Iptables and snort inline
lmarcilly at aressi.fr
lmarcilly at aressi.fr
Thu Jun 9 11:04:01 CEST 2005
Hi all!
I try to use iptables with snort_inline on a bridging firewall. Here is my testing configuration :
------ ----------
| PC |---------| Bridge |--------- LAN
------ ----------
192.168.1.99 192.168.1.185 192.168.1.0/24
My iptables rules are :
iptables -A INPUT -j QUEUE
ipatbles -A OUTPUT -j QUEUE
iptables -A FORWARD -j QUEUE
and snort_inline is initialized correctly.
My problem is : when i put snort_inline down, i can't reach the LAN from my PC. I think it's normal but i want that when snort inline is down, the LAN is always reachable from my PC.
Is this possible only by changing rules ? Or does it exist a patch to apply to iptables ?
Thanks in advance and excuse me for my poor english!
L. M.
More information about the netfilter
mailing list