No subject


Thu Nov 23 16:36:19 EST 2017


[...snip...]

     -r tcpdump-file
          Read the tcpdump-formatted file tcpdump-file. This will
          cause  Snort  to  read  and process the file fed to it.
          This is useful if, for instance, you've got a bunch  of
          SHADOW  files  that you want to process for content, or
          even if you've got a bunch of reassembled packet  frag-
          ments  which have been written into a tcpdump formatted
          file.

[...snip...]

Or from "snort -\?"

[...snip...]

        -r <tf>    Read and process tcpdump file <tf>

[...snip...]

The docs cover a LOT of ground...  It _REALLY_ is suggested you read them!
*hint*hint*  ;-)

Hope that helps!

-----
Erek Adams
Nifty-Type-Guy
TheAdamsFamily.Net





More information about the Snort-users mailing list