This does not work out-of-the-box currently. I saw a bug report that the currently shipped .bpf files are not working with current libbpf (version >1.0). However, here’s how you can compile them yourself.
Continue reading eBPF bypass with Suricata 7.0.2 in Debian 12 Bookworm