help - React keyword use to display message on web browser

[Amul Patel <amulpatel.biz () gmail com>]

Hello Team,

I need help to use of react keyword to display message (default or user
defined) to web browser.

I am using snort version 2.9.8.0 in linux machine.

I have enabled required command option during configuration as mentioned
below:

./configure  --enable-active-response --enable-react --enable-flexresp3 \

I am executing snort as inline mode -

/usr/bin/snort -Q -k  none  -v -dev -c /etc/snort/snort.conf

following the rule i am using

drop tcp any any -> any any (msg: "GET Packet is not
allowed";content:"GET";nocase;classtype:inappropriate-content;sid:9787879;react,msg)

It is blocking & logging the message in csv log file but does not send
default message or rule message to browser.
Just a "connection reset" message is displayed at web browser.

Even I tried lot of different options with different rule, changed sid, no
msg keyword with react, snort in tap mode etc but does not work any option.

I checked react.c file where default HTTP & HTML page is declared .. tried
to understand code as well to see if any bug there..

Can any one help me out to display message on web browser ?
Does any firewall rule is also needed or any other setting apart from snort
?


Thanks in Advanced,
Regards,
Amul Patel

------------------------------------------------------------------------------
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://pubads.g.doubleclick.net/gampad/clk?id=278785351&iu=/4140

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!