[Bro] looping traffic and bpf
erik clark
philosnef at gmail.com
Thu Aug 17 04:14:50 PDT 2017
I foresee a problem in the very near future where I am sending traffic out
to our splunk indexers over the same network I am tapping. I am pretty sure
this would loop the traffic through the tap, and don't want to do that.
I see a wide variety of ways to run bpf statements from 5 years ago till
somewhat recently in google. What is the best way in 2.5 to strip a single
address from bros inspection with a filter?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170817/43569971/attachment.html
More information about the Bro
mailing list