Re: Snort inline with pf

[Huzeyfe ONAL <huzeyfe.onal () gmail com>]

I didn't try but there's a user space packet queueing patch for OpenBSD.

> http://www.openbeer.it/?open=pq.



Victor Julien wrote:
> Алексей Кудрявцев wrote:
>   
> > Hi !!! Please help me with my question. How i can run Snort in inline
> > mode with pf ? 
> >   
> >     
> No you can't, as pf does not support divert sockets. You can use FreeBSD
> with ipfw or Linux. Otherwise you may want to have a look at snortsam
> and Snort in IDS mode with active responses enabled.
>
> Cheers,
> Victor
>
>
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc.
> Still grepping through log files to find problems?  Stop.
> Now Search log events and configuration files using AJAX and a browser.
> Download your FREE copy of Splunk now >> http://get.splunk.com/
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users