[Snort-users] Newbie question: reject rule for IPv6
urbestfriend at ...11827...
Fri Dec 9 07:48:56 EST 2011
A newbie here and I was trying to setup snort inline with NFQ for IPv6
services. Just for testing I have added the following reject rule.
reject tcp any any -> any 80 (classtype:attempted-user;
msg:"Snort_test"; content:"snort-test"; sid:9000001; rev:1;)
Now If I send a traffic with the above content, I see that alerts are
getting generated but this requests is not being reset as expected.
I am running snort 22.214.171.124, my snort.conf is unchanged. What am I doing wrong?
Have a good day.
Thanks and regards,
More information about the Snort-users