next up previous contents
Next: Configuration Specific Elements Up: Multiple Configurations Previous: Multiple Configurations   Contents

Creating Multiple Configurations

Default configuration for snort is specified using the existing -c option. A default configuration binds multiple vlans or networks to non-default configurations, using the following configuration line: 

config binding: <path_to_snort.conf> vlan <vlanIdList>
config binding: <path_to_snort.conf> net <ipList>

path_to_snort.conf
- Refers to the absolute or relative path to the snort.conf for specific configuration.

vlanIdList
- Refers to the comma seperated list of vlandIds and vlanId ranges. The format for ranges is two vlanId separated by a "-". Spaces are allowed within ranges. Valid vlanId is any number in 0-4095 range. Negative vland Ids and alphanumeric are not supported.

ipList
- Refers to ip subnets. Subnets can be CIDR blocks for IPV6 or IPv4. A maximum of 512 individual IPv4 or IPv6 addresses or CIDRs can be specified.

Note:   Vlan and Subnets can not be used in the same line. Configurations can be applied based on either Vlans or Subnets not both.

Note:   Even though Vlan Ids 0 and 4095 are reserved, they are included as valid in terms of configuring Snort.

next up previous contents
Next: Configuration Specific Elements Up: Multiple Configurations Previous: Multiple Configurations   Contents
Eugene Misnik 2013-05-08