[Snort-users] combination of snort & ipchains

Gregor Binder gbinder at ...462...
Tue Jan 16 18:19:37 EST 2001

Gregor Binder on Wed, Jan 17, 2001 at 12:13:07AM +0100:


after consulting ipf(5):

>   - use "dup-to" (with the virtual address) instead of "block" to copy
>     things you want to block to that interface

use dup-to with the name of the virtual interface, don't give it an
address at all. much less scary and problematic. :)


Gregor Binder  <gregor.binder at ...462...>  http://sysfive.com/~gbinder/
sysfive.com GmbH               UNIX. Networking. Security. Applications.
Gaertnerstrasse 125b, 20253 Hamburg, Germany         TEL +49-40-63647482
PGP id: 0x20C6DA55 fp: 18AB 2DD0 F8FA D710 1EDC A97A B128 01C0 20C6 DA55

More information about the Snort-users mailing list