From owner-freebsd-security@FreeBSD.ORG  Tue Jun  6 14:28:28 2006
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
X-Original-To: freebsd-security@freebsd.org
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 7504616A4D4
	for <freebsd-security@freebsd.org>;
	Tue,  6 Jun 2006 14:28:28 +0000 (UTC)
	(envelope-from BoFH@warpten.net)
Received: from librarian.warpten.net
	(adsl-68-76-163-179.dsl.spfdil.ameritech.net [68.76.163.179])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 07CD443D46
	for <freebsd-security@freebsd.org>;
	Tue,  6 Jun 2006 14:28:25 +0000 (GMT)
	(envelope-from BoFH@warpten.net)
Received: from localhost (localhost [127.0.0.1])
	by librarian.warpten.net (Postfix) with ESMTP id 5B6D4109
	for <freebsd-security@freebsd.org>;
	Tue,  6 Jun 2006 09:28:25 -0500 (CDT)
Received: from librarian.warpten.net ([127.0.0.1])
	by localhost (librarian.warpten.net [127.0.0.1]) (amavisd-new,
	port 10024)
	with ESMTP id 90180-06 for <freebsd-security@freebsd.org>;
	Tue,  6 Jun 2006 09:28:12 -0500 (CDT)
Received: from localhost (enterprise.warpten.net [192.168.1.1])
	by librarian.warpten.net (Postfix) with ESMTP id 87C63100
	for <freebsd-security@freebsd.org>;
	Tue,  6 Jun 2006 09:28:12 -0500 (CDT)
Date: Tue, 6 Jun 2006 09:28:11 -0500
From: BOfH <BOfH@warpten.net>
To: freebsd-security@freebsd.org
Message-ID: <20060606142811.GA19457@warpten.net>
Mail-Followup-To: BOfH <BOfH@warpten.net>,
	freebsd-security@freebsd.org
References: <BAY106-F499896AC3826A59CA8EF1AE950@phx.gbl>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <BAY106-F499896AC3826A59CA8EF1AE950@phx.gbl>
X-Virus-Scanned: by amavisd-new at warpten.net
Subject: Re: Need help on ipfw IDS support.
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: freebsd-security@freebsd.org
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Jun 2006 14:28:38 -0000

On  0, Sunil Sunder Raj <unixtools@hotmail.com> scribed:
> Hi,
> 
> Is it possible to integrate SNORT with IPFW. I have an entire 
> network behind an IPFW BRIDGE. Just need IDS capability enabled for 
> the network. Just an hint is enough. Any other way I can achieve 
> this in IPFW.
> 
> -Sunil Sunder Raj

Yes. Snort has a configure option to enable ipfw support in inline mode.

-- 
BoFH

excuse #446:
Mailer-daemon is busy burning your message in hell