Re: BPF Filters howto

[Ashley Thomas <athomas () cc gatech edu>]

'man tcpdump' gives enough and more info on such filters.
I hope that helps.

ashley

Ben Keepper wrote:

> All,
>
> I am trying to figure out how to use BPF filters to ignore certain
> traffic with Snort.
>
> Other than the Snort manpage, documentation on how to use BPF filters
> seems to be scarce.
>
>
> I see this in the Snort FAQ, but it doesn't seem to be complete.
>
> "Use bpf on the commandline to ignore a host (for example):
>
>       $ snort <commandline options> not host 192.168.0.1"
>
>
> Also I would like to ignore traffic on specific destination port from a
> particular subnet.
>
> Can anybody help with some documentation or a quick howto.
>
> TIA,
>
> Ben
>
>
>
>
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> http://thinkgeek.com/sf
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>  





-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users