Honeypots mailing list archives
Re: Snort inline for openbsd?
From: Rob McMillen <rvmcmil () cablespeed com>
Date: Sun, 2 Mar 2003 14:46:52 -0500 (EST)
Michael,
The key component to snort_inline is the iptables ip_queue. This
allows a user to tell the iptables firewall to send the packet from kernel
space to a userspace program for routing decision. If the OpenBSD
equivalent of iptables does this, it would be a pretty easy port.
Rob
On Sun, 2 Mar 2003, Michael Anuzis wrote:
Snort inline looks like a great idea & I'd love to try it, but my monitoring station has too much OpenBSD-dependant on it to switch over to linux just for snort-inline. Does anyone know if it's likely to get ported for OpenBSD's PF too? Michael Anuzis, CCNA Network Security Consultant http://www.anuzisnetworking.com http://www.lucidic.net - The Distributed Honeypot Project
Current thread:
- Snort inline for openbsd? Michael Anuzis (Mar 02)
- Re: Snort inline for openbsd? Rob McMillen (Mar 02)
- FreeBSD and honeypots [ Re: Snort inline for openbsd? ] Philip Reynolds (Mar 03)
- Re: FreeBSD and honeypots [ Re: Snort inline for openbsd? ] ph33r (Mar 04)
- Re: FreeBSD and honeypots [ Re: Snort inline for openbsd? ] Philip Reynolds (Mar 04)
- Re: FreeBSD and honeypots [ Re: Snort inline for openbsd? ] Benjamin Johnson (Mar 04)
- Re: FreeBSD and honeypots [ Re: Snort inline for openbsd? ] Alan Neville (Mar 04)
- Re: FreeBSD and honeypots [ Re: Snort inline for openbsd? ] Dave Aitel (Mar 04)
- FreeBSD and honeypots [ Re: Snort inline for openbsd? ] Philip Reynolds (Mar 03)
- Re: Snort inline for openbsd? Rob McMillen (Mar 02)