[Oisf-users] Can I use BPF filter file with suricata?
carlopmart
carlopmart at gmail.com
Fri Mar 18 15:27:17 UTC 2011
On 03/18/2011 04:05 PM, Victor Julien wrote:
> On 03/18/2011 01:38 PM, carlopmart wrote:
>> Hi all
>>
>> Is it possible to use a bpf filter file with suricata? If not, how can
>> I filter out false positives and known activities??
>>
>> Thanks.
>
> Yep, suricata -c suricata.yaml -r some.pcap tcp port 80
>
> The "tcp port 80" part is the bpf filter.
>
> Cheers,
> Victor
>
Thanks Julien .. But it is posible to pass bpf options in a file or only
on command line??
--
CL Martinez
carlopmart {at} gmail {d0t} com
More information about the Oisf-users
mailing list