diff --git a/conf/chkrootkit.ignore b/conf/chkrootkit.ignore
new file mode 100644
index 00000000..fb9613fc
--- /dev/null
+++ b/conf/chkrootkit.ignore
@@ -0,0 +1 @@
+^eth[0-9]{1}: PACKET SNIFFER\(\/usr\/lib\/systemd\/systemd-networkd\[[0-9]+\]\)$
diff --git a/setup/additionals.sh b/setup/additionals.sh
index 378dab84..c0996155 100644
--- a/setup/additionals.sh
+++ b/setup/additionals.sh
@@ -48,10 +48,13 @@ tools/editconf.py /etc/default/rkhunter \
         CRON_DB_UPDATE='"true"' \
         APT_AUTOGEN='"true"'
 
+hide_output install -m 644 conf/chkrootkit.ignore /etc/
+
 tools/editconf.py /etc/chkrootkit.conf \
         RUN_DAILY='"true"' \
-        DIFF_MODE='"true"'
+        DIFF_MODE='"true"' \
+        IGNORE_FILE="/etc/chkrootkit.ignore"
 
 # Should be last, update expected output
 rkhunter --propupd
-chkrootkit -q > /var/log/chkrootkit/log.expected
+chkrootkit -q | egrep -v -f /etc/chkrootkit.ignore  > /var/log/chkrootkit/log.expected