Syntax for alert_unixsock

[Henrik Sandklef <henrik () sandklef com>]

HI !

As a response to portscans I use iptables to drop the ips (that made the
portscan). So far I've been doing it every now and the, but I want do it
right away when snort finds out about the portscan. I found the
alert_unixsock would be useful, to communicate with a simple
server/daemon reading from a specified socket and thereafter invoking
iptables.....

BUT I can't find a description for the syntax of alert_unixsock, does
anybody where to find docs fot his?
Is alert_unixsock obsoleted or still not implemented?
Is there a better way to invoke a program from snort than using
alert_unixsock?

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users