Snort mailing list archives
Re: Snort Inline As an IPS
From: Will Metcalf <william.metcalf () gmail com>
Date: Fri, 1 Oct 2010 11:56:52 -0500
If you are doing this you need to QUEUE both sides of the connection... iptables -A OUTPUT -p tcp --dport 80 -j QUEUE iptables -A INPUT -p tcp --sport 80 -j QUEUE And yes.. If snort is not listening no traffic will pass... Regards, Will On Fri, Oct 1, 2010 at 11:51 AM, Andres Carrera Rivera <protoss_black88 () hotmail com> wrote:
when I run : iptables -A OUTPUT -p tcp --dport 80 -j QUEUE on my terminal I lost Internet Connection Is that Ok???
------------------------------------------------------------------------------ Start uncovering the many advantages of virtual appliances and start using them to simplify application deployment and accelerate your shift to cloud computing. http://p.sf.net/sfu/novell-sfdev2dev _______________________________________________ Snort-devel mailing list Snort-devel () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-devel
Current thread:
- Snort Inline As an IPS Andres Carrera Rivera (Oct 01)
- Re: Snort Inline As an IPS Will Metcalf (Oct 01)
- Re: Snort Inline As an IPS Andres Carrera Rivera (Oct 01)
- Re: Snort Inline As an IPS Will Metcalf (Oct 01)
- Re: Snort Inline As an IPS Andres Carrera Rivera (Oct 01)
- Re: Snort Inline As an IPS Andres Carrera Rivera (Oct 01)
- Re: Snort Inline As an IPS Will Metcalf (Oct 01)