I have configured a tcp packet capturing snort rule in
conf/snort/local.rules file and also confugred a violation using
detect::1000012(SID) id in violation.conf  and i am receiving snort alerts
in pfdetect.log but violations are not opening and not performing the
action specified in violation action field like log,unreg, etc ..

Although if i mannully apply any violation on any node it perfoms action
but not automatically by snort alert
and i have also configured syslog-parser for snort  pipe  for
 /usr/local/pf/var/alert
please someone help , and letme know what iam missing ...

i am using packetfence version 6.5.1
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Reply via email to