Aggregating many ports into one for tcpdump server.
(also sampling before libpcap)
Peter Wood
peter at alastria.net
Sat Dec 8 03:04:00 PST 2007
> Thats why you combine if_bridge with monitor mode, any incoming packets
> are discarded after bpf processing so they are never sent to opposing
> devices.
Aha, using monitor mode hadn't occured to me, based on previous
discussion I was going to do more research on Monday, but thanks Andrew
you've saved me the effort :).
P.
--
Peter Wood <peter at alastria.net>
More information about the freebsd-net
mailing list