Hi, Can anybody suggest a way for me to write a tcpdump type filter which allows me to access the first two bytes of a DLT_LINUX_SLL header. I am using the "any" device to capture packets using libpcap.
To make this more clear, the tcpdump filter to capture packets whose ethernet header has its first byte to 1 is 'ether[0] = 1' Similarly, is there a way to get at the first two bytes of a DLT_LINUX_SLL header so that I can use it in a tcpdump type filter. Any quick suggestions would be really helpful as my project has been stalled trying to figure out a way to do this. Thanks. Subramoni Padmanabhan G-126, 700 woodland avenue Lexington, Kentucky 40508 Phone : 859 323 9405 _________________________________________________________________ Join the world�s largest e-mail service with MSN Hotmail. http://www.hotmail.com - This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:[EMAIL PROTECTED]?body=unsubscribe
