next up previous contents
Next: IPQ Up: Packet Acquisition Previous: AFPACKET   Contents


NFQ is the new and improved way to process iptables packets:

    ./snort --daq nfq \
        [--daq-var device=<dev>] \
        [--daq-var proto=<proto>] \
        [--daq-var queue=<qid>] \
	[--daq-var queue_len=<qlen>]

    <dev> ::= ip | eth0, etc; default is IP injection
    <proto> ::= ip4 | ip6 | ip*; default is ip4
    <qid> ::= 0..65535; default is 0
    <qlen> ::= 0..65535; default is 0

Notes on iptables can be found in the DAQ distro README.

Eugene Misnik 2013-05-08