Linux snort.test.lan 3.2.0-4-amd64 #1 SMP Debian 3.2.41-2+deb7u2 x86_64 GNU/Linux kernel version
ipq DAQ configured to inline.
ERROR: Can't initialize DAQ ipq (-1) - ipq_daq_initialize: ipq_create_handle error Unable to create netlink socket
Fatal Error, Quitting..
Tam aksine "NFQ" modulu sorunsuz calisiyor. IPQ modulunu yuklemek istedigimizde ise asagidaki gibi bir sonucla karsilasiyoruz:
# modprobe ip_queue
ERROR: could not insert 'ip_queue': Device or resource busy
# insmod ip_queue
Error: could not load module ip_queue: No such file or directory
# insmod /lib/modules/3.2.0-4-amd64/kernel/net/ipv4/netfilter/ip_queue.ko
Error: could not insert module /lib/modules/3.2.0-4-amd64/kernel/net/ipv4/netfilter/ip_queue.ko: Device or resource busy
ve syslog icerigi:
Jun 8 02:21:54 snort kernel: [ 3382.028421] ip_queue: failed to register queue handler
Jun 8 02:27:35 snort kernel: [ 3722.151772] ip_queue: failed to register queue handler
Jun 8 02:27:52 snort kernel: [ 3739.115550] ip_queue: failed to register queue handler
Sanirim 3.X kernel versiyonunda ip_queue modulu desteklenmiyor nfq modulu ile sorun yasadigindan.
Debian, Snort kullanip da upgrade yapacak arkadaslarla paylasmak istedim.
Saygilar
Ozgur