[Snort-inline-users] How to stop blocking ip of snort inline?

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

I have installed snort-inline in Centos
http://snort-inline.sourceforge.net/download.html, Version: 
snort_inline-2.6.1.5.tar.gz

I work very well, it can Alert or Drop packet well!

*In iptable rule, I monitor only port 80:*

        iptables -I INPUT -p tcp --dport 80 -j QUEUE
        iptables -I OUTPUT -p tcp --sport 80 -j QUEUE

*In rule, I use only one rule for test:*
    #Drop all access to webserver if more than 10 access/second  
    drop tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS 
(msg:"WEB-MISC access"; flow:to_server, established; uricontent:"/"; 
nocase; reference:nessus,10302; classtype:web-application-activity; 
threshold: type both , track by_dst, count 10 , seconds 10 ; sid:1852; 
rev:1;)
(I refer this rule at: 
http://cvs.snort.org/viewcvs.cgi/*checkout*/snort/doc/README.thresholding?rev=1.5 
)

*But now, I have problem:
*    When drop packet, snort-inline BLOCKs that IP and Snort-inline seem 
NOT release that IP ----> It means snort-inline BLOCK that IP forever 
(untill restart snort-inline)
    So, I want snort inline drop/block one IP in time range (ex, some 
minute).
    How to do this?

*Thank you in advanced!
*