++
--
Eric Leblond <eric at regit.org>
More information about the Oisf-users
mailing list