Actions
Bug #7628
closedError: af-packet: ens64: failed to compile BPF "not net 192.168.250.0/24": snaplen of 0 rejects all packets
Status:
Rejected
Priority:
Normal
Assignee:
-
Target version:
-
Affected Versions:
Effort:
Difficulty:
Label:
Description
Hello,
since 7.0.9 the BPF filter no longer works, which worked without problems under 7.0.7.
Installation via APT on Ubuntu 24.04.2 LTS (suricata is already the newest version (1:7.0.9-0ubuntu0))
Example:
bpf-filter: not net 192.168.250.0/24
Works under 7.0.7, under 7.0.9 the log says:
[3110 - W#01-ens64] 2025-03-25 07:39:46 Error: af-packet: ens64: failed to compile BPF "not net 192.168.250.0/24": snaplen of 0 rejects all packets
[3110 - W#01-ens64] 2025-03-25 07:39:46 Error: af-packet: ens64: failed to init socket for interface
[1423 - Suricata-Main] 2025-03-25 07:39:46 Error: threads: thread "W#01-ens64" failed to start: flags 0423
Regards
Florian
Updated by Victor Julien 7 days ago
- Is duplicate of Bug #7618: af-packet: setting bpf fails added
Updated by Victor Julien 7 days ago
- Status changed from New to Rejected
- Assignee deleted (
OISF Dev) - Priority changed from High to Normal
- Target version deleted (
TBD)
Duplicate of #7618.
Workaround is to set the default-packet-size in the yaml or on the commandline --set default-packet-size=1518.
7.0.10 will be release later today to address the issue.
Actions