[Bug 1250439] Re: suricata complains about NFQUEUE in newer kernels
** Changed in: suricata (Ubuntu Utopic) Status: Triaged => Won't Fix ** Changed in: suricata (Ubuntu Vivid) Status: Triaged => Won't Fix -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1250439 Title: suricata complains about NFQUEUE in newer kernels To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/suricata/+bug/1250439/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1250439] Re: suricata complains about NFQUEUE in newer kernels
Unfortunately Utopic is already EOL and Vivid will be EOL tomorrow, not enough time for a SRU. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1250439 Title: suricata complains about NFQUEUE in newer kernels To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/suricata/+bug/1250439/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1250439] Re: suricata complains about NFQUEUE in newer kernels
This issue still affects 14.10 and 15.04. 15.10 was fixed in Debian. ** Also affects: suricata (Ubuntu Wily) Importance: Medium Status: In Progress ** Also affects: suricata (Ubuntu Vivid) Importance: Undecided Status: New ** Changed in: suricata (Ubuntu Vivid) Status: New = Triaged ** Changed in: suricata (Ubuntu Wily) Status: In Progress = Fix Released ** Changed in: suricata (Ubuntu Utopic) Status: In Progress = Triaged -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1250439 Title: suricata complains about NFQUEUE in newer kernels To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/suricata/+bug/1250439/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1250439] Re: suricata complains about NFQUEUE in newer kernels
** Changed in: suricata (Ubuntu) Assignee: Rafael David Tinoco (inaddy) = (unassigned) ** Changed in: suricata (Ubuntu Precise) Assignee: Rafael David Tinoco (inaddy) = (unassigned) ** Changed in: suricata (Ubuntu Saucy) Assignee: Rafael David Tinoco (inaddy) = (unassigned) ** Changed in: suricata (Ubuntu Trusty) Assignee: Rafael David Tinoco (inaddy) = (unassigned) ** Changed in: suricata (Ubuntu Utopic) Assignee: Rafael David Tinoco (inaddy) = (unassigned) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1250439 Title: suricata complains about NFQUEUE in newer kernels To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/suricata/+bug/1250439/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1250439] Re: suricata complains about NFQUEUE in newer kernels
This bug was fixed in the package suricata - 1.1.1-1ubuntu1 --- suricata (1.1.1-1ubuntu1) precise; urgency=medium * Fixed init script nfnetlink_queue detection for newer kernels. (LP: #1250439) * Fixed reference-config-file so daemon can start out-of-the-box. -- Rafael David Tinoco rafael.tin...@canonical.com Thu, 24 Apr 2014 11:00:20 -0500 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1250439 Title: suricata complains about NFQUEUE in newer kernels To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/suricata/+bug/1250439/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1250439] Re: suricata complains about NFQUEUE in newer kernels
This bug was fixed in the package suricata - 1.4.7-1ubuntu1 --- suricata (1.4.7-1ubuntu1) trusty; urgency=low * Fixed init script nfnetlink_queue detection for newer kernels. (LP: #1250439) -- Rafael David Tinoco rafael.tin...@canonical.com Thu, 24 Apr 2014 09:45:07 -0500 ** Changed in: suricata (Ubuntu Trusty) Status: Fix Committed = Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1250439 Title: suricata complains about NFQUEUE in newer kernels To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/suricata/+bug/1250439/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1250439] Re: suricata complains about NFQUEUE in newer kernels
This bug was fixed in the package suricata - 1.4.3-1ubuntu1 --- suricata (1.4.3-1ubuntu1) saucy; urgency=low * Fixed init script nfnetlink_queue detection for newer kernels. (LP: #1250439) -- Rafael David Tinoco rafael.tin...@canonical.com Thu, 24 Apr 2014 10:56:19 -0500 ** Changed in: suricata (Ubuntu Saucy) Status: Fix Committed = Fix Released ** Changed in: suricata (Ubuntu Precise) Status: Fix Committed = Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1250439 Title: suricata complains about NFQUEUE in newer kernels To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/suricata/+bug/1250439/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1250439] Re: suricata complains about NFQUEUE in newer kernels
Tested ok on 14.04 (trusty) ** Tags removed: verification-done-precise verification-done-saucy verification-needed ** Tags added: verification-done -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1250439 Title: suricata complains about NFQUEUE in newer kernels To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/suricata/+bug/1250439/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1250439] Re: suricata complains about NFQUEUE in newer kernels
