[Oisf-users] Fwsam Functionality
Victor Julien
lists at inliniac.net
Sat Jul 13 10:07:29 UTC 2019
Hi Jeremy,
On 11-07-19 16:19, Jeremy A. Grove wrote:
> I understand that the decision was made some time ago to not incorporate
> functionality to replicate FWSAM from Snort based on Barnyard having the
> ability to do this. Barnyard is now leaving us. Is there a current way
> to replicate this functionality? I need to be able to drop certain
> traffic based on rules while in IDS mode and not IPS/inline mode.
I've not aware of any attempts to port fwsam to another tool. Maybe it's
something for your 'meer' tool?
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-users
mailing list