Pf and
IPFW are significantly different these days. I'm sure Scott or Bill could
give you a full rundown of how different but for something as complicated as
snort_inline (as opposed to snort-inline) I would expect a significant amount of
development to be necessary. In addition, it would be a pretty significant
feat to make a clean and functional GUI for Snort. There is a reason why
there are half a dozen serious UI projects for Snort. I doubt any of the
core pfsense developers are interested in punishing themselves in this way when
there are so many other things to be done with pfsense.
-Gary
-----Original Message-----
From: Tommaso Di Donato [mailto:[EMAIL PROTECTED]
Sent: Monday, September 19, 2005 8:58 AM
To: [email protected]
Subject: Re: [pfSense-discussion] Intrusion Prevention Systems
mmh... I am not a freebsd guru, but some times ago I found this
http://freebsd.rogness.net/snort_inline/
(I know is realted to ipfw.. but maybe it could be possible to work on it)
Ah...by the way.. An IPS would be very attractive.. but I think it is something very difficult to tune-up, so I think it could bring more problems than benefits.....
On 9/19/05, Gary Buckmaster <[EMAIL PROTECTED]> wrote:Important point of note: Snort-Inline is currently a linux-only project. It
works specifically with iptables. A significant amount of development would
be required to make it work with pf.
