[Snort-devel] Snort forwarding/redirecting traffic based on alert
qoheleth26 at ...2499...
Wed Oct 3 18:46:02 EDT 2012
I am relatively new to Snort and wanted to do some development using Snort.
My goal is to put Snort in-line with the network as an IPS. I would like
to forward (or re-direct) traffic matching pre-set rules to a certain
computer or IP (say honeypot address or something like that) and then
traffic that does not meet any of my alert rules, I would like to direct it
to a different system (say another system handling my external routing out
of the network.) Do you know of a way to accomplish this?
i.e. Is there a way, using Snort to inspect network traffic and re-direct
traffic based on various alert/rules/signatures?
Thank you sooo much for your expertise!
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-devel