I'd like to see this also verified in Trusty, rather than have the possibility of users upgrading and encountering a regression. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1250439 Title: suricata complains about NFQUEUE in newer kernels To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/suricata/+bug/1250439/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1250439] Re: suricata complains about NFQUEUE in newer kernels
I have tested this package on precise and saucy , and it solves the issue (suricata will start as long as you have the needed kernel module loaded) ** Tags added: verification-done-precise verification-done-saucy -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1250439 Title: suricata complains about NFQUEUE in newer kernels To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/suricata/+bug/1250439/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1250439] Re: suricata complains about NFQUEUE in newer kernels
Hello Javier, or anyone else affected, Accepted suricata into trusty-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/suricata/1.4.7-1ubuntu1 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance! ** Changed in: suricata (Ubuntu Trusty) Status: In Progress = Fix Committed ** Tags added: verification-needed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1250439 Title: suricata complains about NFQUEUE in newer kernels To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/suricata/+bug/1250439/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1250439] Re: suricata complains about NFQUEUE in newer kernels
Hello Javier, or anyone else affected, Accepted suricata into saucy-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/suricata/1.4.3-1ubuntu1 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance! ** Changed in: suricata (Ubuntu Saucy) Status: In Progress = Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1250439 Title: suricata complains about NFQUEUE in newer kernels To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/suricata/+bug/1250439/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1250439] Re: suricata complains about NFQUEUE in newer kernels
** Branch linked: lp:ubuntu/saucy-proposed/suricata ** Branch linked: lp:ubuntu/trusty-proposed/suricata -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1250439 Title: suricata complains about NFQUEUE in newer kernels To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/suricata/+bug/1250439/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1250439] Re: suricata complains about NFQUEUE in newer kernels
Hello Javier, or anyone else affected, Accepted suricata into precise-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/suricata/1.1.1-1ubuntu1 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance! ** Changed in: suricata (Ubuntu Precise) Status: In Progress = Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1250439 Title: suricata complains about NFQUEUE in newer kernels To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/suricata/+bug/1250439/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1250439] Re: suricata complains about NFQUEUE in newer kernels
** Branch linked: lp:~ubuntu-branches/ubuntu/precise/suricata/precise- proposed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1250439 Title: suricata complains about NFQUEUE in newer kernels To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/suricata/+bug/1250439/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1250439] Re: suricata complains about NFQUEUE in newer kernels
* fix-precise-suricata_1.1.1-1.diff ** Patch added: fix-precise-suricata_1.1.1-1.diff https://bugs.launchpad.net/ubuntu/+source/suricata/+bug/1250439/+attachment/4095409/+files/fix-precise-suricata_1.1.1-1.diff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1250439 Title: suricata complains about NFQUEUE in newer kernels To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/suricata/+bug/1250439/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1250439] Re: suricata complains about NFQUEUE in newer kernels
Fix seems ok since this type of detection is being used on similar projects. 1) Proposed patch for Debian sid: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725301 2) Proposed patch merge for Ubuntu development on: https://code.launchpad.net/~inaddy/ubuntu/trusty/suricata/lp-1250439/+merge/216963 3) Created one diff for precise, with a minor correction on default init configuration file (reference.config). * fix-precise-suricata_1.1.1-1.diff 4) Created one diff for saucy equal to upstream patch proposal. * fix-saucy-suricata_1.4.3-1.diff 5) Created one diff for trusty equal to upstream patch proposal. * fix-trusty-suricata_1.4.7-1 Packages have been tested and daemon can init out-of-the-box on all versions. (remembering to set RUN=yes on /etc/default/suricata) Attaching diffs on next comments... ** Bug watch added: Debian Bug tracker #725301 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725301 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1250439 Title: suricata complains about NFQUEUE in newer kernels To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/suricata/+bug/1250439/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1250439] Re: suricata complains about NFQUEUE in newer kernels
