Mailing List Archive: PFRing filter capability

PFRing filter capability

Jul 27, 2018, 10:59 AM

Post #1 of 3 (542 views)

Hello Folks,

Has anybody used the filtering capability of PFRING please. We would like
to capture DHCP request and DNS query packets and responses as well. Any
pointers would be helpful.

Regards,

Ajit Sarnaik
ajit.sarnaik@gmail.com

Re: PFRing filter capability [ In reply to ]

cardigliano at ntop

Jul 30, 2018, 6:14 AM

Post #2 of 3 (539 views)

Permalink

Hi
if you are using standard drivers and looking for kernel filtering, please take
a look at pfring_add_filtering_rule() in http://www.ntop.org/guides/pf_ring/api/pfring.html
you can filter based on all the fields defined in the data structure defined at
https://github.com/ntop/PF_RING/blob/dev/kernel/linux/pf_ring.h#L443

Alfredo

> On 27 Jul 2018, at 19:59, Ajit Sarnaik <ajit.sarnaik@gmail.com> wrote:
>
> Hello Folks,
>
> Has anybody used the filtering capability of PFRING please. We would like to capture DHCP request and DNS query packets and responses as well. Any pointers would be helpful.
>
> Regards,
>
> Ajit Sarnaik
> ajit.sarnaik@gmail.com <mailto:ajit.sarnaik@gmail.com>_______________________________________________
> Ntop mailing list
> Ntop@listgateway.unipi.it
> http://listgateway.unipi.it/mailman/listinfo/ntop

Mailing List Archive

Attached Files:

Attached Files: