Dear all the experts on pcap/wireshark
My apology if this is not the right mailing list to post this question. But
I'm having trouble with the libpcap's capturing filter which wireshark uses.
So if you could shed some lights on this problem, I'd really appreciate and
thankful.
I'm working on a program that uses the libpcap to capture live packets from
my eth0 and feed them to my application to work with. The libpcap I have now
is 0.9.7.13. The problem is I'm working with DCCP traffic which libpcap can
capture packets for me if I only specify the used IP addresses. e.g. "dst
192.168.1.30". However, I also need to differentiate different DCCP
connections using different DCCP ports too but libpcap doesn't capture
anything for me when I specify the desired port in addition to the IP
address in the capture filter, e.g. "dst 192.168.1.30 and src port 40001".
It just does not capture anything for me.
So, is there a special syntax for pcap to specify the DCCP port, if that is
available at all?
Thanks in advance and best regards,
K. T.Pijarn