]> git.ipfire.org Git - thirdparty/suricata.git/commit
projects / thirdparty / suricata.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c85ee1e) | patch
af-packet: add support for BPF filter.
authorEric Leblond <eric@regit.org>
Mon, 11 Jun 2012 14:06:13 +0000 (16:06 +0200)
committerVictor Julien <victor@inliniac.net>
Fri, 29 Jun 2012 11:10:02 +0000 (13:10 +0200)
commitf2a6fb8a5a2c426be6e82dd2229a5c65eebdd4b7
tree4996f2280902c4ead659e2f01b9366a67182c57etree
parentc85ee1e3f64e8319ad3b7cc305d56071c100ad28commit | diff
af-packet: add support for BPF filter.

This patch adds support for BPF in AF_PACKET running
mode. The command line syntax is the same as the one
used of PF_RING.
The method is the same too: The pcap_compile__nopcap()
function is used to build the BPF filter. It is then
injected into the kernel with a setsockopt() call. If
the adding of the BPF fail, suricata exit.
src/runmode-af-packet.c diff | blob | blame | history
src/source-af-packet.c diff | blob | blame | history
src/source-af-packet.h diff | blob | blame | history
suricata.yaml.in diff | blob | blame | history
Mirror of https://github.com/OISF/suricata.git