Hello all. I have a rather complex BPF filter. We are installing a firewall and we are using NTOP to categorize the traffic on link. As we identify traffic and create firewall rules we want to mimic those in NTOP as excludes to whittle down the data we have to wade through and get to the little stuff that is transversing the link.
My current BPF filter is 1,151 characters with no spaces and 1037 characters with spaces. If I add one more exclude, even changing : !(port 137) to !(port 137,53) the entire filter stops working. Are there limitations to the BPF format? Currently I have the filter set in ntop.conf using the -B switch. Any thoughts would be appreciated. Thank You. M ________________________________ This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential or privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy the message. ________________________________ Think Green! Please do not print this e-mail unless you need to. Thank you.
_______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
