Menu
▾
▴
Re: [Snort-inline-users] snort_inline on Hp-ux? (was: Re: Snort-inline-users digest, Vol 1 #222 - 1 msg)
|
From: prabu <pra...@ho...> - 2004-09-14 10:36:38
|
Hi Nick, Thanks a lot for good explaination.Now,my question is,what should I do,so that I can compile snort-inline on HP-UX?. You have killed even the little hope to compile snort-inline on HPUX.Is there,any other way to do so? ----- Original Message ----- From: "Nick Rogness" <ni...@ro...> To: "Victor Julien" <vi...@nk...> Cc: <sno...@li...>; "prabu" <pra...@ho...> Sent: Sunday, September 12, 2004 7:46 AM Subject: Re: [Snort-inline-users] snort_inline on Hp-ux? (was: Re: Snort-inline-users digest, Vol 1 #222 - 1 msg) > On Fri, 3 Sep 2004, Victor Julien wrote: > >> Hi Prabu, >> >> I don't know if it can work, but a quick search in Google tells me Hp-ux >> is >> using IPFW, which Snort_inline supports. So i would say, give it a go and >> post errors, problems or success stories to the snort_inline-users >> mailinglist. We will try to assist you where possible. >> >> Be sure to use ./configure --enable-ipfw when building... >> >> If someone knows that this can't work for some reason, please correct me! > > IPFW support in snort-inline is built specifically for FreeBSD. > The name ipfw is deceiving because it is short for ip firewall, > which is used as a generic name for several firewalls (including > one for HP-UX). > > Specifically, you need divert sockets in conjunction with IPFW for > anything to work right, which is a FreeBSD thing. The only OS I > know works with IPFW is FreeBSD, although other OSs with divert > socket support could work. IPFW is just the tool to send packets > to a divert socket (kernel->snort_inline), i.e. it is more > important that you have divert sockets support than IPFW. > In fact, you could write an app that sends packets from the BPF > (or the like) to a divert socket (snort_inline) and bypass IPFW > all together...although it would defeat the purpose ;-) > > So I would take a guess that it won't work. Sorry. > > Nick Rogness <ni...@ro...> > - > How many people here have telekenetic powers? Raise my hand. > -Emo Philips > --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.760 / Virus Database: 509 - Release Date: 9/10/2004 |
