[Snort-inline-users] System hanging while using snort_inline

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Hello,
I am currentrly trying to run the snort_inline on one of our systems. The 
problem is that the whole system "hangs" after about one day.
I have about 50 drop rules loaded to test the system.

My system setup is:
- the latest 2.1.0 snort_inline.
- iptables is 1.2.8 with patch-o-matic-20030912 installed.
- vanilla 2.4.22 kernel 
- my currently used modules are:
  Module                  Size  Used by
  ipsec                 267648   2
  8139too                13648   1  (autoclean)
  crc32                   2848   0  (autoclean) [8139too]
  af_packet               8304   2  (autoclean)
  eepro100               18048   1  (autoclean)
  mii                     2320   0  (autoclean) [8139too eepro100]
  ip_conntrack_irc        3136   1  (autoclean)
  ip_nat_irc              2400   0  (unused)
  ip_conntrack_ftp        3872   1  (autoclean)
  ip_nat_ftp              3040   0  (unused)
  ipt_mark                 448   6  (autoclean)
  ipt_ttl                  608   1  (autoclean)
  ipt_MARK                 784   2  (autoclean)
  ipt_state                592 127  (autoclean)
  ipt_REJECT              3184  14  (autoclean)
  ipt_LOG                 3296  96  (autoclean)
  ipt_limit                944  96  (autoclean)
  iptable_nat            15936   3  (autoclean) [ip_nat_irc ip_nat_ftp]
  ip_queue                5040   0  (unused)
  iptable_mangle          2192   1  (autoclean)
  iptable_filter          1712   1  (autoclean)
- my iptables rules used to feed the queue module
  iptables -t mangle -A PREROUTING -i eth1  -j QUEUE
  iptables -t mangle -A POSTROUTING -o eth1 -j QUEUE

Is there anything wrong with my setup or does anyone have similiar problems.

Kind regards
Matthias

-- 
Matthias Haas
Linogate GmbH
Alter Postweg 101
86159 Augsburg Germany
http://www.linogate.com
ha...@li...