[Snort-users] Snort + ipchains

Guillaume guillaume at ...4029...
Fri Nov 30 07:42:03 EST 2001


Hi.

Does anybody use the -o option of ipchains to capture REJECTed or DENYied 
packets and send its to snort for log or analyse action ? How does it work ? 
(Please send a more detailed answer than just "fine" ! :-))

I would like to enhance my ipchains filter by adding to it this facility: all 
REJECT or DENY packets are logged "à la tcpdump" and post-analyzed by running 
snort.

Thanks.

Guillaume

***********************************
Sent with HORDE/IMP (www.horde.org)




More information about the Snort-users mailing list