Snort mailing list archives
Re: Inline IP_Forwarding and other simple questions?
From: Will Metcalf <william.metcalf () gmail com>
Date: Tue, 28 Dec 2004 17:26:01 -0600
It's that true? I almost can believe it. I enable ip_forwarding and then I pass some traffic with QUEUE to snort-inline so I can take another look at it. Am I doing it all wrong? Can you explain me why?
There is no need to enable ip_forwarding if you are in bridge mode. The brnf code moves data across the bridge for you. There is no need for an ip interface or anything. If you are running ip_forwarding in bridge mode turn it off. If you have a third management int or an ip assigned to the bridge interface this may lead to an insecure configuration. Regards, Will On 28 Dec 2004 23:43:19 +0100, Jose Maria Lopez <jkerouac () bgsec com> wrote:
El jue, 23 de 12 de 2004 a las 21:21, Matt Kettler escribió:At 02:04 PM 12/23/2004, mdpeters wrote:Do I need to enable ip_forwarding on for the transparent bridge to work?As I understand it, you explicitly MUST NOT enable ip_forwarding, otherwise your snort-inline is a "pass all".It's that true? I almost can believe it. I enable ip_forwarding and then I pass some traffic with QUEUE to snort-inline so I can take another look at it. Am I doing it all wrong? Can you explain me why? Thanks and Happy Christmas to everybody. -- Jose Maria Lopez Hernandez Director Tecnico de bgSEC jkerouac () bgsec com bgSEC Seguridad y Consultoria de Sistemas Informaticos http://www.bgsec.com ESPAÑA The only people for me are the mad ones -- the ones who are mad to live, mad to talk, mad to be saved, desirous of everything at the same time, the ones who never yawn or say a commonplace thing, but burn, burn, burn like fabulous yellow Roman candles. -- Jack Kerouac, "On the Road" ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?listsnort-users
------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Re: Inline IP_Forwarding and other simple questions?, (continued)
- Re: Inline IP_Forwarding and other simple questions? Will Metcalf (Dec 23)
- Message not available
- Message not available
- Message not available
- Message not available
- Message not available
- Message not available
- Re: Inline IP_Forwarding and other simple questions? mdpeters (Dec 28)
- Re: Inline IP_Forwarding and other simple questions? Will Metcalf (Dec 28)
- Message not available
- Re: Inline IP_Forwarding and other simple questions? Will Metcalf (Dec 28)
- Re: Re: Inline IP_Forwarding and other simple questions? mdpeters (Dec 30)
- Re: Re: Inline IP_Forwarding and other simple questions? Will Metcalf (Dec 30)
- Re: Re: Inline IP_Forwarding and other simple questions? mdpeters (Dec 30)
- Message not available
- Message not available
- Message not available
- Message not available
- Re: Re: Inline IP_Forwarding and other simple questions? mdpeters (Dec 31)
- Re: Inline IP_Forwarding and other simple questions? Will Metcalf (Dec 23)
- Message not available
- Message not available
- Message not available
- Message not available
- Message not available
- Message not available
- Re: Inline IP_Forwarding and other simple questions? mdpeters (Dec 28)
- Re: Inline IP_Forwarding and other simple questions? Will Metcalf (Dec 28)
- Message not available
- Re: Inline IP_Forwarding and other simple questions? Will Metcalf (Dec 28)