[Snort-users] Snort + ipchains
jsage at ...2022...
Sun Mar 3 21:09:05 EST 2002
If I've understood your question correctly, yes, snort will see packets
that are DENY'ed by ipchains *if* snort is running on the same box as
That's exactly what I'm doing, and snort sees everything ipchains
If snort is off on another box, behind the ipchains box, it's another
Most people don't type their own logfiles; but, what do I care?
On Sun, Mar 03, 2002 at 08:35:05PM -0500, Ashley Thomas wrote:
> I need to run snort inside the firewall as well as outside it.
> I need to run outside to know the attacks which cannot make it thru
> the firewall.
> So if i run snort on the same machine , will snort see the packets which
> are blocked by the firewall (ipchains).
More information about the Snort-users