On Tue, Jan 5, 2010 at 2:55 AM, Morgan Cox <mor...@gm...> wrote:
> Thanks Will for getting back to me.
>
> (Sorry if this has gone to a new thread, my mailing list options were set
> to not deliver mail previously)
>
> I have 1 further question to ask about rule whitelisting..
>
> Can I stop a rule for one (or more) IP(s), if I comment out the rule that
> will prevent the rule entirely.
>
At this point you need 2 rules, I think - one that accepts for the
whitelisted address (1st), 1 that takes the other action (for the rest).
>
> Also should I be able to use snort inline with latest normal snort in AMD64
> ?
>
SF snort should work as a 64 bit app, although it's inline mode might not
because ip_queueing is a wrapper for nfqueueing these days.
I've run snort-inline 2.8.4.1 as a 64 bit app using NFQUEUEs; no problem.
> I got it to compile but it segfaulted.. Is it advisible to stick with
> 2.4.8.1 snort_inline svn for now ?
>
> Thank you for all your help Will.
>
> Cheers
>
>
>
>
> ------------------------------------------------------------------------------
> This SF.Net email is sponsored by the Verizon Developer Community
> Take advantage of Verizon's best-in-class app development support
> A streamlined, 14 day to market process makes app distribution fast and
> easy
> Join now and get one step closer to millions of Verizon customers
> http://p.sf.net/sfu/verizon-dev2dev
> _______________________________________________
> Snort-inline-users mailing list
> Sno...@li...
> https://lists.sourceforge.net/lists/listinfo/snort-inline-users
>
>
--
"Of course, someone who knows more about this will correct me if I'm
wrong, and someone who knows less will correct me if I'm right."
David Palmer (pa...@ty...)
|
