Nfnetlink_queue dropping packages since snort3 update

Installing and Using OpenWrt Network and Wireless Configuration
4

@xxxx - you posted here experiencing the same issue. In the context of the new snort3 package, how would I go about implementing your solution?

For reference:

/etc/config/snort 
onfig snort 'snort'
        option enabled         '1'              # one of [0, 1]
        option manual          '0'              # one of [0, 1]
        option oinkcode        ''               # a string
        option home_net        '10.9.8.0/24 10.9.7.0/24 10.9.6.0/24 10.9.5.0/24 10.200.200.0/24'
        option external_net    '!$HOME_NET'
        option config_dir      '/etc/snort'     # a path string
        option temp_dir        '/var/snort.d'   # a path string
        option log_dir         '/mnt/data'      # a path string
        option logging         '1'              # one of [0, 1]
        option openappid       '0'              # one of [0, 1]
        option mode            'ips'            # one of [ids, ips]
        option method          'nfq'            # one of [pcap, afpacket, nfq]
        option action          'drop'           # one of [alert, block, drop, reject]
        option interface       'eth1'           # a string
        option snaplen         '65531'          # 1518 <= x <= 65535
        option include         '/etc/snort/include.snort'

config nfq 'nfq'
        option queue_count     '8'              # 1 <= x <= 16
        option queue_start     '4'              # 1 <= x <= 32768
        option queue_maxlen    '12288'           # 1024 <= x <= 65536
        option fanout_type     'lb'             # one of [hash, lb, cpu, rollover, rnd, qm]
        option thread_count    '8'              # 0 <= x <= 32
        option chain_type      'postrouting'    # one of [prerouting, input, forward, output, postrouting]
        option chain_priority  '300'            # one of [raw, filter, 300]
        option include         '/etc/snort/include.nfq'
/etc/snort/include.nfq 
ct state invalid drop;
oifname "{{ snort.interface }}" tcp flags ack ct state established counter accept
/etc/snort/include.snort 
-- Disable output to syslog
alert_syslog = nil
alert_json = nil

-- Enable output to alert_fast.txt
alert_fast = {
  file = true,
  packet = false,
}

-- This section modifies the json output to be compatible with 'snort-mgr report',
--  but includes all the fields you would see when using 'alert_fast'.
--alert_json = {
--  fields = 'timestamp pkt_num proto pkt_gen pkt_len dir src_ap dst_ap rule action msg',
--  file = true,
--}

suppress = {
  -- this kills stuff in lxc
  {
    gid = 1, sid = 650, track = 'by_dst', ip = '10.9.8.101'
  },
}

network = {
  checksum_eval = 'none',
}

search_engine = {
  search_method = "hyperscan",
  offload_search_method ="hyperscan",
  detect_raw_tcp = true,
}

detection = {
  hyperscan_literals = true,
  pcre_to_regex = true,
}