joanbono
commented
7 years ago I think it's easy to implement. To add this, user could do -i $INTERFACE , so if $INTERFACE is eth0:eth1, it will be in IPS mode, I think.
Closed rbshadow closed 7 years ago
joanbono
commented
7 years ago I think it's easy to implement. To add this, user could do -i $INTERFACE , so if $INTERFACE is eth0:eth1, it will be in IPS mode, I think.
rbshadow
commented
7 years ago It works only in afpacket inline mode. But for NFQ some new packages need to install. So what do you think I should do?
joanbono
commented
7 years ago mmm, I got to think about it... Maybe it's better to wait until the Snort 3.0 release, which will work like a charm as IPS...
Which dependencies has to be installed and how changes the ./configure flags?
rbshadow
commented
7 years ago Ok then.
rbshadow
commented
7 years ago Let's wait for Snort 3.0.
I am working with this.