Wireshark-dev: Re: [Wireshark-dev] [ACL][firewall] how to

From: Jaap Keuter <jaap.keuter@xxxxxxxxx>
Date: Tue, 14 Apr 2009 19:34:35 +0200
Guy Harris wrote:
On Apr 14, 2009, at 7:20 AM, Mihai Bucicoiu wrote:

I was looking for something like iptables, I'll my own kernel module if it's necessary, but I know that netfilter has some user-space interface for this.



1) you might not be applying the filter on the machine on which you're running Wireshark (it supports generating filter rules for Cisco IOS)


Actually it's capable to create expressions for Cisco IOS, ipfilter, ipfw, iptables, pf and netsh.

And then, you'll need to be root to change firewall rules, something we've been working so hard on to avoid.

Thanx,
Jaap