Snort mailing list archives

how can i stop alerts from 64.4.8.0 or 64.4.8.1

From: hernani coelho <hernani_coelho () msn com>
Date: Sun, 24 Jan 2016 16:12:14 +0000

hello,

i have this in BPF file ---> not host 192.168.1.66 or 64.4.8.0 or 64.4.8.1
but alerts don't stop.
this is the command line -->
/usr/local/bin/snort -q -u snort -g snort -F /etc/snort/bpf.bpf -c 
/etc/snort/snort.conf -i wlan0
this is correct??
i tested threshold.conf and no luck too.

i tested too /etc/snort/rules/ignore.rules have this --->

pass ip 64.4.8.0 any -> any any (msg:"Ignore this host";sid:1000001;rev:1;)
pass ip 64.4.8.1 any -> any any (msg:"Ignore this host";sid:1000001;rev:1;)
pass ip 0.0.0.0 any -> any any (msg:"Ignore this host";sid:1000001;rev:1;)

can someone help me

thanks
hernani

------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread:

how can i stop alerts from 64.4.8.0 or 64.4.8.1 hernani coelho (Jan 24)