Please include the following information with your help request:
- Suricata version
- Operating system and/or Linux distribution
- How you installed Suricata (from source, packages, something else)
I am running suricata 7.0.7 version with ubuntu 22.04 and i installed suricata from source code with nfqueue enabled.
I created a hook chain for ids/ips chain and i am queuing every incoming packet to suricata and somewhere nfqueue is getting locked and facing soflockup kernel panic.
I am using default configuration for suricata, i didn’t changed much and only thing i changed is exception-policy: ignore
Will suricata hold the nfqueue lock in kernel?
Or do i need to configure anything on the suricata.yaml ?
Am i missing something in netfilter queue configuration?
Please can someone out there help with the solution.