--- Begin Message ---
Hi all,
I get a pcap flow from my router box (Peplink). The only thing I can
change is the dev "interface" from a web page. If one is chosen, I've
got a EN10MB type and I can filter my incoming flow with "tcpdump -r -
-w - ether host 01:23:45:67:89:01". If I choose "All", I suppose "-i
any" is added and then I get a LINUX_SLL type on which my command leads
to "tcpdump: ethernet addresses supported only on ethernet/FDDI/token
ring/802.11/ATM LANE/Fibre Channel".
Is there any way to filter the LINUX_SLL flow to keep only traffic from
specific MAC address from tcpdump ? I mean before wireshark.
Regards, Édouard
--- End Message ---
_______________________________________________
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
