My question is, 
- Is it possible to use SNORT like tools  with bridge-nf  
 
yes, just give it an interface because pcap will not automatically find it.  Something like ./snort -vi br0 will work.  Also, take a peek at they way I am playing with the bridge firewall patch, iptables (libipq), and snort at http://w3.cablespeed.com/~rvmcmil
 
Rob

Reply via email to