Snort mailing list archives

snortinline doesn´t log payload

From: Jochen Vogel <jvogel () it-sec de>
Date: Tue, 14 Oct 2003 14:38:00 +0200

hi,

if i sniff packets on the bridge i can see the payload.
if i queue the packets on the bridge i can´t see the payload.

is this normal or is that a way to see the payload with snortinline?

bridge are created
iptables accept forwards
snort listen on bridge with -d
barnyard write into dumpl.log
i can see the payload

bridge are created
iptables queue forwards
snort listen on bridge with -dQ
barnyard write into dumpl.log
i can´t see the payload

thx for help
jo


-------------------------------------------------------
This SF.net email is sponsored by: SF.net Giveback Program.
SourceForge.net hosts over 70,000 Open Source Projects.
See the people who have HELPED US provide better services:
Click here: http://sourceforge.net/supporters.php
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

snortinline doesn´t log payload Jochen Vogel (Oct 14)