[Oisf-users] suricata with iptables NFQUEUE and kernel warnings for net/ipv4/tcp_output.c:915
Vieri
rentorbuy at yahoo.com
Thu Feb 13 21:37:09 UTC 2020
Hi,
When using Suricata 5.0.1 in IPS mode with iptables NFQUEUE balance 0:5, I get a very high amount of kernel messages like the one I posted on the LKML (link below).
These messages are warnings seen on kernels v. 4.19 and 5.5, and they are all referring to net/ipv4/tcp_output.c:915. They can be very numerous at times (even several in just one second). The system keeps working, and there is no apparent overall service failure. However, I've had one system freeze after one full week of uptime. The last message recorded in syslog when the OS froze was the same type of warning.
I've posted this on the LKML, but does anyone here have any suggestions as to what I could try?
Has anyone seen this type of message before?
https://lkml.org/lkml/2020/2/13/1255
Regards,
Vieri
More information about the Oisf-users
mailing list