[Oisf-users] Suricata / only public trafic

Amrith Z amrith at hotmail.fr
Mon Aug 22 16:43:23 UTC 2011


Hi,

I already tried this. But maybe I didn't do it the way I was supposed to. Where should I put the bpf expression ? I tried with the command line, and also with the -b option, with a bpf file, like said here : https://redmine.openinfosecfoundation.org/issues/277
Both didn't work.

Thank.
A.

> Date: Mon, 22 Aug 2011 18:15:11 +0200
> From: rmkml at yahoo.fr
> To: amrith at hotmail.fr
> CC: oisf-users at openinfosecfoundation.org; rmkml at yahoo.fr
> Subject: Re: [Oisf-users] Suricata / only public trafic
> 
> Hi Amrith,
> bpf_filter like:
> http://lists.openinfosecfoundation.org/pipermail/oisf-users/2011-March/000522.html
> Regards
> Rmkml
> 
> 
> On Mon, 22 Aug 2011, Amrith Z wrote:
> 
> > Hi all,
> > 
> > I'm a sys admin, and I’m looking for a way to configure Suricata to only alert when the source or the destination corresponds to a public IP, and not regarding trafic from my internal network.
> > Is there a way to do that ?
> > 
> > Thanks.
> > 
> >
 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20110822/8d853208/attachment-0002.html>


More information about the Oisf-users mailing list