Re: Architecture for FlexResp...

[James Riden <j.riden () massey ac nz>]

Knorr Markus <Markus.Knorr () is-energy de> writes:

>    Hello list,
>    I want to implement the flexresp feature in a testing environment and
>    have some questions according this issue.
>    Did i need a second Nic for the FlexResp?

IIRC the response goes out whichever NIC is appropriate given normal
routing considerations. It definitely does work if you have one one
NIC listening in promiscuous mode (without IP address) and a second
which is configured in the usual way (IP address, netmask, gateway
addresses all set appropriately).

So you could probably get it to work with one NIC with appropriate
juggling, but I haven't tried it.

-- 
James Riden / j.riden () massey ac nz / Systems Security Engineer
Information Technology Services, Massey University, NZ.
GPG public key available at: http://www.massey.ac.nz/~jriden/




-------------------------------------------------------
The SF.Net email is sponsored by: Beat the post-holiday blues
Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users