You can use snort with pf by this software http://spoink.sourceforge.net.
On 8/2/06, Rajkumar S. <[EMAIL PROTECTED]> wrote:
Hi, I was reading through an interview of pf developers[*], where Mike Frantzen commented that <quote> There are already two ways to emulate Linux's DIVERT sockets and turn an IDS into an IPS (Intrusion Prevention System). One could use PF to route the packets to a tunnel device and read them there. </quote> Can some one elaborate on how this works? I could not find any other mention of this technique anywhere else. Thanks and regards, raj [*] http://www.onlamp.com/pub/a/bsd/2004/05/06/pf_developers.html?page=4
