[Oisf-users] How do you ignore External IP Addresses?
Cooper F. Nelson
cnelson at ucsd.edu
Wed Jun 25 16:33:08 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Victor,
Would it be possible for suricata to ignore newlines when provided with
a bpf filter within a file (specified with the -F flag)?
Ours is getting pretty complicated and its hard to manage on one line.
I tried escaping newlines but that didn't work.
- -Coop
On 6/24/2014 4:47 AM, Victor Julien wrote:
> I have started documenting the options in such cases here:
> https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Ignoring_Traffic
>
> Feel free to extend.
>
> Cheers,
> Victor
>
- --
Cooper Nelson
Network Security Analyst
UCSD ACT Security Team
cnelson at ucsd.edu x41042
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQEcBAEBAgAGBQJTqvnDAAoJEKIFRYQsa8FWzt8IAIf8G9ioJmQ0O0fLLhMCGp36
lzgCOTNrluE/RXl/s1TyccAC9tYjEpi1jqf425hBwY8YicbZ6VvCVm9WLllkjP+E
NDZetcLI+tocG62TzzH1PsUUgNHVUqjpd8n0dl76gBSIw9vLSBQI6WHpkb4wJY7T
RkCPi+g4G01A5uj4a6SThuP4+73/QvN6BEdgjl4GQvBhAbZAolRsFDsRN+9wx62z
lHbr03157PBEJPJduvvUZqgp6RTLw5UqbynEoX1WzB0JLka0J9taCZPc/jMoVmKf
vQflM9rJ9qUn1hTtfGu08/f8QLnsf2/A3JtQBMxfeO3LKsSDvLNLXNGK3DrEEwo=
=Zgby
-----END PGP SIGNATURE-----
More information about the Oisf-users
mailing list