[Bro] Best way to configure BRO IDS 2.4.1 to capture from a Quad port Network card
Ludwig Goon
lagoon7 at gmail.com
Thu May 26 13:15:36 PDT 2016
Hi were are using Dell R230's with an additional quad port card for network
captures, streaming in traffic from our NetOptics Taps. On bro 2.4.1 what
is the best way to configure it to listed on all 4 interfaces? Would we set
that up in node.cfg and create 4 worker processes so that we can use
broctl? Or can we specify it in BRO_CAPTURE_INTERFACE=" eth2 eth3 eth4
eth5". Or is there a command line bro with options?
Is PF_RING needed?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20160526/7ecbed26/attachment.html
More information about the Bro
mailing list