[Snort-users] Snort with IPTables

Fyodor fygrave at ...121...
Sun Jan 13 08:08:05 EST 2002


On Sun, Jan 13, 2002 at 09:06:03AM -0600, David Lambert wrote:
> I have very Little knowledge in this arena, so please excuse my ignorance, 
> but doesn't the -p (promiscuous) flag have something to do with whether or 
> not snort sees network traffic before an internal firewall? If this is just 
> bunk, then could someone please point me to an explanation (better than that 
> in the snort man page) of what the -p flag does?
> 

Shortly, promiscious mode: if on --> listens to all the traffic in the
network, if off --> listens to only traffic which is destined to your
network interface.




More information about the Snort-users mailing list