On Thursday, August 21, 2003, at 4:20 AM, Rob McWilliam wrote:
I am having the following problem when I submit this command on my IPSO 3.7 Nokia firewall.
ROB#tcpdump -i eth-s1p2c0: src host 193.122.22.247 dst host 192.168.20.14 and icmp -w /tmp/dumpdatain <CR> ROB#tcpdump: parse error
You have to put the filter expression after *all* the command-line flags:
tcpdump -i ether-slp2c0: -w /tmp;dumpdatain src host 193.122.22.247 dst host 192.168.20.14 and icmp
as per what the man page says:
NAME
tcpdump - dump traffic on a network SYNOPSIS
tcpdump [ -aAdDeflLnNOpqRStuUvxX ] [ -c count ]
[ -C file_size ] [ -F file ]
[ -i interface ] [ -m module ] [ -r file ]
[ -s snaplen ] [ -T type ] [ -w file ]
[ -E [EMAIL PROTECTED] algo:secret,... ]
[ -y datalinktype ]
[ expression ](you won't necessarily have the same list of command-line flags in the man page for the IPSO tcpdump, if it has a man page, and its tcpdump might not necessarily support all those flags, but "expression" always comes at the end).
- This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:[EMAIL PROTECTED]
