[Snort-users] Pass rule not passing preprocessors (Absent jusqu'au 29/07/2002)

Pascal Painparay pascal.painparay at ...8874...
Mon Apr 21 06:43:17 EDT 2003

Je suis absent jusqu'au 21/04/03 inclus. 
En cas d'urgence, Vous pouvez contacter :
  Christophe Savin au 01 49 15 32 75.

Pascal Painparay

>>> snort-users 04/21/03 15:21 >>>

"Always Bishan" <bishan4u at ...1396...> writes:

> Hi Snorters,
> I wrote a pass rule which will pass anything coming
> from one machine.
> pass tcp -> any any
> pass icmp -> any any
> pass udp -> any any


> Now by writing this pass rule I'm able to avoid any
> alerts from my rules directory, but preprocessors are
> still generating alerts. 
> Is there anyway to avoid this?

If you want to omit traffic from that machine completely, disable all
traffic from it in your bpf filter for snort.

snort <command args> not host
Chris Green <cmg at ...1935...>
To err is human, to moo bovine.

This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:

More information about the Snort-users mailing list