LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 10-01-2012, 04:48 AM   #1
tolstoyinlove
LQ Newbie
 
Registered: May 2006
Posts: 14

Rep: Reputation: 0

Im install snort-mysql and acid base in debian squeeze
I configured it in transparent with bridge my two interface. when i add firewall rule snort work well and triger alert but i cant browse anything in computer behind the snort box
Code:
iptables -A FORWARD -i br0 -p tcp -m tcp --dport 80 -m state --state NEW -j QUEUE
and i add -Q options in /etc/default/snort

I change the rule for match complete conversation, but not yet find the solution.
Code:
iptables -A FORWARD -j QUEUE
I think that is the snort problem (snort dont pass traffic after anlized them.)

ls a

Last edited by unSpawn; 10-01-2012 at 09:03 AM. Reason: //Re-init 0-reply status before move
 
Old 10-11-2012, 11:51 AM   #2
mmheera
Member
 
Registered: Oct 2012
Location: Germany
Distribution: Ubuntu, Debian, Fedora,Windows 7
Posts: 107

Rep: Reputation: 11
Well, Snort is an IDS (Intrusion Detection System) and by default it should not block any traffic, but to analyze and report about them. Still you can check snort logs, if it is really "Block"-ing any traffic. There can be many other reasons for not be able to browse and as a quick test you can also stop snort and see whether you can browse. Also try to do some basic network connectivity testing, like pinging outside and see where the problem is.

Thanks!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
snort inline rhlnewbie Linux - Software 1 06-12-2009 03:57 PM
Snort Inline priyadarshan Linux - Software 3 05-27-2009 05:03 AM
Snort Inline priyadarshan Linux - Security 4 04-08-2009 09:25 AM
Snort Inline priyadarshan Linux - Software 1 04-08-2009 09:23 AM
Snort inline enyawix Linux - Networking 0 09-24-2004 03:10 PM


All times are GMT -5. The time now is 02:06 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration