[nycbug-talk] Help for pf on FreeBSD running Snort
marco at metm.org
Sat Jun 30 13:05:33 EDT 2007
Kevin Reiter wrote:
> Hey all,
> I'm hoping someone on the list can help with this. I have a box running
> FreeBSD 6.2-Release, which I'm using as a Snort sensor/database. I have 2
> NICs on the box, bge0 for sniffing traffic, and fxp0 for management
> access. Both cards on are different subnets/vlans.
> What I need to do is allow bge0 to listen to everything ("sniff"), and
> only allow traffic to 22,80, and 443 on fxp0. The catch is a MySQL
> database running locally, so I don't want 3306 exposed on bge0. Does this
> make sense?
By default mysql won't be exposed. You would have to do extra
configuration of mysql to get it to listen on an external interface. So
unless I misunderstood, I don't think you have a problem.
More information about the talk