Snort mailing list archives

RE: [snort-users] Blocking with a PIX

From: d.deboni () edexter it
Date: Tue, 11 May 2004 16:49:23 +0200

The shuns won't show up in the rulebase.  Connect to the pix, get to an 
enable prompt, and type 'sh shun' to see if the shuns are being applied. 
It should show a list of the current shuns in place.

I know how it works....

If I type "sh shun" there are no shuns applied.
It seems I cannot apply shuns for IP outside of my network.

Here's what I mean.

If I try to add a shun for an IP inside of my network (for example 
10.1.1.x) it works.
When I try to add any other IP I get this message from PIX:

Shun 192.168.1.1 failed


WHY?




Davide De Boni

Email: d.deboni () edexter it

e.Dexter S.P.A.
C.so Risorgimento 5
28823 Ghiffa (VB)
ITALIA
Tel +39.0323.407733
Fax +39.0323.53558

Current thread:

[snort-users] Blocking with a PIX d . deboni (May 11)
- <Possible follow-ups>
- RE: [snort-users] Blocking with a PIX Hutchinson, Andrew (May 11)
- RE: [snort-users] Blocking with a PIX d . deboni (May 11)
- RE: [snort-users] Blocking with a PIX d . deboni (May 11)