Ethereal-users: [Ethereal-users] Packet capture doesn't work?

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: beby@xxxxxxxxxxxx
Date: Thu, 7 Mar 2002 17:06:44 -0800
Pardon me for being dense and all but I don't think the packet capture
filter in Ethereal works.

I'm trying to capture only UDP packets going to and from a certain machine
on my network, a simple task and tcpdump could achieve it using the
following filter:
host foo and ip proto udp

However, I plug that puppy in and get "Unable to parse filter string(parse
error)" in a dialog.  I've also noticed that sometimes I plug in a string
and it works (like "ip proto udp") and other times it comes back with the
same error.  "host foo" seems to be about the only command that actually
works consistently.  I've tried things backwards and forwards and even tried
cutting examples out of the tcpdump man pages.  Bottom line, nothing seems
to work.

I'm running ethereal on Windows NT 4.0 with winpcap version 2.2.  Ask away
if you need more configuration info.
________________________________________

Robert Eby
pho: 206.232.9603
fax: 206.232.0752
eml: beby@xxxxxxxxxxxx

IIIIIIIIIIIIIIIIIIIIIIII
II IIIIIIII  IIIIIIII II
II    II        II    II
II    II        II    II
II    II        II    II
II IIIIIIII  IIIIIIII II
IIIIIIIIIIIIIIIIIIIIIIII Level II, Inc.