[Bro] BPF?
George Insko
ginsko3 at gmail.com
Thu Jan 16 07:12:20 PST 2014
Hi all,
I need to block all SSL traffic going to my Bro box. I was going to
use BPF to accomplish this
task using a zero source address and a port number. So something like this:
#Nothing from src host to dst port
!(src host 0.0.0.0/0 && dst port 443) &&
Does that make sense and will it work? Do you all have any other ways to
permanently filter traffic?
--
*George Insko*
Email: ginsko3 at gmail.com
Twitter: @ginsko3
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20140116/b46b5966/attachment.html
More information about the Bro
mailing list