[Snort-users] snort IPS

QuasWexExort noisyfarhan at gmail.com
Tue Aug 22 12:35:29 EDT 2017

 try to run snort in inline mode with daq afpacket. Im using mininet as
network simulator which has 4 host on it. When i add command to listen on
interface Switch1-eth2:Switch1-eth4, the ping between h4 to h2 should be
block. but why the ping still pass. some of them get block by the rules,
but some of them still pass to destination. and i got (DUP!) when i pinging
each other. why? any ideas?
