Menu
▾
▴
Re: [Snort-inline-users] IPFW FreeBSD 4.10 invisible bridge
|
From: Nick R. <ni...@ro...> - 2005-01-10 07:08:41
|
On Tue, 4 Jan 2005, Christopher Black wrote: >> No, snort_inline is unaware of anything in the lower layers, e.g. >> bridging vs routing. The divert socket is just a socket, not much >> different than a standard TCP socket. >> >> I've never done briding+IPFW before on FreeBSD. What happens if >> you divert to say natd as a test? Is this on FreeBSD 5.3 again? >> >> Nick Rogness <ni...@ro...> > > This was on FreeBSD 4.10. Since I'm under a fairly tight deadline, I > had to revert to just doing NAT on that box. I will try this out later > though. Is there a special way to create a divert socket from a > userland application to just test to see what's hitting the socket? For simply printing packets received by a divert socket, a simple C userland program: http://freebsd.rogness.net/tools/ipprint/ipprint.c Nick Rogness <ni...@ro...> - How many people here have telekenetic powers? Raise my hand. -Emo Philips |
