[nycbug-talk] Help for pf on FreeBSD running Snort
okan at demirmen.com
Sat Jun 30 15:55:28 EDT 2007
On Fri 2007.06.29 at 11:06 -0400, Kevin Reiter wrote:
> Hey all,
> I'm hoping someone on the list can help with this. I have a box running
> FreeBSD 6.2-Release, which I'm using as a Snort sensor/database. I have 2
> NICs on the box, bge0 for sniffing traffic, and fxp0 for management
> access. Both cards on are different subnets/vlans.
> What I need to do is allow bge0 to listen to everything ("sniff"), and
> only allow traffic to 22,80, and 443 on fxp0. The catch is a MySQL
> database running locally, so I don't want 3306 exposed on bge0. Does this
> make sense?
pf(4) does not come into play - just write the filter as you please.
More information about the talk