Menu
▾
▴
[Snort-inline-users] IPTables "QUEUE" statement
|
From: unor <uno...@ya...> - 2004-02-06 20:42:09
|
Running snort_inline on a box with 3 NICS: 2 NICs are bridged for IPS functionality 1 NIC for OOB management I'm still learning IPTables and have a question about the QUEUE statement in this setup. I wanted to be as explicit as possible witht the QUEUE statement thinking that traffic might be inadvertently "FORWARDed" to/from the management interface if I simply use: iptables -A FORWARD -j QUEUE I'm testing with the following: iptables -P FORWARD DROP #Default to DROP iptables -A FORWARD -i $BR_IF -o $BR_IF -j QUEUE #$BR_IF is the "virtual" bridge interface It works but I have doubts that this is the "correct" way. Can anyone either confirm this is ok or suggest a better way? BTW: this doesnt seem to work: iptables -A FORWARD -i $BR_IF0 -o $BR_IF1 -j QUEUE iptables -A FORWARD -i $BR_IF1 -o $BR_IF0 -j QUEUE #$BR_IF0 and BR_IF1 are the interfaces that make up the bridge Thanks. Earl __________________________________ Do you Yahoo!? Yahoo! Finance: Get your refund fast by filing online. http://taxes.yahoo.com/filing.html |
