March 07, 2013 4:02 PM
> To: 'Lawrence Teo'
> Cc: misc@openbsd.org
> Subject: RE: snort inline
>
> This works. Thank you very much. I'll let you know if I run into any issues
> but I am able to run snort inline now along with NAT.
>
> Justin
>
>
&
sday, March 07, 2013 4:02 PM
To: 'Lawrence Teo'
Cc: misc@openbsd.org
Subject: RE: snort inline
This works. Thank you very much. I'll let you know if I run into any issues
but I am able to run snort inline now along with NAT.
Justin
-Original Message-
From: Lawrence
d.org
Subject: Re: snort inline
Hi Justin,
Not sure if you still need to use divert-packet with NAT, but if you do,
could you please try the diff at
http://marc.info/?l=openbsd-tech&m=136245826921904&w=2 to see if it works
for you?
The easiest way to get the diff is:
ftp -o divert-checksum.dif
To: misc@openbsd.org
Subject: Re: snort inline
Another update in case there is any interest in running divert-packet along
with NATing. I ditched snort and wrote a little divert program based on the
man page to test easier. I can now see that with nat as well as
divert-packet on egress rule on
nday, November 25, 2012 4:37 PM
> To: misc@openbsd.org
> Subject: Re: snort inline
>
> Quick update. It seems to be a nat problem. If I just test by pinging either
> the 192.168.1.32 interface or the 192.168.0.13 interface it works fine and
> snort sees the packets. Its only when th
] On Behalf Of
Justin
Sent: Sunday, November 25, 2012 4:37 PM
To: misc@openbsd.org
Subject: Re: snort inline
Quick update. It seems to be a nat problem. If I just test by pinging either
the 192.168.1.32 interface or the 192.168.0.13 interface it works fine and
snort sees the packets. Its only when
Quick update. It seems to be a nat problem. If I just test by pinging either
the 192.168.1.32 interface or the 192.168.0.13 interface it works fine and
snort sees the packets. Its only when the traffic is NATed that it fails.
-Original Message-
From: owner-m...@openbsd.org [mailto:owner
The problem is, that the firewall MUST run with OpenBSD !!
Thanks for answers
There is no support for PF. If you need in-line function for an IPS, you can
take a look at a FreeBSD/snort_inline/IPFW/divert socket solution:
http://freebsd.rogness.net/snort_inline/
The snort_inline code primarily supports Linux netfilter/libpq. Also note
that snort2pf is considered Active Res
Do you search for something like this?
http://www.thinknerd.org/~ssc/wiki/doku.php?id=snort2pf
-Original Message-
From: Florian [mailto:[EMAIL PROTECTED]
Sent: dinsdag 6 september 2005 15:20
To: misc@openbsd.org
Subject: Snort-Inline with OpenBSD
Hello community
I tried to install Snor
> Now my question: Is there any way to install snort with inline functionality
> ??
i dont know, snort inline need netfilter API.
you can to use snortsam. -> http://www.snortsam.net
11 matches
Mail list logo
