Snort mailing list archives
RE: Snort and IPTables?
From: "Dave Fitches" <sticks.au () bigfoot com>
Date: Tue, 12 Jun 2001 19:03:03 +1000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I'm running Snort 1.7 with IPtables on RH 7.1 without any troubles at all... My firewall script can be viewed at http://www.sticks.f2s.com/iptables.html I'm pretty much using a standard Snort Config. Works beautifully... :) - - = Dave Fitches = ________________________________________________________ ,--__|\ David Fitches / \ * ICQ : 2120090 * SATCO CID : 955589 \_,--\__/ * Mobile : +61-419-466-744 v * E-mail : sticks.au () bigfoot com Melbourne, Victoria, Australia Web: http://www.bigfoot.com/~sticks.au/ _______________________________________________________ Please Note: Unless this e-mail has been sent as PRIVATE, PERSONAL or CONFIDENTIAL, the receiver may forward copies of it on the condition that they send an advisory message to the original sender. If however the message has been marked PRIVATE, PERSONAL or CONFIDENTIAL prior consent MUST be obtained before the message can be forwarded.
-----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net]On Behalf Of Louie Martinez Sent: Tuesday, 12 June 2001 10:13 To: snort-users () lists sourceforge net Subject: [Snort-users] Snort and IPTables? I was wondering if snort only works with ipchain's and not with iptables. Has anyone got it to work with iptables? I'm currently using shorewall-1.1.7 to manage iptables and I haven't been able to get it to log anything. I created a the following test rule.... alert tcp any any -> any any (msg:"TCP test rule";) and it seemed to like that fine and detected all the packets sent with the sample attack script but removing the rule didn't trigger any of the other default snortrules. Perplexed _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
-----BEGIN PGP SIGNATURE----- Version: PGP 7.0.1 iQA/AwUBOyXaxwUhkO6Zt2EDEQL17gCfTKBk+lprjrEoIijMmmMH+GySESsAn0Oi yGZRTBEJlc4XY+HrxXivTNRt =H14M -----END PGP SIGNATURE----- _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort and IPTables? Louie Martinez (Jun 11)
- RE: Snort and IPTables? Dave Fitches (Jun 12)