IPFW logging and dynamic rules

Bob Johnson fbsdlists at gmail.com
Thu Oct 6 11:04:36 PDT 2005


On 10/5/05, jmulkerin <jmulkerin at comcast.net> wrote:
> How about using snort and guardian.    Guardian.pl will add a ipfw rule
> each time it sees an alert from Snort.  You'll need to adjust the snort
> rules for what you want to alert on but its a pretty safe and
> lightweight asset. (just my novice 2 cents...)
>

Thanks, I'll look at Guardian.  I had not planned to get that
sophisticated about it, but even if I don't use it on this system, I
have others where it may be just what I need.

- Bob


More information about the freebsd-questions mailing list