[Snort-users] Iptables Prerouting chain

Madhav Diwan mdiwan at ...200...
Wed Nov 14 19:22:02 EST 2001

Does Snort work on packets before or after the prerouting chain in

in other words what address should i use : the SNAT the DNAt or the Masq
 for the HOME ip scheme so that i dont cause myself miscief in the form
of huge alert logs?

what about postrouting : will it have any affect on the IDS at all if i
sniff on the local lan interface as well as on the outside interface at
the same time?



Note: The information contained in this message may be privileged and confidential and protected from disclosure.  If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer.  Thank you.  Wagner Weber & Williams

More information about the Snort-users mailing list