Work at SourceForge, help us to make it a better place! We have an immediate need for a Support Technician in our San Francisco or Denver office.

Close

Tree [397cd5] master /
History



File Date Author Commit
CHANGELOG 2010-04-10 Jeremie Le Hen Jeremie Le Hen [cd2195] Note the improvement of the manpage.
LICENSE 2007-11-20 tataz tataz [f1763d] Initial revision
README 2007-11-20 tataz tataz [f1763d] Initial revision
README.de 2007-11-20 tataz tataz [f1763d] Initial revision
README.fr 2007-11-20 tataz tataz [f1763d] Initial revision
install.sh 2007-11-20 tataz tataz [f1763d] Initial revision
snort2pf 2011-01-16 Jeremie Le Hen Jeremie Le Hen [397cd5] - Add the -b and -u options to run an external ...
snort2pf.8 2011-01-16 Jeremie Le Hen Jeremie Le Hen [397cd5] - Add the -b and -u options to run an external ...
snort2pfmon 2007-11-21 tataz tataz [2a5fc5] Add $Id$.
snort2pfmon.8 2007-11-21 tataz tataz [2a5fc5] Add $Id$.

Read Me

####
##    INTRODUCTION

So, you've got a shiny new IDS system to scan your whole traffic for
lovely handcrafted rules. Too bad that you can only use it for
post-mortem analysis.

Wrong!
With Snort2PF, you can turn your local Snort installation easily into a
so-called "Intrusion Detection and Prevention System".
Such a system also blocks recognized violations.

####
##    INSTALLATION

Just type "./install.sh" (as root) and add a line
saying "anchor snort2pf" to your /etc/pf.conf.
That's it.

BTW: snort2pfmon(8) shows what's blocked right now.

--
Stephan Schmieder						ssc@h07.org
Jeremie Le Hen						 jeremie@le-hen.org