Im install snort-mysql and acid base in debian squeeze
I configured it in transparent with bridge my two interface. when i add firewall rule snort work well and triger alert but i cant browse anything in computer behind the snort box
iptables -A FORWARD -i br0 -p tcp -m tcp --dport 80 -m state --state NEW -j QUEUE
and i add -Q options in /etc/default/snort
I change the rule for match complete conversation, but not yet find the solution.
iptables -A FORWARD -j QUEUE
I think that is the snort problem (snort dont pass traffic after anlized them.)