[Snort-users] combination of snort & ipchains
gbinder at ...462...
Tue Jan 16 18:19:37 EST 2001
Gregor Binder on Wed, Jan 17, 2001 at 12:13:07AM +0100:
after consulting ipf(5):
> - use "dup-to" (with the virtual address) instead of "block" to copy
> things you want to block to that interface
use dup-to with the name of the virtual interface, don't give it an
address at all. much less scary and problematic. :)
Gregor Binder <gregor.binder at ...462...> http://sysfive.com/~gbinder/
sysfive.com GmbH UNIX. Networking. Security. Applications.
Gaertnerstrasse 125b, 20253 Hamburg, Germany TEL +49-40-63647482
PGP id: 0x20C6DA55 fp: 18AB 2DD0 F8FA D710 1EDC A97A B128 01C0 20C6 DA55
More information about the Snort-users