Pcap packet/pcap¶

Description¶

The module uses the pcap library to read packets from a pcap file or from a network interface.

Parameters¶

interfaces

Comma-separated list of interfaces or the any keyword.

Example of possible values:

# Capture loopback traffic
interfaces = "lo"
# Capture loopback traffic and eth0
# interfaces = "lo, eth0"
# Capture on all interfaces
# interfaces = "any"

file: Read packets from a pcap file.

Note

Only one of interfaces or file can be defined.

output=`file`

Save accepted packets to the specified pcap output file.

Example of capturing packets from a pcap file and saving accepted ones in a pcap output file:

file = "/tmp/input.pcap"
output = "/tmp/output.pcap"

Haka

Software Defined Security

Pcap packet/pcap¶

Description¶

Parameters¶