Listening openVPN

[Andre Rodier <andre.rodier () red2 co uk>]

Hello everybody,


After googling around, I can'f find any answer to my question.


Is it possible to configure snort to listen on the virtual network 
adapter of OpenVPN (tap0) ?


I have tried to configure snort to do this, but apparently this fail:


var HOME_NET [10.10.1.0/24,192.168.0.0/24]


10.10.1/24 is the vpn network address, while 192.168.0.x is the physical 
network.


I use nmap to start a portscan, and the result is accurate on both 
interfaces. However, the only logs from Snort I have are coming from the 
physical network interface 192.168.0.0/24,


Do I have to do something special to authorise snort to listen this 
virtual interface ?

Thanks.


------------------------------------------------------------------------------
Join us December 9, 2009 for the Red Hat Virtual Experience,
a free event focused on virtualization and cloud computing. 
Attend in-depth sessions from your desk. Your couch. Anywhere.
http://p.sf.net/sfu/redhat-sfdev2dev
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users