Comment 2 for bug 466

Yeah, dependency on a (deprecated) library we don't have.

I think snort 2.6 might rely on a different library for interfacing with iptables with inline support, but I'm not sure. I just know the old lib that 2.3 uses is long dead and I can't imagine 2.4 and 2.6 aren't updated.

Aside from that, the inline module is an add-on that snort's built with. You can compile it; but if you don't enable it at runtime it doesn't do anything.

On a side note, a fully updated Snort 2.6 may be good for Edgy+1. Edgy is getting some nice security enhancements, I hear there's firewall stuff involved; an active intrusion prevention system would be nice but really there's enough to do for Edgy in the next 3 months already. Still, it'd be nice to have Snort 2.6 + Inline around so we can look at it for Edgy+1.