snort does not block packets in inline mode in FreeBSD
Julian Elischer
julian at freebsd.org
Thu Jul 4 15:37:19 UTC 2013
On 7/4/13 7:16 PM, Nomad Esst wrote:
> Hi list
> I have the same problem as this http://seclists.org/snort/2012/q4/465
> After talking to this guy, He said that they could not solve this problem and they have migrated to Suricata. Do have any ideas? Is this a bug?
> _______________________________________________
> freebsd-net at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
>
>
>
unless divert has been broken,(*) the problem must be in snort.
it must be resubmitting the packets to be forwarded.
(*)if you look at the packet that are going out of the box after being
approved by snort, are there duplicate packets?
More information about the freebsd-net
mailing list