Topics

Do you know if I can use a bpf file from bcc for snort ?

Dorian ROSSE
 

Hello everybody,


Do you know if I can use a bpf file from bcc for snort ?

Thank you in advance to answer if I can and how to do my ask,

Regards.


Dorian ROSSE.

 

Provenance : Courrier pour Windows 10

 

Yonghong Song
 

On Mon, May 27, 2019 at 4:04 AM Dorian ROSSE <dorianbrice@...> wrote:

Hello everybody,


Do you know if I can use a bpf file from bcc for snort ?
You mean a bpf program, right?
Do you mean to have a bpf program to do L7 parsing?
If simple one, it should work. See bcc/examples/networking/http_filter/*.
But since kernel verifier currently does not support loops,
the complex options may not be supported.


Thank you in advance to answer if I can and how to do my ask,

Regards.


Dorian ROSSE.



Provenance : Courrier pour Windows 10



Dorian ROSSE
 

Python and c files doesn’t success to compiles

 

Provenance : Courrier pour Windows 10

 


De : Y Song <ys114321@...>
Envoyé : Tuesday, May 28, 2019 7:06:50 AM
À : Dorian ROSSE
Cc : iovisor-dev@...
Objet : Re: [iovisor-dev] Do you know if I can use a bpf file from bcc for snort ?
 

On Mon, May 27, 2019 at 4:04 AM Dorian ROSSE <dorianbrice@...> wrote:
>
> Hello everybody,
>
>
> Do you know if I can use a bpf file from bcc for snort ?

You mean a bpf program, right?
Do you mean to have a bpf program to do L7 parsing?
If simple one, it should work. See bcc/examples/networking/http_filter/*.
But since kernel verifier currently does not support loops,
the complex options may not be supported.

>
> Thank you in advance to answer if I can and how to do my ask,
>
> Regards.
>
>
> Dorian ROSSE.
>
>
>
> Provenance : Courrier pour Windows 10
>
>
>