Snort INLINE mode daq modules working

Discussion in 'Installation/Configuration' started by Shivaramakrishnan, Mar 19, 2014.

  1. Shivaramakrishnan

    Shivaramakrishnan New Member

    I am a newbie to snort.I am working on a research project for which I am using snort as an IPS system.I have couple of questions.

    1. How do the different daq modules work? Specifically, I wanted to know how the data flow would occur in each case wrt Inline?What queues would be contacted in each case?

    2. Whether there needs to be iptables rules irrespective of the daq modules used for inline mode?

    3. how does afpacket daq module work?Does it require any iptables modifications?

    Any guidance in this is greatly appreciated.


Share This Page