[Snort-users] Not logging ICMP with logto:
trodwell at ...10764...
Tue Dec 16 09:20:09 EST 2003
I'm just getting to grips with Snort. I've got a VERY simple conf file at
config logdir: /var/snort/log
log icmp any any -> any any (logto:"icmp.log";)
log ip any any -> any any (logto:"ip.log";)
... which records ALL IP packets, including icmp, in the 'ip.log', when I
had expected all the ICMP packets to go into .../icmp.log. What gives?
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.551 / Virus Database: 343 - Release Date: 11/12/2003
More information about the Snort-users