[Bro] Proper syntax for ignoring subnet to subnet traffic
Seth Hall
hall.692 at osu.edu
Thu Mar 11 11:44:12 PST 2010
On Mar 11, 2010, at 2:01 PM, Mathew Binkley wrote:
> but not Machine1 <-> Machine2. Thanks.
redef restrict_filters += {
["ignore_machine1_to_machine2"] = "not (host 1.2.3.4 and host 1.2.3.5)"
};
Don't do that inside of an event handler or function definition.
.Seth
---
Seth Hall
Network Security - Office of the CIO
The Ohio State University
Phone: 614-292-9721
More information about the Bro
mailing list