Hey folks, I am looking into the possibility of using wireshark terminal (still called "tethereal" on my computer) for some basic security automation. The problem is two-fold.
- First, I need to know how feasible it would be to have possibly around 1000 capture filters. They would all be of the form "dst host <dst ip> and src host <src ip> and not ether dst host <dst host ether>". Suppose it could be considered an arp poisoning test. Would that many rules grind tethereal to a halt? - Secondly, how can i load capture filters from a file (using tethereal in my case). I have some capture filters saved in the cfilter file, but they don't seem to be getting loaded. (of the form "filter" <actual filter line>\n) Thanks in advance! Mike _______________________________________________ Wireshark-users mailing list [email protected] http://www.wireshark.org/mailman/listinfo/wireshark-users
