[Snort-users] Guardian 1.5.0 released!

Neal Timm ntimm at ...1964...
Mon Oct 8 16:32:36 EDT 2001


Hello may I suggest adding the following lines to the guardain.pl script for
real time email alerts and to create the chain that is specified in the conf
file I am using these to options now and it works great.
open MAIL, "| /usr/lib/sendmail -t -oi";
    print MAIL "To: $to\n";
    print MAIL "Subject: Automated Guardian Email-Alert, \n";
    print MAIL "Added $source to your $firewall $firewallChain chain for
denial\n";
    print MAIL "\n\n-- \Nan automated message courtesy of Guardian
Response\n";
    close MAIL;
    system ("$firewall Path/$firewall -N $firewallChain");

in conf file options:

if (/Mailto\s+(.*)/) {
        $to = $1;
    }
if conf file:
# Person you would like email alerts mailed to.
Mailto          ntimm at ...1692...

-----Original Message-----
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net]On Behalf Of Nick
Rogness
Sent: Sunday, October 07, 2001 8:19 PM
To: snort-users at lists.sourceforge.net
Cc: jforster at ...176...; dpi at ...176...
Subject: [Snort-users] Guardian 1.5.0 released!



Well, I have finished with my overhaul (first round anyway) of
guardian.  Guardian now supports ipchains, iptables, ipfw, and ipfilter.
Made lots of enhancements, please read the CHANGELOG in the tarball for
more details.  ANyway, here is a link to it:

http://freebsd.rogness.net/snort/guardian-1.5.0.tar.gz

Let me know if you have any problems as it has been reworked (almost all
of it).

Nick Rogness
nick at ...176...
RapidNet Internet Services


_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users





More information about the Snort-users mailing list