Menu
▾
▴
Re: [Snort-inline-users] using snort_inline for selected traffic only (was: help with setting up iptables for use with snort_inline)
|
From: James A. P. <ja...@pc...> - 2004-07-01 23:18:26
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Geffrey Velasquez [MINAG] wrote: | Excelent! your script always have on top the ESTABLISHED and RELATED states. I | would like to see your frontend. | for another IPTables web frontend that supports snort-inline you might want to checkout the PCXFirewall project at http://pcxfirewall.sf.net/ I don't support as fine grained control on the ESTABLISHED,RELATED -j QUEUE, but you can limit what paths are forced to go through the QUEUE initially. As long as snort-inline doesn't have a rule that will drop your traffic it won't harm it to go through the QUEUE, it just might not be as fast though. :) - -- James A. Pattie ja...@pc... Linux -- SysAdmin / Programmer Xperience, Inc. http://www.pcxperience.com/ http://www.xperienceinc.com/ http://www.pcxperience.org/ GPG Key Available at http://www.pcxperience.com/gpgkeys/james.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFA5JustUXjwPIRLVERAuEyAJ42/DM1JVXpYOEuUxXUYafH1It8cACghg/P ZxENsOwpumf1d3yKtZYcg5Y= =U3s2 -----END PGP SIGNATURE----- -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. |
