Ethereal-users: Re: [Ethereal-users] Sniffer Pro vs Ethereal

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Guy Harris <gharris@xxxxxxxxx>
Date: Mon, 3 Sep 2001 14:49:32 -0700
On Mon, Sep 03, 2001 at 02:41:38PM -0700, Guy Harris wrote:
> For capture filters, there's no convenient syntax offered by libpcap at
> present,

Hmm.

After a quick look at the libpcap code, and a brief experiment, it
appears I may be mistaken; capture filters such as

	net 10.1.2.0/24

appear to work.

After a quick look at the tcpdump manual page, it appears I may not have
needed to bother with the quick look at the libpcap code and brief
experiment, as that syntax is even *documented*; from the tcpdump man
page's description of capture filter expressoins:

              net net/len
                     True if the IP address matches 'net' a netmask
                     'len' bits wide.  May be qualified with src or
                     dst.

(yes, there may be a "with" missing before "a netmask").