Menu
▾
▴
[Snort-inline-users] Freebsd and IPFW and IP header checksums
|
From: Christopher B. <bla...@um...> - 2004-12-30 13:38:56
|
Hello list,
I am using snort_inline on FreeBSD 5.3 with IPFW, and after fixing the
following (line 184 used to be in the ndef block) in snort.h:
179 #ifndef IPFW
180 char layer2_resets;
181 u_char enet_src[6];
182 #endif
183 #ifdef IPFW
184 char log_bad_checksums;
185 int divert_port;
186 #endif /* USE IPFW DIVERT socket instead of IPtables */
It will compile, but drops every packet. I traced that back to checking
the IP header checksum, and based on the comment leading that block
(that the check is mostly unneeded), I just commented out the line to
call InlineDrop(). Now it's not dropping the packet there, but still
seems to be dropping it somewhere.
Has anyone else run into and/or fixed this? I will continue hunting,
but look forward to your input!
--
Christopher Black <bla...@um...>
|
