Snort mailing list archives
Re: Using BPF Filters for GRE, OSPF, BGP, IGMP
From: "Aaron" <snort () microchp org>
Date: Sun, 04 Apr 2004 22:42:18 -0700
My bad.I did not realize that could also be used in the bpf filter snort uses.
I should have tried it first before asking.
Thanks Frank. :-) On Sun, 04 Apr 2004 23:28:50 -0500 Frank Knobbe <frank () knobbe us> wrote:
On Sun, 2004-04-04 at 20:21, Aaron wrote:I know how to specify networks and hosts in my BPF filter file, though am not sure how to prevent snort from ever seeing GRE, OSPF, IGMP, IPSec traffic, etc...Does anyone know how?man tcpdumpSays right there... ip and not proto 47 (for GRE for example). 50 and 51 for IPSec. See /etc/services for the rest.Regards, Frank
------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Using BPF Filters for GRE, OSPF, BGP, IGMP Aaron (Apr 04)
- Re: Using BPF Filters for GRE, OSPF, BGP, IGMP Frank Knobbe (Apr 04)
- Re: Using BPF Filters for GRE, OSPF, BGP, IGMP Aaron (Apr 04)
- Re: Using BPF Filters for GRE, OSPF, BGP, IGMP Frank Knobbe (Apr 05)
- Re: Using BPF Filters for GRE, OSPF, BGP, IGMP Aaron (Apr 04)
- Re: Using BPF Filters for GRE, OSPF, BGP, IGMP Frank Knobbe (Apr 04)