[Snort-users] Snort in Inline Mode on CentOS 6.3

Okeowo, Ayo gadmin at ...16076...
Wed Feb 6 09:28:44 EST 2013


Hello Folks,

Has anyone successfully setup Snort 2.9.4 on CentOS 6.3 with functioning
IPS(Inline Mode) using 2 interfaces (1 for sniffing traffic and 2nd for
management)?

I'm having a few issues, although I haven't sat down to address it yet due
to my day job sucking my time. The first issue is, if I use 1 interface and
put Snort to Inline Mode, my drop rules don't work. Second, if I use 2
interfaces, both Alert and Drop rules cease to work and I get nothing on
Snorby.

Any insight to this issue will be appreciated. Like I said I haven't sat
down to troubleshoot this issue but your response will help.

Thanks.
Ayo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20130206/fe7fc253/attachment.html>


More information about the Snort-users mailing list