Date: Thu, 04 Jul 2013 23:37:09 +0800 From: Julian Elischer <julian@freebsd.org> To: Nomad Esst <noname.esst@yahoo.com> Cc: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org> Subject: Re: snort does not block packets in inline mode in FreeBSD Message-ID: <51D596A5.1050301@freebsd.org> In-Reply-To: <1372936578.82526.YahooMailNeo@web162701.mail.bf1.yahoo.com> References: <1372936578.82526.YahooMailNeo@web162701.mail.bf1.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 7/4/13 7:16 PM, Nomad Esst wrote: > Hi list > I have the same problem as this http://seclists.org/snort/2012/q4/465 > After talking to this guy, He said that they could not solve this problem and they have migrated to Suricata. Do have any ideas? Is this a bug? > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > > > unless divert has been broken,(*) the problem must be in snort. it must be resubmitting the packets to be forwarded. (*)if you look at the packet that are going out of the box after being approved by snort, are there duplicate packets?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?51D596A5.1050301>