Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Inline IP_Forwarding and other simple questions?

From: Jose Maria Lopez <jkerouac () bgsec com>
Date: 28 Dec 2004 23:43:19 +0100
El jue, 23 de 12 de 2004 a las 21:21, Matt Kettler escribió:

At 02:04 PM 12/23/2004, mdpeters wrote:

Do I need to enable ip_forwarding on for the transparent bridge to work?


As I understand it, you explicitly MUST NOT enable ip_forwarding, otherwise 
your snort-inline is a "pass all".


It's that true? I almost can believe it. I enable ip_forwarding and then
I pass some traffic with QUEUE to snort-inline so I can take another
look at it. Am I doing it all wrong? Can you explain me why?

Thanks and Happy Christmas to everybody. 

-- 
Jose Maria Lopez Hernandez
Director Tecnico de bgSEC
jkerouac () bgsec com
bgSEC Seguridad y Consultoria de Sistemas Informaticos
http://www.bgsec.com
ESPAÑA

The only people for me are the mad ones -- the ones who are mad to live,
mad to talk, mad to be saved, desirous of everything at the same time,
the ones who never yawn or say a commonplace thing, but burn, burn, burn
like fabulous yellow Roman candles.
                -- Jack Kerouac, "On the Road"



-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://productguide.itmanagersjournal.com/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: