Snort mailing list archives
Re: Snort + iptables
From: SHAIFUL HASHIM <s.hashim () usa net>
Date: 23 Jul 2001 21:46:43 SGT
Hi,
I know that Alexander Newald has written Snort2IPTables, but I am less interested in an automated response than I am in capturing packets in my snort db. Is there a way to assimilate iptables logs into the Snort databese? I use gShield and a very restrictive ruleset, and I would like to also see the things that iptables/gShield is dropping. Is there a way to do this?
You can do this by using ulogd written by LaForge at http://www.gnumonks.org/gnumonks/projects/ Example logging to mysql database is included inside the latest ulogd-0.96 Regards Shaiful _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort + iptables Bradley M Alexander (Jul 21)
- Re: Snort + iptables Ian Jones (Jul 21)
- Re: Snort + iptables Andreas Hasenack (Jul 21)
- Re: Snort + iptables Ian Jones (Jul 21)
- Re: Snort + iptables Andreas Hasenack (Jul 21)
- <Possible follow-ups>
- Re: Snort + iptables SHAIFUL HASHIM (Jul 23)
- Re: Re: Snort + iptables Jason Haar (Jul 23)
- Re: Snort + iptables Ian Jones (Jul 21)