Skip to content

Commit

Permalink
Merge pull request #80 from Security-Onion-Solutions/bpf_comments
Browse files Browse the repository at this point in the history 
Bpf comments for 2.4.30
  • Loading branch information
@dougburks
dougburks authored Nov 8, 2023
2 parents a3a79af + 89bf58b commit 93a6fa4
Showing 1 changed file with 17 additions and 1 deletion.
18 changes: 17 additions & 1 deletion bpf.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,23 @@ For example:

| Please note that :ref:`stenographer` should correctly record traffic on a VLAN but won't log the actual VLAN tags due to the way that :ref:`af-packet` works:
| https://github.com/google/stenographer/issues/211
Adding Comments
~~~~~~~~~~~~~~~

As of version 2.4.30, comments can be added to the filters via the SOC UI.

For example:

::

| # labeast
| not host 192.168.1.2 and not host 192.168.1.3 &&
| # labwest
| not host 192.168.1.4 or not host 192.168.1.5 &&
| # labcentral
| not host 192.168.1.6 or not host 192.168.1.27

Troubleshooting BPF using tcpdump
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Expand Down

0 comments on commit 93a6fa4

Please sign in to comment.