' . $pgtitle . '

';}?>
" method="post" name="iform" id="iform">
General Settings
Enable     Enable or Disable\n"; ?>
Interface
Choose which interface this rule applies to.
Hint: in most cases, you'll want to use WAN here.


Description
You may enter a description here for your reference (not parsed).

Memory Performance
Lowmem and ac-bnfa are recommended for low end systems, Ac: high memory, best performance, ac-std: moderate memory,high performance, acs: small memory, moderateperformance, ac-banded: small memory,moderate performance, ac-sparsebands: small memory, high performance.
Choose the networks snort should inspect and whitelist.
Home net
Choose the home net you will like this rule to use.
 
Note: Default home net adds only local networks.
Hint: Most users add a list of friendly ips that the firewall cant see.
External net
Choose the external net you will like this rule to use.  
Note: Default external net, networks that are not home net.
Hint: Most users should leave this setting at default.
Block offenders onClick="enable_blockoffenders()">
Checking this option will automatically block hosts that generate a Snort alert.
Kill states >
Should firewall states be killed for the blocked ip
Which ip to block
Which ip extracted from the packet you want to block
Whitelist
Choose the whitelist you will like this rule to use.
 
Note:
 Default whitelist adds only local networks.
Note:
 This option will only be used when block offenders is on.
Suppression and filtering
Choose the suppression or filtering file you will like this rule to use.
 
Note:
 Default option disables suppression and filtering.
Checksum checking >
If ticked checksum checking on snort will be disabled to improve performance.
Most of this is already done on the firewall/filter level
Choose the types of logs snort should create.
Send alerts to main System logs onClick="enable_change(false)">
Snort will send Alerts to the firewall's system logs.
Log to a Tcpdump file onClick="enable_change(false)">
Snort will log packets to a tcpdump-formatted file. The file then can be analyzed by an application such as Wireshark which understands pcap file formats. WARNING:
File may become large.
Log Alerts to a snort unified2 file onClick="enable_change(false)">
Snort will log Alerts to a file in the UNIFIED2 format. This is a requirement for barnyard2.
Arguments here will be automatically inserted into the snort configuration.
Advanced configuration pass through
  Note:

Please save your settings before you click start.