[prev in list] [next in list] [prev in thread] [next in thread]
List: ossec-list
Subject: [ossec-list] Re: ossec v0.9 BETA available.
From: Forrest Aldrich <forrie () forrie ! com>
Date: 2006-07-21 20:00:50
Message-ID: 44C13272.2020809 () forrie ! com
[Download RAW message or body]
Ah, okay - my configuration is slightly different here.
Here's what I have going:
Firewall/gw
mail/www
My gw machines is running PF, my mail/www machine (which is redirected,
via PF, for the time being) is running nothing (though it's active).
I presumed in this config that my "server" would be the internal
machine, since a lot of my activity takes place there. And the "agent"
would be the firewall.
But perhaps that's backwards ;-)
Forrest
Daniel Cid wrote:
> Do you have PF enabled in there? It looks on rc.conf for pf_enable="YES"
> to check if PF is running. Otherwise it will try to use ipf or ipfw.
>
> Thanks,
>
> --
> Daniel B. Cid
> dcid ( at ) ossec.net
>
> On 7/21/06, Forrest Aldrich <forrie@forrie.com> wrote:
>
>> Okay, then it failed on FreeBSD... FYI.
>>
>> I'll try to help determine the problem.
>>
>>
>> _F
>>
>>
>> Daniel Cid wrote:
>>
>>> Hi Forrest,
>>>
>>> Sorry for the confusion. I was organizing the files and I just removed the
>>> BETA, so everyone would use the RC1... The pf support is under
>>> active-response/firewalls/pf.sh. During the install (or update), ossec
>>> will check if you are using pf and update the firewall-drop.sh with the
>>> new pf one. Try the update (or install) and let us know if it works or
>>> not.
>>>
>>> Thanks,
>>>
>>> --
>>> Daniel B. Cid
>>> dcid ( at ) ossec.net
>>>
>>> On 7/21/06, Forrest Aldrich <forrie@forrie.com> wrote:
>>>
>>>
>>>> I just downloaded RC1 -- where is the PF support in the active-response/
>>>> directory? I don't see mention of it in the firewall-drop.sh script.
>>>>
>>>>
>>>> _F
>>>>
>>>>
>>>>
>>>>
>
> >
>
--~--~---------~--~----~------------~-------~--~----~
-~----------~----~----~----~------~----~------~--~---
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic