I want to prevent attacks to my nginx server. How can I proxy the requests through snort to nginx server.
NFQueue's are a solution.I am able to pass packets to snort using the following rules
sudo snort -Q --daq nfq --daq-var --daq-var queue=1 -c /etc/snort/snort.conf
Now I have created the queue
sudo /usr/sbin/iptables -t nat -I PREROUTING -j NFQUEUE --queue-num 1
sudo /usr/sbin/iptables -I FORWARD -j NFQUEUE --queue-num 1
Is this enough or we need to do something else apart from this.
Nginx is running in the same system as snort.