* fix-saucy-suricata_1.4.3-1.diff ** Patch added: fix-saucy-suricata_1.4.3-1.diff https://bugs.launchpad.net/ubuntu/+source/suricata/+bug/1250439/+attachment/4095410/+files/fix-saucy-suricata_1.4.3-1.diff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1250439 Title: suricata complains about NFQUEUE in newer kernels To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/suricata/+bug/1250439/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1250439] Re: suricata complains about NFQUEUE in newer kernels
* fix-trusty-suricata_1.4.7-1 ** Patch added: fix-trusty-suricata_1.4.7-1.diff https://bugs.launchpad.net/ubuntu/+source/suricata/+bug/1250439/+attachment/4095413/+files/fix-trusty-suricata_1.4.7-1.diff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1250439 Title: suricata complains about NFQUEUE in newer kernels To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/suricata/+bug/1250439/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1250439] Re: suricata complains about NFQUEUE in newer kernels
** Also affects: suricata (Ubuntu Trusty) Importance: Undecided Status: New ** Also affects: suricata (Ubuntu Precise) Importance: Undecided Status: New ** Also affects: suricata (Ubuntu Saucy) Importance: Undecided Status: New ** Also affects: suricata (Ubuntu Utopic) Importance: Undecided Assignee: Rafael David Tinoco (inaddy) Status: In Progress ** Changed in: suricata (Ubuntu Trusty) Assignee: (unassigned) = Rafael David Tinoco (inaddy) ** Changed in: suricata (Ubuntu Saucy) Assignee: (unassigned) = Rafael David Tinoco (inaddy) ** Changed in: suricata (Ubuntu Precise) Assignee: (unassigned) = Rafael David Tinoco (inaddy) ** Changed in: suricata (Ubuntu Trusty) Status: New = In Progress ** Changed in: suricata (Ubuntu Saucy) Status: New = In Progress ** Changed in: suricata (Ubuntu Precise) Status: New = In Progress ** Changed in: suricata (Ubuntu Precise) Importance: Undecided = Medium ** Changed in: suricata (Ubuntu Trusty) Importance: Undecided = Medium ** Changed in: suricata (Ubuntu Saucy) Importance: Undecided = Medium ** Changed in: suricata (Ubuntu Utopic) Importance: Undecided = Medium -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1250439 Title: suricata complains about NFQUEUE in newer kernels To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/suricata/+bug/1250439/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1250439] Re: suricata complains about NFQUEUE in newer kernels
** Description changed:
Suricata in newer kernels (3.5 and upper) will complain like this:
- * NFQUEUE support not found !
- * Please ensure the nfnetlink_queue module is loaded or built in kernel
+ * NFQUEUE support not found !
+ * Please ensure the nfnetlink_queue module is loaded or built in kernel
although nfnetlink_queue is loaded:
-
lsmod | grep nfnetlink_queue
- nfnetlink_queue17557 3
+ nfnetlink_queue17557 3
nfnetlink 13983 5 nf_conntrack_netlink,nfnetlink_queue
This happens because /etc/init.d/suricata does this check:
check_nfqueue() {
if [ ! -e /proc/net/netfilter/nf_queue ]; then
- log_failure_msg NFQUEUE support not found !
- log_failure_msg Please ensure the nfnetlink_queue module is loaded or
built in kernel
- exit 5
+ log_failure_msg NFQUEUE support not found !
+ log_failure_msg Please ensure the nfnetlink_queue module is loaded or
built in kernel
+ exit 5
fi
}
-
- Nevertheless this only works in pre3.5 kernels as newer kernels have
supressed ip_queue , in benefit of libnetfilter_queue.
+ Nevertheless this only works in pre3.5 kernels as newer kernels have
+ supressed ip_queue , in benefit of libnetfilter_queue.
Thus the script should check that nor /proc/net/netfilter/nf_queue nor
/proc/net/netfilter/nfnetlink_queue existed.
+
+
+ [Impact]
+
+ * Suricata is not able to start without changes on config files.
+ When starting the daemon, it tries to detect NLQUEUE support
+ checking existence of wrong procfs file.
+
+ * On precise it is not able to start out-of-the-box after the
+ change above. Suricata-debian.yaml points to wrong
+ reference.config file.
+
+ * This change fixes LP #1250439.
+
+ [Test Case]
+
+ * Steps
+
+ Install suricata package with apt-get.
+ Set RUN to yes on /etc/default/suricata.
+ Make sure nfnetlink_queue and nfnetlink modules are not loaded.
+ Try to start suricata service and it will complain about no NFQUEUE.
+ Modprobe nfnetlink_queue and try to start suricata again.
