Nice news about new features!
we could collect 500 packets with full payload to the .pcap file dump for future investigation with tcpdump/wireshark.
This option could be used only for mirror ports with netmap or PF_RING.
Feature could be enabled with this option:
collect_attack_pcap_dumps = on
Feedback are welcome!