now I'm testing and I have this problem: iptables redirect the traffic in user space (with ip_queue module), snort_inline catch it but don't reply to iptables after checking rules...and the rules are ALL in alert mode!
for example:
iptables -I INPUT -p tcp --dport 80 -j QUEUE
next run snort_inline...
Now I can't access to web page, the tcpdump show only GET request without answer
Thanks for the help!!!
ps: it's strange, I've tried with icmp traffic and it works correctly (with ping)
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi!
I've correctly installed snort_inline;
now I'm testing and I have this problem: iptables redirect the traffic in user space (with ip_queue module), snort_inline catch it but don't reply to iptables after checking rules...and the rules are ALL in alert mode!
for example:
iptables -I INPUT -p tcp --dport 80 -j QUEUE
next run snort_inline...
Now I can't access to web page, the tcpdump show only GET request without answer
Thanks for the help!!!
ps: it's strange, I've tried with icmp traffic and it works correctly (with ping)