Re: [Snort-inline-users] Snort-Inline on Freebsd

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

At this time the answer is no.  snort_inline gets its packets from 
iptables via the ip_queue module.  This modules copies each packet from 
kernel space to userspace so snort_inline can make a routing decision.

If ipfw has the ability of sending a packet from kernel space to userspace 
so an external application can make the accept or drop decision, let me 
know and I'll start working on it.

Thanks

Rob

On Sun, 18 May 2003 DAN...@ao... wrote:

> Hello,
> 
>        I am trying to find out if it is possible to run snort-inline on a 
> freebsd box?
> And if so how would you configure ipfw to forward traffic to snort-inline?
> 
> I have looked on some other mailing lists which seem to mention that it is 
> possible, but not how to go about doing it.
> 
> Thanks
> 
> Danny
> 

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8
Comment: Made with pgp4pine 1.76

iQA/AwUBPsgV/vnAyY+9KLjdEQIlgQCg9d/jRyvo8UAGhiJCloi16P1h16sAnAzz
iR+UixtRmzNZ4v87yFnWFekq
=UF1j
-----END PGP SIGNATURE-----