Hello Pablo, Take a look at the contrib folder in snort sources, there's a program called Guardian. It read alerts generated by snort and add a dynamic rule to iptables to block the source. Another one is SnortSam, which can block in iptables, checkpoint, pix, etc.. etc... Regards, Alejandro Flores > hi all i have a question. > > exist any soft based in iptables to have the option LEARN ?? > > example > > i run snort in my system when detect a intrusion add the ip address to > the iptables table. > > exist this ?? -- -- Alejandro Flores http://www.triforsec.com.br/ http://www.defenselayer.com/ http://www.nabucodonosor.org/
