Re: Status of Snort Inline

["Randal T. Rioux" <randy () procyonlabs com>]

Victor Julien wrote:
> Jan Ježek wrote:
> > Hi everybody,
> >
> > I would like to gather some knowledge about the status of the inline
> > functionalty.
> >
> > There is Snort 2.8 in which the inline functionality does not work. It does
> > not work because it relies on libipq which is no longer supported and the
> > compat layer from libnetfilter-queue has just been removed recently so Snort
> > with GIDS enabled wouldn¹t even compile. Also, IP defragmentation in inline
> > mode seems to be broken in the current 2.8 (though it worked in 2.8.0). The
> > reason is because it tryes to safe memcopy zero bytes.
> >
> > Then there is the snort-inline project which development seems dead. It¹s
> > only 2.6 and the maintainer isn¹t replying.
>
> We have much newer code in SVN. It does work with libnetfilter_queue and
> it *should* compile just fine.
>
> It's true that development is (very) slow. Both Will and I are working
> on a new IDP project at http://www.openinfosecfoundation.org/ which is
> taking pretty much all of our time.

Not to threadjack this, but I'm still unclear as to the reason for this 
OISF project. Will it be closed or open source? What features will it 
have as opposed to other IDS/IPS solutions already out there?

Thanks,
Randy

------------------------------------------------------------------------------
Come build with us! The BlackBerry(R) Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay 
ahead of the curve. Join us from November 9 - 12, 2009. Register now!
http://p.sf.net/sfu/devconference
_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel