Home page logo
/

snort logo Snort mailing list archives

Re: Different bpf filter for every multiple config used in snort
From: Joel Esler <jesler () sourcefire com>
Date: Sun, 19 May 2013 13:12:41 -0400

On May 17, 2013, at 3:12 PM, Eoin Miller <eoin.miller () trojanedbinaries com> wrote:
On 5/17/2013 15:09, C. L. Martinez wrote:
Hi all,

Is it possible to use one bpf filter config file for every multiple
config in snort 2.9.4.6?

Thanks.


I always created a skeleton conf file and the custom conf file that I
would call when starting the process.


snort -c /etc/snort/customized_snort.conf


And then inside of customized_snort.conf you can have:

include /etc/snort/skelton_snort.conf


This is a great suggestion Eoin, one I use myself in my test environment.

--
Joel Esler
Senior Research Engineer, VRT
OpenSource Community Manager
Sourcefire
------------------------------------------------------------------------------
AlienVault Unified Security Management (USM) platform delivers complete
security visibility with the essential security capabilities. Easily and
efficiently configure, manage, and operate all of your security controls
from a single console and one unified framework. Download a free trial.
http://p.sf.net/sfu/alienvault_d2d
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault