SNORT dropping packages. How to ?

SNORT dropping packages. How to ?

Post by dum_d » Thu, 10 Oct 2002 05:57:01



Hi Guys,

I'm with a doubt in snort, if someone can help me. ;)

I have snort.conf using several rules. One of this files is
virus.rules, where i only have virus signatures. =]

And this rules is working properly when a virus arrive (it detect
virus and log).

But i like that the snort didn't log only, i like that snort log and
drop (delete) the package whith mismatch with a virus signature (based
on virus.rules). :))

How to do it ??

Some idea ??

Thkz a lot.

Best Regards.

[ ]'s