[Snort-users] APF with snort

Tom Lee tom_lee01 at ...125...
Thu Feb 23 16:20:05 EST 2006


Hello,
I use APF firewall in linux and try to use it along with snort.

for configuration file /etc/apf/ad/conf.antidos
it  has the option to check with snort portscan log file,
# Snort portscan  log file [experimental]
SLOG="/var/log/snort/portscan.log"

How can I make the portscan (scan.rules?) log file goes to 
/var/log/snort/portscan.log?
It will allow me to block those malicious IPs in advance.

thanks.

Tom






More information about the Snort-users mailing list