Menu
▾
▴
Re: [Snort-inline-users] configuring reporting/logfile questions
|
From: Will M. <wil...@gm...> - 2006-01-13 06:22:28
|
Eeeeeee anybody out there know anything about Shorewall? <begin plug> Did you know that Victor Julien one of the snort-inline code junkies has is own ncurses based firewall management program that you might want to check into. I can't pronounce it so I lovingly refer to it as the other white meat..... Since it takes time away from him coding "the pig." It must be late I'm making bad jokes. Below is the link..... http://vuurmuur.sourceforge.net <end plug> Regards, Will On 1/12/06, Michael W Cocke <co...@ca...> wrote: > On Thu, 12 Jan 2006 18:30:19 -0600, you wrote: > > >Hmmmmm are you running bridge or nat mode? If you start with -v do > >you see traffic passing? If you are in NAT mode are you allowing > >stream4 to see both sides of the conversation i.e. queueing in both > >INPUT and OUTPUT? > > > >Regards, > > > >Will > > This is going to sound stupid, but there's a reason for it. I'm in > NAT mode, but I'm not entirely sure how to check for bidirectional > queuing. See, I'm not using native iptables, I'm using shorewall > 3.04. As for the -v startup, I do get some stuff on the screen that > looks like packet details (src & dest IP address, UDP, &etc., but to > be brutally honest, I can't make heads or tails of it. There doesn't > seem to be an indication what rule it hit (if any) or if I'm just > seeing traffic. > > Mike- > -- > If you're not confused, you're not trying hard enough. > -- > Please note - Due to the intense volume of spam, we have installed > site-wide spam filters at catherders.com. If email from you bounces, > try non-HTML, non-encoded, non-attachments, > > > ------------------------------------------------------- > This SF.net email is sponsored by: Splunk Inc. Do you grep through log fi= les > for problems? Stop! Download the new AJAX search engine that makes > searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! > http://ads.osdn.com/?ad_id=3D7637&alloc_id=3D16865&op=3Dclick > _______________________________________________ > Snort-inline-users mailing list > Sno...@li... > https://lists.sourceforge.net/lists/listinfo/snort-inline-users > |
