[Oisf-users] Sniffing traffic in two interfaces using one suricata instance
Peter Manev
petermanev at gmail.com
Sat Jun 2 17:07:01 UTC 2012
Hi ,
yes it is :
suricata -c /etc/suricata/suricata.yaml -i eth0 -i eth1
thanks
On Sat, Jun 2, 2012 at 6:55 PM, carlopmart <carlopmart at gmail.com> wrote:
> Hi all,
>
> Is it possible to monitor traffic in two interfaces at the same time
> using only one suricata instance?? I don't want to configure Suricata as
> an IPS, only as an IDS.
>
> My host is a FreeBSD 9.0 i386 conected to several interfaces, but I
> only need to sniff traffic in two of them: in bridge0 and em9 ... One
> interface is a bridge (bridge0) that acts as a virtual tap. The other
> interface (em9) collects traffic from another FreeBSD 9.0 hosts that
> acts a virtual tap, too ..
>
> Is it possible?? Or do I need to configure two Suricata instances??
>
> Thanks.
>
> --
> CL Martinez
> carlopmart {at} gmail {d0t} com
>
> _______________________________________________
> Oisf-users mailing list
> Oisf-users at openinfosecfoundation.org
> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>
--
Regards,
Peter Manev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20120602/615fe1ea/attachment-0002.html>
More information about the Oisf-users
mailing list