Closed david415 closed 9 years ago
we either need an iptables related filtering method or something in our application to filter based on port number... for instance many operators of honeybadger may wish to filter on port 80...
this should reduce the need for pcap log rotation...
Hello, David!
Just look into Suricata code (src/source-af-packet.c). They have nice support of bpf filters here.
we either need an iptables related filtering method or something in our application to filter based on port number... for instance many operators of honeybadger may wish to filter on port 80...
this should reduce the need for pcap log rotation...