[Snort-users] what is the difference between these rules!??!?!
azimlinux at ...131...
Sat Aug 3 10:43:03 EDT 2002
I'm trying to block some sites using the hogwash patch
I tried the rule below like the porn.rules:
drop tcp $EXTERNAL_NET 80 -> $HOME_NET any /
(msg:"Game site in not
Tyring to enter a web-site froma client, for exemple
www.tavla.com, i can enter that, why!?!??!?!
i have to modify the rule like below in order to block
drop tcp any any <> any any /
(msg:"Game site is not allowed!!"; content:"tavla";)
Now i'M not allowed to enter the sites.
So do i have to modify the rules like that which i
wanna apply the "drop" option!??!??!
Anyone can help me in that case please?!?!?
Do You Yahoo!?
Yahoo! Health - Feel better, live better
More information about the Snort-users