luis@luisxps:~/c++/aiengine/src$ ./aiengine h

aiengine 1.9.0

Mandatory arguments:

  I [ input ] arg                Sets the network interface ,pcap file or

                                    directory with pcap files.


Link Layer optional arguments:

  q [ tag ] arg      Selects the tag type of the ethernet layer (vlan,mpls).


TCP optional arguments:

  t [ tcpflows ] arg (=32768) Sets the number of TCP flows on the pool.


UDP optional arguments:

  u [ udpflows ] arg (=16384) Sets the number of UDP flows on the pool.


Regex optional arguments:

  R [ enablesignatures ]     Enables the Signature engine.

  r [ regex ] arg (=.*)       Sets the regex for evaluate agains the flows.

  c [ flowclass ] arg (=all) Uses tcp, udp or all for matches the signature

                 on the flows.

  m [ matchedflows ]         Shows the flows that matchs with the regex.

  M [ matchedpacket ]        Shows the packet payload that matchs with

                                 the regex.

  C [ continue ]              Continue evaluating the regex with the

                                 next packets of the Flow.

  j [ rejectflows ]          Rejects the flows that matchs with the


  w [ evidence ]              Generates a pcap file with the matching

                                     regex for forensic analysis.


Frequencies optional arguments:

  F [ enablefrequencies ]       Enables the Frequency engine.

  g [ groupby ] arg (=dstport) Groups frequencies by srcip,dstip,srcpor

                    t and dstport.

  f [ flowtype ] arg (=tcp)     Uses tcp or udp flows.

  L [ enablelearner ]           Enables the Learner engine.

  k [ keylearner ] arg (=80)    Sets the key for the Learner engine.

  b [ buffersize ] arg (=64)    Sets the size of the internal buffer for

                                    generate the regex.

      Q [ bytequality ] arg (=80)   Sets the minimum quality for the bytes of

                                        the generated regex.

  y [ enableyara ]              Generates a yara signature.


Optional arguments:

  n [ stack ] arg (=lan)    Sets the network stack (lan,mobile,lan6,virtual,


  d [ dumpflows ]           Dump the flows to stdout.

  s [ statistics ] arg (=0) Show statistics of the network stack (5 levels).

  T [ timeout ] arg (=180)  Sets the flows timeout.

  P [ protocol ] arg        Show statistics of a specific protocol of the

                                   network stack.

  a [ port ] arg (=0)       Sets the HTTP listenting port.

  e [ release ]             Release the caches.

  l [ releasecache ] arg   Release a specific cache.

  p [ pstatistics ]         Show statistics of the process.

      o [ summary ]             Show protocol summmary statistics

                                   (bytes,packets,% bytes,cache miss,memory).

  h [ help ]                Show help.

  v [ version ]             Show version string.

Source link

No tags for this post.


Please enter your comment!
Please enter your name here