I'm bumping this and going to narrow it down to snort.
I'm not able to get snort to block offending hosts.
Snort is running, and under the alerts tab, I see alerts.
I've used grc.com and www.testmyids.com
Both sites generate a snort alert.
On the settings page, I have the Block Offenders options checked.
This options is described as "Checking this option will automatically block hosts that generate a snort alert."
I have an Oinkmaster code entered.
I have all categories selected.
Rules update successfully.
But, under the blocked tab, there are never any hosts listed.
And I can continue to access sites that (as I understand) should be blocked.
Suggestions? Am I not understanding something? Any assistance would be greatly appreciated.