LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 03-20-2009, 05:21 AM   #1
priyadarshan
Member
 
Registered: Feb 2009
Location: Ahmedabad, Gujarat, India
Posts: 197

Rep: Reputation: Disabled
SNORT- Configuration


I am using snort with --enable-inline to make it useful as IPS

Below is the portion of my snort.conf


# Step #5: Configure snort with config statements
#
# See the snort manual for a full set of configuration references
#
config flowbits_size: 64
#
# New global ignore_ports config option from Andy Mullican
#
# config ignore_ports: <tcp|udp> <list of ports separated by whitespace>
config ignore_ports: tcp 80
# config ignore_ports: udp 1:17 53


####################################################################

The problem is that although I have configured the file by specifying (SHOWN IN RED ABOVE) that it must not detect or log traffic of port 80 running on TCP protocol....


But the thing is that when I run snort and if I send traffic it detects and logs......
 
Old 03-21-2009, 12:38 AM   #2
harry_uk
Member
 
Registered: Mar 2009
Posts: 36

Rep: Reputation: 16
did you try restarting snort service after changing the conf file ??

root# service snortd restart

Im not sure whether its snortd, you can check the service name with this command

root# service --status-all | grep snort

You will get the name of the snort service, use this to restart the service.

Last edited by harry_uk; 03-21-2009 at 12:39 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[HELP]SNORT PROBLEMS(IDS)-service snort start JayCool Linux - Software 5 03-15-2009 12:34 PM
gui configuration for snort nima0102 Linux - Software 1 01-11-2009 04:21 AM
Snort configuration question. reesee Linux - Security 3 01-26-2006 04:26 PM
Snort Configuration ppuru Linux - Security 1 06-20-2004 09:06 AM
Snort configuration/ rules file bripage Linux - General 2 09-26-2002 04:52 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 02:31 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration