Hello I am interested if anybody uses snort with pf to block in realtime ips detected by snort as viruses, scans and so on. I saw on mail lists that is working Snort + ipfw (snort_inline) but I need pf for this setup. Also I wonder if it is possible to block p2p traffic using such setup, with p2p rules defined from Snort. Best Regards, ovidiu