[Snort-users] Snort Filtering

L. Christopher Luther CLuther at ...6333...
Tue Apr 29 15:03:07 EDT 2003


Try BPF rules on the Snort command line (see the tcpdump man page for BPF
format).  

Cheers! 


-----Original Message-----
From: Michale [mailto:michale at ...9068...]
Sent: Tuesday, April 29, 2003 5:26 PM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] Snort Filtering


Hay snort-users,

  I am really anal retentive about my Linux Box..

  And worse yet, a rookie to snort rules...
  
  I know how to make SNORT log ALL activity..

  But can I filter out the logging based on IP or Domain Name..

  IE have it NOT log abc.com or 111.222.123.432

  Thanx

--


Best regards,
 Michale                          mailto:michale at ...9068...




-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users




More information about the Snort-users mailing list