unsubscribe ----- Original Message ----- From: "txemi" <txemi2@xxxxxxxxxxxxx> To: "JOSE MIGUEL MARTINEZ" <txemi2@xxxxxxxxxxxxxxxxxxxxx> Cc: <netfilter@xxxxxxxxxxxxxxxxxxx>; "Fernando Miguélez Palomo" <f.miguelez@xxxxxxxxxxxxxx> Sent: Friday, June 20, 2003 12:50 PM Subject: Re: netfilter promiscuous and connection tracking for IDS > Hi, I am working on IDS and I am trying to use netfilter > conntrack on promiscuous mode. I want to track status of connections > not intended for localhost. I have been using Sebastian Zander's patch > > web:http://www.fokus.gmd.de/research/cc/glone/employees/sebastian.zander/pri vate/netfilter.html > patch:netfilter-prom-patch.tgz > Sebastian's mail:zander@xxxxxxxxxxxx > > It adds a new table called meter that handle promiscuous packages. It > works, but I was not able to track connection status using conntrack. > > Could anybody advise me on this? I need to make a decission, keep > trying or > go to user space to mangle all this through libpcap as snort or ntop. > > thanks, > txemi. > > -- > ______________________________ > < hola, soy una firma horrible > > ------------------------------ > \ ^__^ > \ (oo)\_______ > (__)\ )\/\ > ||----w | > || || > > mail: txemi <txemi2@xxxxxxxxxxxxx> > web: http://txemi.webhop.org > mirror: http://txemi2.webhop.org > >
