Date: Tue, 11 Mar 2008 10:45:52 -0700 From: Chris <eagletree@hughes.net> To: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: ipfw, if_bridge and diverting for snort Message-ID: <F4064EC4-438B-443B-AC42-E2AA633C5BD2@hughes.net>
next in thread | raw e-mail | index | archive | help
Hello, I read Nick Rogness' helpful article on using snort-inline with ipfw. It mentions that diverting to a snort process can't be done with bridging because of "interaction of DIVERT sockets and bridging in the kernel". The article is not dated and it made me wonder if this is referring to the previous bridge capability rather than the newer if_bridge. I'm using if_bridge in my implementation. The question is, is it still a problem to divert to snort-inline from ipfw when using if_bridge? Thanks, Chris Ref: http://freebsd.rogness.net/snort-inline 5th paragraph entitled "BEFORE YOU START"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?F4064EC4-438B-443B-AC42-E2AA633C5BD2>