pavel-odintsov
commented
9 years ago Hello, David!
Just look into Suricata code (src/source-af-packet.c). They have nice support of bpf filters here.
Closed david415 closed 9 years ago
pavel-odintsov
commented
9 years ago Hello, David!
Just look into Suricata code (src/source-af-packet.c). They have nice support of bpf filters here.
we either need an iptables related filtering method or something in our application to filter based on port number... for instance many operators of honeybadger may wish to filter on port 80...
this should reduce the need for pcap log rotation...