On Thu, Feb 11, 2010 at 10:24 AM, Ritesh Rekhi <[email protected]> wrote: > Hi all, > > I want to filter TCp syn packet which is coming using IPv6 addresses. I am > not able to find the bpf filter for that can somebody help me to find the > right BPF filter > > > I have already tried" tcp[tcpflags] & (tcp-syn) != 0" which doesn't work for > IPv6 traffic. >
Hello, In situations like this it is helpful to troubleshoot with the -d option http://taosecurity.blogspot.com/2004/12/understanding-tcpdumps-d-option-part-2.html I learned about this a while back from a post Guy Harris made -- really changed the way I develop filters. Sincerely, Richard - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
