[prev in list] [next in list] [prev in thread] [next in thread] 

List:       sidewinder
Subject:    RE: [Sidewinder] Help- how do I set up my filters to ignore snmp
From:       Blahut Randall M SSgt 83 CS/SCNO <randall.blahut () langley ! af ! mil>
Date:       2001-10-20 18:38:55
[Download RAW message or body]

You can use a discard service as described in the Sidewinder manual.  This
will literally discard packets that arrive on a given socket.  Be careful
not to create a discard service that conflicts with an existing proxy!  With
Sidewinder 5.1, you can do this within the IP filter, but that doesn't apply
here.

SSgt Randy Blahut
ACC NOSC Network Security
83 CS/SCNO
DSN 574-4968/6563
Comm 757-764-4968/6563
randall.blahut@langley.af.mil


-----Original Message-----
From: Ordona Emelinda C SSgt 374 CS/SCBBM
[mailto:emelinda.ordona@yokota.af.mil]
Sent: Friday, October 19, 2001 2:04 AM
To: sidewinder@adeptech.com
Subject: [Sidewinder] Help- how do I set up my filters to ignore snmp


I get e-mails every 15-20 minutes on /var/log/auditbotd/ab.trafic_filter.###
because of  800 or so occurences of snmp. I currently have
etc/sidewinder/auditbotd.conf to ignore snmp with this:

ignore(0 udp * * * snmp)
ignore(1 udp * * * snmp)

I ran cf audit stop name=all and started it back but it isn't working. I'm
using sidewinder 4.1

Emelinda C. Ordoņa, SSgt, USAF
Information Protection Operations, Technician
DSN 315-225-5500

_______________________________________________
Sidewinder mailing list
Sidewinder@adeptech.com
http://mail.adeptech.com/mailman/listinfo/sidewinder

[prev in list] [next in list] [prev in thread] [next in thread]