can you please check these snort and snort7 config files to see is i have made any mistake because i release the new fw_upgrade update with the new snort package ( did not inclue snort8.conf)
my concerns i have is with snort 7 /8 in router mode with the trogen list enabled should it be
The new snort version seem to work ok but on installing it deletes file
/use/lib/daq/daq_nfq.so because it's obsolete
yet without it snort does not work i copied the file back and all working fine again, do you know of a way to configure snort to work without the file, as i believe that snort now has ngq built in and does not use the library file?
Good catch on noticing that the NFQ packet acquisition module is gone. The developer that did the upgrade was working off of the bridge mode image which uses AFPACKET instead so he didn't include it. You just have to add it back in. I remember Itus saying NFQ was faster for router mode and AFPACKET was faster for bridge mode in their testing.
Have you noticed anything else in router? I've only been using bridge but it's rock solid with no reboots, errors, issues, nothing.