[Bro] BPF?
George Insko
ginsko3 at gmail.com
Thu Jan 16 07:39:23 PST 2014
Good call. Thanks.
On Thu, Jan 16, 2014 at 10:33 AM, Seth Hall <seth at icir.org> wrote:
>
> On Jan 16, 2014, at 10:12 AM, George Insko <ginsko3 at gmail.com> wrote:
>
> > #Nothing from src host to dst port
> > !(src host 0.0.0.0/0 && dst port 443) &&
> > Does that make sense and will it work? Do you all have any other ways to
> permanently filter traffic?
>
> I think you meant to do…
>
> (not src port 443 and not dst port 443)
>
> .Seth
>
>
> --
> Seth Hall
> International Computer Science Institute
> (Bro) because everyone has a network
> http://www.bro.org/
>
>
--
*George Insko*
Email: ginsko3 at gmail.com
Twitter: @ginsko3
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20140116/f79456be/attachment.html
More information about the Bro
mailing list