Using NFQUEUE with IPtables sends ALL Traffic to Suricata. How do I get the traffic back to the OS after review? Also, if Suricata is not Running, then all network traffic is blocked. What am I missing?
Problem found.
I was switching between af-packet and nfqueue.
Problem resolved.
I have also discovered that while IPTables is functioning correctly, it is NOT reporting the activities in the rules for INPUT, OUTPUT and FORWARDING correctly.