how to filter arp, llc, loop, ospf.
pengiran
pengiran.my at gmail.com
Tue Feb 9 10:22:33 EST 2010
Hi all,
i want to record traffic for a period of time. currently i manage to have 4
sensor and 1 database server.all the traffic been collected and inserted
into the databse by rasqlinsert.
i want to filter the traffic with the proto = arp, llc, loop ,ospf.
i know we can use "- ip proto not icmp " and "argus.out "not icmp" as
filter. when i try to change the protocol to "ospf", argus run smoothly and
read using ra doesnt show any ospf record. but when i try to change to llc,
loop. argus simply did not start (check /var/run and using "ps aux | grep
argus").
please guide me.
Thanks
Regards,
Peng
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20100209/b172cae7/attachment.html>
More information about the argus
mailing list