Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Not logging ICMP with logto:

From: "Toby Rodwell" <trodwell () iee org>
Date: Tue, 16 Dec 2003 17:18:49 -0000
I'm just getting to grips with Snort.  I've got a VERY simple conf file at
the moment:-

config dump_payload
config logdir: /var/snort/log
log icmp any any -> any any (logto:"icmp.log";)
log ip any any -> any any (logto:"ip.log";)

... which records ALL IP packets, including icmp, in the 'ip.log', when I
had expected all the ICMP packets to go into .../icmp.log.  What gives?

Thanks
Toby


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.551 / Virus Database: 343 - Release Date: 11/12/2003



-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: