Quote:
Originally Posted by priyadarshan
Can I use snort package in inline mode????
How????
I have snort working properly......
I did ./configure --enable-inline......
I did iptables -A OUTPUT -p tcp --dport 80 -j QUEUE
But I cant use the options 'drop', 'sdrop', 'reject'
Specifying 'sdrop' and 'reject' options in local.rules file give error... while drop does not show any error but it really does not stop or log packets.......
|
Please read the links that were posted to another of your questions, asking essentially the same thing. The Snort_inline page, and the snort forums, both address IPtables, and how to set this up.
