[Oisf-users] FreeBSD Suricata in-line
Chris Hunt
chrish.cct at gmail.com
Tue May 3 05:13:57 UTC 2011
I have been stuck at the setup of Suricata in IPS mode for several days now,
any help would be immensely appreciated. My basic procedure is to utilize
the ports section of BSD to compile Suricata from source with the option for
IPS. I wanted to put together an easy to follow guide for a fellow noob
that included a Suricata engine dumping to unified2 with barnyard2 dumping
this output to MySQL and BASE as a front-end... I'm stuck getting the IPS
to work...
I'm using the loader.conf functionality to load the firewall module and the
divert module at boot, I've got 2 interfaces (em0 and em1) and I've added
the divert rule for port 8000 as rule 2000. When I try to ping or telnet
through I get nothing... Do I need to create a NAT rule to NAT traffic to
port 8000?
I've also tried compiling the "options IPFIREWALL" and "options IPDIVERT"
just to be on the safe side before making this post.
Regard,
Chris
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20110502/4410b8fe/attachment-0002.html>
More information about the Oisf-users
mailing list