aa aa wrote:
PLEASE for the life of me tell me what the heck i am doing wrong with
this expression filtering!
it's starting to drive me nuts over here
i am trying to simply dump the full protocol tree for ONLY PUSH
PACKETS, meaning, see NOTHING ELSE but the pushed protocol data, i
don't want to see the ACKS/FINS/SYNS/etc
i have read your manuals and help files 5 times now
tell me what is wrong with this expression i typed:
tethereal -V -n -i 2 -R tcp.flags.push
i continue to see all the other garbage i mentioned when i see tcp
traffic (acks/etc)
why?????????
i am on windows xpsp2 with tethereal version
Tethereal 0.99.0
thank you
please contact me!
Mike Bickett
It might be because you have asked it to show all frames that have a
push flag, even if it is not set.
Try this:
tethereal -V -n -i 2 -R tcp.flags.push==1
Regards, Peter