Project

General

Profile

Actions

Feature #1154

closed

Get the rule when packets are dropped

Added by JP Pozzi about 10 years ago. Updated almost 9 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Effort:
Difficulty:
Label:

Description

Hello,

Two remarks :

1) It will be handy to have the rule number in the file "drop.log" when packets are dropped in IPS mode.

2) Another handy thing will be to have a special level (other than 1,2 or 3) sent to barnyard file for
dropped packets, for example level "0" to see them easily in the Web interface (I am using Snorby).

Regards

JP P

PS :

I compile today the 2.0 version and all seems to be working OK in IPS mode.

I get 8MO/sec on the network (#max for my link) with 120/150% CPU on my Firewall,
System is CoreI3 4130 with 8Gb RAM.

Actions

Also available in: Atom PDF