Menu
▾
▴
Re: [Snort-inline-users] Is it possible to run snort_inline with any linux kernel?
|
From: Will M. <wil...@gm...> - 2004-10-18 13:06:09
|
Yogdutt, Generally the answer to your question is yes, it should run on almost any 2.4.x kernel or 2.6.x kernel, provided you have support in your kernel for ip_queue. Most 2.4.x users have to manually add in support for bridge firewalling, but you have the one rh 7.3 kernel that has it built in. If you are trying to use this in a bridge configuration, the proper rule would be iptables -A FORWARD -p tcp --sport 80 -j QUEUE if you want to fitler incoming http traffic to your host your rule would be correct. Regards, Will On Mon, 18 Oct 2004 17:43:21 +0530, Yogdutt Sonivadia <son...@gm...> wrote: > I am new to snort_inline and currently I am running snort_inline 2.2.0 > on redhat linux 7.3 with 2.4.18-3 kernel. > > I want to know wether snort_inline must require the linux setup > provided by honeynet CD-ROM or it is running on any linux version or I > have to recompile the kernel? > > If anyone know a link of howto for snort_inline? > > Can anyone tell me the rule added in iptables for incomming http > packets? I added the rule for http in iptables like below please > suggest me if i am wrong. > > iptables -A INPUT -p tcp --sport 80 -j QUEUE > > -- Yogdutt Sonivadia > > ------------------------------------------------------- > This SF.net email is sponsored by: IT Product Guide on ITManagersJournal > Use IT products in your business? Tell us what you think of them. Give us > Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more > http://productguide.itmanagersjournal.com/guidepromo.tmpl > _______________________________________________ > Snort-inline-users mailing list > Sno...@li... > https://lists.sourceforge.net/lists/listinfo/snort-inline-users > |
