Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Using Snort for gateway selection ?

    IDS/IPS
    2
    3
    862
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      John Gillespie
      last edited by

      Hi,

      I have two ISPs set up on a pfSense box with policy based routing.

      Is it possible to get Snort to mark/tag packets (that match a given category) and then use that packet marking in pfSense's firewall rules ?

      For example, I'd like to identify bitorrent traffic and send it over a specific WAN link instead of the default one.

      Regards,
      John

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        By the time snort can recognize the connection, it has already established and is flowing over one WAN. It would be too late to make that decision to move it. At least for TCP. UDP may be more likely but still awkward and less likely to function.

        It's not a snort limit, you can't use L7 classification of any kind for policy routing, only blocking. You can only policy route based on things that can be matched before a connection is made (read: packet attributes like IP address, port, etc).

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • J
          John Gillespie
          last edited by

          Thanks for your reply.

          That makes perfect sense. Hadn't thought it through enough…

          Happy Holidays,
          John

          1 Reply Last reply Reply Quote 0
          • First post
            Last post