[Snort-users] Daemonlogger and BPF
Randal T. RIoux
randy at ...13561...
Mon Jun 7 00:15:07 EDT 2010
I have a question about the file format for bpf filtering with Daemonlogger.
The syntax isn't described anywhere. However, this is what I know.
"port 80 and port 8080" works fine for the -f command line inclusion.
"port 80 and port 8080 and port 8181" throws this error:
expression rejects all packets
So, I guess my question really is: what is the proper formatting/syntax
for BPF usage in Daemonlogger?
More information about the Snort-users