Latest LQ Deal: Latest LQ Deals
Go Back > Forums > Linux Forums > Linux - Software
User Name
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.


  Search this Thread
Old 04-20-2012, 12:19 AM   #1
LQ Newbie
Registered: Feb 2012
Posts: 5

Rep: Reputation: Disabled
Snort Inline doesn't drop packets

I just want to drop outbound traffic to port 80. This is my rule:

drop tcp any -> any 80 (msg:"WEB"; sid:121212

This is what I did with iptables:

$ iptables -F
$ modprobe ip_queue
$ lsmod | grep ip_queue
$ iptables -I INPUT -j QUEUE

Then I have commented out all the default rules in snort_inline.conf
and added my one rule at the bottom :

include $RULE_PATH/example.rules

I started snort-inline with this command:

$ snort-inline -i eth1 -c /etc/snort_inline/snort_inline.conf -l /myLogFiles/

It executes without a problem and starts monitoring. However, when it initializes, it says:
0 out of 512 flowbits in use and nothing gets dropped when I browse the web.

Any help will be appreciated.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
snort inline rhlnewbie Linux - Security 3 06-14-2009 06:31 AM
snort inline rhlnewbie Linux - Software 1 06-12-2009 04:57 PM
Snort Inline priyadarshan Linux - Software 3 05-27-2009 06:03 AM
Snort Inline priyadarshan Linux - Software 1 04-08-2009 10:23 AM
Snort inline enyawix Linux - Networking 0 09-24-2004 04:10 PM > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 01:19 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration