Snort mailing list archives
Using Snort with a virtual ethernet device (tap0)
From: "Arjan van Leeuwen" <avleeuwen () dynamicsolutions nl>
Date: Wed, 13 Feb 2002 13:21:25 +0100
I'm trying to setup Snort on my FreeBSD firewall system, and have it listening on a virtual ethernet connection. The virtual ethernet connection is tap0 with ip address 192.168.0.1 (see http://vtun.sourceforge.net/tun/ for more info). I use IPFilter as a firewall - it duplicates blocked packets to tap0 for further processing, so that snort can read it. Or that's what I tought. If I run snort in verbose mode on the tap0 interface (snort -v -i tap0), not a single packet passes tap0. Even when I'm ssh-ing from the machine itself to address 192.168.0.1, nothing appears. Does someone have even a remote idea of what's happening here? I've been puzzling for quite some time now... Thanks. _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Using Snort with a virtual ethernet device (tap0) Arjan van Leeuwen (Feb 13)