[Snort-devel] Snort forwarding/redirecting traffic based on alert

Mr. Qoheleth qoheleth26 at ...2499...
Wed Oct 3 18:46:02 EDT 2012

Hello all,

I am relatively new to Snort and wanted to do some development using Snort.
 My goal is to put Snort in-line with the network as an IPS.  I would like
to forward (or re-direct) traffic matching pre-set rules to a certain
computer or IP (say honeypot address or something like that) and then
traffic that does not meet any of my alert rules, I would like to direct it
to a different system (say another system handling my external routing out
of the network.)  Do you know of a way to accomplish this?

i.e. Is there a way, using Snort to inspect network traffic and re-direct
traffic based on various alert/rules/signatures?

Thank you sooo much for your expertise!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20121003/18caac61/attachment.html>

More information about the Snort-devel mailing list