[Snort-users] BPF Filters

Tommie Giles tgiles at ...11827...
Fri Aug 21 10:47:46 EDT 2009


Hi, All.

I've started documenting use, care, and feeding of BPF filters in
snort and was curious if anyone else would be interested in reviewing.
I'm about six pages into it, and plan to have something usable in the
next week or so.

I use BPF filters pretty extensively here at work, but haven't really
come across any "definitive" documentation, other than the bit that is
available in the tcpdump man page and the odd google search.

Cheers,

tom



-- 
Tommie Giles

"If all else fails, immortality can always be assured by spectacular error."




More information about the Snort-users mailing list