|
|||
PF + SNORT on one machine
I use OpenBSD 4.3 for my home NAT/firewall. I recently installed SNORT 2.8.0.1 on the same machine. According to the SNORT website FAQ, SNORT will see all packets on the external interface even if PF blocks them. This seems to not be the case for OpenBSD. Does anyone know why SNORT cannot see packets that PF blocks when both PF and SNORT are operating on the same external interface? I want to see scans and other activity in the SNORT alert log even if PF blocked those packets.
|
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
How to install FreeBasic on my FreeBSD machine | shakky4711 | FreeBSD Ports and Packages | 0 | 22nd July 2009 12:09 PM |
Networking on virtual machine | satimis | General software and network | 4 | 29th November 2008 02:16 PM |
USB support in virtual machine? | Sunnz | OpenBSD Packages and Ports | 2 | 16th November 2008 04:00 AM |
Forward SSH from some port to some other machine | starbuck | Other BSD and UNIX/UNIX-like | 10 | 18th September 2008 04:40 AM |
snort install error | ijk | FreeBSD Installation and Upgrading | 1 | 11th August 2008 10:53 AM |