[Snort-users] Grouping connections

Nerijus Krukauskas nkrukauskas at ...11827...
Thu Apr 23 01:04:26 EDT 2009

On 2009-04-22, Ulisses Araújo Costa <ulissesaraujocosta at ...11827...> wrote:
> Hi Leon,
> what I want is to record that the request X have the response Y. What I
> explained, is that probably the request X is just a packet, but the response
> Y is 4 packets. The only thing I want to know is that the flow X <> Y
> happened.

Flowbits? http://snort.org/docs/snort_htmanuals/htmanual_284/node322.html.


More information about the Snort-users mailing list