Nfq_create_queue failed

liqingjia · May 22, 2020, 10:30am

Ubuntu16.04
I have a Virtual Ethernet Adapter named vmnet1 which ip is 192.168.56.1.
iptables:
sudo iptables -t nat -A POSTROUTING -o ens33 -s 192.168.56.0/24-j MASQUERADE（i use host-only go internet）
iptables -I FORWARD -j NFQUEUE
when i start suricata(IPS),it will faill.like this:

liqingjia · May 22, 2020, 10:31am

why ? thank you very much.

vjulien · May 22, 2020, 10:39am

2 things come to mind:

permissions: does it work when you start as root or using sudo?
queue is busy: another program is already using queue 0

liqingjia · May 25, 2020, 1:45am

i use sudo.
which program would use queue 0?
is this rule affect?
nat:-A POSTROUTING -s 192.168.56.0/24 -o ens33 -j MASQUERADE

vjulien · May 25, 2020, 5:38am

# cat /proc/net/netfilter/nfnetlink_queue
    0   1169     0 2 65531     0     0  8593079  1

Here the 1169 is the process id of the process using queue 0.

liqingjia · May 25, 2020, 8:58am

I find another suricata(daemon) is running ，my fault.
thank you

Topic		Replies	Views
Getting error after setting Suricata as a IPS Help	2	710	February 14, 2022
Connections dropping out Help	5	1046	October 22, 2020
Iptables + NFQUEUE Help ips , community	8	2999	June 12, 2021
Suricata iptables and nft errors when all is setting up correctly Help	3	172	December 12, 2023
Suricata does not start in IPS mode Help ips , suricata	1	38	April 17, 2024

Nfq_create_queue failed

Related Topics