Re: Installing snort-2.3.0RC1

[Will Metcalf <william.metcalf () gmail com>]

> 1.) Is the Inline functionality of Snort-2.3.x supported for all unix
> machines.Will it run on
>      HPUX and other machines apart from Linux

No, it is pretty much a port of the snort_inline code.  So it will
only work on on Linux via libipq and FreeBSD via divert socket.

> 2.) Since IPTables are not supported in HP-UX machines,I am planning to
> build IPfilter
>      and PFIL.Now,will snort can use the libraries of IPfilter instead of
> IPTables.Will snort
>      can use IPFilter instead of IPTables.Or,can you can specify any such
> firewall on HP-UX
>      which can help me to build Snort with inline.

Errrrrr, I don't have access to any HP-UX machines, but basically for
any other firewall besides iptables and ipfw, you are going to have to
figure out a way to pass data to a userland application and return a
decision as to whether to drop or pass an inspected packet.

> 2.) Is there any such request arised, bez IPtables are restricted to linux
> machines.
>      Have u planned for any alternatives for HPUX like users.

Once again, I don't have access to any HP-UX machines, so I'm not sure
the firewall you speak of has the functionality needed for
snort-inline to work.

> 3.) If not,can we expect any patches or sourcecode changes (to run them on
> HPUX) in the 
>      upcoming stable version of snort.Is there is any such plan?.

There was talk a while ago about the snort guy's developing their own
IPS code in-house.  I'm not sure if they are still planning on doing
this or not.  It would probably be pretty trivial to write your own
bridging code and take packets in via a socket, but then you would
loose your firewall integration.

Regards,

Will

On Fri, 10 Dec 2004 17:20:11 +0530, Senthil Prabu.S <prabu333 () hotpop com> wrote:
> Hello Jeremy and Jeff,
>                 I have been playing with snort for a while on HPUX
> machines.Now I want
> to try the snort-2.3.0RC1,to test the inline functionalities.Since I have
> access only to the
> HP-UX machines,Can you please clear me the following things,
>  
> 2.) Since IPTables are not supported in HP-UX machines,I am planning to
> build IPfilter
>      and PFIL.Now,will snort can use the libraries of IPfilter instead of
> IPTables.Will snort
>      can use IPFilter instead of IPTables.Or,can you can specify any such
> firewall on HP-UX
>      which can help me to build Snort with inline.
>  
> 2.) Is there any such request arised, bez IPtables are restricted to linux
> machines.
>      Have u planned for any alternatives for HPUX like users.
>  
> 3.) If not,can we expect any patches or sourcecode changes (to run them on
> HPUX) in the 
>      upcoming stable version of snort.Is there is any such plan?.
>  
>  
> With Advance Thanks,
> Senthil Prabu.S
>      


-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now. 
http://productguide.itmanagersjournal.com/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users