[Oisf-users] BPF filter syntax and device config
Tiago Faria
tiago.faria.backups at gmail.com
Sun Jan 5 20:52:41 UTC 2020
Hi list,
Wondering if someone could point me in the right direction and save me some
time.
First, regarding syntax of the BPF filter file ... Is the whole file
handled as one and requires "and" at the end of each line?
I'm assuming the following would be invalid because of the missing "and" at
the end of the first line?
not host 1.2.3.4
not host. 2.3.4.5
The other question is if there is a way to apply a filter file (-F) to all
capture devices, without specifically configure it for each device? The
documentation makes it clear it should be configured for each, but I still
thought I'd ask.
Thank you!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20200105/fd2042b3/attachment.html>
More information about the Oisf-users
mailing list