On Aug 23, 2009, at 1:47 PM, Yavuz Maşlak wrote:
Hello
I wish to use freebsd7.2 as an antivirus gateway.
is there any document about that?
Could you give an advice ?
snort_inline with if_bridge provides a bit of this functionality.
You drop all incoming off at a socket which you have snort
listening on. It's then logged and reinserted if it passes the
rules that snort.org provides. You can decide if you want
to drop the traffic or not, by default it's just logged. I don't
use it to catch viruses so I don't watch how effective it is.
For me it's a filtering mechanism to match custom rules.
There is a document that can be googled on the net
concerning this. It shows most of the config but says you
can't use it with if_bridge which you can. I don't have a 7.2
instance but it works well on 7.0. Even with horrendous
amounts of traffic it seems to remain reliable.
From memory (may be inaccurate), if you want to filter
bi-directionally, you have to run two instances on different
sockets with two different IPFW rules, one for each interface.
I only have experience using this with IPFW.
Thanks
Bu elektronik posta ve varsa ekleri tamamen gizli ve gönderilen
kişiler listesine özeldir. Eğer adınız gönderilen kişiler
listesinde yer almıyorsa, lütfen derhal gönderen kişiyi
bilgilendiriniz ve içeriğini herhangi başka bir kişiye
iletmeyiniz, herhangi bir amaç için kullanmayınız, sayısal ve
basılı ortamlar dahil olmak üzere saklamayınız ve
kopyalamayınız.
This e-mail and attachments, if any, may contain confidential and/or
proprietary information. Please be advised that the unauthorized use
or disclosure of the information is strictly prohibited. If you are
not the intended recipient, please notify the sender immediately by
reply e-mail and delete all copies of this message and attachments.
Thank you.
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org
"
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"