[Bro] Removing tags from traffic
scott campbell
scampbell at lbl.gov
Mon Sep 19 15:18:51 PDT 2005
Joncarlo Ruggieri wrote:
> Hi,
>
> Our Network Operations Center made some changes to the infrastructure, and
> now all traffic seen by our Bro systems is tagged. As a result, Bro is
> not capturing traffic (or so it seems). Is it possible to configure Bro
> to remove or ignore the tags? Are there any (other) suggestions?
>
> We are also checking with our NOC to see if they can un-tag the traffic.
>
> Thanks!
>
> Jon Ruggieri
> University of CA, Davis
> Data Center & Client Services
>
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
You are referring to vlan tagging? If so, try adding vlan.bro policy to
your config and you should get better results. Note this will prevent
you from seeing any non-vlan traffic.
scott
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
Url : http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20050919/5bf85b25/attachment.bin
More information about the Bro
mailing list