Last active
September 16, 2015 19:39
-
-
Save gkoyuncu/6feb2b43ac2c113b5ede to your computer and use it in GitHub Desktop.
Inline snort in FreeBSD
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 00100 52 3439 allow ip from any to any via lo0 | |
| 00200 56240 35833050 divert 9080 ip from any to any | |
| 65535 102055 60910771 allow ip from any to any |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| drop tcp any any -> any any (msg:"Ubuntu!"; content:"ubuntu"; react:msg; sid:1000001;) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| snort --daq ipfw --daq-mode inline --daq-var port=9080 -c /path/to/snort.conf -x -Q -k none |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment