Security Basics mailing list archives
Re: Freebsd & snort inline
From: maleficcode () gmail com
Date: 13 Sep 2006 06:03:41 -0000
You need to compile the following into your kernel: options IPFIREWALL options IPDIVERT Then you need to read the firewall and NAT sections in the FreeBSD handbook. You will need something similar to the following in your ipfw script: ipfw add xxx divert 6969 ip from any to any Start snort inline with something like: snort_inline -J 6969 -c snort_inline.conf Some handy resources: http://freebsd.rogness.net/snort_inline/ http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Freebsd & snort inline ruurdster (Sep 12)
- Re: Freebsd & snort inline Alexey Vesnin (Sep 13)
- <Possible follow-ups>
- Re: Freebsd & snort inline maleficcode (Sep 13)
- Re: Re: Freebsd & snort inline maleficcode (Sep 14)