Snort mailing list archives
Re: some /etc/sysconfig/iptables example
From: william metcalf <william.metcalf () gmail com>
Date: Mon, 19 Jan 2009 11:49:47 -0600
hmmmm What about the output of iptables -L -v -n Regards, Will On Mon, 2009-01-19 at 18:39 +0100, carlopmart wrote:
william metcalf wrote:let's see what you've got.... remember the traffic going across the bridge is filtered by the FORWARD chain. Only traffic destined for the ip stack on the box, goes to INPUT/OUTPUT. Regards, Will On Mon, 2009-01-19 at 18:15 +0100, carlopmart wrote:Hi all, I am trying to setup /etc/sysconfig/iptables file to use snort with inline mode on a bridge under rhel5.2 without luck. Somebody can gives me an example?? Many thanks.Thanks william, I know that i can only use FORWARD chain, but it doesn't works .... My /etc/sysconfig/iptables is: # Firewall configuration written by system-config-securitylevel # Manual customization of this file is not recommended. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :IPS-Firewall-INPUT - [0:0] :IPS-Firewall-FORWARD - [0:0] :IPS-Firewall-OUTPUT - [0:0] -A INPUT -j IPS-Firewall-INPUT -A FORWARD -j IPS-Firewall-FORWARD -A OUTPUT -j IPS-Firewall-OUTPUT -A IPS-Firewall-INPUT -i lo -j ACCEPT -A IPS-Firewall-INPUT -i eth0 -j ACCEPT -A IPS-Firewall-FORWARD -i br0 -p all -j QUEUE COMMIT
Attachment:
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------------ This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- some /etc/sysconfig/iptables example carlopmart (Jan 19)
- Re: some /etc/sysconfig/iptables example william metcalf (Jan 19)
- Re: some /etc/sysconfig/iptables example carlopmart (Jan 19)
- Re: some /etc/sysconfig/iptables example william metcalf (Jan 19)
- Re: some /etc/sysconfig/iptables example carlopmart (Jan 19)
- Re: some /etc/sysconfig/iptables example carlopmart (Jan 19)
- Re: some /etc/sysconfig/iptables example william metcalf (Jan 19)