Actions
Support #4392
closedBPF filter not dropping all the suricata_flow_id
Status:
Closed
Priority:
Normal
Assignee:
-
Affected Versions:
Label:
Description
Hello,
We are currently using suricata 4.1.2 and we are experiencing difficulty using Bpf filters, we have a problem because we have some network traffic we don't want to capture. This traffic is traffic between a guest wifi VLAN and Public DNS, the Guest Wifi VLAN request the Active Directory and then the AD perform the DNS request to the DNS. The problem we are experiencing is that with BPF filters we managed not to capture all the guest to ad traffic but all the AD to DNS request are still collected. Is there any simple way not to capture these requests ?
Actions