Redirect www traffic to other IP for clients from snort2c table

  • Hello,
    We use pfSense 1.2.3-RELEASE (updated today from RC3)
    On the box snort is running and blocks users (using ET rules) that have trojans or viruses or other illegal soft (p2p and etc)
    I added package vHosts, created virtual host on port 8001 and added content about blocking policy, network rules and etc.
    I'd like to add a rule to redirect blocked users that tries to browse www (as they usually try to check if they have internet):

    rdr on $intif inet proto tcp from <snort2c> to any port www -> $intIP port 8001</snort2c>

    Q1: How can I add such rule to pfSense rules list manually? I know that it's not possible via GUI. Maybe there is secret settings in XML config?
    Q2: Is here anybody interested to have such feature in snort package? Maybe this feature could be added to snort package gui settings?

    Thanks in advance for Your answers.

  • This should be posted Packages.

Log in to reply