SnortInline questions

["Grigoris Vidakis" <gvidakis () lab epmhs gr>]

hi to all
  i use snort in my net for the last 6 mounths and i think that i am ready to create some
drop reaction. i already use resp and react

  I want to use the snort inline patch... does anyone knows where i can find 
some documentation for this patch??

  I suppose from the name (inline) that snort will act as an Intrustion Detection Gateway, 
meanly that it can drop packets in a transparent system(linux bridge box), before it will
forward them to the protected network.

My quenstions about this type of snort are:
  What are the main diffs from snort without this patch?
  This infrastructure is implemented with the addition rule drop??
  The snort will take packets from USER SPACE (libipq), insteand of libpcap?
  What is the role of Iptables?

Can anyone help me?
Thanks for your time.