I don't know what to do today. But i got interesting article about Snort Inline, one of the open source network security tools. This great article made by Pierpaolo Palazzoli and Matteo Valenza in Hakin9 Magazine. snort_inline is basically a modified version of Snort that accepts packets from iptables, via libipq, instead of libpcap. We also can configure it using Berkeley Packet Filter(bpf) in BSD system. Snort inline reads packet from firewall. It also called Intrusion Prevention System(IPS) that uses existing IDS signatures. More information here:
This is an article about Snort Inline:
Today, i'm still testing this snort_inline. I hope i will get a good result from it.