[Snort-users] BPF Filters?
jsage at ...2022...
Sun Sep 16 09:41:19 EDT 2001
BPF = BSD Packet Filter
(BSD = Berkeley Software Distribution)
The first widely available release of TCP/IP was the 4.2BSD release in
1983, from the University of California, Berkeley.
BPF offers a means of capturing and filtering packets from a network
tcpdump is a UNIX/Linux program used to examine packets via BPF
commmands; internally snort uses BPF syntax to examine packets via the
-r switch (at least that's how I use it...)
FinchHaven, Vashon Island, WA, USA
mailto:jsage at ...2022...
"The web is so, like, five minutes ago..."
Jason Withrow wrote:
> Can someone explain to me what a BPF Filter is?
> - J
More information about the Snort-users