Snort mailing list archives

iptables + Snort

From: "Prasanna Sridhar" <prasanna () cs unm edu>
Date: Mon, 24 Mar 2003 11:01:37 -0700

Hey all, 

I was just curious to know if anyone could help me out with one of the problem that I am having

Problem:

I want to implement IPtables and Snort on 2 differnet machines with following config:

                               --------------
LAN------------------------| iptables |----------------------- INTERNET
             |                  --------------  
             |                       ^
         -------------               |   update rule
        | Snort   |   -------------
         ------------
Snort keeps listening to the traffic from the Firewall(iptables) . If there is anything wrong (if iptables fails for 
some packet) ..snort ALERTS the iptables. When I mean ALERT,  Snort should automatically update the firewall rules. I 
dont want to log the alerts..as it would slow down this process. I would appreciate if anyone could give me some ideas.

Sorry if this problem has been discussed already.

---
  Prasanna  
  CS-UNM

Current thread:

iptables + Snort Prasanna Sridhar (Mar 24)
- Re: iptables + Snort Erek Adams (Mar 24)
- Re: iptables + Snort Matt Kettler (Mar 24)