[Snort-users] Snort 2.3 CVS branch, and new features

Victor Julien victor at ...12319...
Tue Sep 14 05:34:08 EDT 2004


On Tuesday 14 September 2004 11:29, Olaf Schreck wrote:
> > Also, thanks Dan Roelker of Sourcefire for integrating Snort-Inline
> > into the official project and ironing out issues that popped up during
> > the process.
> >
> > The inline feature set includes only the core inline functionality.
> > This means that DROP, SDROP, and REJECT rule-types are supported. A
> > couple of new features were also added during the integration effort,
> > which provides inline state and dropping packets with bad checksums.
> > The Snort-Inline project will continue to develop new inline features,
> > so for the latest advancements in inline functionality, please
> > refer to the Snort-Inline project. Further documentation can be found
> > in doc/README.INLINE and the Snort-Inline website at
> > http://snort-inline.sf.net.
>
> Will that be Linux/iptables only like the original snort-inline?  I'd
> love to see a generic interface that could support *BSD's pf as well.

Snort inline should work on FreeBSD as well, although i have no personal 
experience with it. It needs a divert-socket to get it's packets. I don't 
know if other BSD's support this...

Regards,
Victor

>
>
> ciao,
> chakl




More information about the Snort-users mailing list