Snort mailing list archives
Re: snort & iptables
From: Jacob Redding <dextor () WiredGeek com>
Date: Wed, 18 Dec 2002 12:55:40 -0800 (PST)
I think the question is asking what application gets the packets first Snort or IPTables. Since iptables works with the kernel, and they are dropped by the kernel, iptables is first. All packets that make it past iptables are then passed to applications(I'm not talking layers, just an analogy), in this case snort. At least I'm 99.99% sure that iptables comes first, but I've been wrong in the past. So in short. Iptables --> Snort -Jacob On Wed, 18 Dec 2002, twig les wrote:
Packet analyzing can be done if you let zero packets thru your host firewall, whichever one you want to use. Unless you have connected the two features thru Guardian or something they don't have any direct relationship that pops into my head. --- Eduard San Anselmo Mateu <esananselmo () albasoft com> wrote:Hello everyone, I'm using snort+iptables on the same box, and I have one question for you: what comes first, packet analyzing (snort) or packet filtering (iptables)? Thanks in advance-------------------------------------------------------This sf.net email is sponsored by: With Great Power, Comes Great Responsibility Learn to use your power at OSDN's High Performance Computing Channel http://hpc.devchannel.org/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe:https://lists.sourceforge.net/lists/listinfo/snort-usersSnort-users list archive:http://www.geocrawler.com/redir-sf.php3?list=snort-users ===== ----------------------------------------------------------- If you give a man a fish, he can eat for a day If you bludgeon him to death, you can eat the fish yourself ----------------------------------------------------------- __________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com ------------------------------------------------------- This SF.NET email is sponsored by: Order your Holiday Geek Presents Now! Green Lasers, Hip Geek T-Shirts, Remote Control Tanks, Caffeinated Soap, MP3 Players, XBox Games, Flying Saucers, WebCams, Smart Putty. T H I N K G E E K . C O M http://www.thinkgeek.com/sf/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------- This SF.NET email is sponsored by: Geek Gift Procrastinating? Get the perfect geek gift now! Before the Holidays pass you by. T H I N K G E E K . C O M http://www.thinkgeek.com/sf/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- snort & iptables Eduard San Anselmo Mateu (Dec 18)
- Re: snort & iptables twig les (Dec 18)
- Re: snort & iptables Jacob Redding (Dec 19)
- Re: snort & iptables Michael Boman (Dec 19)
- Re: FAQ Suggestion: snort & iptables Matt Kettler (Dec 19)
- Re: FAQ Suggestion: snort & iptables Phil Wood (Dec 20)
- Re: snort & iptables Jacob Redding (Dec 19)
- Re: snort & iptables twig les (Dec 18)