LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   I cant brows with snort inline (https://www.linuxquestions.org/questions/linux-security-4/i-cant-brows-with-snort-inline-4175429839/)

tolstoyinlove 10-01-2012 04:48 AM
Im install snort-mysql and acid base in debian squeeze
I configured it in transparent with bridge my two interface. when i add firewall rule snort work well and triger alert but i cant browse anything in computer behind the snort box
Code:
iptables -A FORWARD -i br0 -p tcp -m tcp --dport 80 -m state --state NEW -j QUEUE
and i add -Q options in /etc/default/snort

I change the rule for match complete conversation, but not yet find the solution.
Code:
iptables -A FORWARD -j QUEUE
I think that is the snort problem (snort dont pass traffic after anlized them.)

ls a

mmheera 10-11-2012 11:51 AM
Well, Snort is an IDS (Intrusion Detection System) and by default it should not block any traffic, but to analyze and report about them. Still you can check snort logs, if it is really "Block"-ing any traffic. There can be many other reasons for not be able to browse and as a quick test you can also stop snort and see whether you can browse. Also try to do some basic network connectivity testing, like pinging outside and see where the problem is.

Thanks!


All times are GMT -5. The time now is 02:41 PM.