Iptables and snort inline

Iptables and snort inline

[lmarcilly]

Hi all!

I try to use iptables with snort_inline on a bridging firewall. Here is my testing configuration :

------         ----------
| PC |---------| Bridge |--------- LAN
------         ----------
192.168.1.99      192.168.1.185      192.168.1.0/24

My iptables rules are :

iptables -A INPUT -j QUEUE
ipatbles -A OUTPUT -j QUEUE
iptables -A FORWARD -j QUEUE

and snort_inline is initialized correctly.

My problem is : when i put snort_inline down, i can't reach the LAN from my PC. I think it's normal but i want that when snort inline is down, the LAN is always reachable from my PC.

Is this possible only by changing rules ? Or does it exist a patch to apply to iptables ?

Thanks in advance and excuse me for my poor english!

L. M.

Re: Iptables and snort inline

[Matin Tamizi]

Why are you queueing OUTPUT traffic?

-Matin

On 6/9/05, lmarcilly@aressi.fr <lmarcilly@aressi.fr> wrote:
> Hi all!
> 
> I try to use iptables with snort_inline on a bridging firewall. Here is my testing configuration :
> 
> ------         ----------
> | PC |---------| Bridge |--------- LAN
> ------         ----------
> 192.168.1.99      192.168.1.185      192.168.1.0/24
> 
> My iptables rules are :
> 
> iptables -A INPUT -j QUEUE
> ipatbles -A OUTPUT -j QUEUE
> iptables -A FORWARD -j QUEUE
> 
> and snort_inline is initialized correctly.
> 
> My problem is : when i put snort_inline down, i can't reach the LAN from my PC. I think it's normal but i want that when snort inline is down, the LAN is always reachable from my PC.
> 
> Is this possible only by changing rules ? Or does it exist a patch to apply to iptables ?
> 
> Thanks in advance and excuse me for my poor english!
> 
> L. M.
> 
> 
> 
> 
>