shacky wrote: > Could you help me to understand how to use L7-Filter with the NFQUEUE > features of Shorewall, please?
Sorry -- I looked at the L7-Filter documentation enough to understand that it uses NFQUEUE and that's all that I have the time or the interest to do. The basic idea should be that traffic that you would otherwise ACCEPT will be sent to NFQUEUE instead (at least that's the way that Snort-inline works). This includes ESTABLISHED traffic so you will need to insert NFQUEUE rules in the ESTABLISHED section of the rules file (and disable FASTACCEPT in shorewall.conf) for that traffic that you want L7-filter to rule on. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
