[Snort-users] Iptables and snort inline

lmarcilly at ...12243... lmarcilly at ...12243...
Thu Jun 9 01:53:17 EDT 2005


Hi all!

I try to use iptables and snort inline on a bridging firewall. This is my configuration for testing :

------         ----------
| PC |---------| Bridge |--------- LAN
------         ----------
192.168.1.99      192.168.1.185      192.168.1.0/24

When snort inline does not run, I can't reach the LAN. I think it's normal but it's not what i want. In fact, i would like that when snort inline doesn't run, iptables don't put packet in the queue. Like this, even if traffic isn't analysed by snort, i always can reach the LAN...

I can't find info in the snort user mailling list archive because source-forge is down for the moment so i hope you have a solution to my problem...

Is there a patch to apply to iptables in order to react when snort is down? Or is this only a problem in the rules?

Thanks in advance and sorry for my poor english!

L.M







More information about the Snort-users mailing list