RE: snortsam iptables plugin

[Frank Knobbe <frank () knobbe us>]

On Mon, 2005-01-03 at 00:03 +0200, Huseyin A. Ozbey wrote:
> Dear Mr. Knobbe
> I thank to your help, I did what your advised (correct the line
> "iptables eth0 syslog.info" , add disableseqnocheck and nothreads in
> snortsam.conf) but my problem still continues. There is no action from
> iptables!
>
> What can I do more?

As I said, I don't use Linux or iptables. You could subscribe to the
discussion () snortsam net mail list and check if anyone else can help
there. I assume you already read through README.iptables. As a last
resort, you could send Fabrizio (the author of IPtables plugin) an email
and see if he has any ideas.

My last thing to check would be to make sure that you run Snortsam with
a user ID that is allowed to add rules to iptables. Are the iptables
binaries in /sbin? Are there any error messages Snortsam lists during
blocking on iptables? That's about all I can think of.

Regards,
Frank

Attachment: signature.asc
Description: This is a digitally signed message part