[Bro] required ports open for cluster?

Azoff, Justin S jazoff at illinois.edu
Mon Nov 7 09:24:41 PST 2016


It will be in the documentation for 2.5

https://www.bro.org/sphinx-git/components/broctl/README.html#bro-communication

-- 
- Justin Azoff

> On Nov 7, 2016, at 12:13 PM, erik clark <philosnef at gmail.com> wrote:
> 
> Ok, so I dont see this in any documentation on bro.org. I have a logger running on the same box as the manager, but I do not see any logs being generated in /data/bro/logs/current.
> 
> I am assuming this is because traffic is being dropped on the floor because iptables is in a default reject state? Where is the explicit listing of ports that you need to punch in either firewalld or iptables? 
> 
> https://www.bro.org/sphinx/components/broctl/README.html
> 
> does not have them listed, or any rule to have an entry in node.cfg to set the port to a specific number... Thanks!
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro




More information about the Bro mailing list