peraonline - 2005-10-12


I've correctly installed snort_inline;

now I'm testing and I have this problem: iptables redirect the traffic in user space (with ip_queue module), snort_inline catch it but don't reply to iptables after checking rules...and the rules are ALL in alert mode!

for example:

iptables -I INPUT -p tcp --dport 80 -j QUEUE

next run snort_inline...

Now I can't access to web page, the tcpdump show only GET request without answer

Thanks for the help!!!

ps: it's strange, I've tried with icmp traffic and it works correctly (with ping)