ipfw, if_bridge and diverting for snort
Chris
eagletree at hughes.net
Tue Mar 11 18:19:51 UTC 2008
Hello,
I read Nick Rogness' helpful article on using snort-inline with ipfw.
It mentions that diverting to a snort process can't be done with
bridging because of "interaction of DIVERT sockets and bridging in
the kernel". The article is not dated and it made me wonder if this
is referring to the previous bridge capability rather than the newer
if_bridge. I'm using if_bridge in my implementation.
The question is, is it still a problem to divert to snort-inline from
ipfw when using if_bridge?
Thanks,
Chris
Ref: http://freebsd.rogness.net/snort-inline
5th paragraph entitled "BEFORE YOU START"
More information about the freebsd-questions
mailing list