I've correctly installed snort_inline;
now I'm testing and I have this problem: iptables redirect the traffic in user space (with ip_queue module), snort_inline catch it but don't reply to iptables after checking rules...and the rules are ALL in alert mode!
iptables -I INPUT -p tcp --dport 80 -j QUEUE
next run snort_inline...
Now I can't access to web page, the tcpdump show only GET request without answer
Thanks for the help!!!
ps: it's strange, I've tried with icmp traffic and it works correctly (with ping)
Log in to post a comment.
Sign up for the SourceForge newsletter:
You seem to have CSS turned off.
Please don't fill out this field.