Home page logo

snort logo Snort mailing list archives

Re: Different bpf filter for every multiple config used in snort
From: Joel Esler <jesler () sourcefire com>
Date: Sun, 19 May 2013 13:12:41 -0400

On May 17, 2013, at 3:12 PM, Eoin Miller <eoin.miller () trojanedbinaries com> wrote:
On 5/17/2013 15:09, C. L. Martinez wrote:
Hi all,

Is it possible to use one bpf filter config file for every multiple
config in snort


I always created a skeleton conf file and the custom conf file that I
would call when starting the process.

snort -c /etc/snort/customized_snort.conf

And then inside of customized_snort.conf you can have:

include /etc/snort/skelton_snort.conf

This is a great suggestion Eoin, one I use myself in my test environment.

Joel Esler
Senior Research Engineer, VRT
OpenSource Community Manager
AlienVault Unified Security Management (USM) platform delivers complete
security visibility with the essential security capabilities. Easily and
efficiently configure, manage, and operate all of your security controls
from a single console and one unified framework. Download a free trial.
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:

Please visit http://blog.snort.org to stay current on all the latest Snort news!

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]