I'm new to psad, but I'm glad to have successfully installed psad w/ fwsnort for the first time. I've confirmed it's working and see that string matching is executing correctly.
At some point, I noticed a psad or fwsnort message, warning me that "ipv4options" was not compiled into iptabels (I'm using Centos 5.3 kernel 2.6.128). I reviewed my iptables options and I don't see anything related to ipv4options. Can someone please shed some light on whether or not ipv4options is an important feature for psad/fwsnort to work 100%: │ │ <M> Netfilter netlink interface │ │ <M> Netfilter NFQUEUE over NFNETLINK interface │ │ <M> Netfilter LOG over NFNETLINK interface │ │ <M> Netfilter Xtables support (required for ip_tables) │ │ <M> "CLASSIFY" target support │ │ <M> "CONNMARK" target support │ │ <M> "MARK" target support │ │ <M> "NFQUEUE" target Support │ │ <M> "NOTRACK" target support │ │ <M> "SECMARK" target support │ │ <M> "CONNSECMARK" target support │ │ <M> "comment" match support │ │ <M> "connbytes" per-connection counter match support │ │ <M> "connmark" connection mark match support │ │ <M> "conntrack" connection tracking match support │ │ <M> "DCCP" protocol match support │ │ <M> "ESP" match support │ │ <M> "helper" match support │ │ <M> "length" match support │ │ <M> "limit" match support │ │ <M> "mac" address match support │ │ <M> "mark" match support │ │ <M> IPsec "policy" match support │ │ <M> Multiple port match support │ │ <M> "physdev" match support │ │ <M> "pkttype" packet type match support │ │ <M> "quota" match support │ │ <M> "realm" match support │ │ <M> "sctp" protocol match support (EXPERIMENTAL) │ │ <M> "state" match support │ │ <M> "statistic" match support │ │ <M> "string" match support │ │ <M> "tcpmss" match support │ │ Gil Vidals gvid...@vmracks.com vmracks.com - ESX Hosting t. 760.480.4942 f. 760.480.8271 Chat: MSN: gilvid...@hotmail.com Skype: gvidals ------------------------------------------------------------------------------ Enter the BlackBerry Developer Challenge This is your chance to win up to $100,000 in prizes! For a limited time, vendors submitting new applications to BlackBerry App World(TM) will have the opportunity to enter the BlackBerry Developer Challenge. See full prize details at: http://p.sf.net/sfu/Challenge _______________________________________________ psad-discuss mailing list psad-discuss@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/psad-discuss
