Menu
▾
▴
RE: [Snort-inline-users] snort_inline not blocking - ip_queue loaded but unused
|
From: Brent D. <br...@de...> - 2003-12-15 06:59:29
|
Ended up being that I didn't create /var/log/snort - so the proper log file was not present and it defaulted to just logging packet dumps. I didn't notice it because I was running snort_inline from the command line in the foreground. I started using snort_inline.sh and saw the error msg there. Incidently - my ip_queue is still unused but it doesn't seem to matter. -- Brent -----Original Message----- From: sno...@li... [mailto:sno...@li...]On Behalf Of Brent Deterding Sent: Sunday, December 14, 2003 10:32 PM To: sno...@li... Subject: [Snort-inline-users] snort_inline not blocking - ip_queue loaded but unused I have the problem in this thread http://sourceforge.net/mailarchive/forum.php?thread_id=3303416&forum_id=3293 3 that everything is being passed through unless it hits up against a limit. ip_queue is loaded but is unused. RedHat 9 with 2.4.22 patched with ebtables-brnf-3-vs-2.4.22 I am using the snort_inline toolkit for 2.05 and iptables 1.2.9 (removed the rpm version) bridge-utils is the latest and compiled from source Snort_inline will create entries in /var/log but they are never alerts - just packet dumps. I am only using test.rules Any help is most appreciated - I can provide more information if necessary. -- Brent ------------------------------------------------------- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click _______________________________________________ Snort-inline-users mailing list Sno...@li... https://lists.sourceforge.net/lists/listinfo/snort-inline-users |