+ You cannot because file being checked is /proc/net/netfilter/nf_queue.
+
+ * On precise:
+
+ Wrong auto-generated reference on /etc/suricata/suricata-debian.yaml.
+ Package silently refuses to start even after fixing service init script.
+
+ [Regression Potential]
+
+ * Since this problem exists on upstream and on all Ubuntu versions, it
+ is most likely that customers using this package have already fixed
+ init script.
+
+ * Since customers tend to write their own suricata rules, it is most
+ likely that cutomers have already fixed default rules file.
+
+ * Regression would make suricata daemon not to start (just like now).
+
+ [Other Info]
+
+ NA
** Description changed:
+ [Impact]
+
+ * Suricata is not able to start without changes on config files.
+ When starting the daemon, it tries to detect NLQUEUE support
+ checking existence of wrong procfs file.
+
+ * On precise it is not able to start out-of-the-box after the
+ change above. Suricata-debian.yaml points to wrong
+ reference.config file.
+
+ * This change fixes LP #1250439.
+
+ [Test Case]
+
+ * Steps
+
+ Install suricata package with apt-get.
+ Set RUN to yes on /etc/default/suricata.
+ Make sure nfnetlink_queue and nfnetlink modules are not loaded.
+ Try to start suricata service and it will complain about no NFQUEUE.
+ Modprobe nfnetlink_queue and try to start suricata again.
+ You cannot because file being checked is /proc/net/netfilter/nf_queue.
+
+ * On precise:
+
+ Wrong auto-generated reference on /etc/suricata/suricata-debian.yaml.
+ Package silently refuses to start even after fixing service init script.
+
+ [Regression Potential]
+
+ * Since this problem exists on upstream and on all Ubuntu versions, it
+ is most likely that customers using this package have already fixed
+ init script.
+
+ * Since customers tend to write their own suricata rules, it is most
+ likely that cutomers have already fixed default rules file.
+
+ * Regression would make suricata daemon not to start (just like now).
+
+ [Other Info]
+
+ NA
+
Suricata in newer kernels (3.5 and upper) will complain like this:
* NFQUEUE support not found !
* Please ensure the nfnetlink_queue module is loaded or built in kernel
although nfnetlink_queue is loaded:
lsmod | grep nfnetlink_queue
nfnetlink_queue17557 3
nfnetlink 13983 5 nf_conntrack_netlink,nfnetlink_queue
This happens because /etc/init.d/suricata does this check:
check_nfqueue() {
if [ ! -e /proc/net/netfilter/nf_queue ]; then
log_failure_msg NFQUEUE support not found !
log_failure_msg Please ensure the nfnetlink_queue module is loaded or
built in kernel
exit 5
fi
}
Nevertheless this only works in pre3.5 kernels as newer kernels
[Bug 1250439] Re: suricata complains about NFQUEUE in newer kernels
Uploaded for P/S/T. I'd like to see this fixed in Sid, then we can sync for U. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1250439 Title: suricata complains about NFQUEUE in newer kernels To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/suricata/+bug/1250439/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1250439] Re: suricata complains about NFQUEUE in newer kernels
** Changed in: suricata (Ubuntu) Status: Confirmed = In Progress ** Changed in: suricata (Ubuntu) Assignee: (unassigned) = Rafael David Tinoco (inaddy) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1250439 Title: suricata complains about NFQUEUE in newer kernels To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/suricata/+bug/1250439/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1250439] Re: suricata complains about NFQUEUE in newer kernels
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: suricata (Ubuntu) Status: New = Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1250439 Title: suricata complains about NFQUEUE in newer kernels To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/suricata/+bug/1250439/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1250439] Re: suricata complains about NFQUEUE in newer kernels
** Patch added: suricata.init.patch https://bugs.launchpad.net/ubuntu/+source/suricata/+bug/1250439/+attachment/3906376/+files/suricata.init.patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1250439 Title: suricata complains about NFQUEUE in newer kernels To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/suricata/+bug/1250439/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1250439] Re: suricata complains about NFQUEUE in newer kernels
The attachment suricata.init.patch seems to be a patch. If it isn't, please remove the patch flag from the attachment, remove the patch tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team. [This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.] ** Tags added: patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1250439 Title: suricata complains about NFQUEUE in newer kernels To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/suricata/+bug/1250439/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
