Upgraded an existing core 130 system which did have the Intrusion Detection set up and working to the testing version of core 131. The upgraded system will not start the Intrusion Prevention. No error messages appear at any point.
Modified the init.d Suricata script
/usr/bin/suricata -c /etc/suricata/suricata.yaml -D $NFQUEUES #
/dev/null 2>/dev/null
to reveal this error message when starting Suricata:
Starting Intrusion Detection System...
2/5/2019 -- 10:48:28 - <Error> - [ERRCODE: SC_ERR_INVALID_ARGUMENT(13)] - too much Netfilter queue registered (16) [ FAIL ]
Maybe this will provide a clue.
Has anyone else seen this issue?
Am I mistaken that the current testing version should be able to successfully update an existing core 130 system?
Best regards,
Fred
-
Kienker, Fred