luis@luisxps:~/c++/aiengine/src$ ./aiengine h

aiengine 1.9.0

Mandatory arguments:

  I [ input ] arg                Sets the network interface ,pcap file or

                                    directory with pcap files.

 

Link Layer optional arguments:

  q [ tag ] arg      Selects the tag type of the ethernet layer (vlan,mpls).

 

TCP optional arguments:

  t [ tcpflows ] arg (=32768) Sets the number of TCP flows on the pool.

 

UDP optional arguments:

  u [ udpflows ] arg (=16384) Sets the number of UDP flows on the pool.

 

Regex optional arguments:

  R [ enablesignatures ]     Enables the Signature engine.

  r [ regex ] arg (=.*)       Sets the regex for evaluate agains the flows.

  c [ flowclass ] arg (=all) Uses tcp, udp or all for matches the signature

                 on the flows.

  m [ matchedflows ]         Shows the flows that matchs with the regex.

  M [ matchedpacket ]        Shows the packet payload that matchs with

                                 the regex.

  C [ continue ]              Continue evaluating the regex with the

                                 next packets of the Flow.

  j [ rejectflows ]          Rejects the flows that matchs with the

                                     regex.

  w [ evidence ]              Generates a pcap file with the matching

                                     regex for forensic analysis.

 

Frequencies optional arguments:

  F [ enablefrequencies ]       Enables the Frequency engine.

  g [ groupby ] arg (=dstport) Groups frequencies by srcip,dstip,srcpor

                    t and dstport.

  f [ flowtype ] arg (=tcp)     Uses tcp or udp flows.

  L [ enablelearner ]           Enables the Learner engine.

  k [ keylearner ] arg (=80)    Sets the key for the Learner engine.

  b [ buffersize ] arg (=64)    Sets the size of the internal buffer for

                                    generate the regex.

      Q [ bytequality ] arg (=80)   Sets the minimum quality for the bytes of

                                        the generated regex.

  y [ enableyara ]              Generates a yara signature.

 

Optional arguments:

  n [ stack ] arg (=lan)    Sets the network stack (lan,mobile,lan6,virtual,

                   oflow).

  d [ dumpflows ]           Dump the flows to stdout.

  s [ statistics ] arg (=0) Show statistics of the network stack (5 levels).

  T [ timeout ] arg (=180)  Sets the flows timeout.

  P [ protocol ] arg        Show statistics of a specific protocol of the

                                   network stack.

  a [ port ] arg (=0)       Sets the HTTP listenting port.

  e [ release ]             Release the caches.

  l [ releasecache ] arg   Release a specific cache.

  p [ pstatistics ]         Show statistics of the process.

      o [ summary ]             Show protocol summmary statistics

                                   (bytes,packets,% bytes,cache miss,memory).

  h [ help ]                Show help.

  v [ version ]             Show version string.



Source link

No tags for this post.

LEAVE A REPLY

Please enter your comment!
Please enter your name here