[Oisf-users] Suricata in IPS inline mode: nfq_handle_packet error
Andreas Herz
andi at geekosphere.org
Thu Feb 2 20:23:15 UTC 2017
Hi,
please provide more details about your setup, how you run suricata in
that case etc.
On 02/02/17 at 08:51, Vieri wrote:
> I'm getting the following message in the log:
>
> <Warning> - [ERRCODE: SC_ERR_NFQ_HANDLE_PKT(76)] - nfq_handle_packet error -1
>
> Could it be because there's traffic of types udp 500,4500 and protocols 50, 51 (IPsec)?
No that sort of traffic shouldn't be the issue. You could look if you
see any other log message in your syslog/journal. Maybe the NFQUEUE
itself has an issue (queue full or so).
--
Andreas Herz
More information about the Oisf-users
mailing list