remote logging snort rules question

["Rob Burris" <robeb () keepthevibe com>]

*This message was transferred with a trial version of CommuniGate(tm) Pro*
I'm trying to log packets coming from outside a network and going to a
remote machine.

alert tcp !0.0.0.0/24 any -> 0.0.0.109 any

To start snort I do...

snort -d -h 0.0.0.0/24 -l /var/log/snortlog/ -c
/usr/local/src/snort/snort-1.9.0/rules/my.rules -s -D

I'm not getting any packet logs going to that machine but I do get packet
logs from THAT machine to my box.

I'm wondering why I am getting packet logs to my machine (that is the only
rule I have in my.rules) and how I can configure snort to log packets to
that machine that come from outside of my network?




-------------------------------------------------------
This sf.net email is sponsored by: To learn the basics of securing 
your web site with SSL, click here to get a FREE TRIAL of a Thawte 
Server Certificate: http://www.gothawte.com/rd524.html
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users