[Snort-users] snort does not sent reset in freebsd/ipfw inline mode
michael.scheidell at ...8144...
Fri Feb 4 17:57:55 EST 2011
On 1/19/11 1:00 PM, Rajkumar S wrote:
> I am testing snort 188.8.131.52 with inline under FreeBSD 6.2-RELEASE-p12
> and IPFW. Every thing seems working except that no packet gets dropped
> or reset is being sent.
I have a (test ports) version of 184.108.40.206 and am trying to make sure
I have never gotten this to work in the past, and am still confused.
> I am using snort Version 220.127.116.11 (Build 98) FreeBSD which is compiled
> with following options:
> ./configure --enable-flexresp3 --enable-react --enable-active-response
did you find you needed the -Q in the command line?
(man page seems to say this is for iptables only)
did you find you needed this in snort.conf?
what sysctl's did you need to add to turn on ipfw filtering?
(sysctl -a | egrep 'fw|bridge')
this in a router mode? with an ip on each interface? or bridged? (with
what ifconfig options did you use to create the bridge?
Michael Scheidell, CTO
>*| *SECNAP Network Security Corporation
* Certified SNORT Integrator
* 2008-9 Hot Company Award Winner, World Executive Alliance
* Five-Star Partner Program 2009, VARBusiness
* Best in Email Security,2010: Network Products Guide
* King of Spam Filters, SC Magazine 2008
This email has been scanned and certified safe by SpammerTrap(r).
For Information please see http://www.secnap.com/products/spammertrap/
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users