Bug #2933: Suricata 4.1.3 block flow - Suricata - Open Information Security Foundation

Actions

Copy link

Bug #2933

closed

Suricata 4.1.3 block flow

Added by Anthony h over 5 years ago. Updated over 2 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Community Ticket

Target version:

TBD

Affected Versions:

4.1.3

Effort:

Difficulty:

Label:

Description

Hi,

I use Suricata 4.1.3 on Debian 9
I use the followinf iptables command to redirect flow to Suricata

iptables -A FORWARD -d xxx.xxx.xxx.xxx -m state --state RELATED,ESTABLISHED -j NFQUEUE --queue-num 1
iptables -A FORWARD -s xxx.xxx.xxx.xxx -j NFQUEUE --queue-num 1

Sometimes, Suricata seems drop all packet without informations in logs files.

I need to kill Suricata, then I put iptables -I FORWAD -j ACCEPT and then I restart Suricata like this:
/usr/bin/suricata -c /etc/suricata/suricata.yaml -q 1

To finish I remove the iptables rules: iptables -D FORWAD -j ACCEPT

This problems is appeared with release 4.1.3

Before with Suricata 4.1.2 I have no problem.

Is it a bug of Suricata?

Thank you

Anthony

History
Notes
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Bug #2933

Suricata 4.1.3 block flow

Updated by Anthony h over 5 years ago

Updated by Andreas Herz over 5 years ago

Updated by Anthony h over 5 years ago

Updated by Andreas Herz over 5 years ago

Updated by Andreas Herz over 2 years ago