[Oisf-users] Suricata / only public trafic
Amrith Z
amrith at hotmail.fr
Mon Aug 22 16:43:23 UTC 2011
Hi,
I already tried this. But maybe I didn't do it the way I was supposed to. Where should I put the bpf expression ? I tried with the command line, and also with the -b option, with a bpf file, like said here : https://redmine.openinfosecfoundation.org/issues/277
Both didn't work.
Thank.
A.
> Date: Mon, 22 Aug 2011 18:15:11 +0200
> From: rmkml at yahoo.fr
> To: amrith at hotmail.fr
> CC: oisf-users at openinfosecfoundation.org; rmkml at yahoo.fr
> Subject: Re: [Oisf-users] Suricata / only public trafic
>
> Hi Amrith,
> bpf_filter like:
> http://lists.openinfosecfoundation.org/pipermail/oisf-users/2011-March/000522.html
> Regards
> Rmkml
>
>
> On Mon, 22 Aug 2011, Amrith Z wrote:
>
> > Hi all,
> >
> > I'm a sys admin, and I’m looking for a way to configure Suricata to only alert when the source or the destination corresponds to a public IP, and not regarding trafic from my internal network.
> > Is there a way to do that ?
> >
> > Thanks.
> >
> >
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20110822/8d853208/attachment-0002.html>
More information about the Oisf-users
mailing list