The last week I’ve been working on bringing Snort_inline to the Snort 2.8.0.1 level, including it’s IPv6 support. I’m almost ready to commit it to SVN, there are just some issues I need to fix in the inline specific code. The code will get rid of libdnet and use libnet 1.1 for sending reset/reject packets for both IPv4 and IPv6. After committing I will start working on getting the IPv6 features I wrote for NitroSecurity into this tree. This includes more matches, tunnel decoding (including for example the freenet6 tunnel, etc). So stay tuned!
Just curious, why libnet 1.1 over libdnet?
Libdnet and libnet 1.0 both lack IPv6 support. For the reject action we need to be able to craft IPv6 packets. Libnet 1.1 supports this, although I had to fix it and extend it a little. I wrote about that here http://www.inliniac.net/blog/2007/10/16/libnet-11-ipv6-fixes-and-additions.html