404
edits
Ring Buffer Configuration Guide: Difference between revisions
→Capture all traffic from and to a single IP only.
| Line 99: | Line 99: | ||
=== Filter rule examples === | === Filter rule examples === | ||
==== Capture all traffic from and to a single IP | ==== Capture all traffic from and to a single IP ==== | ||
This can be done with 2 rules. First rule matches the IP address and captures full, second rule drops all packets: | This can be done with 2 rules. First rule matches the IP address and captures full, second rule drops all packets: | ||
[[File:Ring buffer filter one ip.png|border|600px]] | [[File:Ring buffer filter one ip.png|border|600px]] | ||
==== Capture SSL traffic only until L4 ==== | |||
==== Capture full SIP, capture RTP to the first 12 bytes of the payload and drop all other packets ==== | |||
== Performance == | == Performance == | ||