[Snort-users] Guardian Overhaul

Nick Rogness nick at ...176...
Fri Sep 28 12:05:02 EDT 2001

On Fri, 28 Sep 2001, Nick Rogness wrote:

	DAMN!  I overhauled based on guardian-1.3.0 which was available
	via www.snort.org.  You can add "merge changes from 1.4" to the
	things todo list.  Sorry bout that.

	Most of the "TODO" list should be done this weekend.

> Well, I've spent the last couple of days redoing gaurdian.  Here is
> the list of added enhancments:
>  -FreeBSD ipfw support (specify firewallType in conf file)
>  -Firewall interface
> 	- Max Firewall rule size 
> 	- An expire timer that runs (old guardian didn't expire properly)
> 	- Ability to handle mulitple Class C (or smaller) targets
> 	- Reuse of Firewall rules (FreeBSD only)
> 	- Easy to add other Firewall tools (send requests)
>  -IPFilter support (Should be done real soon)
>  -See what IP's are blocked with SIGUSR2 signal (without flushing fw)
>  -Better error checking
>  -Better logging
>  -General bug fixes
> I have tarballed  it up at:
> http://freebsd.rogness.net/snort/guardian-2.0b.tgz
> Things that still need to be done:
>  -Official documentation (man pages, README, etc)
>  -Bug reports/fixes (especially Linux people...don't have Linux)
>  -Commenting
>  -Better loading (PM's maybe?)
>  -Ignoring Anomolies 
>  -PreProcessor log recognition
>  -Other stupid stuff ;-)
> I didn't update any of the docs (with the exception of guardian.conf)
> to reflect my changes.  I figured with nimda on the loose people could
> use this in a hurry.  All should be fixed this weeked (yes IPF support
> too). For all you FreeBSD lovers out there, I will make a 'port' out
> of it this weekend.
> Nick Rogness
> nick at ...176...
> RapidNet Internet Services
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users

Nick Rogness
nick at ...176...
RapidNet Internet Services

More information about the Snort-users mailing list