[Snort-users] Snort Inline w/ NFQ doesn't work after reboot

J Green corpengineer at ...11827...
Mon Nov 28 16:28:39 EST 2016


Compiled Snort 2.9.8.3 & DAQ, CentOS 7 (VM).

It works w/ NFQ inline.  However, if I reboot the VM, NFQ no longer seems
to work.  I do not see anything in the logs, etc.

Here is how I am running Snort:

snort -Q --daq nfq --daq-var device=eth0 --daq-var queue=1 -c
/etc/snort/snort.conf &

iptables -t nat -I PREROUTING -j NFQUEUE --queue-num 1
iptables -I FORWARD -j NFQUEUE --queue-num 1

barnyard2 -c /etc/snort/barnyard2.conf -d /var/log/snort -f snort.us -w
/var/log/snort/barnyard.waldo -g snort -u snort


Any input would be appreciated.

Thank you.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20161128/48a62e86/attachment.html>


More information about the Snort-users mailing list