Re: [Snort-inline-users] IPFW FreeBSD 4.10 invisible bridge

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

On Tue, 4 Jan 2005, Alex Dupre wrote:

> Nick Rogness wrote:
>>> The bridging part itself is working fine, until I divert the packets to 
>>> snort.  The one command 'ipfw add divert 6666 all from any to any' (6666 
>>> being the port I put snort on) causes a complete loss of throughput.
>
> ipfw divert action (like forward and tee) cannot be used on bridged packets.

 	That's right, I do recall hearing about this.  Funny how the
 	divert(4) man page doesn't mention anything about this.  Do you
 	know if it is possible on FreeBSD 5.X branch?

Nick Rogness <ni...@ro...>
-
   How many people here have telekenetic powers? Raise my hand.
   				-Emo Philips