Fixed snort compile options and ipv6 config options

[people/pmueller/ipfire-2.x.git] / config / snort / snort.conf

diff --git a/config/snort/snort.conf b/config/snort/snort.conf
index 4de1a4488019f0d64900dbd1f41388467a8fd140..3afa6f1d6b47f8f7b3a0c07818f0a9ee35cc7adb 100644 (file)
--- a/config/snort/snort.conf
+++ b/config/snort/snort.conf
@@ -173,8 +173,6 @@ dynamicengine /usr/lib/snort_dynamicengine/libsf_engine.so
 preprocessor normalize_ip4
 preprocessor normalize_tcp: ips ecn stream
 preprocessor normalize_icmp4
-preprocessor normalize_ip6
-preprocessor normalize_icmp6
 
 # Target-based IP defragmentation.  For more inforation, see README.frag3
 preprocessor frag3_global: max_frags 65536
@@ -287,7 +285,7 @@ preprocessor ftp_telnet_protocol: ftp client default \
     telnet_cmds yes
 
 # SMTP normalization and anomaly detection.  For more information, see README.SMTP
-reprocessor smtp: ports { 25 465 587 691 } \
+preprocessor smtp: ports { 25 465 587 691 } \
     inspection_type stateful \
     enable_mime_decoding \
     max_mime_depth 20480 \
@@ -311,7 +309,7 @@ reprocessor smtp: ports { 25 465 587 691 } \
     xlink2state { enabled }
 
 # Portscan detection.  For more information, see README.sfportscan
- preprocessor sfportscan: proto  { all } memcap { 10000000 } sense_level { medium }
+preprocessor sfportscan: proto  { all } memcap { 10000000 } sense_level { medium }
 
 # ARP spoof detection.  For more information, see the Snort Manual - Configuring Snort - Preprocessors - ARP Spoof Preprocessor
 # preprocessor arpspoof