librelist archives

« back to archive

question

question

From:
zT
Date:
2014-12-09 @ 05:32
hello i have a question about click modular router , is this possible to
subscribe snort on click element?

Re: [click] question

From:
Vladimir Olteanu
Date:
2014-12-09 @ 06:16
On 12/09/2014 07:32 AM, zT wrote:
> hello i have a question about click modular router , is this possible 
> to subscribe snort on click element?
>
Hey,

You could do something along those lines by using a pair of tun 
interfaces. Check out the FromHost.u and ToHost.u elements.

Your config would look something like this:

FromDevice(eth0) -> ... -> ToHost(tun0);
FromHost(tun1) -> ... -> ToDevice(eth1);

FromDevice(eth1) -> ... -> ToHost(tun1);
FromHost(tun0) -> ... -> ToDevice(eth0);

Snort would then have to route (and filter) packets between tun0 and tun1.

Cheers,
Vlad

Re: [click] question

From:
zT
Date:
2014-12-09 @ 06:24
tnx, but i don't understand , if you can please explain more .
but consider that i want to have inspect on element of click not in
any way inspect
tnx again

On 12/9/14, Vladimir Olteanu <vladimir.olteanu@cs.pub.ro> wrote:
> On 12/09/2014 07:32 AM, zT wrote:
>> hello i have a question about click modular router , is this possible
>> to subscribe snort on click element?
>>
> Hey,
>
> You could do something along those lines by using a pair of tun
> interfaces. Check out the FromHost.u and ToHost.u elements.
>
> Your config would look something like this:
>
> FromDevice(eth0) -> ... -> ToHost(tun0);
> FromHost(tun1) -> ... -> ToDevice(eth1);
>
> FromDevice(eth1) -> ... -> ToHost(tun1);
> FromHost(tun0) -> ... -> ToDevice(eth0);
>
> Snort would then have to route (and filter) packets between tun0 and tun1.
>
> Cheers,
> Vlad
>