[tcpdump-workers] Automatic report from sources (tcpdump libpcap htdocs) between 10.02.2005 - 11.02.2005 GMT
CVS log entries from 10.02.2005 (Thu) 10:07:13 - 11.02.2005 (Fri) 10:07:07 GMT = Summary by authors = Author: guy File: libpcap/inet.c; Revisions: 1.66 = Log entries = Description: Gisle Vanem notes that some compilers warn about const register char * - use register const char * instead. Modified files: File: libpcap/inet.c; Revision: 1.66; Date: 2005/02/10 19:38:06; Author: guy; Lines: (+2 -2) = Summary of modified files = File: libpcap/inet.c Revisions: 1.66 Authors: guy (+2 -2) -- Automatic cron job from /tcpdump/bin/makelog - This is the tcpdump-workers list. Visit https://lists.sandelman.ca/ to unsubscribe.
[tcpdump-workers] Giving filters while capturing Wireless packets
Hi all, I am using tcpdump for sniffing the wireless frames. In man page of tcpdump the only information which i got is specifying the interface name. Can anyone help me where can i find the documents for giving the filter expressions for wireless capturing using tcpdump. Thanks in advance, Shantha - This is the tcpdump-workers list. Visit https://lists.sandelman.ca/ to unsubscribe.
[tcpdump-workers] port range
Hi, I've a problem with tcpdump when I try to specify a port range if I use a filter expr like: tcpdump -i eth0 '(tcp and (tcp[0:2] =1) and (tcp[0:2] = 2))' which means, capture all tcp packets with source port between 1 and 2, I get no result from tcpdump. When I use a filter like: tcpdump -i eth0 '(tcp and (tcp[0:2] = 2)' it works fine and prints out all the packets. Have no idea where the problem is, I also tried to use these filter expressions inside of my program using directly pcap libs but I get the same results. I'm using: tcpdump version 3.8.3 libpcap version 0.8.3 on Linux 2.6.9 Thanks in advance for your help :-) - This is the tcpdump-workers list. Visit https://lists.sandelman.ca/ to unsubscribe.
Re: [tcpdump-workers] port range
Nicolao Renè wrote: Hi, I've a problem with tcpdump when I try to specify a port range if I use a filter expr like: tcpdump -i eth0 '(tcp and (tcp[0:2] =1) and (tcp[0:2] = 2))' which means, capture all tcp packets with source port between 1 and 2, I get no result from tcpdump. There are bugs in the optimizer for the filter expression compiler that could, I think, cause this problem. A workaround is to use the -O flag to tcpdump, to turn off the optimizer; the expression is simple enough that any increase in CPU time spent filtering packets probably won't make a big difference. If the -O flag doesn't fix the problem, let us know. The bug should be fixed in the current CVS version, so the next libpcap release shouldn't have this problem. - This is the tcpdump-workers list. Visit https://lists.sandelman.ca/ to unsubscribe.
Re: [tcpdump-workers] port range
Guy Harris wrote: Nicolao Renè wrote: Hi, I've a problem with tcpdump when I try to specify a port range if I use a filter expr like: tcpdump -i eth0 '(tcp and (tcp[0:2] =1) and (tcp[0:2] = 2))' which means, capture all tcp packets with source port between 1 and 2, I get no result from tcpdump. There are bugs in the optimizer for the filter expression compiler that could, I think, cause this problem. A workaround is to use the -O flag to tcpdump, to turn off the optimizer; the expression is simple enough that any increase in CPU time spent filtering packets probably won't make a big difference. If the -O flag doesn't fix the problem, let us know. The bug should be fixed in the current CVS version, so the next libpcap release shouldn't have this problem. Thank you, it works with the -O option. I'll also try the cvs version of libpcap and let you know. - This is the tcpdump-workers list. Visit https://lists.sandelman.ca/ to unsubscribe.
