Hi,
There are some examples of the possible proto syntax:
{ eth(src=AA:BB:CC:DD:DD:FF, dst=11:22:33:44:55:66, proto=0x0800),
tcp(flags=syn|ack, dport=rand) }
{ dns(q=xxx.com) }
Here is an example of little complicated param's value which might require more
parameters:
On Wed, Jul 1, 2015 at 11:38 AM, Vadim Kochan vadi...@gmail.com wrote:
Hi,
There are some examples of the possible proto syntax:
{ eth(src=AA:BB:CC:DD:DD:FF, dst=11:22:33:44:55:66, proto=0x0800),
tcp(flags=syn|ack, dport=rand) }
{ dns(q=xxx.com) }
Here is an example of
