Date: Tue, 13 Feb 2001 15:55:17 -0600 From: Michael Lea <mlea@atomicbluebear.org> To: "H. Wade Minter" <minter@lunenburg.org> Cc: Nick Rogness <nick@rogness.net>, freebsd-security@FreeBSD.ORG Subject: Re: Getting more information from ipfw logs Message-ID: <20010213155515.C71046@core.atomicbluebear.org> In-Reply-To: <Pine.BSF.4.32.0102131238170.70172-100000@ashburn.skiltech.com>; from minter@lunenburg.org on Tue, Feb 13, 2001 at 12:39:17PM -0500 References: <Pine.BSF.4.21.0102131128580.92630-100000@cody.jharris.com> <Pine.BSF.4.32.0102131238170.70172-100000@ashburn.skiltech.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--F8dlzb82+Fcn6AgP Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Tue, 13 Feb 2001, H. Wade Minter wrote: > Does snort work well with ipfw. Maybe I'm thinking of it wrong, but > wouldn't I have to let the traffic into the firewall so snort could deal > with it? Snort runs in promiscuous mode. That means that, if you're running it on the same box as ipfw, snort will see the packets regardless of whether ipfw passes them through to the rest of the IP stack or not. - Mike --F8dlzb82+Fcn6AgP Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjqJrT8ACgkQc9EFi4qQZExn8QCgjLriNx2m4CSZkvAPadFzG6mv f2EAoIHeT4UZUDeI55gU9ZSe9cocW+oq =9aA0 -----END PGP SIGNATURE----- --F8dlzb82+Fcn6AgP-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010213155515.C71046>