[Firehol-support] snort and firehol: can they co-exist peacefully?

R G Cottrell rossc at froggy.com.au
Mon Aug 2 20:35:41 BST 2004

Hi all,

I'm running a Debian GNU/Linux system (2.4.18 kernel) and I'd like to
know whether firehol and snort can work together peacefully.

At the moment, firehol starts at boot time and snort starts when my ppp
connection comes up.  I've checked the logs and snort seems happy, and I
don't get any error messages from firehol if I restart it after snort has
set itself up. Debian's apt-get doesn't complain that they're incompatible.

I'm nervous, though.  Wouldn't snort set up a firewall after boot time and
overwrite the firewall that firehol has set up. Do I have to run firehol 
after snort has initialised?

Or am I missing something fundamental.  I admit that I'm a newcomer to
firewalls and intrusion detection.

Regards, Ross.

More information about the Firehol-support mailing list