Snort mailing list archives
Re: snort-inline and iptables INPUT chain
From: Laurent Haond <lhaond () bearstech com>
Date: Tue, 01 Mar 2005 16:50:11 +0100
Victor Julien a écrit :
I've made test with very simple iptables rules (after flushing all rules filter / mangles and also tried a reboot) :Hmmm, the only thing i can think of is that you forgot to queue the traffic on the OUTPUT chain.Reading older posts, i do not really understand if sort-inline does only work with the FORWARD chain ?No it works on the other chains as well.so do i need to replace all "-j ACCEPT" with "-j QUEUE" only for FORWARD chain ? Or is it a problem/option missing on stream4 preprocessor, or a probleme with ip_conntrack ?Can you show us the iptables rules? Regards, Victor
iptables -F INPUT iptables -F OUPUT iptables -F FORWARD iptables -A INPUT -j QUEUE iptables -A FORWARD -j QUEUE # (not needed this is a direct connection) iptables -A OUPUT -j QUEUEI still can't connect with ssh, but can i see an established connection on port 22 when looking in /proc/net/ip_conntrack
BTW, kernel is 2.4.27 / iptables 1.2.11 with some patch-o-matic extension applied.
Any ideas ? Regards Laurent ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- snort-inline and iptables INPUT chain Laurent Haond (Feb 28)
- Re: snort-inline and iptables INPUT chain Victor Julien (Feb 28)
- Re: snort-inline and iptables INPUT chain Laurent Haond (Mar 01)
- Re: snort-inline and iptables INPUT chain Will Metcalf (Mar 02)
- Re: snort-inline and iptables INPUT chain Laurent Haond (Mar 02)
- Re: snort-inline and iptables INPUT chain Laurent Haond (Mar 02)
- Re: snort-inline and iptables INPUT chain Will Metcalf (Mar 02)
- Re: snort-inline and iptables INPUT chain Laurent Haond (Mar 02)
- Re: snort-inline and iptables INPUT chain Will Metcalf (Mar 02)
- Re: snort-inline and iptables INPUT chain Laurent Haond (Mar 02)
- Re: snort-inline and iptables INPUT chain Laurent Haond (Mar 01)
- Re: snort-inline and iptables INPUT chain Victor Julien (Feb 28)
- Re: snort-inline and iptables INPUT chain Laurent Haond (Mar 02)