Hi, I''m new to the list, but have been through the documentation,
archives, etc. looking for more info...
I''ve been using shorewall 1.3.14 for a few months now, has been working
well from day one. I''m also using it with dshield (submitting logs and
using the block list).
I''m thinking of adding snort-inline to the mix (I run apache and
postfix
on the same box, would like to drop/report the bad guys :-). It relies
upon the iptables ''QUEUE'' target, so I''ll need to add
an iptables rule
or two to plumb it in. Any advice on the ''best'' way to do
this?
I see from the archives that people are using snort with shorewall,
anyone using snort-inline?
Paul
P.s. machine is a Celestix Taurus server appliance (mandrake-based
distro, kernel 2.4.18)
