snort/snort.conf@300d43423c2e (annotated)
snort/snort.conf
Wed, 08 Feb 2012 20:07:00 +0200
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Wed, 08 Feb 2012 20:07:00 +0200
- changeset 588
- 300d43423c2e
- permissions
- -rw-r--r--
Update version, adapt patch, correct PID writing, correct build on newer
FreeBSD releases, and most importantly introduce new patch to try to
avoid segfault caused by multiple network interfaces with the same (or
no) address. This is common when configuring bridges and tunnels.
| michael@549 | 1 | ## |
| michael@549 | 2 | ## snort.conf -- Snort Daemon Configuration |
| michael@549 | 3 | ## |
| michael@549 | 4 | |
| michael@549 | 5 | # common variables |
| michael@549 | 6 | var VAR_PATH @l_prefix@/var/snort |
| michael@549 | 7 | var RULE_PATH $VAR_PATH/rules |
| michael@549 | 8 | |
| michael@549 | 9 | # output selection |
| michael@549 | 10 | config alertfile: $VAR_PATH/snort.alert.log |
| michael@549 | 11 | output alert_fast: $VAR_PATH/snort.alert.log |
| michael@549 | 12 | #output log_tcpdump: $VAR_PATH/snort.alert.cap |
| michael@549 | 13 | |
| michael@549 | 14 | # configuration parameters |
| michael@549 | 15 | config show_year |
| michael@549 | 16 | config order: alert pass log |
| michael@549 | 17 | |
| michael@549 | 18 | # load snort rules configuration |
| michael@549 | 19 | var HOME_NET any |
| michael@549 | 20 | var EXTERNAL_NET any |
| michael@549 | 21 | include $RULE_PATH/snort.conf |
| michael@549 | 22 |
