[Snort-users] Snort pass rules failing

Jerry Shenk jshenk at ...514...
Thu May 13 18:11:07 EDT 2004

Ya know, when I posted this last message, I thought about the fact that
this is the first time I've tried using the ENTIRE rule that hit instead
of stripping out all the 'extra stuff'.  After stripping that out, it
seems like things are working as expected.

-----Original Message-----
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of Matt
Sent: Thursday, May 13, 2004 8:13 PM
To: Jerry Shenk; snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] Snort pass rules failing

At 07:19 PM 5/13/2004, Jerry Shenk wrote:
>I'm trying to get a new IDS box set up.  I'm trying to set up a few
>specific pass rules for a box that does monitoring (ICMP and SNMP) and
>router (ICMP redirects) and a web proxy server.  None of them seem to
>taking.  I'm running version 2.1.1 (Build 25)

did you start snort with the -o parameter?

This SF.Net email is sponsored by: SourceForge.net Broadband
Sign-up now for SourceForge Broadband and get the fastest
6.0/768 connection for only $19.95/mo for the first 3 months!
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:

More information about the Snort-users mailing list