[Snort-users] Blocking ip's with snort blacklist

Jeremy Hoel jthoel at ...11827...
Tue Mar 26 14:20:45 EDT 2013


snort has the ability to use a bpf file, use the -F flag or setup in
/etc/sysconfig/snort

# To use an external BPF filter file uncomment the following variable
# syntax corresponds to tcpdump(8)
# -F {/path/to/bpf_file}
# config bpf_file: /path/to/bpf_file
#BPFFILE=/etc/snort/bpf_file




On Tue, Mar 26, 2013 at 6:12 PM, Dmitry Korzhevin
<dmitry.korzhevin at ...15907...> wrote:
> Hi,
>
> Is there any way to block ip's using snort blacklist files on linux, not
> iptables?
>
>
>
> Best Regards,
> Dmitry
>
> ---
> Dmitry KORZHEVIN
> System Administrator
> STIDIA S.A. - Luxembourg
>
> e: dmitry.korzhevin at ...15907...
> m: +38 093 874 5453
> w: http://www.stidia.com
>
>
> ------------------------------------------------------------------------------
> Own the Future-Intel® Level Up Game Demo Contest 2013
> Rise to greatness in Intel's independent game demo contest.
> Compete for recognition, cash, and the chance to get your game
> on Steam. $5K grand prize plus 10 genre and skill prizes.
> Submit your demo by 6/6/13. http://p.sf.net/sfu/intel_levelupd2d
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest Snort
> news!




More information about the Snort-users mailing list