I would like to use iptables --tee feature to mirror traffic to an IDS Is there an option or a clean way to do it with shorewall? Thanks Paolo ------------------------------------------------------------------------------ This SF.net email is sponsored by Windows: Build for Windows Store. http://p.sf.net/sfu/windows-dev2dev
On Jun 30, 2013, at 8:59 AM, Paolo Prandini <prandini@spe.net> wrote:> I would like to use iptables --tee feature to mirror traffic to an IDS > Is there an option or a clean way to do it with shorewall?Check out the INLINE action at http://www1.shorewall.net/manpages/shorewall-rules.html. There are examples of use in the release notes (http://www1.shorewall.net/pub/shorewall/4.5/shorewall-4.5.18/releasenotes.txt) when that feature was released. -Tom Tom Eastep \ Nothing is foolproof to a Shoreline, \ sufficiently talented fool Washington, USA \ http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ This SF.net email is sponsored by Windows: Build for Windows Store. http://p.sf.net/sfu/windows-dev2dev
Sent from my iPad On Jun 30, 2013, at 9:46 AM, Tom Eastep <teastep@shorewall.net> wrote:> > On Jun 30, 2013, at 8:59 AM, Paolo Prandini <prandini@spe.net> wrote: > >> I would like to use iptables --tee feature to mirror traffic to an IDS >> Is there an option or a clean way to do it with shorewall? > > Check out the INLINE action at http://www1.shorewall.net/manpages/shorewall-rules.html. There are examples of use in the release notes (http://www1.shorewall.net/pub/shorewall/4.5/shorewall-4.5.18/releasenotes.txt) when that feature was released.There is also an example in that man page. Tom ------------------------------------------------------------------------------ This SF.net email is sponsored by Windows: Build for Windows Store. http://p.sf.net/sfu/windows-dev2dev