tcpdump mailing list archives
Re: how pcap filter string works?
From: "Hu Thomas Pan" <thomaspan2 () yahoo com>
Date: Thu, 22 Jul 2004 14:52:16 -0700
For tcpdump, it should be: sudo tcpdump -i nic_name udp and \( \( host host1 and port port1 \) or \( host host2 and port port2 \) \) In the code, both of formats failed. Since I use C++, the above string would be changed to "udp and \\( \\( host host1 and port port1 \\) or \\( host host2 and port port2 \\) \\)". Besides, once I change the filter string to be "udp", I CAN get all the data through the callback function. So, the problem is about filter string, not about my code. Best, Thomas -----Original Message----- From: tcpdump-workers-owner () lists tcpdump org [mailto:tcpdump-workers-owner () lists tcpdump org] On Behalf Of Guy Harris Sent: Thursday, July 22, 2004 1:15 PM To: tcpdump-workers () lists tcpdump org Subject: Re: [tcpdump-workers] how pcap filter string works? On Jul 22, 2004, at 1:13 PM, Hu Thomas Pan wrote:
Still not work. No data comes into my callback function.
But tcpdump, with the same filter, shows packets? We'd have to see the source to your program to figure out what the problem is. - This is the tcpdump-workers list. Visit https://lists.sandelman.ca/ to unsubscribe. - This is the tcpdump-workers list. Visit https://lists.sandelman.ca/ to unsubscribe.
Current thread:
- anoncvs down? David Young (Jul 21)
- Re: anoncvs down? Michael Richardson (Jul 21)
- Re: anoncvs down? David Young (Jul 21)
- Re: anoncvs down? David Young (Jul 21)
- How tcpdump works? César Cárdenas (Jul 22)
- Re: How tcpdump works? Hannes Gredler (Jul 22)
- how pcap filter string works? Hu Thomas Pan (Jul 22)
- Re: how pcap filter string works? Guy Harris (Jul 22)
- Re: how pcap filter string works? Hu Thomas Pan (Jul 22)
- Re: how pcap filter string works? Guy Harris (Jul 22)
- Re: how pcap filter string works? Hu Thomas Pan (Jul 22)
- Re: anoncvs down? David Young (Jul 21)
- Re: anoncvs down? Michael Richardson (Jul 21)