Snort mailing list archives

Re: Snort Inline w/ NFQ doesn't work after reboot

From: J Green <corpengineer () gmail com>
Date: Mon, 28 Nov 2016 13:28:39 -0800

Compiled Snort 2.9.8.3 & DAQ, CentOS 7 (VM).

It works w/ NFQ inline.  However, if I reboot the VM, NFQ no longer seems
to work.  I do not see anything in the logs, etc.

Here is how I am running Snort:

snort -Q --daq nfq --daq-var device=eth0 --daq-var queue=1 -c
/etc/snort/snort.conf &

iptables -t nat -I PREROUTING -j NFQUEUE --queue-num 1
iptables -I FORWARD -j NFQUEUE --queue-num 1

barnyard2 -c /etc/snort/barnyard2.conf -d /var/log/snort -f snort.us -w
/var/log/snort/barnyard.waldo -g snort -u snort


Any input would be appreciated.

Thank you.

------------------------------------------------------------------------------

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread:

Re: Snort Inline w/ NFQ doesn't work after reboot J Green (Nov 28)
- Re: Snort Inline w/ NFQ doesn't work after reboot James Lay (Nov 29)
  - Re: Snort Inline w/ NFQ doesn't work after reboot J Green (Nov 29)
    - Re: Snort Inline w/ NFQ doesn't work after reboot James Lay (Nov 29)
    - Re: Snort Inline w/ NFQ doesn't work after reboot J Green (Nov 29)
    - Re: Snort Inline w/ NFQ doesn't work after reboot James Lay (Nov 29)
    - Re: Snort Inline w/ NFQ doesn't work after reboot J Green (Nov 29)
    - Re: Snort Inline w/ NFQ doesn't work after reboot James Lay (Nov 29)
    - Re: Snort Inline w/ NFQ doesn't work after reboot J Green (Nov 29)
    - Re: Snort Inline w/ NFQ doesn't work after reboot J Green (Nov 29)
    - Re: Snort Inline w/ NFQ doesn't work after reboot James Lay (Nov 29)

(Thread continues...)