9 Jul
2007
9 Jul
'07
8:40 p.m.
On Mon, 09 Jul 2007 13:15:54 EDT, Louis Bohm said:
So what am I doing wrong here with this filter??? Because it is not working for me.
In what way is it failing to work? Dropping things it shouldn't, or including things?
filter f_discard { ( not match("Connection from UDP: ")) or ( not match("Did not receive identification> string from 192.168.0.46")) or ( not match("Received SNMP packet(s) from> UDP: [192.168.0.46]")); };
I suspect you have some extra 'not', or you wanted 'and' rather than 'or'. What you have says 'discard if it doesn't match the first, *or* it doesn't match the second, *or* it doesn't match the third' - in other words, discard unless it matches all three.