Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: SnortSam Discussion was: RulePack update and End of Life of 2.8.6.0

From: Nigel Houghton <nhoughton () sourcefire com>
Date: Fri, 28 Jan 2011 11:08:37 -0500

On Fri, 28 Jan 2011 10:48:32 -0500, Matthew Jonkman wrote:

Cough*Suricata*Cough...

Matt

On Jan 28, 2011, at 9:48 AM, Michael Scheidell wrote:



On 1/28/11 9:27 AM, Joel Esler wrote:

snort-inline, I believe, is dead.  Will?

so, if snortsam is dead, and snort-inline is dead, what is the solution?


I believe he asked for a solution.

The solution is to configure Snort to work inline, ./configure 
--enable-inline has been around for years.

You'll also need to take a look in the README that comes with the DAQ 
tarball to use the appropriate configure options for inline use, so for 
FreeBSD with ipfw for example you'll need to do ./configure 
--enable-ipfw and then start Snort with ./snort --daq ipfw (whatever 
else you want in here). The instructions in the README are pretty 
comprehensive.

--
Nigel Houghton
Head Mentalist
SF VRT Department of Intelligence Excellence
http://vrt-blog.snort.org/ && http://labs.snort.org/

------------------------------------------------------------------------------
Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)!
Finally, a world-class log management solution at an even better price-free!
Download using promo code Free_Logger_4_Dev2Dev. Offer expires 
February 28th, so secure your free ArcSight Logger TODAY! 
http://p.sf.net/sfu/arcsight-sfd2d
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: