[Bro] Some BPF love....
Seth Hall
seth at icir.org
Thu Aug 9 19:09:55 PDT 2012
On Aug 9, 2012, at 11:15 AM, Justin Azoff <JAzoff at albany.edu> wrote:
> Might also need
>
> redef PacketFilter::all_packets = F; # don't capture all packets
Thanks for pointing that out! That bit of poor design is unfortunately still going to remain for 2.1, but it will absolutely be gone for 2.2. I'll make sure that in the 2.2 release we have good examples for the new way of working with the packet filter framework.
For anyone making changes to your packet filter now, please keep your changes in one place so that it will be easier to upgrade to 2.2 when that time comes.
.Seth
--
Seth Hall
International Computer Science Institute
(Bro) because everyone has a network
http://www.bro-ids.org/
More information about the Bro
mailing list