[Bro] required ports open for cluster?

erik clark philosnef at gmail.com
Mon Nov 7 09:13:44 PST 2016

Ok, so I dont see this in any documentation on bro.org. I have a logger
running on the same box as the manager, but I do not see any logs being
generated in /data/bro/logs/current.

I am assuming this is because traffic is being dropped on the floor because
iptables is in a default reject state? Where is the explicit listing of
ports that you need to punch in either firewalld or iptables?


does not have them listed, or any rule to have an entry in node.cfg to set
the port to a specific number... Thanks!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20161107/3e99e2b1/attachment.html 

More information about the Bro mailing list