https://redmine.openinfosecfoundation.org/https://redmine.openinfosecfoundation.org/favicon.ico?17011170022011-03-18T13:12:10ZOpen Information Security FoundationSuricata - Feature #277: Use a configuration file for bpfhttps://redmine.openinfosecfoundation.org/issues/277?journal_id=10552011-03-18T13:12:10ZVictor Julienvictor@inliniac.net
<ul><li><strong>Assignee</strong> set to <i>Anonymous</i></li></ul><p>Implementing this should be fairly simple. Code to load a bpf is already in place, so it's really about adding the command line option and reading the bpf from a file.</p>
<p>Great ticket to start getting to know the Suricata code.</p> Suricata - Feature #277: Use a configuration file for bpfhttps://redmine.openinfosecfoundation.org/issues/277?journal_id=11322011-05-25T03:18:45Zdelta yehdelta.yeh@gmail.com
<ul><li><strong>File</strong> <a href="/attachments/584">feature-277.patch</a> <a class="icon-only icon-download" title="Download" href="/attachments/download/584/feature-277.patch">feature-277.patch</a> added</li></ul><p>Please review attached patch<br />-----------------------------------------------------------------------------------------------<br />Author: deltay <<a class="email" href="mailto:delta.yeh@gmail.com">delta.yeh@gmail.com</a>> 2011-05-25 16:13:05<br />Committer: deltay <<a class="email" href="mailto:delta.yeh@gmail.com">delta.yeh@gmail.com</a>> 2011-05-25 16:13:05<br />Parent: 75439863ed864fe73f1fb4d0a1aa20bb4da059c6 (Shrink PacketAlerts structure so that Packet structure is a lot smaller. Reduce max events per packet from 256 to 15.)<br />Branch: feature-277<br />Follows: suricata-1.1beta2<br />Precedes: </p>
<pre><code>#277 Add -b option to specifiy bpf file</code></pre> Suricata - Feature #277: Use a configuration file for bpfhttps://redmine.openinfosecfoundation.org/issues/277?journal_id=11502011-06-23T05:16:10ZVictor Julienvictor@inliniac.net
<ul><li><strong>Status</strong> changed from <i>New</i> to <i>Closed</i></li><li><strong>Target version</strong> set to <i>1.1beta3</i></li><li><strong>% Done</strong> changed from <i>0</i> to <i>100</i></li></ul><p>This functionality has been added, thanks Delta Yeh.</p> Suricata - Feature #277: Use a configuration file for bpfhttps://redmine.openinfosecfoundation.org/issues/277?journal_id=11972011-08-22T14:50:12Zrmkml rmkmlrmkml@yahoo.fr
<ul></ul><p>Hi,<br />Thx for new option,<br />but maybe use -F option like tcpdump/snort use already this.<br />Best Regards<br />Rmkml</p> Suricata - Feature #277: Use a configuration file for bpfhttps://redmine.openinfosecfoundation.org/issues/277?journal_id=11982011-08-23T02:13:08ZVictor Julienvictor@inliniac.net
<ul></ul><p>This has already been done, hence the closed bug :)</p>