####
## INTRODUCTION
So, you've got a shiny new IDS system to scan your whole traffic for
lovely handcrafted rules. Too bad that you can only use it for
post-mortem analysis.
Wrong!
With Snort2PF, you can turn your local Snort installation easily into a
so-called "Intrusion Detection and Prevention System".
Such a system also blocks recognized violations.
####
## INSTALLATION
Just type "./install.sh" (as root) and add a line
saying "anchor snort2pf" to your /etc/pf.conf.
That's it.
BTW: snort2pfmon(8) shows what's blocked right now.
--
Stephan Schmieder ssc@h07.org
Jeremie Le Hen jeremie@le-hen.org