Menu
▾
▴
Re: [Snort-inline-users] IPFW FreeBSD 4.10 invisible bridge
|
From: Christopher B. <bla...@um...> - 2005-01-04 12:17:32
|
On Tue, 2005-01-04 at 03:16, Alex Dupre wrote: > Nick Rogness wrote: > >> The bridging part itself is working fine, until I divert the packets=20 > >> to snort. The one command 'ipfw add divert 6666 all from any to any'=20 > >> (6666 being the port I put snort on) causes a complete loss of=20 > >> throughput. >=20 > ipfw divert action (like forward and tee) cannot be used on bridged packe= ts. >=20 > -- > Alex Dupre That explains a lot. I seem to recall seeing invisible bridges running snort_inline before, so I assume it's possible with IPTables? --=20 Christopher Black <bla...@um...> |
