Snort mailing list archives
Re: Snort inline and ip_queue
From: Stephan Scholz <sscholz () astaro com>
Date: Tue, 23 Mar 2004 12:54:45 +0100
Have you added the -Q option when starting Snort? Otherwise Snort runs in normal sniffer mode only. Stephan
I have installed snort_inline, and have ip_queue installed as a module, after some tweaking to the .conf file I have snort_inline fired up now, but none of my tests are generating logs or seem to be working, it seems nothing is being passed from iptables to the user space queue. I wasn't really sure what I should have as a rule in iptables, so I used this: iptables -A FORWARD -i eth0 -j QUEUE and it is the only rule. Anyone know what I am missing here? (I have snort working as a regular sniffer / IDS on many other systems, but I was looking for real-time sig based IPS functionality)
-- Stephan Scholz <sscholz () astaro com> | Development Astaro AG | www.astaro.com | Phone +49-721-490069-0 | Fax -55 Awards for ASL: - Nätverk & Kommunikation Magazine, Sweden: "Five Stars" - October 2003 - Linux Enterprise Readers' Choice Award: Best Firewall - October 2003 - LinuxWorld Product Excellence Award: Best Security Solution - August 2003 - "Excellent" Infoworld Magazine - August 2003 ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort inline and ip_queue neil (Mar 19)
- Re: Snort inline and ip_queue neil (Mar 19)
- Re: Snort inline and ip_queue Stephan Scholz (Mar 23)
- Re: Snort inline and ip_queue Ravi (Mar 23)