[sclug] Monitoring a P2P appliacation

[Jon Masters]

On Wed, 18 Jun 2003, Patrick Kirk wrote:

> Is there a way to exclude specific hosts and and types of traffic?  Most 
> of my log consists of SMB, domain requests along with continuations of 
> file downloads.

Try using Snort and choosing which filters are in use. You can also dump
using any tcpdump supporting tool and read the file in to Snort later.

Jon.