RE: Ignore some ip's

["Tolpanov, Dmitry" <tdn () stack ru>]

The same situation. Can anybody help how to fix this. 
And everyone talk about CURRENT 1.8 version, where can i get it, may be it's
got better realization of this feature.

Thanks.

Dmitry.

> -----Original Message-----
> From: LaraCroft [mailto:laracroft () zaralinux com]
> Sent: Wednesday, June 27, 2001 4:07 PM
> To: snort-users () lists sourceforge net
> Subject: [Snort-users] Ignore some ip's
>
>
> Hello:
>
> I have installed a snort in a linux-firewall, my network is:
>
> internet -> firewalll & snort -> internet servers
>
>
> In my snort log appears many entries of source conexions from my 
> internet servers. I don't want this, i want that snort ignore the 
> conexions from  my internet servers to another sites.
>
> How can i do this? i have put this in my snort.conf:
>
> var DNS_SERVERS [ip_primary_dns_server/32,ip_secundary_dns_server/32]
>
> preprocessor portscan-ignorehosts: $DNS_SERVERS
>
> but in my snort log there is already many entries from dns_servers.
>
> any ideas?
>
> LaraCroft
>
>
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> http://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users